KGS approach potential risks

Using the Key Generation Service in designing paste bin is risky and the problem seems ignored by the lesson.

Paste bin URL generation is not the same as the the Tiny URL generation. The key here is that users of paste bin can customize their keys. If we use KGS here, chances are the users can customize a key such that:

  1. Not used
  2. Loaded into KGS memory

This will cause consistency issues and it is not detectable by the original design. Here is an example:

Key DB (available keys table) has the following keys generated offline:

  • keykey1
  • keykey2
  • keykey3

KGS has preloaded the following keys in its memory:

  • keykey1
  • keykey2

Now user A is using the a customized key for his/her paste: keykey1

Then, user B comes and decide NOT to use a customized key, system asked KGS and get keykey1 again for user B’s paste

We have a collision on A & B’s pasted text as they share the same URL key - keykey1 in this case.

Final suggestion is that: this risk worth to be mentioned in the lesson and some protective mechanisms should be added.

You are right, I guess you first need to validate if the key is available and mark it as used in the KGS.