How does one implement a universal hash function, and would this be feasible to use, for example, in a filesystem's dentry table?
-
In Exploiting Unix File-System Races via Algorithmic Complexity Attacks[1], a vulnerability is described which amounts to lengthening the time a call to access(2) or open(2) takes by generating a large number of hash collisions in the dentry table. In personal conversations with Johnson, he told me that if the kernel devs would get their act together and implement a universal hash function in their hashtable implementation, this attack would be effectively neutralized (at least, with high probability). In my own searching, I have only found high-level, mathematical descriptions of universal hash functions. Are they feasible to implement, and do there exist implementations in the wild I can look at? [1]: http://www.cs.sunysb.edu/~rob/papers/races2.pdf
-
Answer:
Universal hash functions are not hard to implement. Just dot-product with a random vector or evaluate as a polynomial at a random point. However, you need to be careful in using them to fight complexity attacks. An adversary who can make careful timing measurements of your system might find the hash key, and then use it to make just as many collisions. You might try a pseudorandom function instead. These are pretty easy to implement, especially given the AES instructions in modern CPUs. But if you don't have these instructions, they're somewhat slower than UHFs.
Michael Hamburg at Quora Visit the source
Other answers
Ruby and Perl have random hash functions by default. Perl uses them when too many collisions are detected, whereas Ruby always uses random hash functions. As , wrote, implementing universal hash functions is not very difficult. See the following paper for details: Strongly universal string hashing is fast http://arxiv.org/abs/1202.4961
Daniel Lemire
Related Q & A:
- How can I implement a multilayer social network in R?Best solution by Computational Science
- How does one create a recursive lexer?Best solution by stackoverflow.com
- How does one become a SAP professional?Best solution by Quora
- How does one get a job in accounting?Best solution by Yahoo! Answers
- How does one cancel a yahoo address?Best solution by Yahoo! Answers
Just Added Q & A:
- How many active mobile subscribers are there in China?Best solution by Quora
- How to find the right vacation?Best solution by bookit.com
- How To Make Your Own Primer?Best solution by thekrazycouponlady.com
- How do you get the domain & range?Best solution by ChaCha
- How do you open pop up blockers?Best solution by Yahoo! Answers
For every problem there is a solution! Proved by Solucija.
-
Got an issue and looking for advice?
-
Ask Solucija to search every corner of the Web for help.
-
Get workable solutions and helpful tips in a moment.
Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.