Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-15 Thread Andy Polyakov
> A run on my laptop gave these results: > > : ; ./util/shlib_wrap.sh apps/openssl speed siphash lhash > type 16 bytes 64 bytes256 bytes 1024 bytes 8192 > bytes 16384 bytes > lhash 147387.67k 147940.82k 144937.73k 147177.81k > 147095.55k 1

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-12 Thread Salz, Rich
> Understood.  Can you further clarify whether you would like to maintain the > existing 20-year-old hand-rolled hash function for that purpose or are open > to using a more modern hash (not necessarily SIPhash; there are also things > like the Jenkins hash to consider)? Because it works, becau

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-12 Thread Benjamin Kaduk
On 01/12/2017 02:19 PM, Richard Levitte wrote: > In message on Thu, 12 Jan > 2017 14:07:54 -0600, Benjamin Kaduk said: > > bkaduk> On 01/11/2017 08:43 AM, Richard Levitte wrote: > bkaduk> > bkaduk> A note: I have absolutely nothing against the addition of SIPhash > in > bkaduk> our col

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-12 Thread Richard Levitte
In message on Thu, 12 Jan 2017 14:07:54 -0600, Benjamin Kaduk said: bkaduk> On 01/11/2017 08:43 AM, Richard Levitte wrote: bkaduk> bkaduk> A note: I have absolutely nothing against the addition of SIPhash in bkaduk> our collection of hash algos. My scepticism was only in regards to bk

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-12 Thread Benjamin Kaduk
On 01/11/2017 08:43 AM, Richard Levitte wrote: > A note: I have absolutely nothing against the addition of SIPhash in > our collection of hash algos. My scepticism was only in regards to > using it as a string hasher for our hash tables indexes. > Understood. Can you further clarify whether you

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread Peter Waltenberg
penssl.orgFrom: "J. J. Farrell" Sent by: "openssl-dev" Date: 01/12/2017 10:05AMSubject: Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash? Are the issues you raise true of SipHash, given that a prime motivator for its design was generating hash table

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread J. J. Farrell
out. Peter From: "Salz, Rich" To: "openssl-dev@openssl.org" Date: 11/01/2017 13:14 Subject: Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash? Sent by: "openssl-dev" The needs for OpenSSL&#

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread Peter Waltenberg
bject: Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash? Sent by:"openssl-dev" The needs for OpenSSL's LHASH are exactly what SipHash was designed for: fast on short strings. OpenSSL's hash currently *does not* call MD5 or SHA1; the MD5 code is commented ou

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread Short, Todd
I’d be doing it in a manner similar to Poly1305, since that’s a fresh memory… it shouldn’t take long. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Jan 11, 2017, at 9:44 AM, Richard Levitte mailto:levi...@openssl.or

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread Salz, Rich
> Is there really no use of LHASH tables in OpenSSL where an attacker > attempting a DoS attack can control the contents of the tables? The only use of LHASH is in SSL_SESSION and X509_NAME, which use their own hashing functions, and are only used after the session and/or certs have been cryptog

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread Richard Levitte
Can we look forward to a github PR? In message <97d0be2d-11c6-4d01-9a5d-faccc5b27...@akamai.com> on Tue, 10 Jan 2017 22:42:17 +, "Short, Todd" said: tshort> I think I might have an init/update/final version of siphash24 lying tshort> around somewhere that would be compatible with OpenSSL’s

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread Richard Levitte
A note: I have absolutely nothing against the addition of SIPhash in our collection of hash algos. My scepticism was only in regards to using it as a string hasher for our hash tables indexes. Cheers, Richard In message <20170111.153458.1623912899597806811.levi...@openssl.org> on Wed, 11 Jan 20

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread Richard Levitte
In message <1e19cdfea8224717b3eee11e2d8ac...@usma1ex-dag1mb1.msg.corp.akamai.com> on Wed, 11 Jan 2017 03:13:39 +, "Salz, Rich" said: rsalz> The needs for OpenSSL's LHASH are exactly what SipHash was designed for: fast on short strings. rsalz> OpenSSL's hash currently *does not* call MD5 or

