Questions tagged [siphash]
A fast 64-bit PRF that can be used as a MAC
12 questions
1 vote
1 answer
124 views
SipHash-1-3 128 bit variant
I came across a 128 bit variant of the SipHash-1-3 function (as opposed to the original 64 bit output). I tried looking for any public cryptanalysis of this function but couldn't find any. Moreover, ...
- 11
1 vote
0 answers
70 views
Short-input (<= 128 bit), short-output (<= 10 bit) MAC
I am faced with a problem of selecting an appropriate message authentication code (MAC) for a particular application. These are the constraints: I have two 64-bit integers $r_a$ and $r_s$ as input, ...
- 21
1 vote
0 answers
71 views
Using cryptography to protect database integrity
I'm designing a micro-services system where each service manages some set of entities (User, Account, e.g). I want to be able to verify the authenticity of entity identifiers (e.g User-Id and Account-...
- 115
1 vote
0 answers
98 views
Parallel MAC vs doubled rounds for SipHash, KMAC and others
SipHash 4-8 is documented by the authors as being about half the speed of SipHash 2-4 and is obviously the more conservative option. I was wondering from a security perspective how this would compare ...
- 334
5 votes
1 answer
3k views
SipHash's (non-)collision resistance
I'm very new to cryptography, and I need help understanding the security claims made in Aumasson and Bernstein's paper on the SipHash. In particular, I'm trying to understand the following statement ...
- 14.7k
3 votes
0 answers
457 views
Why is Siphash-128 considered "experimental"?
Why is Siphash-128 still considered "experimental"? What does this mean?
- 4,861
5 votes
2 answers
956 views
Same 64-bit preimage resistance security for SipHash and SHA-512/64?
If I have to chose a 64 bit preimage resistant hash function; will there be any difference in security between SipHash and SHA-512/64 (SHA-512 truncated to 64 bits)? How long will it take an attacker ...
- 1,029
3 votes
2 answers
1k views
Cryptanalysis of Marvin32 compared to SipHash
So I am curious about the security analysis of Marvin32, the randomized hash algorithm used in .NET (to prevent hash-table DoS). I found the source code here: ...
- 189
3 votes
1 answer
431 views
Does SipHash have 64 bit (second) preimage security?
I was not able to find an explicit statement about the first and second preimage security of SipHash-2-4 or SipHash-4-8 anywhere. I think it should be 64 bits, but I'd feel safer if somebody who has ...
- 1,029
15 votes
2 answers
5k views
Is SipHash cryptographically secure?
I'm evaluating different hash algorithms for use in my application. One of the kind of algorithms I am looking at are cryptographically secure ones to protect against DOS attacks. SipHash seems ...
- 253
3 votes
2 answers
4k views
Generate a unique 64 bit numeric database key without collisions at $2^{32}$ birthday threshold?
What is the best way to generate a unique 64 bit numeric database key from a string? For example: if the string is a URL, you could generate a 64 bit key using SipHash or by truncating a SHA256 hash ...
- 133
3 votes
1 answer
1k views
A fast non-cryptographic hash function that is "strong enough"?
I'm designing a simple one-time-password mechanism for authentication against a possibly-insecure server - i.e. I don't want to use symmetric shared secrets. The first idea that came into mind was ...
- 309