linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: "George Spelvin" <linux@sciencehorizons.net>
To: ak@linux.intel.com, davem@davemloft.net, David.Laight@aculab.com,
	ebiggers3@gmail.com, hannes@stressinduktion.org, Jason@zx2c4.com,
	jeanphilippe.aumasson@gmail.com,
	kernel-hardening@lists.openwall.com,
	linux-crypto@vger.kernel.org, linux-kernel@vger.kernel.org,
	linux@sciencehorizons.net, luto@amacapital.net,
	netdev@vger.kernel.org, tom@herbertland.com,
	torvalds@linux-foundation.org, tytso@mit.edu,
	vegard.nossum@gmail.com
Cc: djb@cr.yp.to
Subject: Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF
Date: 15 Dec 2016 18:28:40 -0500	[thread overview]
Message-ID: <20161215232840.22459.qmail@ns.sciencehorizons.net> (raw)
In-Reply-To: <CAGiyFdfmiCMyHvAg=5sGh8KjBBrF0Wb4Qf=JLzJqUAx4yFSS3Q@mail.gmail.com>

> If a halved version of SipHash can bring significant performance boost
> (with 32b words instead of 64b words) with an acceptable security level
> (64-bit enough?) then we may design such a version.

I was thinking if the key could be pushed to 80 bits, that would be nice,
but honestly 64 bits is fine.  This is DoS protection, and while it's
possible to brute-force a 64 bit secret, there are more effective (DDoS)
attacks possible for the same cost.

(I'd suggest a name of "HalfSipHash" to convey the reduced security
effectively.)

> Regarding output size, are 64 bits sufficient?

As a replacement for jhash, 32 bits are sufficient.  It's for
indexing an in-memory hash table on a 32-bit machine.


(When you're done thinking about this, as a matter of personal interest
I'd love a hash expert's opinion on
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=2a18da7a9c7886f1c7307f8d3f23f24318583f03
and
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=8387ff2577eb9ed245df9a39947f66976c6bcd02
which is a non-cryptographic hash function of novel design that's
inspired by SipHash.)

       reply	other threads:[~2016-12-15 23:28 UTC|newest]

Thread overview: 37+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <CAGiyFdfmiCMyHvAg=5sGh8KjBBrF0Wb4Qf=JLzJqUAx4yFSS3Q@mail.gmail.com>
2016-12-15 23:28 ` George Spelvin [this message]
2016-12-16 17:06   ` [PATCH v5 1/4] siphash: add cryptographically secure PRF David Laight
2016-12-16 17:09     ` Jason A. Donenfeld
2016-12-16  3:46 ` George Spelvin
     [not found]   ` <CAGiyFdd6_LVzUUfFcaqMyub1c2WPvWUzAQDCH+Aza-_t6mvmXg@mail.gmail.com>
2016-12-16 12:39     ` Jason A. Donenfeld
2016-12-16 19:47       ` Tom Herbert
2016-12-16 20:41         ` George Spelvin
2016-12-16 20:57           ` Tom Herbert
2016-12-16 20:44         ` [kernel-hardening] " Daniel Micay
2016-12-16 21:09           ` Jason A. Donenfeld
2016-12-17 15:21         ` George Spelvin
2016-12-19 14:14           ` David Laight
2016-12-19 18:10             ` George Spelvin
     [not found]       ` <CAGiyFddB_HT3H2yhYQ5rprYZ487rJ4iCaH9uPJQD57hiPbn9ng@mail.gmail.com>
2016-12-16 15:51         ` Jason A. Donenfeld
2016-12-16 17:36           ` George Spelvin
2016-12-16 18:00             ` Jason A. Donenfeld
2016-12-16 20:17               ` George Spelvin
2016-12-16 20:43                 ` Theodore Ts'o
2016-12-16 22:13                   ` George Spelvin
2016-12-16 22:15                     ` Andy Lutomirski
2016-12-16 22:18                     ` Jason A. Donenfeld
2016-12-16 23:44                       ` George Spelvin
2016-12-17  1:39                         ` Jason A. Donenfeld
2016-12-17  2:15                           ` George Spelvin
2016-12-17 15:41                             ` [kernel-hardening] " Theodore Ts'o
2016-12-17 16:14                               ` Jeffrey Walton
2016-12-19 17:21                               ` Jason A. Donenfeld
2016-12-17 12:42           ` George Spelvin
2016-12-16 20:39         ` Jason A. Donenfeld
2016-12-16 20:49 Jason A. Donenfeld
2016-12-16 21:25 ` George Spelvin
  -- strict thread matches above, loose matches on Subject: below --
2016-12-16 20:43 Jason A. Donenfeld
2016-12-15 20:29 [PATCH v5 0/4] The SipHash Patchset Jason A. Donenfeld
2016-12-15 20:30 ` [PATCH v5 1/4] siphash: add cryptographically secure PRF Jason A. Donenfeld
2016-12-15 22:42   ` George Spelvin
2016-12-16  2:14   ` kbuild test robot
2016-12-17 14:55   ` Jeffrey Walton
2016-12-19 17:08     ` Jason A. Donenfeld

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20161215232840.22459.qmail@ns.sciencehorizons.net \
    --to=linux@sciencehorizons.net \
    --cc=David.Laight@aculab.com \
    --cc=Jason@zx2c4.com \
    --cc=ak@linux.intel.com \
    --cc=davem@davemloft.net \
    --cc=djb@cr.yp.to \
    --cc=ebiggers3@gmail.com \
    --cc=hannes@stressinduktion.org \
    --cc=jeanphilippe.aumasson@gmail.com \
    --cc=kernel-hardening@lists.openwall.com \
    --cc=linux-crypto@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=luto@amacapital.net \
    --cc=netdev@vger.kernel.org \
    --cc=tom@herbertland.com \
    --cc=torvalds@linux-foundation.org \
    --cc=tytso@mit.edu \
    --cc=vegard.nossum@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).