| UniversalHashFunction |
A keyed universal hash function is a function that produces up to 32-bits that meet the definition of a universal hash (and an additional 32 bits that do not meet the requirement and so, in theory could be biased), guaranteeing that: (1) an attacker cannot construct inputs that are likely to have a bias of 0/1 at any bit position (2) an attacker cannot construct two values that will collide with a greater-than-random chance so long as that attacker (a) does not know the key, and (b) is unable to observe the outputs of the function. In contrast, standard hash functions do not guarantee that attackers cannot easily generate collisions, / even if the application using the function prefixes or postfixes the value to be hashed with a key. This leaves systems that use standard (non-universal) hash functions vulnerable to algorithmic complexity attacks. See: https://www.usenix.org/legacy/events/sec03/tech/full_papers/crosby/crosby.pdf When generating a hash, the lower 32 bits generated by the function should be thrown out unless you are certain that using bits that may be subject to attacker bias will cause no harm. For example, for a hash ring that uses all 64-bit points, where the first 32 are the universal hash bits, collisions should be strictly less likely than in a ring that only uses the 32 safe bits---though your ring entries will require twice as much space.) An instance of a universal hash function is re-entrant so, once an instance has been constructed, the hash function can be safely called from multiple threads to perform more than one hash at a time. For more information on the construction used in this implementation, see https://en.wikipedia.org/wiki/Universal_hashing (this construction is the last one in the "hashing vectors" section, labled with the superscript "strong") and http://comjnl.oxfordjournals.org/content/57/11/1624.full.pdf (this is the simple "Multilinear" construction) |
