[#78633] ruby/spec needs help from CRuby committers — Benoit Daloze <eregontp@...>
Currently, ruby/spec is maintained mostly by individuals and enjoys the
13 messages
2016/12/13
[#78963] Re: ruby/spec needs help from CRuby committers
— Urabe Shyouhei <shyouhei@...>
2017/01/04
I did ask attendees of last developer meeting to join this
[#78642] Re: ruby/spec needs help from CRuby committers
— Eric Wong <normalperson@...>
2016/12/14
Benoit Daloze <eregontp@gmail.com> wrote:
[ruby-core:78719] [Ruby trunk Feature#13017] Switch SipHash from SipHash24 to SipHash13
From:
funny.falcon@...
Date:
2016-12-18 09:29:28 UTC
List:
ruby-core #78719
Issue #13017 has been updated by Yura Sokolov. But you can read what SipHash author (Jean-Philippe Aumasson) said about this in Rust discussion (link in issue text). And Vladimir cites the best known attack is just "distinguisher" ie "attacker may differentiate output of SipHash13 from pure random". Given it is already known that ruby uses SipHash, attacker will no know anything new. ---------------------------------------- Feature #13017: Switch SipHash from SipHash24 to SipHash13 https://bugs.ruby-lang.org/issues/13017#change-62091 * Author: Yura Sokolov * Status: Open * Priority: Normal * Assignee: * Target version: ---------------------------------------- SipHash13 is secure enough to be used in hash-tables, and SipHash's author confirms that. Rust already considered switch to SipHash13: https://github.com/rust-lang/rust/issues/29754#issue-116174313 Jean-Philippe Aumasson confirmation: https://github.com/rust-lang/rust/issues/29754#issuecomment-156073946 Merged pull request: https://github.com/rust-lang/rust/pull/33940 Github pull request https://github.com/ruby/ruby/pull/1501 ---Files-------------------------------- 0001-switch-SipHash-from-SipHash24-to-SipHash13-variant.patch (3.25 KB) -- https://bugs.ruby-lang.org/ Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe> <http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>