[Python-Dev] Hash collision security issue (now public) (original) (raw)
Tim Delaney timothy.c.delaney at gmail.com
Thu Dec 29 20:59:47 CET 2011
- Previous message: [Python-Dev] Hash collision security issue (now public)
- Next message: [Python-Dev] Hash collision security issue (now public)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
+1 to option d (host-based salt) but would need to consistently order the hostnames/addresses to guarantee that all processes on the same machine got the same salt by default.
+1 to option c (environment variable) as an override. And/or maybe an override on the command line.
+1 to implementing the salt in the dictionary hash as an additive value.
+0 to exposing the salt as a constant (3.3+ only) - or alternatively expose a hash function that just takes an existing hash and returns the salted hash. That would make it very easy for anything that wanted a salted hash to get one.
For choosing the default salt, I think something like:
a. If IPv6 is enabled, take the link-local address of the interface with the default route. Pretty much guaranteed not to change, can't be determined externally (salting doesn't need a secret, but it doesn't hurt), large number so probably a good salt. (If it is likely to change, a salt override should be being used instead). Don't use any other IPv6 address. In particular, never use a "temporary" IPv6" address like Windows assigns - multiprocessing could end up with instances with different salts.
b. Take the FQDN of the machine.
Tim Delaney -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mail.python.org/pipermail/python-dev/attachments/20111230/3717d78f/attachment.html>
- Previous message: [Python-Dev] Hash collision security issue (now public)
- Next message: [Python-Dev] Hash collision security issue (now public)
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]