[Python-Dev] [issue13703] Hash collision security issue

Antoine Pitrou solipsis at pitrou.net
Sat Jan 28 02:13:40 CET 2012

On Sat, 28 Jan 2012 01:53:40 +0100
martin at v.loewis.de wrote:
> > How so? None of the patches did, but I think it was said several times
> > that other types (int, tuple, float) could also be converted to use
> > randomized hashes. What's more, there isn't any technical difficulty in
> > doing so.
> The challenge again is about incompatibility: the more types you apply this
> to, the higher the risk of breaking third-party code.
> Plus you still risk that the hash seed might leak out of the application,
> opening it up again to the original attack.

Attacks on the hash seed are a different level of difficulty than
sending a well-known universal payload to a Web site.

Unless the application leaks hash() values directly, you have to guess
them from the dict ordering observed in the application's output. IMHO
it's ok if our hash function is vulnerable to cryptanalysts rather than
script kiddies.



More information about the Python-Dev mailing list