SipHash
SipHash is an Add-Rotate-Xor (ARX) based family of pseudorandom functions created by Jean-Philippe Aumasson and Daniel J. Bernstein in 2012.[1]
Overview
SipHash computes 64-bit message authentication code from a variable-length message and 128-bit secret key. It was designed to be efficient even for short inputs, with performance comparable to non-cryptographic hash functions, such as CityHash,[1] thus can be used in hash tables to prevent DoS collision attack (hash flooding) or to authenticate network packets.
Functions in SipHash family are specified as SipHash-c-d, where c is the number of rounds per message block and d is the number of finalization rounds. The recommended parameters are SipHash-2-4 for best performance, and SipHash-4-8 for conservative security.
The reference implementation was released as public domain software under the CC0.[2]
Usage
SipHash is used in hash table implementations of various software:[3]
- Perl (available as compile-time option)[4]
- Python (starting in version 3.4)[5]
- Ruby
- Rust [6]
- systemd [7]
- OpenDNS
- Haskell
- OpenBSD
Native Implementations
See also
References
- 1 2 Jean-Philippe Aumasson & Daniel J. Bernstein (2012-09-18). "SipHash: a fast short-input PRF" (PDF).
- ↑ siphash "Intellectual property: We aren't aware of any patents or patent applications relevant to SipHash, and we aren't planning to apply for any. The reference code of SipHash is released under CC0 license, a public domain-like license."
- ↑ Jean-Philippe Aumasson; Daniel J. Bernstein. "SipHash: a fast short-input PRF, Users".
- ↑ "Perl security – Algorithmic Complexity Attacks".
- ↑ Christian Heimes. "PEP 456 -- Secure and interchangeable hash algorithm". Retrieved 20 November 2013.
- ↑ Graydon Hoare. "Add core::hash containing SipHash-2-4 implementation. Re: #1616 and #859". Retrieved 4 December 2014.
- ↑ Lennart Poettering. "shared: switch our hash table implementation over to SipHash". Retrieved 4 December 2014.
External links
- Jean-Philippe Aumasson; Daniel J. Bernstein. "SipHash: a fast short-input PRF - Project Page".
- Jean-Philippe Aumasson & Daniel J. Bernstein (2012-09-18). "SipHash: a fast short-input PRF" (PDF).
- Jean-Philippe Aumasson; Daniel J. Bernstein (2012-08-15). "SipHash: a fast short-input PRF - Presentation slides" (PDF).
- Jean-Philippe Aumasson; Daniel J. Bernstein; Martin Boßlet (2012-12-29). "Hash-flooding DoS reloaded: attacks and defenses (video)".