Re: [PATCH v5 1/4] siphash: add cryptographically secure PRF

From: Jason A. Donenfeld
Date: Fri Dec 16 2016 - 20:40:06 EST


On Sat, Dec 17, 2016 at 12:44 AM, George Spelvin
<linux@xxxxxxxxxxxxxxxxxxx> wrote:
> Ths advice I'd give now is:
> - Implement
> unsigned long hsiphash(const void *data, size_t len, const unsigned long key[2])
> .. as SipHash on 64-bit (maybe SipHash-1-3, still being discussed) and
> HalfSipHash on 32-bit.

I already did this. Check my branch.

> - Document when it may or may not be used carefully.

Good idea. I'll write up some extensive documentation about all of
this, detailing use cases and our various conclusions.

> - #define get_random_int (unsigned)get_random_long

That's a good idea, since ultimately the other just casts in the
return value. I wonder if this could also lead to a similar aliasing
with arch_get_random_int, since I'm pretty sure all rdrand-like
instructions return native word size anyway.

> - Ted, Andy Lutorminski and I will try to figure out a construction of
> get_random_long() that we all like.

And me, I hope... No need to make this exclusive.

Jason