[Python-Dev] Hash collision security issue (now public)

Christian Heimes lists at cheimes.de
Mon Jan 2 16:18:41 CET 2012

• Previous message: [Python-Dev] Hash collision security issue (now public)
• Next message: [Python-Dev] Hash collision security issue (now public)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

Am 02.01.2012 06:55, schrieb Paul McMillan:
> I think Ruby uses FNV-1 with a salt, making it less vulnerable to
> this. FNV is otherwise similar to our existing hash function.
>> For the record, cryptographically strong hash functions are in the
> neighborhood of 400% slower than our existing hash function.

I've pushed a new patch
http://hg.python.org/features/randomhash/rev/0a65d2462e0c
The changeset adds the murmur3 hash algorithm with some minor changes,
for example more random seeds. At first I was worried that murmur might
be slower than our old hash algorithm. But in fact it seems to be faster!
Pybench 10 rounds on my Core2 Duo 2.60:
 py3k: 3.230 sec
 randomahash: 3.182 sec
Christian

---

• Previous message: [Python-Dev] Hash collision security issue (now public)
• Next message: [Python-Dev] Hash collision security issue (now public)
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-Dev mailing list