[Python-Dev] Make str/bytes hash algorithm pluggable?
Guido van Rossum
guido at python.org
Thu Oct 3 22:47:23 CEST 2013
On Thu, Oct 3, 2013 at 12:55 PM, Christian Heimes <christian at python.org>wrote:
> Am 03.10.2013 21:45, schrieb Guido van Rossum:
> > But fixing that shouldn't need all the extra stuff you're
> > proposing.
>
> I have proposed some of the extra stuff for more flexibility, the rest
> is for testing and debugging.
>
Hm, I don't think we need more infrastructure for this. As Antoine said, if
you're hacking on this you might as well edit the source.
> > What's a Python randomization key?
>
> Python's hash randomization key, the seed to randomize the output of
> hash() for bytes and str.
>
Is the seed itself crypto-safe? (I.e. is it derived carefully from urandom?)
> > SipHash: more secure and about same speed on most systems
> >
> > Same speed as what?
>
> Same speed as the current algorithm in Python 3.3 and earlier.
>
OK, then I have no objection to switching to it, *if* the security issue is
really worth fixing. Otherwise it would be better to look for a hash that
is *faster*, given your assertion that the current hash is inefficient.
> > optimized FNV: faster but with a known issue
> >
> > What issue?
>
> Quote from https://131002.net/siphash/#at
> ---
> Jointly with Martin Boßlet, we demonstrated weaknesses in MurmurHash
> (used in Ruby, Java, etc.), CityHash (used in Google), and in Python's
> hash. Some of the technologies affected have switched to SipHash. See
> this oCERT advisory, and the following resources:
>
> [...]
>
> - Python script https://131002.net/siphash/poc.py to recover
> the secret seed of the hash randomization in Python 2.7.3 and
> 3.2.3
>
Sounds a bit like some security researchers drumming up business. If you
can run the binary, presumably you can also recover the seed by looking in
/proc, right? Or use ctypes or something. This demonstration seems of
academic interest only.
> ---
>
> It's all documented in my PEP draft, too.
Yeah, there's lots of stuff there. I'm looking for the TL;DR version. :-)
--
--Guido van Rossum (python.org/~guido)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-dev/attachments/20131003/e58e3c26/attachment.html>
More information about the Python-Dev
mailing list