[issue13703] Hash collision security issue
Paul McMillan
report at bugs.python.org
Wed Jan 4 00:52:48 CET 2012
Paul McMillan <paul at mcmillan.ws> added the comment:
I agree that we should enable randomness by default, and provide an easy way for users to disable it if necessary (unit test suites that explicitly depend on order being an obvious candidate).
I'll link my proposed algorithm change here, for the record:
https://gist.github.com/0a91e52efa74f61858b5
I've gotten confirmation from several other sources that the fix recommended by the presenters (just a random initialization seed) only prevents the most basic form of the attack.
----------
nosy: +PaulMcMillan
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue13703>
_______________________________________
More information about the Python-bugs-list
mailing list