[Python-Dev] Hash collision security issue (now public)

Antoine Pitrou solipsis at pitrou.net
Sun Jan 1 17:10:03 CET 2012


On Sun, 01 Jan 2012 16:56:19 +0100
Christian Heimes <lists at cheimes.de> wrote:
> Am 01.01.2012 05:11, schrieb Antoine Pitrou:
> > On Sat, 31 Dec 2011 16:56:00 -0700
> > Guido van Rossum <guido at python.org> wrote:
> >> ISTM the only reasonable thing is to have a random seed picked very early
> >> in the process, to be used to change the hash() function of
> >> str/bytes/unicode (in a way that they are still compatible with each other).
> > 
> > Do str and bytes still have to be compatible with each other in 3.x?
> 
> py3k has tests for hash("ascii") == hash(b"ascii"). Are you talking
> about this invariant?

Yes. It doesn't seem to have any point anymore.

Regards

Antoine.


More information about the Python-Dev mailing list