On Mon, Dec 12, 2016 at 3:04 PM, Jason A. Donenfeld <Jason@xxxxxxxxx> wrote: > > Indeed this would be a great first candidate. There are lots of places > where MD5 (!!) is pulled in for this sort of thing, when SipHash could > be a faster and leaner replacement (and arguably more secure than > rusty MD5). Yeah,. the TCP sequence number md5_transform() cases are likely the best example of something where siphash might be good. That tends to be really just a couple words of data (the address and port info) plus the net_secret[] hash. I think they currently simply just fill in the fixed-sized 64-byte md5-round area. I wonder it's worth it to have a special spihash version that does that same "fixed 64-byte area" thing. But please talk to the netwotrking people. Maybe that's the proper way to get this merged? Linus -- To unsubscribe from this list: send the line "unsubscribe linux-crypto" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html