DOCSLIB.ORG

Siphash: a Fast Short-Input PRF

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Siphash: a Fast Short-Input PRF SipHash: a fast short-input PRF DOWNLOADS | ATTACKS | USERS | CRYPTANALYSIS | THIRD-PARTY IMPLEMENTATIONS SipHash is a family of pseudorandom functions (a.k.a. keyed hash functions) optimized for speed on short messages. Target applications include network traffic authentication and defense against hash-flooding DoS attacks. SipHash is secure, fast, and simple (for real): SipHash is simpler and faster than previous cryptographic algorithms (e.g. MACs based on universal hashing) SipHash is competitive in performance with insecure non-cryptographic algorithms (e.g. MurmurHash) We propose that hash tables switch to SipHash as a hash function. Users of SipHash already include FreeBSD, OpenDNS, Perl 5, Ruby, or Rust. The original SipHash returns 64-bit strings. A version returning 128-bit strings was later created, based on demand from users. Intellectual property: We aren't aware of any patents or patent applications relevant to SipHash, and we aren't planning to apply for any. The reference code of SipHash is released under CC0 license, a public domain-like license. SipHash was designed by Jean-Philippe Aumasson (Kudelski Security, Switzerland) Daniel J. Bernstein (University of Illinois at Chicago, USA) Contact: [email protected] [email protected] Downloads Research paper "SipHash: a fast short-input PRF" (accepted for presentation at the DIAC workshop and at INDOCRYPT 2012) Slides of the presentation of SipHash at INDOCRYPT 2012 (Bernstein) Slides of the presentation of SipHash at DIAC (Aumasson) Reference C implementation. Attacks Jointly with Martin Boßlet, we demonstrated weaknesses in MurmurHash (used in Ruby, Java, etc.), CityHash (used in Google), and in Python's hash. Some of the technologies affected have switched to SipHash. See this oCERT advisory, and the following resources: Slides of the presentation "Hash-flooding DoS reloaded: attacks and defenses" at the 29th Chaos Communications Congress (Aumasson, Bernstein, Boßlet) Slides of the presentation "Hash-flooding DoS reloaded: attacks and defenses" at Application Security Forum Western Switzerland 2012 (Aumasson, Boßlet) Proof-of-concept code for CRuby, JRuby, Rubinius, and Java C++ program to find universal (key-independent) multicollisions for CityHash64 C++ program to find universal (key-independent) multicollisions for MurmurHash2 C++ program to find universal (key-independent) multicollisions for MurmurHash3 Python script to recover the secret seed of the hash randomization in Python 2.7.3 and 3.2.3 Users Users of SipHash include: OpenSSL: libcrypto includes SipHash Sodium: SipHash-2-4 is the "shorthash" function in libsodium Rust: SipHash-2-4 is used in the hash tables implementation of this "safe, concurrent, practical language" developed by Mozilla (patch, sip.rs). Python: SipHash-2-4 is used as hash() "on all major platforms" (patch, PEP) Wireguard: SipHash-2-4 is used in hash tables of the Wireguard VPN Expat: libexpat uses SipHash in its XML parser Bloomberg: SipHash-2-4 is one of the hashes in Bloomberg's Basic Development Environment (documentation, code) OpenBSD: SipHash-2-4 and SipHash-4-8 have been committed under sys/crypto, and SipHash-2-4 is to be used in the in_pcb hashing, and in other places Shardmap: SipHash-2-4 is the hash function of this directory indexing system, "the designated successor of HTree" SoundHound, which "makes heavy use" of SipHash FreeBSD: SipHash-2-4 is used to protect SYN cookies from forgeries (code, revision) Hashable: SipHash-2-4 is used to hash objects in this Haskell package part of the Haskell Platform (blog) Rubinius: SipHash-2-4 is used in the hash tables implementation (commit) JRuby: SipHash-2-4 is the optional algorithm in the hash tables implementation (commit) Perl 5: SipHash-2-4 is optional in Perl builds (commit, code) Redis: SipHash-2-4 is used in the hash tables implementation of this advanced key-value data store (pull request) Ruby: SipHash-2-4 is used in the hash tables