Browse Source

updated section on hashing

...according to latest code changes
pull/575/head
Logan oos Even 4 years ago
committed by GitHub
parent
commit
8cb1b07fd9
No known key found for this signature in database GPG Key ID: 4AEE18F83AFDEB23
  1. 8
      doc/Crypto.md

8
doc/Crypto.md

@ -68,13 +68,13 @@ Throughout n2n, pseudo-random numbers are generated for several purposes, e.g. r
Its initialization relies on seeding with a value as random as possible. Various sources are tapped including a syscall to Linux' `SYS_getrandom` as well as Intels hardware random number generators `RDRND` and `RDSEED`, if available (compile using `-march=native`). Its initialization relies on seeding with a value as random as possible. Various sources are tapped including a syscall to Linux' `SYS_getrandom` as well as Intels hardware random number generators `RDRND` and `RDSEED`, if available (compile using `-march=native`).
### Pearson Hashing ### Pearson Block Hashing
For general purpose hashing, n2n employs Pearson hashing as it offers variable hash sizes and is said not to be too "collidy". However, this is not a cryptographically secure hashing function which by the way is not required here: The hashing is never applied in a way that the hash shall prove the knowledge of a secret without showing the secret. For general purpose hashing, n2n employs [Pearson Block Hashing](https://github.com/Logan007/pearsonB) as it offers variable hash sizes and is said not to be too "collidy". However, this is not a cryptographically secure hashing function which by the way is not required here: The hashing is never applied in a way that the hash value shall publically prove the knowledge of a secret without showing the secret itself.
_Pearson hashing is tweakable by making your own permutation of the 256 byte table._ Here, the AES' s-box is used: Given appropriate hardware, a lookup could even be accelerated. _Pearson hashing is tweakable by using your own block-sized permutation._ Here, we use a three-round xor-rotate-multiply permutation scheme on 64-bit wide integer numbers with constants discovered by [David Stafford](http://zimbry.blogspot.com/2011/09/better-bit-mixing-improving-on.html) (`mix13`) permission obtained via eMail) which, these days, is better known as part of `splitmix64()`.
_Pearson hashing allows verification of parts of the hash only – just in case performance requirements would urge to do so._ _Pearson hashing allows verification of block-sized parts of the hash only – just in case performance requirements would urge to do so._
## Header ## Header

Loading…
Cancel
Save