On Sun, Mar 18, 2012 at 8:12 AM, Stas Malyshev <smalys...@sugarcrm.com> wrote: > Obvious solution would be to use a salt for the hash, which prevents blind > pre-computing of hash collisions. However, due to the fact that PHP hash > values can be reused in different processes by bytecode caches, implementing > it properly is not trivial.
What if php uses salts for specific hashes only, such as GPC (or all hashes whose lifetime is limited to the current reuqest), and use a zero-value salt for all others? -- PHP Internals - PHP Runtime Development Mailing List To unsubscribe, visit: http://www.php.net/unsub.php
