Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:96037 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 39652 invoked from network); 20 Sep 2016 14:22:31 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 20 Sep 2016 14:22:31 -0000 Authentication-Results: pb1.pair.com smtp.mail=fsb@thefsb.org; spf=pass; sender-id=pass Authentication-Results: pb1.pair.com header.from=fsb@thefsb.org; sender-id=pass Received-SPF: pass (pb1.pair.com: domain thefsb.org designates 173.203.187.107 as permitted sender) X-PHP-List-Original-Sender: fsb@thefsb.org X-Host-Fingerprint: 173.203.187.107 smtp107.iad3a.emailsrvr.com Received: from [173.203.187.107] ([173.203.187.107:49790] helo=smtp107.iad3a.emailsrvr.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id 25/C7-19521-42641E75 for ; Tue, 20 Sep 2016 10:22:31 -0400 Received: from smtp30.relay.iad3a.emailsrvr.com (localhost [127.0.0.1]) by smtp30.relay.iad3a.emailsrvr.com (SMTP Server) with ESMTP id BAF3DE043B; Tue, 20 Sep 2016 10:22:26 -0400 (EDT) X-Auth-ID: fsb@thefsb.org Received: by smtp30.relay.iad3a.emailsrvr.com (Authenticated sender: fsb-AT-thefsb.org) with ESMTPSA id 9D696E041B; Tue, 20 Sep 2016 10:22:26 -0400 (EDT) X-Sender-Id: fsb@thefsb.org Received: from yossy.local (c-66-30-62-12.hsd1.ma.comcast.net [66.30.62.12]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA) by 0.0.0.0:587 (trex/5.7.7); Tue, 20 Sep 2016 10:22:26 -0400 To: Thomas Hruska , PHP Internals References: <7d5727ba-da33-e3c5-1d1f-318c45d81616@cubiclesoft.com> Message-ID: <663c176b-dc0c-5d79-e690-8c02229b3417@thefsb.org> Date: Tue, 20 Sep 2016 10:22:10 -0400 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:45.0) Gecko/20100101 Thunderbird/45.2.0 MIME-Version: 1.0 In-Reply-To: <7d5727ba-da33-e3c5-1d1f-318c45d81616@cubiclesoft.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: [PHP-DEV] HashDoS From: fsb@thefsb.org (Tom Worster) On 9/16/16 1:59 AM, Thomas Hruska wrote: > If anyone wants a VERY rough estimate of relative performance > degradation as a result of switching to SipHash, here's a somewhat naive > C++ implementation of a similar data structure to that found in PHP: > > https://github.com/cubiclesoft/cross-platform-cpp > > (See the "Hash performance benchmark" results at the above link.) > > In short, there's a significant degradation just switching from djb2 to > SipHash depending on key type. A similar effect would probably be seen > in PHP. The difference is big enough that people won't want this as a precaution affecting all of PHP's hashes. But it's small enough that people might opt for it as a defensive measure in case of serious attacks in the wild. So having an implementation but not compiling it by default would be interesting. > Randomizing the starting hash value for djb2 during the core startup > sequence *could* also be effective for mitigating HashDoS. Extensive > testing would have to be done to determine how collision performance > plays out with randomized starting hash values. I can't find any > arguments anywhere against using randomized starting hash values for > djb2. Also of note, the 33 multiplier seems more critical than anything > else for mixing bits together. This is consistent with what Nicholas Clark wrote[1] that I mentioned already in my reply to Scott. However, he also says > I've got a sneaking suspicion that this story still has legs, and that someone will pop up with some new surprise or twist. Hence I'm keeping an eye open to spot any more developments in this decade old saga, in case there is action Perl 5 needs to take. In which case it is nice for Perl to have SipHash implemented but not compiled by default. Tom [1] http://news.perlfoundation.org/2012/12/improving-perl-5-grant-report-11.html