On Thursday, 15 September 2016 at 08:02:44 UTC, Kagamin wrote:
On Wednesday, 14 September 2016 at 16:53:03 UTC, cym13 wrote:
What do you mean by that? It's the basis of DoS attack against
hashtables: being able to find many inputs with the same hash.
That's a collision attack, not a preimage attack.
Most programmers won't see the point of changing seed and we
can definitely take advantage of templates here.
The seed is supposed to be changed by infrastructure, e.g.
vibe.d, not by user code. Also it's only for server code.
DoS by collision attack are a form of preimage. The idea is to
generate intentional collisions to force heavy computations on
serveur side. It only works if finding collisions many collisions
for the same hash is cheap which is directly linked to the
ability to find a value that gives a given hash (although it
doesn't have to be easy to find any hash).