[Python-Dev] Status of the fix for the hash collision vulnerability
Gregory P. Smith
greg at krypto.org
Sat Jan 14 03:25:49 CET 2012
> Clearly these ideas are more complex than adding randomization, but adding
> randomization doesn't seem to be produce immunity from attack, when data
> about the randomness is leaked.
Which will not normally happen.
I'm firmly in the camp that believes the random seed can be probed and
determined by creatively injecting values and measuring timing of things.
But doing that is difficult and time and bandwidth intensive so the per
process random hash seed is good enough.
There's another elephant in the room here, if you want to avoid this attack
use a 64-bit Python build as it uses 64-bit hash values that are
significantly more difficult to force a collision on.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Python-Dev