A randomized hash doesn't need cryptographic RNG (which are slow and need a lot of new code), and the new hash function should maybe not be cryptographic. We need to make the DoS more expensive for the attacker, but we don't need to add "too much security" for that.
Mersenne Twister is useless here: it is only needed when you need to generate a fast RNG to generate megabytes of random data, whereas we will not need more than 4 KB. The OS RNG is just fine (fast enough and not blocking). So we can use Windows CryptoGen API (which is already implemented in Python, win32_urandom) and /dev/urandom on UNIX/BSD. /dev/urandom does never block. We need also a fallback if /dev/urandom is not available. Because this case should not occur on modern OS, the fallback can be a weak function like something combining getpid(), gettimeofday(), address of the stack, etc. To generate 4 KB from few words, we can use a very simple LCG (x(n+1) = (x(n) * a + c) mod k). _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
