Message159434
Unsupported provider
> Problem with current randomization of hash function
> is following: Suffix does not influence whether two keys
> have some hash or not (it is xor-ed after everything).
Yes, the suffix is used to "protect" the secret. Without the suffix, it would be too simple to compute the prefix: getting a single hash value of a known string would leak the prefix.
> Suffix does not influence whether two keys have some hash
> or not (...). Everything except last 8 bits in prefix does
> not influence it also.
I don't know if we can do better and/or if it is a critical issue. |
|
Date |
User |
Action |
Args |
2012-04-26 23:10:43 | vstinner | set | recipients:
+ vstinner, benjamin.peterson, Arfrever, dmalcolm, PaulMcMillan, Vlado.Boza, koniiiik |
2012-04-26 23:10:43 | vstinner | set | messageid: <1335481843.82.0.00366765367596.issue14621@psf.upfronthosting.co.za> |
2012-04-26 23:10:43 | vstinner | link | issue14621 messages |
2012-04-26 23:10:43 | vstinner | create | |
|