ruby-changes:45309
From: shyouhei <ko1@a...>
Date: Fri, 20 Jan 2017 15:01:27 +0900 (JST)
Subject: [ruby-changes:45309] shyouhei:r57382 (trunk): switch SipHash from SipHash24 to SipHash13 variant
shyouhei 2017-01-20 15:01:23 +0900 (Fri, 20 Jan 2017) New Revision: 57382 https://svn.ruby-lang.org/cgi-bin/viewvc.cgi?view=revision&revision=57382 Log: switch SipHash from SipHash24 to SipHash13 variant SipHash13 is secure enough to be used in hash-tables, and SipHash's author confirms that. Rust already considered switch to SipHash13: https://github.com/rust-lang/rust/issues/29754#issue-116174313 Jean-Philippe Aumasson confirmation: https://github.com/rust-lang/rust/issues/29754#issuecomment-156073946 Merged pull request: https://github.com/rust-lang/rust/pull/33940 From: Sokolov Yura aka funny_falcon <funny.falcon@g...> Date: Thu, 8 Dec 2016 20:31:29 +0300 Signed-off-by: Urabe, Shyouhei <shyouhei@r...> Fixes: [Feature #13017] Modified files: trunk/random.c trunk/siphash.c trunk/siphash.h Index: siphash.c =================================================================== --- siphash.c (revision 57381) +++ siphash.c (revision 57382) @@ -386,16 +386,15 @@ sip_hash_dump(sip_hash *h) https://github.com/ruby/ruby/blob/trunk/siphash.c#L386 } #endif /* SIP_HASH_STREAMING */ -#define SIP_2_ROUND(m, v0, v1, v2, v3) \ +#define SIP_ROUND(m, v0, v1, v2, v3) \ do { \ XOR64_TO((v3), (m)); \ SIP_COMPRESS(v0, v1, v2, v3); \ - SIP_COMPRESS(v0, v1, v2, v3); \ XOR64_TO((v0), (m)); \ } while (0) uint64_t -sip_hash24(const uint8_t key[16], const uint8_t *data, size_t len) +sip_hash13(const uint8_t key[16], const uint8_t *data, size_t len) { uint64_t k0, k1; uint64_t v0, v1, v2, v3; @@ -415,13 +414,13 @@ sip_hash24(const uint8_t key[16], const https://github.com/ruby/ruby/blob/trunk/siphash.c#L414 uint64_t *data64 = (uint64_t *)data; while (data64 != (uint64_t *) end) { m = *data64++; - SIP_2_ROUND(m, v0, v1, v2, v3); + SIP_ROUND(m, v0, v1, v2, v3); } } #else for (; data != end; data += sizeof(uint64_t)) { m = U8TO64_LE(data); - SIP_2_ROUND(m, v0, v1, v2, v3); + SIP_ROUND(m, v0, v1, v2, v3); } #endif @@ -468,14 +467,13 @@ sip_hash24(const uint8_t key[16], const https://github.com/ruby/ruby/blob/trunk/siphash.c#L467 break; } - SIP_2_ROUND(last, v0, v1, v2, v3); + SIP_ROUND(last, v0, v1, v2, v3); XOR64_INT(v2, 0xff); SIP_COMPRESS(v0, v1, v2, v3); SIP_COMPRESS(v0, v1, v2, v3); SIP_COMPRESS(v0, v1, v2, v3); - SIP_COMPRESS(v0, v1, v2, v3); XOR64_TO(v0, v1); XOR64_TO(v0, v2); Index: siphash.h =================================================================== --- siphash.h (revision 57381) +++ siphash.h (revision 57382) @@ -43,6 +43,6 @@ int sip_hash_digest_integer(sip_hash *h, https://github.com/ruby/ruby/blob/trunk/siphash.h#L43 void sip_hash_free(sip_hash *h); void sip_hash_dump(sip_hash *h); -uint64_t sip_hash24(const uint8_t key[16], const uint8_t *data, size_t len); +uint64_t sip_hash13(const uint8_t key[16], const uint8_t *data, size_t len); #endif Index: random.c =================================================================== --- random.c (revision 57381) +++ random.c (revision 57382) @@ -1457,7 +1457,7 @@ random_s_rand(int argc, VALUE *argv, VAL https://github.com/ruby/ruby/blob/trunk/random.c#L1457 } #define SIP_HASH_STREAMING 0 -#define sip_hash24 ruby_sip_hash24 +#define sip_hash13 ruby_sip_hash13 #if !defined _WIN32 && !defined BYTE_ORDER # ifdef WORDS_BIGENDIAN # define BYTE_ORDER BIG_ENDIAN @@ -1501,7 +1501,7 @@ rb_hash_start(st_index_t h) https://github.com/ruby/ruby/blob/trunk/random.c#L1501 st_index_t rb_memhash(const void *ptr, long len) { - sip_uint64_t h = sip_hash24(seed.key.sip, ptr, len); + sip_uint64_t h = sip_hash13(seed.key.sip, ptr, len); #ifdef HAVE_UINT64_T return (st_index_t)h; #else -- ML: ruby-changes@q... Info: http://www.atdot.net/~ko1/quickml/