Re: Hash Table Collisions (n.runs-SA-2011.004)

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: Hash Table Collisions (n.runs-SA-2011.004)
From: Mark Hamburg <mark@...>
Date: Thu, 29 Dec 2011 14:02:20 -0800

On Dec 29, 2011, at 12:59 PM, fredrik danerklint wrote:

>> A secure implementation would introduce some randomizing element per run
> 
> I think it already does that since it using the length of the string as a (random)seed.

Nope. Just create a fixed length string longer than 32 (31?) characters. The hash will include the length but will skip some of the characters. Those skipped characters can be used as a counter to generate a series of strings with equal hashes.

Mark

References:
- Hash Table Collisions (n.runs-SA-2011.004), fredrik danerklint
- Re: Hash Table Collisions (n.runs-SA-2011.004), Michal Kottman
- Re: Hash Table Collisions (n.runs-SA-2011.004), Mark Hamburg
- Re: Hash Table Collisions (n.runs-SA-2011.004), fredrik danerklint

Prev by Date: Re: Crash when calling C from a finalizer
Next by Date: Re: Hash Table Collisions (n.runs-SA-2011.004)
Previous by thread: Re: Hash Table Collisions (n.runs-SA-2011.004)
Next by thread: Re: Hash Table Collisions (n.runs-SA-2011.004)
Index(es):
- Date
- Thread