-
Notifications
You must be signed in to change notification settings - Fork 5.7k
Description
As described in this Linkedin article I wrote: https://www.linkedin.com/pulse/modulo-hashing-keys-arbitrary-precision-c-walter-karas/ .
A hypothetical scenario where this type of hash function might be useful is a DDOS attack where:
- the attacker is able to cause the hash to process keys of the attacker's choosing.
- the attacker is somehow able to determine the hash function in use.
The attacker could thus potentially cause problems by causing the hash to process large numbers of keys that hash to the same value. Since there are many possible products of larger primes, which could be used as the hash modulus value, it might be harder for the attacker to determine which was in use in the first place. If the modulus was determined, the straightforward recovery would be:
- Empty the set of active keys that are hashed.
- Pick a new modulus.
If this is the reason modulus hashing was in use, it might be better to calculate the coefficients needed for the calculation at runtime, rather than at compile time as in the coded implementation.