Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

> A run on my laptop gave these results: > > : ; ./util/shlib_wrap.sh apps/openssl speed siphash lhash > type 16 bytes 64 bytes256 bytes 1024 bytes 8192 > bytes 16384 bytes > lhash 147387.67k 147940.82k 144937.73k 147177.81k > 147095.55k

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

> Understood.  Can you further clarify whether you would like to maintain the > existing 20-year-old hand-rolled hash function for that purpose or are open > to using a more modern hash (not necessarily SIPhash; there are also things > like the Jenkins hash to consider)? Because it works,

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

On 01/11/2017 08:43 AM, Richard Levitte wrote: > A note: I have absolutely nothing against the addition of SIPhash in > our collection of hash algos. My scepticism was only in regards to > using it as a string hasher for our hash tables indexes. > Understood. Can you further clarify whether you

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

: "J. J. Farrell" <jeremy.farr...@oracle.com>Sent by: "openssl-dev" <openssl-dev-boun...@openssl.org>Date: 01/12/2017 10:05AMSubject: Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash? Are the issues you raise true of SipHash, given that a prime mot

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

;Salz, Rich" <rs...@akamai.com> To: "openssl-dev@openssl.org" <openssl-dev@openssl.org> Date: 11/01/2017 13:14 Subject: Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash? Sent by: "openssl-

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

ev@openssl.org> Date: 11/01/2017 13:14 Subject: Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash? Sent by:"openssl-dev" <openssl-dev-boun...@openssl.org> The needs for OpenSSL's LHASH are exactly what SipHash was designed for: fast on short strings. Open

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

I’d be doing it in a manner similar to Poly1305, since that’s a fresh memory… it shouldn’t take long. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Jan 11, 2017, at 9:44 AM, Richard Levitte

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

> Is there really no use of LHASH tables in OpenSSL where an attacker > attempting a DoS attack can control the contents of the tables? The only use of LHASH is in SSL_SESSION and X509_NAME, which use their own hashing functions, and are only used after the session and/or certs have been

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

Can we look forward to a github PR? In message <97d0be2d-11c6-4d01-9a5d-faccc5b27...@akamai.com> on Tue, 10 Jan 2017 22:42:17 +, "Short, Todd" said: tshort> I think I might have an init/update/final version of siphash24 lying tshort> around somewhere that would be

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

A note: I have absolutely nothing against the addition of SIPhash in our collection of hash algos. My scepticism was only in regards to using it as a string hasher for our hash tables indexes. Cheers, Richard In message <20170111.153458.1623912899597806811.levi...@openssl.org> on Wed, 11 Jan

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

In message <1e19cdfea8224717b3eee11e2d8ac...@usma1ex-dag1mb1.msg.corp.akamai.com> on Wed, 11 Jan 2017 03:13:39 +, "Salz, Rich" said: rsalz> The needs for OpenSSL's LHASH are exactly what SipHash was designed for: fast on short strings. rsalz> OpenSSL's hash currently

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

In message <001901d26bed$d3746ed0$7a5d4c70$@sa...@free.fr> on Wed, 11 Jan 2017 10:33:53 +0100, "Michel" said: michel.sales> And what about using FNV or CityHash ? michel.sales> michel.sales> https://en.wikipedia.org/wiki/Fowler%E2%80%93Noll%E2%80%93Vo_hash_function I'm

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

And what about using FNV or CityHash ? https://en.wikipedia.org/wiki/Fowler%E2%80%93Noll%E2%80%93Vo_hash_function https://en.wikipedia.org/wiki/CityHash -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

On Wed, 2017-01-11 at 03:13 +, Salz, Rich wrote: > The needs for OpenSSL's LHASH are exactly what SipHash was designed > for: fast on short strings. > OpenSSL's hash currently *does not* call MD5 or SHA1; the MD5 code is > commented out. > Yes, performance tests would greatly inform the

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

The needs for OpenSSL's LHASH are exactly what SipHash was designed for: fast on short strings. OpenSSL's hash currently *does not* call MD5 or SHA1; the MD5 code is commented out. Yes, performance tests would greatly inform the decision. -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

Todd" <tsh...@akamai.com> To: "openssl-dev@openssl.org" <openssl-dev@openssl.org> Date: 11/01/2017 08:42 Subject: Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash? Sent by:"openssl-dev" <openssl-dev-boun...@openssl.org> I

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

I think I might have an init/update/final version of siphash24 lying around somewhere that would be compatible with OpenSSL’s EVP_PKEY mechanism (similar to Poly1305, in that it needs a key). -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

Benjamin Kaduk skrev: (10 januari 2017 20:19:21 CET) >On 01/10/2017 12:31 PM, Richard Levitte wrote: >> >> Benjamin Kaduk skrev: (10 januari 2017 18:48:32 >CET) >>> On 01/09/2017 10:05 PM, Salz, Rich wrote: Should we move to using SIPHash for the

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

We don’t need the full output width of a good hash function, but for _this_ purpose (as far as I understand) we don’t need the strength of a good hash function either – and we surely don’t need the unnecessary performance hit of a good hash where we don’t need a good hash. Or am I missing

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

On 01/10/2017 12:31 PM, Richard Levitte wrote: > > Benjamin Kaduk skrev: (10 januari 2017 18:48:32 CET) >> On 01/09/2017 10:05 PM, Salz, Rich wrote: >>> Should we move to using SIPHash for the default string hashing >>> function in OpenSSL? It’s now in the kernel >>>

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

Benjamin Kaduk skrev: (10 januari 2017 18:48:32 CET) >On 01/09/2017 10:05 PM, Salz, Rich wrote: >> >> Should we move to using SIPHash for the default string hashing >> function in OpenSSL? It’s now in the kernel >> https://lkml.org/lkml/2017/1/9/619 >>

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

On 01/09/2017 10:05 PM, Salz, Rich wrote: > > Should we move to using SIPHash for the default string hashing > function in OpenSSL? It’s now in the kernel > https://lkml.org/lkml/2017/1/9/619 >

[openssl-dev] use SIPhash for OPENSSL_LH_strhash?

Should we move to using SIPHash for the default string hashing function in OpenSSL? It's now in the kernel https://lkml.org/lkml/2017/1/9/619 Overview at https://131002.net/siphash/ -- Senior Architect, Akamai Technologies Member, OpenSSL Dev Team IM: richs...@jabber.at Twitter: RichSalz --