| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 20 Feb 2007 07:49:11 -0800 From: "Michael K. Edwards" <medwards.linux@...il.com> To: "Evgeniy Polyakov" <johnpol@....mipt.ru> Cc: "David Miller" <davem@...emloft.net>, dada1@...mosbay.com, akepner@....com, linux@...izon.com, netdev@...r.kernel.org, bcrl@...ck.org Subject: Re: Extensible hashing and RCU On 2/20/07, Evgeniy Polyakov <johnpol@....mipt.ru> wrote: > Jenkins _does_ have them, I showed tests half a year ago and in this > thread too. Actually _any_ hash has them it is just a matter of time > to find one. I think you misunderstood me. If you are trying to DoS me from outside with a hash collision attack, you are trying to feed me packets that fall into the same hash bucket. The Jenkins hash does not have to be artifact-free, and does not have to be cryptographically strong. It just has to do a passable job of mixing a random salt into the tuple, so you don't know which string of packets to feed me in order to fill one (or a few) of my buckets. XORing salt into a folded tuple doesn't help; it just permutes the buckets. Cheers, - Michael - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists