Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:89498 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 38849 invoked from network); 30 Nov 2015 14:06:30 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 30 Nov 2015 14:06:30 -0000 Authentication-Results: pb1.pair.com smtp.mail=t.carnage@gmail.com; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=t.carnage@gmail.com; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.82.42 as permitted sender) X-PHP-List-Original-Sender: t.carnage@gmail.com X-Host-Fingerprint: 74.125.82.42 mail-wm0-f42.google.com Received: from [74.125.82.42] ([74.125.82.42:33810] helo=mail-wm0-f42.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id F6/3E-04444-6E75C565 for ; Mon, 30 Nov 2015 09:06:30 -0500 Received: by wmvv187 with SMTP id v187so158366621wmv.1 for ; Mon, 30 Nov 2015 06:06:27 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=0sFBg9S+75jgrGcZQ4Y2jozHGd1pa/qpVNI3dy5K74M=; b=IvKVVFn4ttEeQ1nfXV3S/GSwMT9saEC4mDGhs3cz1XIBr7lhtzHM+E1J5Ss+DZ9LLB ZazNTadnWOo8MOTQyoGNeSNHX9MxnujIyw4DD+zyIc/67UcjIMJrIEXuGVkLWlGEZ3Vl dBiNhzcZmHx5hJYXC+9jjQFbiePDalAGGYDw+bhM6VZnktC9glSytzvjMNdChnz3n9E+ WqZ7JHAKLCt8LAp/zkuUEQSkAOoGw5VbZw4rAVSbS/HrHmJ/+lTR+DFdJPl5ClDyDv6n y2F15phUmAEA3BWXNBPawJVrkLjzT/mKaRLYTl8hoFNva9VVBsnUzxlx6tueIGn7WoIv SR2Q== MIME-Version: 1.0 X-Received: by 10.28.60.84 with SMTP id j81mr27169495wma.15.1448892387638; Mon, 30 Nov 2015 06:06:27 -0800 (PST) Received: by 10.194.115.67 with HTTP; Mon, 30 Nov 2015 06:06:27 -0800 (PST) In-Reply-To: <005901d12b77$246b4f10$6d41ed30$@lool.fr> References: <010e01d12978$231e7cf0$695b76d0$@lool.fr> <014301d129cc$4f97f140$eec7d3c0$@lool.fr> <005901d12b77$246b4f10$6d41ed30$@lool.fr> Date: Mon, 30 Nov 2015 14:06:27 +0000 Message-ID: To: Pascal KISSIAN Cc: Nikita Popov , PHP internals Content-Type: multipart/alternative; boundary=001a1148e18c1547e90525c28c56 Subject: Re: [PHP-DEV] RE: HashDos protection From: t.carnage@gmail.com (Chris Riley) --001a1148e18c1547e90525c28c56 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable On 30 November 2015 at 13:58, Pascal KISSIAN wrote: > >De : Nikita Popov [mailto:nikita.ppv@gmail.com] > >Envoy=C3=A9 : dimanche 29 novembre 2015 12:45 > >=C3=80 : Pascal KISSIAN > >Cc : PHP internals > >Objet : Re: HashDos protection > > >Collisions in DJBX33A are (integer overflow notwithstanding) completely > independent of the starting value, so randomizing it wouldn't help. If > you're interested in how DJB collisions are constructed, see > http://www.phpinternalsbook.com/hashtables/hash_algorithm.html#hash-colli= sions > . > > > > Very interesting reading, thanks=E2=80=A6 > > > > > > > > >Similarly, this would not have any effect either. We reduce hashes using > an equivalent of hash % table_size, which is the same as (hash + N * > table_size) % table_size for any N. If you simply add an additional numbe= r > to it, the same relation still holds: (hash + salt) % table_size =3D=3D (= hash + > salt + N * table_size) % table_size, so elements that collided previously > still collide. > > > > You=E2=80=99re absolutely right! Just adding something results in a tran= slation > of the hash table cell=E2=80=A6 > > Perhaps another operation could do the job? Multiply still keeps the > collision for the modulo equal to 0=E2=80=A6 perhaps add + multiply =E2= =80=A6. > > > > However, my main feeling is that "An ounce of prevention is worth a pound > of cure"=E2=80=A6 > =E2=80=A6 and my preferences will go to your second option =E2=80=A6 tak= ing care of not > degrading performance=E2=80=A6 > > > > pk > > As for what other languages do, Python, Ruby and Perl all seem to have switched to using sipHash - maybe we should consider this too --001a1148e18c1547e90525c28c56--