[Python-Dev] Hash collision security issue (now public)

Paul McMillan paul at mcmillan.ws
Thu Dec 29 22:28:23 CET 2011

It's worth pointing out that if the salt is somehow exposed to an
attacker, or is guessable, much of the benefit goes away. It's likely
that a timing attack could be used to discover the salt if it is fixed
per machine or process over a long period of time.

If a salt is generally fixed per machine, but varies from
machine-to-machine, I think we'll see an influx of frustrated devs who
have something that works perfectly on their machine but not for
others. It doesn't matter that they're doing it wrong, we'll still
have to deal with them as a community. This seems like an argument in
favor of randomizing it at runtime by default, so it fails early for

Allowing an environment and command line override makes sense, as it
allows users to rotate the salt as frequently as their needs dictate.


More information about the Python-Dev mailing list