[Python-Dev] Hashing proposal: 64-bit hash

Benjamin Peterson benjamin at python.org
Fri Jan 27 21:39:44 CET 2012

2012/1/27 Serhiy Storchaka <storchaka at gmail.com>:
> As already mentioned, the vulnerability of 64-bit Python rather theoretical and not practical. The size of the hash makes the attack is extremely unlikely. Perhaps the easiest change, avoid 32-bit Python on the vulnerability, will use 64-bit (or more) hash on all platforms. The performance is comparable to the randomization. Keys order depended code will be braked not stronger than when you change the platform or Python feature version. Maybe all the 64 bits used only for strings, and for other objects -- only the lower 32 bits.

A tempting idea, but binary incompatible.


More information about the Python-Dev mailing list