std::string_view 编译时散列
std::string_view compile time hashing
C++17 string_view 的 std::hash functions 似乎不是 constexpr 的。
在我看来,绑定到 const char[] 的字符串视图可以在编译时进行哈希处理(这会非常好),或者有什么可以阻止这种情况吗?
从 C++14 开始(参见 17.6.3.4 哈希要求,table26),我们有:
The value returned shall depend only on the argument k for the duration
of the program. [Note: Thus all evaluations of the expression h(k) with
the same value for k yield the same result for a given execution of the
program. -- end note]
两个different executions can give different hashes:
Hash functions are only required to produce the same result for the
same input within a single execution of a program;
this allows salted hashes that prevent collision DoS attacks.
This behaviour is useful to mitigate hash collision-based DoS attacks.
详情
以下是 C++17 标准中关于 Hash 概念要求的措辞:
The value returned shall depend only on the argument k
for the duration of the program. [ Note: Thus all
evaluations of the expression h(k) with the same
value for k yield the same result for
a given execution of the program. — end note ]
它没有明确说明任何关于随机散列的内容。 std::hash 文本不强制也不排除随机散列。
历史
这是 N3242 2011-02-28 草稿,其中没有提到“在计划期间”:
Shall not throw exceptions. The value returned shall dependonly
on the argument k. [Note: thus all evaluations of the expression h(k)
with the same value for k yield the same result. — end note
我们可以看到添加了“在程序的持续时间内”“对于给定的程序执行”作为“2291. std::hash is vulnerable to collision DoS attack”的解决方案。
在实践中
AFAIU,std::hash 的实现没有实现随机哈希,但您可以编写自己的 my::secure_hash。
C++17 string_view 的 std::hash functions 似乎不是 constexpr 的。
在我看来,绑定到 const char[] 的字符串视图可以在编译时进行哈希处理(这会非常好),或者有什么可以阻止这种情况吗?
从 C++14 开始(参见 17.6.3.4 哈希要求,table26),我们有:
The value returned shall depend only on the argument k for the duration of the program. [Note: Thus all evaluations of the expression h(k) with the same value for k yield the same result for a given execution of the program. -- end note]
两个different executions can give different hashes:
Hash functions are only required to produce the same result for the same input within a single execution of a program; this allows salted hashes that prevent collision DoS attacks.
This behaviour is useful to mitigate hash collision-based DoS attacks.
详情
以下是 C++17 标准中关于 Hash 概念要求的措辞:
The value returned shall depend only on the argument k for the duration of the program. [ Note: Thus all evaluations of the expression h(k) with the same value for k yield the same result for a given execution of the program. — end note ]
它没有明确说明任何关于随机散列的内容。 std::hash 文本不强制也不排除随机散列。
历史
这是 N3242 2011-02-28 草稿,其中没有提到“在计划期间”:
Shall not throw exceptions. The value returned shall dependonly on the argument k. [Note: thus all evaluations of the expression h(k) with the same value for k yield the same result. — end note
我们可以看到添加了“在程序的持续时间内”“对于给定的程序执行”作为“2291. std::hash is vulnerable to collision DoS attack”的解决方案。
在实践中
AFAIU,std::hash 的实现没有实现随机哈希,但您可以编写自己的 my::secure_hash。