Giovanni Bajo added the comment:

Until it's broken with a yet-unknown attack, SipHash is a pseudo-random 
function and as such it does uniformly distribute values across the output 
space, and never leak any information on the key (the randomized seed). Being 
designed by cryptographers, it is likely that it doesn't turn out to be a 
"fail" like the solution that was just released (no offense intended, but it's 
been a large-scale PR failure).

As long as we don't introduce bias while reducing SipHash's output to fit the 
hash table size (so for instance, usage of modulus is not appropriate), then 
the hash function should behave very well.

Any data type can be supplied to SipHash, including numbers; you just need to 
take their (platform-dependent) memory representation and feed it to SipHash. 
Obviously it will be much much slower than the current function which used to 
be hash(x) = x (before randomization), but that's the price to pay to avoid 
security issues.


Python tracker <>
Python-bugs-list mailing list

Reply via email to