Date: Fri, 16 Dec 2016 11:47:35 -0800 From: Tom Herbert <tom@...bertland.com> To: "Jason A. Donenfeld" <Jason@...c4.com> Cc: Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com>, George Spelvin <linux@...encehorizons.net>, Andi Kleen <ak@...ux.intel.com>, David Miller <davem@...emloft.net>, David Laight <David.Laight@...lab.com>, Eric Biggers <ebiggers3@...il.com>, Hannes Frederic Sowa <hannes@...essinduktion.org>, kernel-hardening@...ts.openwall.com, Linux Crypto Mailing List <linux-crypto@...r.kernel.org>, LKML <linux-kernel@...r.kernel.org>, Andy Lutomirski <luto@...capital.net>, Netdev <netdev@...r.kernel.org>, Linus Torvalds <torvalds@...ux-foundation.org>, "Theodore Ts'o" <tytso@....edu>, vegard.nossum@...il.com, "Daniel J . Bernstein" <djb@...yp.to> Subject: Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF On Fri, Dec 16, 2016 at 4:39 AM, Jason A. Donenfeld <Jason@...c4.com> wrote: > Hey JP, > > On Fri, Dec 16, 2016 at 9:08 AM, Jean-Philippe Aumasson > <jeanphilippe.aumasson@...il.com> wrote: >> Here's a tentative HalfSipHash: >> https://github.com/veorq/SipHash/blob/halfsiphash/halfsiphash.c >> >> Haven't computed the cycle count nor measured its speed. > Tested this. Distribution and avalanche effect are still good. Speed wise I see about a 33% improvement over siphash (20 nsecs/op versus 32 nsecs). That's about 3x of jhash speed (7 nsecs). So that might closer to a more palatable replacement for jhash. Do we lose any security advantages with halfsiphash? Tom > This is incredible. Really. Wow! > > I'll integrate this into my patchset and will write up some > documentation about when one should be used over the other. > > Thanks again. Quite exciting. > > Jason
Powered by blists - more mailing lists
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.