Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 14 Dec 2016 23:03:26 +0100
From: Hannes Frederic Sowa <>
To: "Jason A. Donenfeld" <>,
 David Laight <>
Cc: Netdev <>,,
 Jean-Philippe Aumasson <>,
 LKML <>,
 Linux Crypto Mailing List <>,
 "Daniel J . Bernstein" <>,
 Linus Torvalds <>,
 Eric Biggers <>
Subject: Re: [PATCH v2 1/4] siphash: add cryptographically secure hashtable

On 14.12.2016 13:46, Jason A. Donenfeld wrote:
> Hi David,
> On Wed, Dec 14, 2016 at 10:56 AM, David Laight <> wrote:
>> ...
>>> +u64 siphash24(const u8 *data, size_t len, const u8 key[SIPHASH24_KEY_LEN])
>> ...
>>> +     u64 k0 = get_unaligned_le64(key);
>>> +     u64 k1 = get_unaligned_le64(key + sizeof(u64));
>> ...
>>> +             m = get_unaligned_le64(data);
>> All these unaligned accesses are going to get expensive on architectures
>> like sparc64.
> Yes, the unaligned accesses aren't pretty. Since in pretty much all
> use cases thus far, the data can easily be made aligned, perhaps it
> makes sense to create siphash24() and siphash24_unaligned(). Any
> thoughts on doing something like that?

I fear that the alignment requirement will be a source of bugs on 32 bit
machines, where you cannot even simply take a well aligned struct on a
stack and put it into the normal siphash(aligned) function without
adding alignment annotations everywhere. Even blocks returned from
kmalloc on 32 bit are not aligned to 64 bit.

Can we do this a runtime check and just have one function (siphash)
dealing with that?


Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.