Re: hash functions and other comments John Cowan 12 Sep 2015 22:16 UTC

Alex Shinn scripsit:

> This is minor compared to the fact that the hash functions don't
> take salt as an input.  Hash collision attacks are well understood
> and have been fixed in Perl [1], and care was taken to fix this in
> Chicken's internal hash tables as well [2].  It seems irresponsible
> to design an API that prevents such security precautions.

A possibility would be to have a parameter hash-salt made available
to the hash functions.

John Cowan
When I wrote it I was more than a little febrile with foodpoisoning
from an antique carrot that I foolishly ate out of an illjudged faith
in the benignancy of vegetables.  --And Rosta