From Wikipedia, the free encyclopedia
Jump to: navigation, search

SipHash is an Add-Rotate-Xor (ARX) based family of pseudorandom functions created by Jean-Philippe Aumasson and Daniel J. Bernstein in 2012.[1]


SipHash computes 64-bit message authentication code from a variable-length message and 128-bit secret key. It was designed to be efficient even for short inputs, with performance comparable to non-cryptographic hash functions, such as CityHash,[1] thus can be used in hash tables to prevent DoS collision attack (hash flooding) or to authenticate network packets.

Functions in SipHash family are specified as SipHash-c-d, where c is the number of rounds per message block and d is the number of finalization rounds. The recommended parameters are SipHash-2-4 for best performance, and SipHash-4-8 for conservative security.


SipHash is used in hash table implementations of various software:[2]

Native Implementations

See also[edit]


  1. ^ a b Jean-Philippe Aumasson and Daniel J. Bernstein (2012-09-18). "SipHash: a fast short-input PRF" (PDF). 
  2. ^ Jean-Philippe Aumasson, Daniel J. Bernstein. "SipHash: a fast short-input PRF, Users". 
  3. ^ "Perl security – Algorithmic Complexity Attacks". 
  4. ^ Christian Heimes. "PEP 456 -- Secure and interchangeable hash algorithm". Retrieved 20 November 2013. 
  5. ^ Graydon Hoare. "Add core::hash containing SipHash-2-4 implementation. Re: #1616 and #859". Retrieved 4 December 2014. 
  6. ^ Lennart Poettering. "shared: switch our hash table implementation over to SipHash". Retrieved 4 December 2014. 

External links[edit]