On Fri, 20 Jan 2012 17:17:24 +0100 Victor Stinner <victor.stin...@haypocalc.com> wrote: > > So I still think we should ditch the paranoia about dictionary order > > changing, > > and fix this without counting. > > The randomized hash has other issues: > > - its security is based on its secret, whereas it looks to be easy to > compute it (see more details in the issue)
How do you compute the secret? I see two possibilities: - the application leaks the hash() values: this sounds unlikely since I don't see the use case for it; - the application shows the dict iteration order (e.g. order of HTML attributes): then we could add a second per-dictionary secret so that the iteration order of a single dict doesn't give any useful information about the hash function. But the bottom line for me is the following: - randomized hashes eliminate the possibility to use a single exploit for all Python-powered applications: for each application, the attacker now has to find a way to extract the secret; - collision counting doesn't eliminate the possibility of generic exploits, as Frank Sievertsen has just shown in http://mail.python.org/pipermail/python-dev/2012-January/115726.html Regards Antoine. _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
