{"id":13466203,"url":"https://github.com/veorq/SipHash","last_synced_at":"2025-03-25T21:31:35.426Z","repository":{"id":15300759,"uuid":"18030517","full_name":"veorq/SipHash","owner":"veorq","description":"High-speed secure pseudorandom function for short messages ","archived":false,"fork":false,"pushed_at":"2024-05-17T05:09:44.000Z","size":88,"stargazers_count":655,"open_issues_count":1,"forks_count":50,"subscribers_count":26,"default_branch":"master","last_synced_at":"2024-10-14T20:59:11.653Z","etag":null,"topics":["c","cryptography","message-authentication-code","pseudorandom-functions","security"],"latest_commit_sha":null,"homepage":"","language":"C","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/veorq.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE_CC0","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null}},"created_at":"2014-03-23T09:51:00.000Z","updated_at":"2024-10-13T14:33:55.000Z","dependencies_parsed_at":"2023-01-11T20:23:06.571Z","dependency_job_id":"b819e333-1593-4a14-9e9e-92aa57843e0f","html_url":"https://github.com/veorq/SipHash","commit_stats":null,"previous_names":[],"tags_count":1,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/veorq%2FSipHash","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/veorq%2FSipHash/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/veorq%2FSipHash/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/veorq%2FSipHash/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/veorq","download_url":"https://codeload.github.com/veorq/SipHash/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":222091980,"owners_count":16929760,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["c","cryptography","message-authentication-code","pseudorandom-functions","security"],"created_at":"2024-07-31T15:00:40.841Z","updated_at":"2024-10-29T18:31:21.764Z","avatar_url":"https://github.com/veorq.png","language":"C","readme":"# SipHash\n\n[![License:\nCC0-1.0](https://licensebuttons.net/l/zero/1.0/80x15.png)](http://creativecommons.org/publicdomain/zero/1.0/)\n\n[![License: MIT](https://img.shields.io/badge/License-MIT-yellow.svg)](https://opensource.org/licenses/MIT)\n\n\nSipHash is a family of pseudorandom functions (PRFs) optimized for speed on short messages.\nThis is the reference C code of SipHash: portable, simple, optimized for clarity and debugging.\n\nSipHash was designed in 2012 by [Jean-Philippe Aumasson](https://aumasson.jp)\nand [Daniel J. Bernstein](https://cr.yp.to) as a defense against [hash-flooding\nDoS attacks](https://aumasson.jp/siphash/siphashdos_29c3_slides.pdf).\n\nSipHash is:\n\n* *Simpler and faster* on short messages than previous cryptographic\nalgorithms, such as MACs based on universal hashing.\n\n* *Competitive in performance* with insecure non-cryptographic algorithms, such as [fhhash](https://github.com/cbreeden/fxhash).\n\n* *Cryptographically secure*, with no sign of weakness despite multiple [cryptanalysis](https://eprint.iacr.org/2019/865) [projects](https://eprint.iacr.org/2019/865) by leading cryptographers.\n\n* *Battle-tested*, with successful integration in OSs (Linux kernel, OpenBSD,\nFreeBSD, FreeRTOS), languages (Perl, Python, Ruby, etc.), libraries (OpenSSL libcrypto,\nSodium, etc.) and applications (Wireguard, Redis, etc.).\n\nAs a secure pseudorandom function (a.k.a. keyed hash function), SipHash can also be used as a secure message authentication code (MAC).\nBut SipHash is *not a hash* in the sense of general-purpose key-less hash function such as BLAKE3 or SHA-3.\nSipHash should therefore always be used with a secret key in order to be secure.\n\n\n## Variants\n\nThe default SipHash is *SipHash-2-4*: it takes a 128-bit key, does 2 compression\nrounds, 4 finalization rounds, and returns a 64-bit tag.\n\nVariants can use a different number of rounds. For example, we proposed *SipHash-4-8* as a conservative version.\n\nThe following versions are not described in the paper but were designed and analyzed to fulfill applications' needs:\n\n* *SipHash-128* returns a 128-bit tag instead of 64-bit. Versions with specified number of rounds are SipHash-2-4-128, SipHash4-8-128, and so on.\n\n* *HalfSipHash* works with 32-bit words instead of 64-bit, takes a 64-bit key,\nand returns 32-bit or 64-bit tags. For example, HalfSipHash-2-4-32 has 2\ncompression rounds, 4 finalization rounds, and returns a 32-bit tag.\n\n\n## Security\n\n(Half)SipHash-*c*-*d* with *c* ≥ 2 and *d* ≥ 4 is expected to provide the maximum PRF\nsecurity for any function with the same key and output size.\n\nThe standard PRF security goal allow the attacker access to the output of SipHash on messages chosen adaptively by the attacker.\n\nSecurity is limited by the key size (128 bits for SipHash), such that\nattackers searching 2\u003csup\u003e*s*\u003c/sup\u003e keys have chance 2\u003csup\u003e*s*−128\u003c/sup\u003e of finding\nthe SipHash key. \nSecurity is also limited by the output size. In particular, when\nSipHash is used as a MAC, an attacker who blindly tries 2\u003csup\u003e*s*\u003c/sup\u003e tags will\nsucceed with probability 2\u003csup\u003e*s*-*t*\u003c/sup\u003e, if *t* is that tag's bit size.\n\n\n## Research\n\n* [Research paper](https://www.aumasson.jp/siphash/siphash.pdf) \"SipHash: a fast short-input PRF\" (accepted at INDOCRYPT 2012)\n* [Slides](https://cr.yp.to/talks/2012.12.12/slides.pdf) of the presentation of SipHash at INDOCRYPT 2012 (Bernstein)\n* [Slides](https://www.aumasson.jp/siphash/siphash_slides.pdf) of the presentation of SipHash at the DIAC workshop (Aumasson)\n\n\n## Usage\n\nRunning\n\n```sh\n  make\n```\n\nwill build tests for \n\n* SipHash-2-4-64\n* SipHash-2-4-128\n* HalfSipHash-2-4-32\n* HalfSipHash-2-4-64\n\n\n```C\n  ./test\n```\n\nverifies 64 test vectors, and\n\n```C\n  ./debug\n```\n\ndoes the same and prints intermediate values.\n\nThe code can be adapted to implement SipHash-*c*-*d*, the version of SipHash\nwith *c* compression rounds and *d* finalization rounds, by defining `cROUNDS`\nor `dROUNDS` when compiling.  This can be done with `-D` command line arguments\nto many compilers such as below.\n\n```sh\ngcc -Wall --std=c99 -DcROUNDS=2 -DdROUNDS=4 siphash.c halfsiphash.c test.c -o test\n```\n\nThe `makefile` also takes *c* and *d* rounds values as parameters.\n\n```sh\nmake cROUNDS=2 dROUNDS=4\n``` \n\nObviously, if the number of rounds is modified then the test vectors\nwon't verify.\n\n## Intellectual property\n\nThis code is copyright (c) 2014-2023 Jean-Philippe Aumasson, Daniel J.\nBernstein. It is multi-licensed under\n\n* [CC0](./LICENCE_CC0)\n* [MIT](./LICENSE_MIT).\n* [Apache 2.0 with LLVM exceptions](./LICENSE_A2LLVM).\n\n","funding_links":[],"categories":["C","Maths"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fveorq%2FSipHash","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fveorq%2FSipHash","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fveorq%2FSipHash/lists"}