Am 03.10.2013 21:05, schrieb Guido van Rossum: > Hm. I would like to stick to the philosophy that Python's hash > should be as fast as it possibly can be, and should not be mistaken > for a cryptographic hash. The point is to optimize dict lookups, > nothing more, given typical (or even atypical) key distribution, > not to thwart deliberate attacks. We already have adopted a feature > that plugged most viable attacks on web apps, I think that's > enough. I also agree with Antoine's response.
Python's hash is neither as fast nor as secure as it can possibly be. It's not as fast because it doesn't use the full power of modern CPUs. In most cases the code processes only 1 or 2 bytes per cycle instead of 8 bytes on 64-bit architectures. Jean-Philippe Aumasson and Daniel J. Bernstein (who are coincidentally the authors of SipHash) have shown how to recover Python randomization keys. SipHash: more secure and about same speed on most systems optimized FNV: faster but with a known issue Christian _______________________________________________ Python-Dev mailing list Python-Dev@python.org https://mail.python.org/mailman/listinfo/python-dev Unsubscribe: https://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
