Issue #13017 has been updated by Shyouhei Urabe.


You can't find the discussion about SipHash24 because (1) it was security-related, and (2) there was no other choice than SipHash24 when we did.

I remember SipHash24 was introduced to fix CVE-2012-5371.  I read the SipHash paper back then https://131002.net/siphash/siphash.pdf . At that time, 24 was almost the only variant of SipHash series that experienced in-detail analysis. The paper focuses on "SipHash-2-4" (what we call SipHash24) but doesn't even mention 13 variant.  So 24 was the only choice we could use.

Now.  Time passed, we face another possible variant SipHash13.  As far as I understand 13 is weaker than 24.  But no idea _how_ weak.  It might just be okay.  But as I don't understand the advantage / disadvantage tradeoff well, I'm afraid to rush commit this.

----------------------------------------
Feature #13017: Switch SipHash from SipHash24 to SipHash13
https://bugs.ruby-lang.org/issues/13017#change-62204

* Author: Yura Sokolov
* Status: Open
* Priority: Normal
* Assignee: 
* Target version: 
----------------------------------------
SipHash13 is secure enough to be used in hash-tables, and SipHash's author confirms that.
Rust already considered switch to SipHash13:
  https://github.com/rust-lang/rust/issues/29754#issue-116174313
Jean-Philippe Aumasson confirmation:
  https://github.com/rust-lang/rust/issues/29754#issuecomment-156073946
Merged pull request:
  https://github.com/rust-lang/rust/pull/33940

Github pull request https://github.com/ruby/ruby/pull/1501


---Files--------------------------------
0001-switch-SipHash-from-SipHash24-to-SipHash13-variant.patch (3.25 KB)


-- 
https://bugs.ruby-lang.org/

Unsubscribe: <mailto:ruby-core-request / ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>