[Python-Dev] Hash collision security issue (now public)

Benjamin Peterson benjamin at python.org
Fri Jan 6 03:04:34 CET 2012

2012/1/5 Steven D'Aprano <steve at pearwood.info>:
> Benjamin Peterson wrote:
>> 2012/1/5 Nick Coghlan <ncoghlan at gmail.com>:
>>> On Fri, Jan 6, 2012 at 10:07 AM, Steven D'Aprano <steve at pearwood.info>
>>> wrote:
>>>> Surely the way to verify the behaviour is to run this from the shell:
>>>> python -c print(hash("abcde"))
>>>> twice, and see that the calls return different values. (Or have I
>>>> misunderstood the way the fix is going to work?)
>>>> In any case, I wouldn't want to rely on the presence of a flag in the
>>>> sys
>>>> module to verify the behaviour, I'd want to see for myself that hash
>>>> collisions are no longer predictable.
>>> More directly, you can just check that the hash of the empty string is
>>> non-zero.
>>> So -1 for a flag in the sys module - "hash('') != 0" should serve as a
>>> sufficient check whether or not process-level string hash
>>> randomisation is in effect.
>> What exactly is the disadvantage of a sys attribute? That would seem
>> preferable to an obscure incarnation like that.
> There's nothing obscure about directly testing the hash. That's about as far
> from obscure as it is possible to get: you are directly testing the presence
> of a feature by testing the feature.

It's obscure because hash('') != 0 doesn't necessarily mean the hashes
are randomized. A different hashing algorithm could be in effect.


More information about the Python-Dev mailing list