From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail4-relais-sop.national.inria.fr (mail4-relais-sop.national.inria.fr [192.134.164.105]) by walapai.inria.fr (8.13.6/8.13.6) with ESMTP id q01CqTJs004464 for ; Sun, 1 Jan 2012 13:52:29 +0100 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: Ao8jAHVWAE9QRFuw/2dsb2JhbABDggWaG489eIEFgXIBAQU6PxALGBwSFChOh2IGtAOFFYYXYwSVAZI1 X-IronPort-AV: E=Sophos;i="4.71,441,1320620400"; d="scan'208";a="125198498" Received: from furbychan.cocan.org ([80.68.91.176]) by mail4-smtp-sop.national.inria.fr with ESMTP/TLS/AES256-SHA; 01 Jan 2012 13:52:12 +0100 Received: from rich by furbychan.cocan.org with local (Exim 4.72) (envelope-from ) id 1RhKtY-0003O9-KQ for caml-list@inria.fr; Sun, 01 Jan 2012 12:52:12 +0000 Date: Sun, 1 Jan 2012 12:52:12 +0000 From: "Richard W.M. Jones" Cc: caml-list@inria.fr Message-ID: <20120101125212.GB12851@annexia.org> References: <1325263446.5036.104.camel@samsung> <4EFDEF92.3010204@inria.fr> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <4EFDEF92.3010204@inria.fr> User-Agent: Mutt/1.5.20 (2009-06-14) Subject: Re: [Caml-list] Hashtbl and security On Fri, Dec 30, 2011 at 06:06:26PM +0100, Xavier Leroy wrote: > Indeed. The optional "seed" parameter to Hashtbl.create does exactly > this in the new implementation of Hashtbl (the one based on Murmur3). It may be worth noting that Perl solved this problem (back in 2003) by unconditionally using a seed which is a global set to a random number during interpreter initialization. Each run of the interpreter results in a different seed, and (it is supposed therefore) users of Perl simply don't need to worry about algorithmic complexity attacks. http://perl5.git.perl.org/perl.git/blob/HEAD:/hv.h#l104 http://dev.perl.org/perl5/news/2003/perl-5.8.1.html#Hash_Randomisation Rich. -- Richard Jones Red Hat