On 1/1/2012 12:28 PM, Christian Heimes wrote: > Am 01.01.2012 17:54, schrieb Antoine Pitrou: >> I don't understand. FNV-1 multiplies the current running result with a >> prime and then xors it with the following byte. This is also what we do. >> (I'm assuming 1000003 is prime) > > There must be a major difference somewhere inside the algorithm. The > talk at the CCC conference in Berlin mentions that Ruby 1.9 is not > vulnerable to meet-in-the-middle attacks and Ruby 1.9 uses FNV. The C > code of FNV is more complex than our code, too. I understood Alexander Klink and Julian Wälde, hashDoS at alech.de, as saying that they consider that using a random non-zero start value is sufficient to make the hash non-vulnerable. -- Terry Jan Reedy
RetroSearch is an open source project built by @garambo | Open a GitHub Issue
Search and Browse the WWW like it's 1997 | Search results from DuckDuckGo
HTML:
3.2
| Encoding:
UTF-8
| Version:
0.7.4