[cryptography] [zfs] [Review] 4185 New hash algorithm support
Joachim at Strombergson.com
Tue Oct 22 08:34:29 EDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
> Is SipHash really that fast in this context? AFAIK it's only much
> faster for short strings, since its block size is so small.
Actually it is the other way around. It is not that SipHash is bad for
long messages, it is that SipHash is oven more _much_ faster for small
messages than other MACs because the low total overhead. But the per
block overhead in SipHash is zero i.e. no setup, just round processing.
This means that SipHash (just lika many other algs) is more efficient
for longer messages than shorter.
The amortized cost for arbitrarily long messages is two rounds. For a
single block 32 Byte block message the cost is two plus four rounds,
which is worst case cost. If you use SipHash-2-4 that is.
> The downsides of SipHash are:
> * lack of collision resistance when the key is known * small 64 bit
> output, which means that collisions will happen frequently and need
> to be handled
I think those are much more relevant arguments.
Med vänlig hälsning, Yours
Joachim Strömbergson - Alltid i harmonisk svängning.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
-----END PGP SIGNATURE-----
More information about the cryptography