Re: [kernel-hardening] Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF

From: Daniel Micay
Date: Fri Dec 16 2016 - 15:45:05 EST


On Fri, 2016-12-16 at 11:47 -0800, Tom Herbert wrote:
>
> That's about 3x of jhash speed (7 nsecs). So that might closer
> to a more palatable replacement for jhash. Do we lose any security
> advantages with halfsiphash?

Have you tested a lower round SipHash? Probably best to stick with the
usual construction for non-DoS mitigation, but why not try SipHash 1-3,
1-2, etc. for DoS mitigation?

Rust and Swift both went with SipHash 1-3 for hash tables.

Attachment: signature.asc
Description: This is a digitally signed message part