From 41f144b32b5bfecfba9383306b6913f46a7a91bf Mon Sep 17 00:00:00 2001
From: "byte[]" <byteslice@airmail.cc>
Date: Sun, 10 May 2020 06:20:21 -0400
Subject: [PATCH] use stronger hash function for anonymous names

---
 lib/philomena_web/views/user_attribution_view.ex | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/lib/philomena_web/views/user_attribution_view.ex b/lib/philomena_web/views/user_attribution_view.ex
index 2f930749..c2c47a38 100644
--- a/lib/philomena_web/views/user_attribution_view.ex
+++ b/lib/philomena_web/views/user_attribution_view.ex
@@ -28,8 +28,10 @@ defmodule PhilomenaWeb.UserAttributionView do
     id = Attribution.object_identifier(object)
     user_id = Attribution.best_user_identifier(object)
 
+    {:ok, <<key::size(16)>>} = :pbkdf2.pbkdf2(:sha256, id <> user_id, salt, 100, 2)
+
     hash =
-      (:erlang.crc32(salt <> id <> user_id) &&& 0xFFFF)
+      key
       |> Integer.to_string(16)
       |> String.pad_leading(4, "0")