implementation (vulnerability report, changelog) OpenDNS: SipHash-2-4 is used in the dnscache instances of all OpenDNS resolvers (patch). Cryptanalysis 20140916: Christoph Dobraunig, Florian Mendel, Martin Schläffer. Differential Cryptanalysis of SipHash. IACR ePrint archive, report 2014/722. Third-party implementations 2016 Aug 2: Pavel Werl. siphash. Main result: C# implementation 2016 Mar 21: Sedat Kapanoglu. HashDepot. Main result: C# implementation for .NET 2016 Mar 3: Frank Denis. siphash-avx2. Main result: C version of the C++ AVX2 implementation 2016 Mar 2: Jan Wassenberg and Jyrki Alakuijala. highwayhash. Main result: C++ implementation using AVX2, tree-based version 2016 Feb 23: Joel Holdsworth. siphashsum. Main result: command line utility 2015 Mar 6: InfraRuby Vision. siphash-ir. Main result: InfraRuby implementation 2015 Feb 13: Pedro Emílio Machado de Brito. siphash. Main result: VHDL implementation 2014 Sep 6: Damien Gryski. SipHash. Main result: Go interface to SipHash assembly 2014 Feb 8: Sylvain Laperche. SipHash. Main result: Ada implementation 2014 Jan 19: Twoje radio. siple. Main result: C++ implementation 2013 Aug 8: Evan Hanson. siphash. Main result: Scheme implementation 2013 Jul 6: Sebastian Gesemann. siphashxx. Main result: C++ implementation 2013 Jun 13: Matthew Ford. SipHash Java Library. Main result: streaming Java implementation 2013 Jun 10: Matthew Ford. SipHash Library for Arduino. Main result: streaming implementation for Arduino (C++, assembler) 2013 Apr 7: Joachim Strömbergson. siphash_6502. Main result: MOS6502 8-bit assembler implementation 2013 Feb 18: Dan Kogai. p5-digest-siphash. Main result: Perl implementation (C binding and pure Perl) 2013 Feb 6: Marek Majkowski. Bitsliced SipHash. Main result: bitsliced C implementation 2013 Feb 6: Marek Majkowski. csiphash. Main result: C implementation 2013 Feb 6: Marek Majkowski. pysiphash. Main result: Python implementation 2013 Feb 3: Philipp Jovanovic. siphash. Main result: Python implementation 2013 Jan 25: Ulrik Sverdrup. siphash. Main result: SipHash C module in the Comprehensive C Archive Network 2013 Jan 16: Joachim Strömbergson. siphash_core. Main result: Verilog 2001 implementation of SipHash 2012 Dec 19: Clifford Hammerschmidt. ch-siphash. Main result: C# implementation (package) 2012 Dec 16: Bo Zhu. siphash-python. Main result: Python implementation 2012 Dec 4: Masahiro Nakagawa. siphash-d. Main result: D implementation 2012 Nov 6: Hiroshi Nakamura. siphash-java-inline. Main result: Java implementation (inline rounds) 2012 Nov 6: William Ahern. siphash.h: SipHash-2-4. Main result: C implementation (static inline, macro based) 2012 Nov 6: Gregory Petrosyan. siphash. Main result: C implementation (simple, compact) 2012 Oct 4: Brian S. Julin. SipHash.pm6. Main result: Perl 6 implementation 2012 Oct 2: Bryan O'Sullivan. SipHash.hs. Main result: Haskell implementation 2012 Aug 8: Damian Gryski. siphash-rust. Main result: Rust implementation 2012 Jul 4: Samuel Neves. Main result: C implementations "little", "mmx", "sse2-1", "sse41" (available in SUPERCOP) 2012 Jun 29: David Lazar. siphash-cryptol. Main result: Cryptol implementation 2012 Jun 28: Frank Denis. siphash-erlang. Main result: Erlang NIF wrapper 2012 Jun 26: Brandon Haynes. siphash-chsarp. Main result: C# implementation (streaming and one-pass modes) 2012 Jun 24: Vincent Hanquez. hs-siphash. Main result: Haskell implementation 2012 Jun 24: Martin Boßlet. siphash-ruby. Main result: Ruby implementation 2012 Jun 24: Martin Boßlet. siphash-java. Main result: Java implementation 2012 Jun 23: Robert Brown. sip-hash. Main result: Lisp implementation 2012 Jun 23: Martin Boßlet. siphash-c. Main result: C implementation (streaming and one-pass modes) 2012 Jun 23: Frank Denis. siphash-js. Main result: Javascript implementation 2012 Jun 23: Frank Denis. siphash-php. Main result: PHP extension (using Floodyberry's C) 2012 Jun 21: Floodyberry. siphash. Main result: C implementation (using SSE2 and SSSE3 extensions) 2012 Jun 20: Dmitry Chestnykh. siphash. Main result: Go implementation Index.
