Antoine Pitrou <[email protected]> added the comment: [Martin's approach] > The point I first missed is that this triggers only when the hash is > *fully* equal; if the hashes are merely equal after masking, then > today's try-another-slot approach will still be used, even for > strings.
But then isn't it vulnerable to Frank's first attack as exposed in http://mail.python.org/pipermail/python-dev/2012-January/115726.html ? ---------- _______________________________________ Python tracker <[email protected]> <http://bugs.python.org/issue13703> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
