Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Date: Tue, 10 Jan 2017 18:03:07 +0100
From: "Jason A. Donenfeld" <Jason@...c4.com>
To: LKML <linux-kernel@...r.kernel.org>, kernel-hardening@...ts.openwall.com
Cc: Jean-Philippe Aumasson <jeanphilippe.aumasson@...il.com>
Subject: [RFC] Use of SipHash and HalfSipHash for Hashtables and PRF

Hi all,

In this case, by "RFC" I actually mean "request for commits". No
comments, please. :)

David Miller's net-next tree now has my SipHash patchset, which adds
SipHash to the kernel for all sorts of interesting uses. The first two
uses include syncookies and secure sequence numbers. Future uses
include hashtable lookup functions and other types of short MAC uses.
This message is an invitation to start switching certain interfaces
over to SipHash, if the use improves either performance or security,
or perhaps both.

So, what's the deal?

SipHash takes two inputs:
- A randomly generated 16-byte longterm secret key, generated via
get_random_bytes or get_random_once.
- Some variable length input.
SipHash then spits out:
- A 64-bit psuedo-random number.

Documentation and usage examples are in this document:
https://git.kernel.org/cgit/linux/kernel/git/davem/net-next.git/plain/Documentation/siphash.txt

If you have a hashtable that takes input from sources outside the
kernel, consider using SipHash. If you're generating deterministic
random bytes based on some key, consider using SipHash. If you're just
curious, consider using SipHash. I merely say "consider" using it,
because there are many cases in which SipHash will _not_ make sense,
so the result of such consideration will be a clear "no thanks". But
perhaps in other cases will indeed be useful, so your consideration
may very well be worthwhile. If you have any questions about it, don't
hesitate to inquire, and if you're at all uncertain about whether or
not your patch using it is correct, put me in the CC and I'll give my
2¢.

Jason

Powered by blists - more mailing lists

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.