Load more

Recommended publications
  • AUTOMATIC DESIGN of NONCRYPTOGRAPHIC HASH FUNCTIONS USING GENETIC PROGRAMMING, Computational Intelligence, 4, 798– 831
    Universidad uc3m Carlos Ill 0 -Archivo de Madrid This is a postprint version of the following published document: Estébanez, C., Saez, Y., Recio, G., and Isasi, P. (2014), AUTOMATIC DESIGN OF NONCRYPTOGRAPHIC HASH FUNCTIONS USING GENETIC PROGRAMMING, Computational Intelligence, 4, 798– 831 DOI: https://doi.org/10.1111/coin.12033 © 2014 Wiley Periodicals, Inc. AUTOMATIC DESIGN OF NONCRYPTOGRAPHIC HASH FUNCTIONS USING GENETIC PROGRAMMING CESAR ESTEBANEZ, YAGO SAEZ, GUSTAVO RECIO, AND PEDRO ISASI Department of Computer Science, Universidad Carlos III de Madrid, Madrid, Spain Noncryptographic hash functions have an immense number of important practical applications owing to their powerful search properties. However, those properties critically depend on good designs: Inappropriately chosen hash functions are a very common source of performance losses. On the other hand, hash functions are difficult to design: They are extremely nonlinear and counterintuitive, and relationships between the variables are often intricate and obscure. In this work, we demonstrate the utility of genetic programming (GP) and avalanche effect to automatically generate noncryptographic hashes that can compete with state-of-the-art hash functions. We describe the design and implementation of our system, called GP-hash, and its fitness function, based on avalanche properties. Also, we experimentally identify good terminal and function sets and parameters for this task, providing interesting information for future research in this topic. Using GP-hash, we were able to generate two different families of noncryptographic hashes. These hashes are able to compete with a selection of the most important functions of the hashing literature, most of them widely used in the industry and created by world-class hashing experts with years of experience.
