Message153369
On Mon, Feb 13, 2012 at 3:37 PM, Dave Malcolm
<dmalcolm@redhat.com> added the comment:
> * added comments about the specialcasing of length 0:
> /*
> We make the hash of the empty string be 0, rather than using
> (prefix ^ suffix), since this slightly obfuscates the hash secret
> */
Frankly, other short strings may give away even more, because you can
put several into the same dict.
I would prefer that the randomization not kick in until strings are at
least 8 characters, but I think excluding length 1 is a pretty obvious
win. |
|
Date |
User |
Action |
Args |
2012-02-14 20:34:57 | Jim.Jewett | set | recipients:
+ Jim.Jewett, lemburg, gvanrossum, tim.peters, loewis, barry, georg.brandl, terry.reedy, gregory.p.smith, jcea, mark.dickinson, pitrou, vstinner, christian.heimes, benjamin.peterson, eric.araujo, grahamd, Arfrever, v+python, alex, zbysz, skrah, dmalcolm, gz, neologix, Arach, Mark.Shannon, eric.snow, Zhiping.Deng, Huzaifa.Sidhpurwala, PaulMcMillan, fx5, skorgu |
2012-02-14 20:34:56 | Jim.Jewett | link | issue13703 messages |
2012-02-14 20:34:55 | Jim.Jewett | create | |
|