Home - News ( United States | United Kingdom | Italy | Germany ) - Football scores

Showing content from http://mail.python.org/pipermail/python-dev/2011-December/115166.html below:

[Python-Dev] Hash collision security issue (now public)

• Previous message: [Python-Dev] Hash collision security issue (now public)
• Next message: [Python-Dev] Hash collision security issue (now public)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Am 31.12.2011 03:19, schrieb Steven D'Aprano:
> How about using a similar strategy to the current dict behaviour with 
> __missing__ and defaultdict? Here's my suggestion:
> 
> 
> - If a dict subclass defines __salt__, then it is called to salt the hash
>    value before lookups. If __salt__ is undefined or None, the current
>    behaviour remains unchanged.

This was my initial proposal, too. It took me a while to figure out that
it won't work. Post-salting won't fix the issue. The random seed must be
used as IV inside hashing algorithm. My brain was still in holiday mode
and it took me a while to figure out the math. Sorry for any confusion!

Christian

• Previous message: [Python-Dev] Hash collision security issue (now public)
• Next message: [Python-Dev] Hash collision security issue (now public)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

RetroSearch is an open source project built by @garambo | Open a GitHub Issue

Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo

HTML: 3.2 | Encoding: UTF-8 | Version: 0.7.4