[issue13703] Hash collision security issue
Marc-Andre Lemburg
report at bugs.python.org
Wed Jan 4 18:18:30 CET 2012
Marc-Andre Lemburg <mal at egenix.com> added the comment:
Marc-Andre Lemburg wrote:
>
> 3. Changing the way strings are hashed doesn't solve the problem.
>
> Hash values of other types can easily be guessed as well, e.g.
> take integers which use a trivial hash function.
Here's an example for integers on a 64-bit machine:
>>> g = ((x*(2**64 - 1), hash(x*(2**64 - 1))) for x in xrange(1, 1000000))
>>> d = dict(g)
This takes ages to complete and only uses very little memory.
The input data has some 32MB if written down in decimal numbers
- not all that much data either.
32397634
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13703>
_______________________________________
More information about the Python-bugs-list
mailing list