[Python-Dev] Counting collisions for the win

Antoine Pitrou solipsis at pitrou.net
Fri Jan 20 17:31:17 CET 2012

• Previous message: [Python-Dev] Counting collisions for the win
• Next message: [Python-Dev] Counting collisions for the win
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

On 2012年1月20日 17:17:24 +0100
Victor Stinner <victor.stinner at haypocalc.com> wrote:
> > So I still think we should ditch the paranoia about dictionary order changing,
> > and fix this without counting.
>> The randomized hash has other issues:
>> - its security is based on its secret, whereas it looks to be easy to
> compute it (see more details in the issue)

How do you compute the secret? I see two possibilities:
- the application leaks the hash() values: this sounds unlikely since I
 don't see the use case for it;
- the application shows the dict iteration order (e.g. order of HTML
 attributes): then we could add a second per-dictionary secret so that
 the iteration order of a single dict doesn't give any useful
 information about the hash function.
But the bottom line for me is the following:
- randomized hashes eliminate the possibility to use a single exploit
 for all Python-powered applications: for each application, the
 attacker now has to find a way to extract the secret;
- collision counting doesn't eliminate the possibility of generic
 exploits, as Frank Sievertsen has just shown in
 http://mail.python.org/pipermail/python-dev/2012-January/115726.html
Regards
Antoine.

---

• Previous message: [Python-Dev] Counting collisions for the win
• Next message: [Python-Dev] Counting collisions for the win
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

---

More information about the Python-Dev mailing list