STINNER Victor <[email protected]> added the comment: > Problem with current randomization of hash function > is following: Suffix does not influence whether two keys > have some hash or not (it is xor-ed after everything).
Yes, the suffix is used to "protect" the secret. Without the suffix, it would be too simple to compute the prefix: getting a single hash value of a known string would leak the prefix. > Suffix does not influence whether two keys have some hash > or not (...). Everything except last 8 bits in prefix does > not influence it also. I don't know if we can do better and/or if it is a critical issue. ---------- _______________________________________ Python tracker <[email protected]> <http://bugs.python.org/issue14621> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
