[Python-Dev] Hash collision security issue (now public) (original) (raw)
Christian Heimes lists at cheimes.de
Mon Jan 2 16🔞41 CET 2012
- Previous message: [Python-Dev] Hash collision security issue (now public)
- Next message: [Python-Dev] Hash collision security issue (now public)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Am 02.01.2012 06:55, schrieb Paul McMillan:
I think Ruby uses FNV-1 with a salt, making it less vulnerable to this. FNV is otherwise similar to our existing hash function.
For the record, cryptographically strong hash functions are in the neighborhood of 400% slower than our existing hash function.
I've pushed a new patch http://hg.python.org/features/randomhash/rev/0a65d2462e0c
The changeset adds the murmur3 hash algorithm with some minor changes, for example more random seeds. At first I was worried that murmur might be slower than our old hash algorithm. But in fact it seems to be faster!
Pybench 10 rounds on my Core2 Duo 2.60:
py3k: 3.230 sec randomahash: 3.182 sec
Christian
- Previous message: [Python-Dev] Hash collision security issue (now public)
- Next message: [Python-Dev] Hash collision security issue (now public)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]