On Tue, Feb 20, 2007 at 12:09:59PM -0800, Michael K. Edwards ([EMAIL
PROTECTED]) wrote:
> On 2/20/07, Michael K. Edwards <[EMAIL PROTECTED]> wrote:
> >Correct. That's called a "weak hash", and Jenkins is known to be a
> >thoroughly weak hash. That's why you never, ever use it without a
> >salt, and you don't let an attacker inspect the hash output either.
>
> Weak in a cryptographic sense, of course. Excellent avalanche
> behavior, though, which is what you care about in a salted hash.
> http://en.wikipedia.org/wiki/Hash_table
I repeat again - add your salt into jenkins hash and I will show you
that it has the same problems.
So, I'm waiting for your patch for jhash_*_words().
> I know nothing about data structures and algorithms except what I read
> on the Internet. But you'd be amazed what's on the Internet.
>
> Cheers,
> - Michael
--
Evgeniy Polyakov
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
