Hardening Perl 6's Hash Implementation Against Attack

By: Samantha McVey (‎samcv‎) from amsterdam.pm
Date: Thursday, 16 August 2018 09:10
Duration: 50 minutes
Target audience: Any
Language: English
Tags: hash perl6 security

Hashes have long been considered an essential feature for Perl, though when exploited, hashes can cause servers to grind to a halt.

I discuss my work on Perl 6's MoarVM to harden our hash implementation against DOS attacks. I explain how attacks on many insecure hashing functions operate and the importance of seeding hashing functions with a random seed. I also discuss the dangers of hash conflict resolution which does not take attacks into account. I explain the features and changes I have introduced and plan to introduce into
MoarVM to make our hashing more robust to attacks and touch on how other languages have tried to solve these issues.

Attended by: Tina Müller (‎tinita‎), Simon Proctor (‎Scimon‎), Fernando Santagata, DrForr, Salve J. Nilsen (‎sjn‎), Laurent Rosenfeld (‎lolo78‎), José Joaquín Atria (‎JJ‎), Moray Jones, Kang-min Liu (‎gugod‎), Erik Johansen (‎uniejo‎), Nicholas Clark, Andreas Boesen (‎Happy‎), Chris Jack, Martin Barth (‎ufobat‎), Matthew Chubb (‎mchubb‎), Aaron Crane (‎arc‎), cono, Steffen Winkler (‎STEFFENW‎), Jean Forget

Community Sponsors

Enlightened Perl Organisation Magnum Solutions Logo Perl6 Community Perl Weekly