Mark Shannon <m...@hotpy.org> added the comment:
But that's not the issue we are supposed to be dealing with.
A single (genuinely random) seed will deal with the attack described in
the talk and it is (almost) as fast as using 0 as a seed.
Why make things complicated dealing with a hypothetical problem?
>> Why should hash("") always return 0?
>> I can't find it in the docs anywhere.
>
> hash("") should return something constant that doesn't reveal information
> about the random seeds. 0 is an arbitrary choice that is as good as anything
> else. hash("") already returns 0, hence my suggestion for 0.
Is special casing arbitrary values really any more secure?
If we special case "", the attacker will just start using "\0" and so on...
>
> ----------
>
> _______________________________________
> Python tracker <rep...@bugs.python.org>
> <http://bugs.python.org/issue13703>
> _______________________________________
----------
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue13703>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
