Beefy Boxes and Bandwidth Generously Provided by pair Networks
Your skill will accomplish
what the force of many cannot
 
PerlMonks  

Re^18: Our perl/xs/c app is 30% slower with 64bit 5.24.0, than with 32bit 5.8.9. Why?

by dave_the_m (Prior)
on Dec 23, 2016 at 22:31 UTC ( #1178448=note: print w/replies, xml ) Need Help??


in reply to Re^17: Our perl/xs/c app is 30% slower with 64bit 5.24.0, than with 32bit 5.8.9. Why?
in thread Our perl/xs/c app is 30% slower with 64bit 5.24.0, than with 32bit 5.8.9. Why?

So what you're saying is that you have a file of 350 magic keys that when used to build a hash on any version of Perl from 5.8.1 through 5.16 will cause this constant doubling of the hash size, regardless of what hash seed was chosen at startup?
Yes.

Dave.

  • Comment on Re^18: Our perl/xs/c app is 30% slower with 64bit 5.24.0, than with 32bit 5.8.9. Why?

Replies are listed 'Best First'.
Re^19: Our perl/xs/c app is 30% slower with 64bit 5.24.0, than with 32bit 5.8.9. Why?
by BrowserUk (Pope) on Dec 23, 2016 at 23:38 UTC

    Doesn't that render all the preceding discussion -- in this thread and elsewhere -- about being able to discover the seed, completely redundant?

    I understand the desire -- given the propensity of distributions to ship old versions of perl beyond their sell-by date -- to not share the magic key file publicly, but would you share them with me privately?


    With the rise and rise of 'Social' network sites: 'Computers are making people easier to use everyday'
    Examine what is said, not who speaks -- Silence betokens consent -- Love the truth but pardon error.
    "Science is about questioning the status quo. Questioning authority". The enemy of (IT) success is complexity.
    In the absence of evidence, opinion is indistinguishable from prejudice.
      Doesn't that render all the preceding discussion -- in this thread and elsewhere -- about being able to discover the seed, completely redundant?
      No.

      With 5.8.1 we assumed we'd fixed algorithmic complexity attacks. When it all blew up again in 2013, we looked on smugly as Python, Ruby et al scrambled to do the same stuff we'd already done years before. Then we looked more closely and realised that our 5.8.1 fix wasn't as good as it could be. Then we noticed that in addition, the 5.8.1 fix had introduced the hash bucket doubling bug. These issues were fixed. Then someone noticed that unsorted hash keys leaked the hash seed (around 3 bits per key IIRC). Proof of Concept code was written which demonstrated that the whole hash seed could be recovered based on receiving a small number of unsorted (and non-special) keys.

      This meant that even with a good hash function and a random seed, it might be possible to attack. So we we added bucket perturbation too which seems to have stopped the seed leak.

      (This is based on my recollections from the long discussion from 3/4 years ago).

      would you share them with me privately
      I'd prefer not to right now,

      Dave.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://1178448]
help
Chatterbox?
and all is quiet...

How do I use this? | Other CB clients
Other Users?
Others examining the Monastery: (5)
As of 2018-07-21 15:57 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?
    It has been suggested to rename Perl 6 in order to boost its marketing potential. Which name would you prefer?















    Results (449 votes). Check out past polls.

    Notices?