Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Vulnerable to hashdos attack #1

Open
LeSuisse opened this issue May 17, 2015 · 2 comments
Open

Vulnerable to hashdos attack #1

LeSuisse opened this issue May 17, 2015 · 2 comments

Comments

@LeSuisse
Copy link

This implementation is vulnerable to hashdos attack.
It is, indeed, quite easy to generate colliding strings with DJBX33A. You should use a keyed hash function like SipHash for exemple.
@rurban
Copy link

rurban commented May 17, 2015

No. If you rely on a hash function only for hashdos attacks you are lost. Either use universal hashing, a random seed or not a linked list.

People usually use open addressing as it is faster and not vulnerable with 2 hash functions.

@LeSuisse
Copy link
Author

I don't understand why you disagree with me.

I suggested the use of a PRF/keyed hash function like SipHash because it is the simple way to solve the issue. By the way, this is the solution adopted by Perl in 2003.

Others solutions involve bigger changes and are not easy to get it right.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@rurban @LeSuisse