New submission from Brian Jarvis <bjar...@masonlive.gmu.edu>: Hash auto-randomization is a mechanism to detect when a collision attack is underway and switch to a randomized keying scheme at that point.
This patch is for the 2.7 branch, where hash randomization is not on by default. Using collided strings from https://github.com/Storyyeller/fnv-collider/tree/master/collided_strings, 10 "attacks" of roughly 50,000 collided strings were launched against this. The unmodified Python had a median insert time of roughly 4.32 seconds and a median retrieve time of roughly 4.40 seconds. With the auto-randomized version of Python, the median insert time was roughly 3.99 seconds and median retrieve time was roughly 3.57 seconds. This is a 7.7% and 18.9% savings, respectively. ---------- files: auto_rand_2.7.patch keywords: patch messages: 307278 nosy: bjarvis priority: normal severity: normal status: open title: Add hash auto-randomization type: enhancement versions: Python 2.7 Added file: https://bugs.python.org/file47305/auto_rand_2.7.patch _______________________________________ Python tracker <rep...@bugs.python.org> <https://bugs.python.org/issue32175> _______________________________________ _______________________________________________ Python-bugs-list mailing list Unsubscribe: https://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