    [Show full text]
  • Open Source Used in Quantum SON Suite 18C
    Open Source Used In Cisco SON Suite R18C Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. Text Part Number: 78EE117C99-185964180 Open Source Used In Cisco SON Suite R18C 1 This document contains licenses and notices for open source software used in this product. With respect to the free/open source software listed in this document, if you have any questions or wish to receive a copy of any source code to which you may be entitled under the applicable free/open source license(s) (such as the GNU Lesser/General Public License), please contact us at [email protected]. In your requests please include the following reference number 78EE117C99-185964180 Contents 1.1 argparse 1.2.1 1.1.1 Available under license 1.2 blinker 1.3 1.2.1 Available under license 1.3 Boost 1.35.0 1.3.1 Available under license 1.4 Bunch 1.0.1 1.4.1 Available under license 1.5 colorama 0.2.4 1.5.1 Available under license 1.6 colorlog 0.6.0 1.6.1 Available under license 1.7 coverage 3.5.1 1.7.1 Available under license 1.8 cssmin 0.1.4 1.8.1 Available under license 1.9 cyrus-sasl 2.1.26 1.9.1 Available under license 1.10 cyrus-sasl/apsl subpart 2.1.26 1.10.1 Available under license 1.11 cyrus-sasl/cmu subpart 2.1.26 1.11.1 Notifications 1.11.2 Available under license 1.12 cyrus-sasl/eric young subpart 2.1.26 1.12.1 Notifications 1.12.2 Available under license Open Source Used In Cisco SON Suite R18C 2 1.13 distribute 0.6.34
    [Show full text]
  • Implementation of the Programming Language Dino – a Case Study in Dynamic Language Performance
    Implementation of the Programming Language Dino – A Case Study in Dynamic Language Performance Vladimir N. Makarov Red Hat [email protected] Abstract design of the language, its type system and particular features such The article gives a brief overview of the current state of program- as multithreading, heterogeneous extensible arrays, array slices, ming language Dino in order to see where its stands between other associative tables, first-class functions, pattern-matching, as well dynamic programming languages. Then it describes the current im- as Dino’s unique approach to class inheritance via the ‘use’ class plementation, used tools and major implementation decisions in- composition operator. cluding how to implement a stable, portable and simple JIT com- The second part of the article describes Dino’s implementation. piler. We outline the overall structure of the Dino interpreter and just- We study the effect of major implementation decisions on the in-time compiler (JIT) and the design of the byte code and major performance of Dino on x86-64, AARCH64, and Powerpc64. In optimizations. We also describe implementation details such as brief, the performance of some model benchmark on x86-64 was the garbage collection system, the algorithms underlying Dino’s improved by 3.1 times after moving from a stack based virtual data structures, Dino’s built-in profiling system, and the various machine to a register-transfer architecture, a further 1.5 times by tools and libraries used in the implementation. Our goal is to give adding byte code combining, a further 2.3 times through the use an overview of the major implementation decisions involved in of JIT, and a further 4.4 times by performing type inference with a dynamic language, including how to implement a stable and byte code specialization, with a resulting overall performance im- portable JIT.
    [Show full text]
  • Hash-Flooding Dos Reloaded
    Hash-flooding DoS reloaded: Hash flooding begins? attacks and defenses July 1998 article Jean-Philippe Aumasson, “Designing and attacking Kudelski Security (NAGRA) port scan detection tools” by Solar Designer (Alexander D. J. Bernstein, Peslyak) in Phrack Magazine: University of Illinois at Chicago & Technische Universiteit Eindhoven “In scanlogd, I’m using a hash table to lookup source addresses. Martin Boßlet, This works very well for the Ruby Core Team typical case ::: average lookup time is better than that of a binary search. ::: Hash-flooding DoS reloaded: Hash flooding begins? However, an attacker can attacks and defenses choose her addresses (most July 1998 article likely spoofed) to cause hash Jean-Philippe Aumasson, “Designing and attacking collisions, effectively replacing the Kudelski Security (NAGRA) port scan detection tools” hash table lookup with a linear by Solar Designer (Alexander D. J. Bernstein, search. Depending on how many Peslyak) in Phrack Magazine: University of Illinois at Chicago & entries we keep, this might make Technische Universiteit Eindhoven “In scanlogd, I’m using a hash scanlogd not be able to pick table to lookup source addresses. ::: Martin Boßlet, new packets up in time. I’ve This works very well for the Ruby Core Team solved this problem by limiting typical case ::: average lookup the number of hash collisions, and time is better than that of a discarding the oldest entry with binary search. ::: the same hash value when the limit is reached. Hash-flooding DoS reloaded: Hash flooding begins? However, an attacker can attacks and defenses choose her addresses (most July 1998 article likely spoofed) to cause hash Jean-Philippe Aumasson, “Designing and attacking collisions, effectively replacing the Kudelski Security (NAGRA) port scan detection tools” hash table lookup with a linear by Solar Designer (Alexander D.
