[issue13703] Hash collision security issue
Antoine Pitrou
report at bugs.python.org
Mon Jan 23 14:40:28 CET 2012
Antoine Pitrou <pitrou at free.fr> added the comment:
> Frank's example is an attack on the second possible way to
> trigger the O(n^2) behavior. See msg150724 further above where I
> listed the two possibilities:
>
> """
> An attack can be based on trying to find many objects with the same
> hash value, or trying to find many objects that, as they get inserted
> into a dictionary, very often cause collisions due to the collision
> resolution algorithm not finding a free slot.
> """
No, Frank's examples attack both possible ways.
----------
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13703>
_______________________________________
More information about the Python-bugs-list
mailing list