[Python-Dev] [issue13703] Hash collision security issue
Glenn Linderman
v+python at g.nevcal.com
Sat Jan 28 01:17:28 CET 2012
On 1/27/2012 11:39 AM, martin at v.loewis.de wrote:
>
>> Another issue occurs to me: when a hash with colliding keys (one that
>> has been attacked, and has trees) has a non-string key added, isn't
>> the flattening process likely to have extremely poor performance?
>
> Correct.
Thanks for the clarification.
> "Don't do that, then"
>
> I don't consider it mandatory to fix all issues with hash collision.
> In fact, none of the strategies fixes all issues with hash collisions;
> even the hash-randomization solutions only deal with string keys, and
> don't consider collisions on non-string keys.
Which is fine, I just wanted the clarification.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20120127/50eb5844/attachment.html>
More information about the Python-Dev
mailing list