The cr.yp.to microblog: 2013.01.01 13:03:36

2013.01.01 13:03:36 (286080228516831232) from Daniel J. Bernstein, replying to "Solar Designer (@solardiz)" (285551113959264257):

@solardiz @aumasson @_emboss_ Yeah, we discuss this in the SipHash paper. A strong PRF reduces the damage to square root of communication.

Context

2012.12.30 20:30:52 (285468012792934400) from "JP Aumasson (@veorq)":

the video of our #29c3 talk is now on YouTube https://www.youtube.com/watch?v=wGYj8fhhUVA cc/ @_emboss_ @hashbreaker

2012.12.31 02:01:05 (285551113959264257) from "Solar Designer (@solardiz)", replying to "JP Aumasson (@veorq)" (285468012792934400):

@aumasson @_emboss_ @hashbreaker Via timings, it might be feasible to probe for one collision, then try to find a 3rd colliding input, ...