Announcement

Collapse
No announcement yet.

SipHash Is Being Worked On For Further Security In The Linux Kernel

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • SipHash Is Being Worked On For Further Security In The Linux Kernel

    Phoronix: SipHash Is Being Worked On For Further Security In The Linux Kernel

    Jason Donenfeld who has been working on the WireGuard secure network tunnel for Linux has also been working on another security enhancement: adding the SipHash PRF to the Linux kernel...

    http://www.phoronix.com/scan.php?pag...F-V3-For-Linux

  • #2
    Hmm... https://en.wikipedia.org/wiki/SipHash#Criticism

    Comment


    • #3
      Originally posted by halo9en View Post
      But is it worse than MD5?

      To its defense, SipHash was co-designed by Daniel J. Bernstein, so it ought to be good.

      Comment


      • #4
        Typo:

        Originally posted by phoronix View Post
        SipHash is fasrter than MD5/SHA1

        Comment


        • #5
          +security, + performance = profit!

          Comment


          • #6
            Las time I considered SipHash I was horrified by the state of the standard implementation in C - it assumed the size of int and the endianness of the machine ... this was the time I decided not to trust this algo and it's authors Also there was no real crypto analysis on it so there is no real reason to have any faith in it.

            Comment


            • #7
              All a hash function can do is provide good mixing and being non-reversible.

              How you can screw up despite using a "strong" hash function see here:
              https://github.com/rust-lang/rust/issues/36481

              Comment


              • #8
                The only problem with SipHash, is that it is actually a bit slow, and hard to vector optimize (mixed vector rotates). Right now the other algorithms are either simpler and faster, or stronger and hardware accelerated. When CPUs have SHA and AES instructions, it is hard to compete with.

                Comment


                • #9
                  Originally posted by s.ivanov View Post
                  Las time I considered SipHash I was horrified by the state of the standard implementation in C - it assumed the size of int and the endianness of the machine ... this was the time I decided not to trust this algo and it's authors Also there was no real crypto analysis on it so there is no real reason to have any faith in it.
                  It assumes endian just to get the "expected" result. I think it works equally well on a big-endian machine, the resulting hash is just different. This is always an issue when reading random bytes as integers.

                  Comment

                  Working...
                  X