Skip to content

bytes/hash: upper 32-bits of Hash result are independent of seed on 32-bit CPUs #34925

New issue
New issue
Closed
Closed
bytes/hash: upper 32-bits of Hash result are independent of seed on 32-bit CPUs#34925
Labels
FrozenDueToAgeNeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.
@mdempsky

Description

@mdempsky
mdempsky
opened on Oct 15, 2019

Package bytes/hash claims:

// All bits of the Hash result are close to uniformly and
// independently distributed, so can be safely restricted to a range
// using bit masking, shifting, or modular arithmetic.

This is false on 32-bit CPUs:

package main

import "bytes/hash"

func main() {
	for i := 0; i < 10; i++ {
		h := hash.New()
		h.AddString("foo")
		println(h.Hash() >> 32)
	}
}

$ GOARCH=386 go run x.go
2561895305
2561895305
2561895305
2561895305
2561895305
2561895305
2561895305
2561895305
2561895305
2561895305

This is because hash.New() only generates 32 bits of entropy (all in the lower 32-bits of seed), so the "hi" computation in hash.rthash does not involve any entropy.

Mixing lo/hi like the TODO comment says would address this, but the simpler fix would be to generate 64-bits of entropy.

Metadata

Metadata

Assignees

No one assigned

    Labels

    FrozenDueToAgeNeedsInvestigationSomeone must examine and confirm this is a valid issue and not a duplicate of an existing one.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions