From:

Date:

July 29, 2020 15:06Subject:

Re: PERL_PERTURB_KEYS=2Message ID:

CANgJU+UoZrXbz+fzb68dMpqBbUXDBSt1Uz7yzaGXk0CCpAbLbQ@mail.gmail.comOn Wed, 29 Jul 2020 at 12:30, <hv@crypt.org> wrote: > > demerphq <demerphq@gmail.com> wrote: > :On Wed, 29 Jul 2020 at 00:00, <hv@crypt.org> wrote: > :> > :> demerphq <demerphq@gmail.com> wrote: > :> :Can you tell me what PERL_HASH_SEED_DEBUG=1 reports for you? > :> : > :> :I have a feeling your perl is built with hadh seed randomization disabled. > :> > :> % PERL_HASH_SEED_DEBUG=1 /opt/v5.32.0-d/bin/perl -e 1 > :> HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x986401ef56ab149158c74ee4062846bd8b8504d92918d2beaf137d90 PERTURB_KEYS = 1 (RANDOM) > : > :Ok, I get it now. Your perl is /opt/v5.32.0-d/bin/perl. But your > :script references the system perl in your $PATH. > > Ah no, the script I used referenced the same perl explicitly; I reduced > that to 'perl' to share it in the email. > > Just to confirm I ran it using $^X instead, and again got 30 copies of > 'fmpdvjxiezlghkrotnyasuqwbc'. I get the same result (30 copies of some > string, not necessarily the same one) with several other locally installed > perls: > > % PERL_HASH_SEED_DEBUG=1 /opt/v5.28.1/bin/perl -e 1 > HASH_FUNCTION = SBOX32_WITH_STATDX HASH_SEED = 0x5afc389d7cd92b2d24cf55677e77eabe7f13d65bea502c5734b45a5b PERTURB_KEYS = 1 (RANDOM) > % PERL_HASH_SEED_DEBUG=1 /opt/v5.30.0-d/bin/perl -e 1 > HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x8f9a8d9d90e3a4c7e2c7aee1296da214c6a69686f38126244ab41750 PERTURB_KEYS = 1 (RANDOM) > % PERL_HASH_SEED_DEBUG=1 /opt/v5.31.10-d/bin/perl -e 1 > HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x3f531474e73fd3e0e083390f9893801ef1072cf2a5512da51961da41 PERTURB_KEYS = 1 (RANDOM) > % PERL_HASH_SEED_DEBUG=1 /opt/v5.32.0-d/bin/perl -e 1 > HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x252cfa4768d343caaa2ea7a313eab33b4f8bab52e7b4993d44fd0bf1 PERTURB_KEYS = 1 (RANDOM) This is what i see with an augmented version of your script: $ PERL_HASH_SEED_DEBUG=1 ./perl t.pl HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0xbb6f06afee7a49c0fbbd6ab110b92e3fa9231333cf0f356c1921c8ba PERTURB_KEYS = 1 (RANDOM) this is /git_tree/perl/perl version 5.033001 1: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x10000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkgjlzixevmfpdcubwqastrony 1: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x10000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkgjlzixevmfpdcubwqastrony 1: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x10000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkgjlzixevmfpdcubwqastrony 2: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x20000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:ghkexizljvdpfmcqwbusaynrot 2: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x20000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:ghkexizljvdpfmcqwbusaynrot 2: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x20000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:ghkexizljvdpfmcqwbusaynrot 3: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x30000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:ghkxiezljvpdfmcqwbusaynrot 3: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x30000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:ghkxiezljvpdfmcqwbusaynrot 3: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x30000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:ghkxiezljvpdfmcqwbusaynrot 4: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x40000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkglzexijvdpmfcbqwusayntro 4: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x40000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkglzexijvdpmfcbqwusayntro 4: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x40000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkglzexijvdpmfcbqwusayntro 5: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x50000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkglzxiejvpdmfcbqwusayntro 5: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x50000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkglzxiejvpdmfcbqwusayntro 5: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x50000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkglzxiejvpdmfcbqwusayntro 6: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x60000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:fmdpvjexizlghkrotnyasuqwbc 6: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x60000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:fmdpvjexizlghkrotnyasuqwbc 6: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x60000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:fmdpvjexizlghkrotnyasuqwbc 7: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x70000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:fmpdvjxiezlghkrotnyasuqwbc 7: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x70000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:fmpdvjxiezlghkrotnyasuqwbc 7: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x70000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:fmpdvjxiezlghkrotnyasuqwbc 8: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x80000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:mfdpvjlzexihkgtronyasubqwc 8: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x80000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:mfdpvjlzexihkgtronyasubqwc 8: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x80000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:mfdpvjlzexihkgtronyasubqwc 9: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x90000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:mfpdvjlzxiehkgtronyasubqwc 9: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x90000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:mfpdvjlzxiehkgtronyasubqwc 9: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x90000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:mfpdvjlzxiehkgtronyasubqwc 10: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x10000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkgjlzixevmfpdcubwqastrony 10: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x10000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkgjlzixevmfpdcubwqastrony 10: HASH_FUNCTION = SBOX32_WITH_STADTX HASH_SEED = 0x10000000000000000000000000000000000000000000000000000000 PERTURB_KEYS = 2 (DETERMINISTIC) 5.033001:hkgjlzixevmfpdcubwqastrony The SBOX is being initialized from a seed with barely any bits set, and whose bits are very similar. This produces an SBOX whose first row is relatively similar to each other, and as the keys are only one byte their hash values are constructed from only one row of the SBOX table. Additionally the hash table only uses 5 bits of the hash, which magnifies the chance that there will be a similar order between the different seeds. You can add keys(%hash)=10000 and you will see the full hash for each value is different for each seed. It is only the low bits that are similar for these similar seeds. > System perl is 5.26.1 with 67 registered patches (Ubuntu 18.04.4), and > that gives 10 triples similar to your output: > > % PERL_HASH_SEED_DEBUG=1 perl -e 1 > HASH_FUNCTION = HYBRID_OAATHU_SIPHASH_1_3 HASH_SEED = 0x645353b08bcb9b82a48ecf87816cffb48a58faeaa1c191c8 PERTURB_KEYS = 1 (RANDOM) > > This all feels like a distraction though: it all focuses on some > unexpectedly deterministic results, when the bit I was asking about > related to the unexpectedly _non-deterministic_ results. Did you post the code that was unexpectedly non-deterministic? Maybe i got confused. Yves -- perl -Mre=debug -e "/just|another|perl|hacker/"Thread Previous | Thread Next

- PERL_PERTURB_KEYS=2 by hv
- Re: PERL_PERTURB_KEYS=2 by demerphq
- Re: PERL_PERTURB_KEYS=2 by hv
- Re: PERL_PERTURB_KEYS=2 by demerphq
- Re: PERL_PERTURB_KEYS=2 by hv
- Re: PERL_PERTURB_KEYS=2 by demerphq
- Re: PERL_PERTURB_KEYS=2 by hv
**Re: PERL_PERTURB_KEYS=2**by demerphq- Re: PERL_PERTURB_KEYS=2 by hv
- Re: PERL_PERTURB_KEYS=2 by John Alvord

nntp.perl.org: Perl Programming lists via nntp and http.

Comments to Ask Bjørn Hansen at ask@perl.org | Group listing | About