[openssl-dev] use SIPhash for OPENSSL_LH_strhash?
J. J. Farrell
jeremy.farrell at oracle.com
Wed Jan 11 23:29:04 UTC 2017
Are the issues you raise true of SipHash, given that a prime motivator
for its design was generating hash tables for short inputs while being
secure against hash flooding attacks? It achieves this with the
performance of a portable C implementation the order of four times
faster than MD5, and not much slower than other modern hash algorithms.
I'd have thought the main thing to consider is whether or not there is
any practical way a hash flooding attack could be used against OpenSSL's
hash tables, and it sounds like there isn't. In that case, the fastest
algorithm for the usage patterns would be best.
Regards,
jjf
On 11/01/2017 22:25, Peter Waltenberg wrote:
> And the reason I said you certainly don't need a keyed hash ?
>
> Behaviour of the hash function will change with key and in some cases
> performance would degenerate to that of a linked list. (Ouch). And
> since the obvious thing to do is use a random key, OpenSSL's
> performance would get *very* erratic.
>
> Simpler functions than cryptographic hashes will almost certainly
> yield better results here. I note someone further up the thread
> someone else has pointed that out.
>
> Peter
>
> From: "Salz, Rich" <rsalz at akamai.com>
> To: "openssl-dev at openssl.org" <openssl-dev at openssl.org>
> Date: 11/01/2017 13:14
> Subject: Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?
> Sent by: "openssl-dev" <openssl-dev-bounces at openssl.org>
> ------------------------------------------------------------------------
>
> The needs for OpenSSL's LHASH are exactly what SipHash was designed
> for: fast on short strings.
> OpenSSL's hash currently *does not* call MD5 or SHA1; the MD5 code is
> commented out.
> Yes, performance tests would greatly inform the decision.
--
J. J. Farrell
Not speaking for Oracle
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20170111/ad3b8b07/attachment-0001.html>
More information about the openssl-dev
mailing list