    [Show full text]
  • Automated Malware Analysis Report for Phish Survey.Js
    ID: 382893 Sample Name: phish_survey.js Cookbook: default.jbs Time: 20:27:42 Date: 06/04/2021 Version: 31.0.0 Emerald Table of Contents Table of Contents 2 Analysis Report phish_survey.js 3 Overview 3 General Information 3 Detection 3 Signatures 3 Classification 3 Startup 3 Malware Configuration 3 Yara Overview 3 Sigma Overview 3 Signature Overview 3 Mitre Att&ck Matrix 4 Behavior Graph 4 Screenshots 5 Thumbnails 5 Antivirus, Machine Learning and Genetic Malware Detection 6 Initial Sample 6 Dropped Files 6 Unpacked PE Files 6 Domains 6 URLs 6 Domains and IPs 7 Contacted Domains 7 URLs from Memory and Binaries 7 Contacted IPs 8 General Information 8 Simulations 9 Behavior and APIs 9 Joe Sandbox View / Context 9 IPs 9 Domains 9 ASN 9 JA3 Fingerprints 9 Dropped Files 9 Created / dropped Files 9 Static File Info 9 General 9 File Icon 9 Network Behavior 10 Code Manipulations 10 Statistics 10 System Behavior 10 Analysis Process: wscript.exe PID: 6168 Parent PID: 3388 10 General 10 File Activities 10 Disassembly 10 Code Analysis 10 Copyright Joe Security LLC 2021 Page 2 of 10 Analysis Report phish_survey.js Overview General Information Detection Signatures Classification Sample phish_survey.js Name: FFoouunndd WSSHH tttiiimeerrr fffoorrr JJaavvaassccrrriiippttt oorrr VV… Analysis ID: 382893 JFJaaovvuaan d/// VVWBBSSSHccr rritiipipmttt feffiiillrlee f owwrii ittJthha vveaerrsryyc rllloiopnntg go srs …V MD5: b3c1f68ef7299a7… PJParrrovogagrr ra/a mVB ddSooceersisp ntn ofoitltte ss hwhooitwhw vmeuurycc hhlo aanccgttt iiivsviii… SHA1: b8e9103fffa864a…
    [Show full text]
  • Symantec Data Insight 4.5.1 Third-Party Attributions
    Symantec Data Insight Third-Party Attributions Guide 4.5.1 October 2014 Symantec Proprietary and Confidential Symantec Data Insight 4.5 Third-Party Attributions Guide 4.5.1 Documentation version: 4.5.1 Rev 0 Legal Notice Copyright © 2014 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This Symantec product may contain third party software for which Symantec is required to provide attribution to the third party (“Third Party Programs”). Some of the Third Party Programs are available under open source or free software licenses. The License Agreement accompanying the Software does not alter any rights or obligations you may have under those open source or free software licenses. Please see the Third Party Legal Notice Appendix to this Documentation or TPIP ReadMe File accompanying this Symantec product for more information on the Third Party Programs. The product described in this document is distributed under licenses restricting its use, copying, distribution, and decompilation/reverse engineering. No part of this document may be reproduced in any form by any means without prior written authorization of Symantec Corporation and its licensors, if any. THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE OR NON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCH DISCLAIMERS ARE HELD TO BE LEGALLY INVALID. SYMANTEC CORPORATION SHALL NOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTION WITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION.
