The point is not the length of the string, but the size of string space for inspection. To search for a string with a specified 64-bit hash to iterate over 2 ** 64 strings. Spending on a single string scan 1 nanosecond (a very optimistic estimate), it would take 2 ** 64 / 1e9 / (3600 * 24 * 365.25) = 585 years. For the attack we need to find 1000 such strings -- more than half a million years. For 32-bit hash would need only an hour.
With meet-in-the-middle and some other tricks it's possible to generate 25,000 64-bit-collisions per hour using an older desktop-cpu and 4gb ram.
H_dypmRNWgOxiaaG A_ceO8B4Q2eKfabi S_kpgdB3tUFJiaae H_dypmRNWgOxiaaG D_FYzdys3H8qbaba 0_pOwRq15h8vbabO S_kpgdB3tUFJiaae __mdKp1GvI_fcaaM 6_U3_B0pJT1UsaaW 4_1GnK9BmLj9naa5 __X7hMeAOpACdaaw B_7pm.T62SiLlaai I_HSdl0axd8tmaae T_Dv3LwayACpdaaO Frank _______________________________________________ Python-Dev mailing list Python-Dev@python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/archive%40mail-archive.com
