SipHash

SipHash is an Add-Rotate-Xor (ARX) based family of pseudorandom functions created by Jean-Philippe Aumasson and Daniel J. Bernstein in 2012.^[1]

Overview

SipHash computes 64-bit message authentication code from a variable-length message and 128-bit secret key. It was designed to be efficient even for short inputs, with performance comparable to non-cryptographic hash functions, such as CityHash,^[1] thus can be used in hash tables to prevent DoS collision attack (hash flooding) or to authenticate network packets.

Functions in SipHash family are specified as SipHash-c-d, where c is the number of rounds per message block and d is the number of finalization rounds. The recommended parameters are SipHash-2-4 for best performance, and SipHash-4-8 for conservative security.

Usage

SipHash is used in hash table implementations of various software:^[2]

Perl
Python (starting in version 3.4)^[3]
Ruby
Rust ^[4]
systemd ^[5]
OpenDNS
Haskell
OpenBSD

Native Implementations

Javascript

References

↑ 1.0 1.1 Jean-Philippe Aumasson and Daniel J. Bernstein (2012-09-18). "SipHash: a fast short-input PRF" (PDF).
↑ Jean-Philippe Aumasson, Daniel J. Bernstein. "SipHash: a fast short-input PRF, Users".
↑ Christian Heimes. "PEP 456 -- Secure and interchangeable hash algorithm". Retrieved 20 November 2013.
↑ Graydon Hoare. "Add core::hash containing SipHash-2-4 implementation. Re: #1616 and #859". Retrieved 4 December 2014.
↑ Lennart Poettering. "shared: switch our hash table implementation over to SipHash". Retrieved 4 December 2014.

External links

Jean-Philippe Aumasson, Daniel J. Bernstein. "SipHash: a fast short-input PRF - Project Page".

Jean-Philippe Aumasson and Daniel J. Bernstein (2012-09-18). "SipHash: a fast short-input PRF" (PDF).

Jean-Philippe Aumasson, Daniel J. Bernstein (2012-08-15). "SipHash: a fast short-input PRF - Presentation slides" (PDF).

Jean-Philippe Aumasson, Daniel J. Bernstein, Martin Boßlet (2012-12-29). "Hash-flooding DoS reloaded: attacks and defenses (video)".

Hash functions & message authentication codes

Security summary

Common functions	MD5 SHA-1 SHA-2 SHA-3/Keccak

SHA-3 finalists	BLAKE Grøstl JH Skein Keccak (winner)

Other functions	FSB ECOH GOST HAS-160 HAVAL LM hash MDC-2 MD2 MD4 MD6 N-Hash RadioGatún RIPEMD SipHash Snefru SWIFFT Tiger VSH WHIRLPOOL crypt(3) (DES)

MAC algorithms	DAA CBC-MAC HMAC OMAC/CMAC PMAC VMAC UMAC Poly1305-AES

Authenticated encryption modes	CCM CWC EAX GCM IAPM OCB

Attacks	Collision attack Preimage attack Birthday attack Brute force attack Rainbow table Distinguishing attack Side-channel attack Length extension attack

Design	Avalanche effect Hash collision Merkle–Damgård construction

Standardization	CRYPTREC NESSIE NIST hash function competition

Utilization	Salt Key stretching

Cryptography

History of cryptography Cryptanalysis Cryptography portal Outline of cryptography

Symmetric-key algorithm Block cipher Stream cipher Public-key cryptography Cryptographic hash function Message authentication code Random numbers Steganography

SipHash

Overview

Usage

See also

References

External links