    [Show full text]
  • Fundamental Data Structures Contents
    Fundamental Data Structures Contents 1 Introduction 1 1.1 Abstract data type ........................................... 1 1.1.1 Examples ........................................... 1 1.1.2 Introduction .......................................... 2 1.1.3 Defining an abstract data type ................................. 2 1.1.4 Advantages of abstract data typing .............................. 4 1.1.5 Typical operations ...................................... 4 1.1.6 Examples ........................................... 5 1.1.7 Implementation ........................................ 5 1.1.8 See also ............................................ 6 1.1.9 Notes ............................................. 6 1.1.10 References .......................................... 6 1.1.11 Further ............................................ 7 1.1.12 External links ......................................... 7 1.2 Data structure ............................................. 7 1.2.1 Overview ........................................... 7 1.2.2 Examples ........................................... 7 1.2.3 Language support ....................................... 8 1.2.4 See also ............................................ 8 1.2.5 References .......................................... 8 1.2.6 Further reading ........................................ 8 1.2.7 External links ......................................... 9 1.3 Analysis of algorithms ......................................... 9 1.3.1 Cost models ......................................... 9 1.3.2 Run-time analysis
    [Show full text]
  • Antares: a Scalable, Efficient Platform for Stream, Historic
    School of Computing Science Antares: A Scalable, Efficient Platform for Stream, Historic, Combined and Geospatial Querying Rebecca Simmonds Submitted for the degree of Doctor of Philosophy in the School of Computing Science, Newcastle University June 2016 c 2016, Rebecca Simmonds Abstract Traditional methods for storing and analysing data are proving inadequate for process- ing \Big Data". This is due to its volume, and the rate at which it is being generated. The limitations of current technologies are further exacerbated by the increased de- mand for applications which allow users to access and interact with data as soon as it is generated. Near real-time analysis such as this can be partially supported by stream processing systems, however they currently lack the ability to store data for efficient historic processing: many applications require a combination of near real-time and historic data analysis. This thesis investigates this problem, and describes and evaluates a novel approach for addressing it. Antares is a layered framework that has been designed to exploit and extend the scalability of NoSQL databases to support low latency querying and high throughput rates for both stream and historic data analysis simultaneously. Antares began as a company funded project, sponsored by Red Hat the motivation was to identify a new technology which could provide scalable analysis of data, both stream and historic. The motivation for this was to explore new methods for supporting scale and efficiency, for example a layered approach. A layered approach would exploit the scale of historic stores and the speed of in-memory processing. New technologies were investigates to identify current mechanisms and suggest a means of improvement.
    [Show full text]
  • An Enhanced Non-Cryptographic Hash Function
    International Journal of Computer Applications (0975 – 8887) Volume 176 – No. 15, April 2020 An Enhanced Non-Cryptographic Hash Function Vivian Akoto-Adjepong Michael Asante Steve Okyere-Gyamfi University of Energy and Natural Kwame Nkrumah University of Christian Service University Resources Science and Technology College Department of Computer Science Department of Computer Science Department of Computer Science and Informatics Private Mail Bag, KNUST, Kumasi, and Information Technology P. O. Box 214 Sunyani, Ghana Ghana P. O. Box 3110 Kumasi, Ghana ABSTRACT In order to locate and retrieve information, hashing is a How to store information for it to be searched and retrieved recommended scheme because is effective and efficient [18]. efficiently is one of the fundamental problems in computer A suitable hash function and strategy must be used to solve science. There exists sequential search that support operation particular problems or for specific application. This will help such as INSERT, DELETE and RETRIVAL in O (n log (n)) efficient use of memory space and reduce access time. expected time in operations. Therefore in many applications where these operations are needed, hashing provides a way to There exist different types of hash algorithms such as non- reduce expected time to O (1).There are many different types cryptographic hash algorithms or functions, cryptographic of hashing algorithms or functions such as cryptographic hash hash algorithms or functions, checksums and cyclic functions, non-cryptographic hash function, checksums and redundancy checks [1][3]. cyclic redundancy checks. Non-cryptographic hash functions Independent of the inputs of a hash functions, they are (NCHFs) take a string as input and compute an integer output optimized to work very well in different scenarios.