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread Richard Levitte
In message <001901d26bed$d3746ed0$7a5d4c70$@sa...@free.fr> on Wed, 11 Jan 2017 10:33:53 +0100, "Michel" said: michel.sales> And what about using FNV or CityHash ? michel.sales> michel.sales> https://en.wikipedia.org/wiki/Fowler%E2%80%93Noll%E2%80%93Vo_hash_function I'm a little worried about

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread Michel
And what about using FNV or CityHash ? https://en.wikipedia.org/wiki/Fowler%E2%80%93Noll%E2%80%93Vo_hash_function https://en.wikipedia.org/wiki/CityHash -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-11 Thread Tomas Mraz
On Wed, 2017-01-11 at 03:13 +, Salz, Rich wrote: > The needs for OpenSSL's LHASH are exactly what SipHash was designed > for: fast on short strings. > OpenSSL's hash currently *does not* call MD5 or SHA1; the MD5 code is > commented out. > Yes, performance tests would greatly inform the decisio

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Salz, Rich
The needs for OpenSSL's LHASH are exactly what SipHash was designed for: fast on short strings. OpenSSL's hash currently *does not* call MD5 or SHA1; the MD5 code is commented out. Yes, performance tests would greatly inform the decision. -- openssl-dev mailing list To unsubscribe: https://mta.o

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Peter Waltenberg
e before it's accepted. Peter From: "Short, Todd" To: "openssl-dev@openssl.org" Date: 11/01/2017 08:42 Subject:Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash? Sent by:"openssl-dev" I think I might have an init/update/fina

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Short, Todd
I think I might have an init/update/final version of siphash24 lying around somewhere that would be compatible with OpenSSL’s EVP_PKEY mechanism (similar to Poly1305, in that it needs a key). -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Richard Levitte
Benjamin Kaduk skrev: (10 januari 2017 20:19:21 CET) >On 01/10/2017 12:31 PM, Richard Levitte wrote: >> >> Benjamin Kaduk skrev: (10 januari 2017 18:48:32 >CET) >>> On 01/09/2017 10:05 PM, Salz, Rich wrote: Should we move to using SIPHash for the default string hashing function in Ope

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Blumenthal, Uri - 0553 - MITLL
We don’t need the full output width of a good hash function, but for _this_ purpose (as far as I understand) we don’t need the strength of a good hash function either – and we surely don’t need the unnecessary performance hit of a good hash where we don’t need a good hash. Or am I missing so

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Benjamin Kaduk
On 01/10/2017 12:31 PM, Richard Levitte wrote: > > Benjamin Kaduk skrev: (10 januari 2017 18:48:32 CET) >> On 01/09/2017 10:05 PM, Salz, Rich wrote: >>> Should we move to using SIPHash for the default string hashing >>> function in OpenSSL? It’s now in the kernel >>> https://lkml.org/lkml/2017/1/

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Richard Levitte
Benjamin Kaduk skrev: (10 januari 2017 18:48:32 CET) >On 01/09/2017 10:05 PM, Salz, Rich wrote: >> >> Should we move to using SIPHash for the default string hashing >> function in OpenSSL? It’s now in the kernel >> https://lkml.org/lkml/2017/1/9/619 >> >

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Benjamin Kaduk
On 01/09/2017 10:05 PM, Salz, Rich wrote: > > Should we move to using SIPHash for the default string hashing > function in OpenSSL? It’s now in the kernel > https://lkml.org/lkml/2017/1/9/619 >

[openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-09 Thread Salz, Rich
Should we move to using SIPHash for the default string hashing function in OpenSSL? It's now in the kernel https://lkml.org/lkml/2017/1/9/619 Overview at https://131002.net/siphash/ -- Senior Architect, Akamai Technologies Member, OpenSSL Dev Team IM: richs...@jabber.at Twitter: RichSalz -- o