Home | pfodApps/pfodDevices | WebStringTemplates | Java/J2EE | Unix | Torches | Superannuation | | About Us
 

Forward Logo (image)      

SipHash Java Library

by Matthew Ford 16th June 2013 (original 13th June 2013) – corrected check on key size
© Forward Computing and Control Pty. Ltd. NSW Australia
All rights reserved.

SipHash Java Library.

This page describes a small Java class that implements SipHash. It complements this SipHash Atmel 8bit / Arduino library

SipHash is a family of pseudorandom functions (a.k.a. keyed hash functions) optimized for speed on short messages.
SipHash is secure, fast, and simple (for real):
SipHash is simpler and faster than previous cryptographic algorithms (e.g. MACs based on universal hashing)
SipHash is competitive in performance with insecure non-cryptographic algorithms (e.g. MurmurHash)
” – https://131002.net/siphash

I am using SipHash as a MAC (http://en.wikipedia.org/wiki/Message_authentication_code) to provide a secure messaging system for controlling pfodDevices via the internet. Adding the SipHash of the message to the end of each message makes it very hard for hackers to forge a message.

The key is 128bits i.e. 16 bytes, all bits are used. For security this key MUST BE RANDOM. See the "Generating the Password" section towards the bottom of SipHash Secure Challenge and Response for micro-devices (AVR / Arduino) for the details and how to create a 'random' secret key.

The message size in unlimited (by SipHash). You call updateHash(byte b); for each byte in the message. SipHash internally accumulates 8 bytes and then adds them to the hash and then discards them. In finish() SipHash adds the msg length % 256. The code assigns one byte to keep this value and updates it each time updateHash() is called so the message length is unlimited.

Installation:

Download SipHashJava.zip file and unzip it. It contains an Eclipse project for building SipHash_2_4.java and SipHashTests.java. The zip file also includes the java docs.

Library Reference: SipHash_2_4

SipHash_2_4 produces a 64bit Java long which is the hash of all the input and the secret key. This 64bit long can be stored as bytes in two different ways, Big Endian and Little Endian. See http://en.wikipedia.org/wiki/Endianness for the details.
The SipHash_2_4 class also includes static methods to convert the hash result to either BigEndian or LittleEndian byte arrays for transmission. You can choose which ever format suits your purpose as long as users of the hash know which format is used.

Usage:

  // the standard test key 
  byte key[] = {(byte)0x00, (byte)0x01, (byte)0x02, (byte)0x03, (byte)0x04, (byte)0x05, (byte)0x06, (byte)0x07,
                (byte)0x08, (byte)0x09, (byte)0x0a, (byte)0x0b, (byte)0x0c (byte)0x0d, (byte)0x0e, (byte)0x0f};

  // the standard test msg  15 bytes long 
  byte msg[] = {(byte)0x00, (byte)0x01, (byte)0x02, (byte)0x03, (byte)0x04, (byte)0x05, (byte)0x06, (byte)0x07,
                (byte)0x08, (byte)0x09, (byte)0x0a, (byte)0x0b, (byte)0x0c (byte)0x0d, (byte)0x0e};
  

Block Usage:

   long result = sipHash.hash(key, msg);
   // this matches the pdf result https://131002.net/siphash/siphash.pdf
   System.out.println(SipHash.toHex(SipHash.longToBytes(result)); 
  

Streaming Usage:

  sipHash.init(key); // initialize with key

  // for each byte of the data call updateHash( ) 
   sipHash.updateHash(b); // update hash with each byte of msg

   // after all bytes have been processed, call finish to get result
  long hash = sipHash.finish(); 
  

see https://131002.net/siphash/ for details of algorithm


Methods

SipHash_2_4( ) no argument constructor, instance SipHash is pre-defined in the library, see example code

To initialize the hash call this before the start of the message you want to hash.
The key
MUST BE 16 bytes long.
void init(byte[] key)initialize the hash with your secret key
For each byte of the message call this method
void updateHash(byte b)add the byte to the hash.

Finally, at the end of the message, call this method to get the hash in result
long finish()
after you have added all the bytes of your msg, call this method to finish the hash calculation. The hash is returned.

There are also some utility methods to convert longs to bytes and to print bytes as hex digits and a convenience method for hashing a byte array using a given key
long hash(byte[] key, byte[] data)hash the data using the key and return the result.


Test Cases

The class SipHashTests contains the standard test cases for SipHash_2_4.


pfodDevice™ and pfodApp™ are trade marks of Forward Computing and Control Pty. Ltd.


Forward home page link (image)

Contact Forward Computing and Control by
©Copyright 1996-2015 Forward Computing and Control Pty. Ltd. ACN 003 669 994