SipHash: A Fast Short-Input PRF

@inproceedings{Aumasson2012SipHashAF,
  title={SipHash: A Fast Short-Input PRF},
  author={Jean-Philippe Aumasson and Daniel J. Bernstein},
  booktitle={INDOCRYPT},
  year={2012}
}
SipHash is a family of pseudorandom functions optimized for short inputs. Target applications include network traffic authentication and hash-table lookups protected against hash-flooding denial-of-service attacks. SipHash is simpler than MACs based on universal hashing, and faster on short inputs. Compared to dedicated designs for hash-table lookup, SipHash has well-defined security goals and competitive performance. For example, SipHash processes a 16-byte input with a fresh key in 140 cycles… 
Improved Cryptanalysis on SipHash
SipHash is an ARX-based pseudorandom function designed by Aumasson and Bernstein for short message inputs. Recently, Ashur et al. proposed an efficient analysis method against ARX
Haraka v2 - Efficient Short-Input Hashing for Post-Quantum Applications
TLDR
This work proposes two short-input hash functions, utilizing AES instructions on modern CPUs, and develops a general tool-based method to include arguments against attack vectors using truncated differentials.
SPHINCS: Practical Stateless Hash-Based Signatures
TLDR
A high-security post-quantum stateless hash-based signature scheme that signs hundreds of messages per second on a modern 4-core 3.5GHz Intel CPU, allowing it to be a drop-in replacement for current signature schemes.
SAT Based Attacks on SipHash
TLDR
This project uses SAT based attacks on the primitive to perform partial key recovery and compares the effectiveness of these attacks against standard brute force approach that involves trying all possible combinations for the key bits.
Secure Keyed Hashing on Programmable Switches
TLDR
This paper implements HalfSipHash on the Barefoot Tofino switch by using dependency management schemes to conserve pipeline stages and slicing semantics for concise circular bit shift operations, and shows that the efficient implementation performs 67 million, 90 million, 150 million, and 304 million hashes per second.
BP-MAC: Fast Authentication for Short Messages
TLDR
This work proposes BP-MAC, a fast and memory-efficient approach for computing message authentication codes based on the well-established Carter-Wegman construction, to offload resource-intensive computations to idle phases and thus save valuable time in latency-critical phases.
Cryptographic Hashing in P4 Data Planes
  • D. Scholz, Andreas Oeldemann, G. Carle
  • Computer Science, Mathematics
    2019 ACM/IEEE Symposium on Architectures for Networking and Communications Systems (ANCS)
  • 2019
TLDR
This work proposes an extension of the P4 Portable Switch Architecture for cryptographic hashes and discusses the prototype implementations, which show that cryptographic hashing can be integrated efficiently and cannot identify a single hash function delivering satisfying performance on all investigated platforms.
Differential Cryptanalysis of SipHash
TLDR
This paper provides the first published third-party cryptanalysis of SipHash regarding differential cryptanalysis and uses existing automatic tools to find differential characteristics for Sip hash to significantly improve the results of the designers and give new insights in the security of SIPHash-2-4.
Variants of Wegman-Carter message authentication code supporting variable tag lengths
TLDR
This work provides a formalisation of the classical WegmanCarter MAC scheme and builds on this scheme to obtain single-key variable tag length MAC schemes utilising either a stream cipher or a short-output pseudo-random function.
Cryptanalysis of Reduced-Round SipHash
  • Le He, Hongbo Yu
  • Computer Science, Mathematics
    IACR Cryptol. ePrint Arch.
  • 2019
TLDR
The property of truncated differential in SipHash is studied and the output bits with the most imbalanced differential biases are found and a key recovery method is proposed that can obtain a nonuniform distribution of the 128-bit key through several bias tests.
...
...

References

SHOWING 1-10 OF 57 REFERENCES
Fast Software Encryption, 15th International Workshop, FSE 2008, Lausanne, Switzerland, February 10-13, 2008, Revised Selected Papers
  • K. Nyberg
  • Computer Science, Mathematics
    FSE
  • 2008
TLDR
This work discusses a Unified Approach to Related-Key Attacks, Improved Indifferentiability Security Analysis of chopMD Hash Function, and new Techniques for Cryptanalysis of Hash Functions and Improved Attacks on Snefru.
Key-Recovery Attacks on Universal Hash Function Based MAC Algorithms
TLDR
The results show that while universal hash functions offer provable security, high speeds and parallelism, their simple combinatorial properties make them less robust than conventional message authentication primitives.
Message Authentication on 64-Bit Architectures
  • Ted Krovetz
  • Computer Science
    Selected Areas in Cryptography
  • 2006
TLDR
VMAC is a message authentication algorithm optimized for high performance in software on 64-bit architectures, employing a "universal" hash function VHASH, which is fully developed in this paper.
UMAC: Fast and Secure Message Authentication
TLDR
A message authentication algorithm, UMAC, which can authenticate messages roughly an order of magnitude faster than current practice (e.g., HMAC-SHA1), and about twice as fast as times previously reported for the universal hash-function family MMH.
Denial of Service via Algorithmic Complexity Attacks
TLDR
A new class of low-bandwidth denial of service attacks that exploit algorithmic deficiencies in many common applications' data structures, and it is shown how modern universal hashing techniques can yield performance comparable to commonplace hash functions while being provably secure against these attacks.
Fast Software Encryption, 16th International Workshop, FSE 2009, Leuven, Belgium, February 22-25, 2009, Revised Selected Papers
TLDR
This talk discusses Cube Testers and Key Recovery Attacks on Reduced-Round MD6 and Trivium, and an Efficient State Recovery Attack on X-FCSR-256.
Fast Software Encryption, 17th International Workshop, FSE 2010, Seoul, Korea, February 7-10, 2010, Revised Selected Papers
TLDR
This presentation discusses how to Thwart Birthday Attacks against MACs via Small Randomness and a Unified Method for Improving PRF Bounds for a Class of Blockcipher Based MACs.
MAC Reforgeability
TLDR
This paper examines the notion of "reforgeability" for MACs, and motivates its utility in the context of {power, bandwidth, CPU}-constrained computing environments, and gives a tight security reduction for a new MAC, WMAC, which is argued is the "best fit" for resource-limited devices.
The Poly1305-AES Message-Authentication Code
TLDR
The security of Poly1305-AES is very close to the security of AES; the security gap is at most 14D⌈L/16⌉/2106 if messages have at most L bytes, the attacker sees at most 264 authenticated messages, and the attacker attempts D forgeries.
The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl
TLDR
The rebound attack consists of an inbound phase with a match-in-the-middle part to exploit the available degrees of freedom in a collision attack to efficiently bypass the low probability parts of a differential trail.
...
...