[Python-Dev] Hashing proposal: 64-bit hash

Frank Sievertsen pydev at sievertsen.de
Fri Jan 27 22:08:37 CET 2012

> As already mentioned, the vulnerability of 64-bit Python rather theoretical and not practical. The size of the hash makes the attack is extremely unlikely.

Unfortunately this assumption is not correct. It works very good with

It's much harder to create (efficiently) 64-bit hash-collisions.
But I managed to do so and created strings with
a length of 16 (6-bit)-characters (a-z,  A-Z, 0-9, _, .). Even
14 characters would have been enough.

You need less than twice as many characters for the same effect as in
the 32bit-world.


More information about the Python-Dev mailing list