[Python-Dev] Make str/bytes hash algorithm pluggable? (original) (raw)
Victor Stinner victor.stinner at gmail.com
Sat Oct 5 01:14:52 CEST 2013
- Previous message: [Python-Dev] Make str/bytes hash algorithm pluggable?
- Next message: [Python-Dev] Make str/bytes hash algorithm pluggable?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
2013/10/5 Larry Hastings <larry at hastings.org>:
On 10/04/2013 11:15 AM, Victor Stinner wrote:
2013/10/4 Armin Rigo <arigo at tunes.org>: The current hash randomization is simply not preventing anything; someone posted long ago a way to recover bit-by-bit the hash randomized used by a remote web program in Python running on a server. Oh interesting, is it public?
http://events.ccc.de/congress/2012/Fahrplan/events/5152.en.html Quoting the synopsis: We also describe a vulnerability of Python's new randomized hash, allowing an attacker to easily recover the 128-bit secret seed.
SipHash homepage contains a "proof of concept" to compute the secret: https://131002.net/siphash/poc.py
But the script is not an exploit on a web server, but a script running locally. It requires for example to know the hash of strings "\0" and "\0\0". I would like to know if it's possible to retrieve such information in practice.
And how do you retrieve the whole hash value from an HTTP page? You may retrieve some bits using specific HTTP requests, but not directly the whole hash value. I don't know any web page displaying directly the hash value of a string coming from the user request!?
I'm not saying that the hash DoS does not exist, I'm just trying to estimate the risk (compared to other DoS attacks). Changing the default hash function is also risky and has a (well, minor) impact on performances.
Victor
- Previous message: [Python-Dev] Make str/bytes hash algorithm pluggable?
- Next message: [Python-Dev] Make str/bytes hash algorithm pluggable?
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]