Message 286623 - Python tracker

➜

This issue tracker has been migrated to GitHub, and is currently read-only.
For more information, see the GitHub FAQs in the Python's Developer Guide.

Author	methane
Recipients	christian.heimes, lemburg, methane, rhettinger, serhiy.storchaka
Date	2017-02-01.12:41:32
SpamBayes Score	-1.0
Marked as misclassified	Yes
Message-id	<1485952893.03.0.517796308708.issue29410@psf.upfronthosting.co.za>
In-reply-to

Content
Py_HASH_CUTOFF uses different secret from siphash already. The problem is the secret doesn't affects to collision at all. Attacker can produce large number of collision, without knowing the secret. BTW, we have FNV already. Let's survey about FNV-1 short string collisions.

Py_HASH_CUTOFF uses different secret from siphash already.
The problem is the secret doesn't affects to collision at all.

Attacker can produce large number of collision, without knowing the secret.

BTW, we have FNV already.  Let's survey about FNV-1 short string collisions.

History
Date	User	Action	Args
2017-02-01 12:41:33	methane	set	recipients: + methane, lemburg, rhettinger, christian.heimes, serhiy.storchaka
2017-02-01 12:41:33	methane	set	messageid: <1485952893.03.0.517796308708.issue29410@psf.upfronthosting.co.za>
2017-02-01 12:41:33	methane	link	issue29410 messages
2017-02-01 12:41:32	methane	create