    [Show full text]
  • The Power of Evil Choices in Bloom Filters Thomas Gerbet, Amrit Kumar, Cédric Lauradoux
    The Power of Evil Choices in Bloom Filters Thomas Gerbet, Amrit Kumar, Cédric Lauradoux To cite this version: Thomas Gerbet, Amrit Kumar, Cédric Lauradoux. The Power of Evil Choices in Bloom Filters. [Research Report] RR-8627, INRIA Grenoble. 2014. hal-01082158v2 HAL Id: hal-01082158 https://hal.inria.fr/hal-01082158v2 Submitted on 24 Feb 2015 HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non, lished or not. The documents may come from émanant des établissements d’enseignement et de teaching and research institutions in France or recherche français ou étrangers, des laboratoires abroad, or from public or private research centers. publics ou privés. The Power of Evil Choices in Bloom Filters Thomas Gerbet, Amrit Kumar, Cédric Lauradoux RESEARCH REPORT N° 8627 November 2014 Project-Team Privatics ISSN 0249-6399 ISRN INRIA/RR--8627--FR+ENG The Power of Evil Choices in Bloom Filters Thomas Gerbet, Amrit Kumar, C´edricLauradoux Project-Team Privatics Research Report n° 8627 | November 2014 | 24 pages Abstract: A Bloom filter is a probabilistic hash-based data structure extensively used in software products including online security applications. This paper raises the following important question: Are Bloom filters correctly designed in a security context ? The answer is no and the reasons are multiple: bad choices of parameters, lack of adversary models and misused hash functions. Indeed, developers truncate cryptographic digests without a second thought on the security implications.
    [Show full text]
  • Qlikview-Third-Party-License-Terms.Pdf
    Third Party Software Attributions, Copyrights, Licenses and Disclosure QlikView® May 2021 Certain open source or other third-party software components are integrated and/or redistributed with various releases of the QlikView software. Such third-party components include terms and conditions, such as attribution and liability disclaimers (collectively "Third Party Disclosures",) for which disclosure is required by their respective owners. This document sets forth such Third Party Disclosures for the specified version of the QlikView software and/or its associated Connectors, as of the date set forth above. This Third Party Disclosure is also available within the Documentation for QlikView and its associated Connectors, as well as on the Qlik web page located at www.qlik.com/license-terms. NEITHER QLIKTECH INTERNATIONAL AB NOR ANY OF ITS AFFILIATES (COLLECTIVELY, “QLIK”) MAKES ANY REPRESENTATION, WARRANTY OR OTHER COMMITMENT REGARDING SUCH THIRD PARTY COMPONENTS. AsyncLazy.cs • Copyright © 2014 Stephen Cleary • URL: https://github.com/StephenCleary/AsyncEx/tree/master/src/Nito.AsyncEx.Coordination • Version 5.0 • License: MIT AWS SDK • Copyright Amazon.com, Inc. or its affiliates. All rights reserved • URL: https://aws.amazon.com/sdk-for-go/ • Version: 1.34.28 • License: Apache-2.0 Aws-sdk-cpp • Copyright © 2010-2017 Amazon.com, Inc. or its affiliates. All Rights Reserved. • URL: https://github.com/aws/aws-sdk-cpp • Version: 1.8.148.1 • License: Apache-2.0 BigCache • Copyright © 2004 Allegro Tech • URL: github.com/allegro/bigcache • Version: 1.2.1 • License: Apache-2.0 Boost C++ Libraries • Copyright © 1999-2015 Boost Contributors • URL: http://www.boost.org • Version: 1.71.0.2 • License: Boost License Bouncy Castle Cryptos API • Copyright © 2000-2017 The Legion of the Bouncy Castle Inc.
    [Show full text]
  • Licensing Information User Manual for Autonomous Database on Shared Exadata Infrastructure
    Oracle® Cloud Licensing Information User Manual for Autonomous Database on Shared Exadata Infrastructure F40733-02 April 2021 Oracle Cloud Licensing Information User Manual for Autonomous Database on Shared Exadata Infrastructure, F40733-02 Copyright © 2021, 2021, Oracle and/or its affiliates. Primary Author: Thomas Van Raalte This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited. The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing. If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, then the following notice is applicable: U.S. GOVERNMENT END USERS: Oracle programs (including any operating system, integrated software, any programs embedded, installed or activated on delivered hardware, and modifications of such programs) and Oracle computer documentation or other Oracle data delivered to or accessed by U.S. Government end users are "commercial computer
    [Show full text]