On Tue, Feb 20, 2007 at 07:49:11AM -0800, Michael K. Edwards ([EMAIL PROTECTED]) wrote: > On 2/20/07, Evgeniy Polyakov <[EMAIL PROTECTED]> wrote: > >Jenkins _does_ have them, I showed tests half a year ago and in this > >thread too. Actually _any_ hash has them it is just a matter of time > >to find one. > > I think you misunderstood me. If you are trying to DoS me from > outside with a hash collision attack, you are trying to feed me > packets that fall into the same hash bucket. The Jenkins hash does > not have to be artifact-free, and does not have to be > cryptographically strong. It just has to do a passable job of mixing > a random salt into the tuple, so you don't know which string of > packets to feed me in order to fill one (or a few) of my buckets. > XORing salt into a folded tuple doesn't help; it just permutes the > buckets.
Adding XOR with constant value does not change distribution. Variable salt will end up with differnet buckets for the same flow. It is forbidden - it is not the situation created for passwd/des decades ago. > Cheers, > - Michael -- Evgeniy Polyakov - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html