On Tue, Dec 13, 2016 at 12:01 AM, Andi Kleen <a...@linux.intel.com> wrote: > It would be nice if the network code could be converted to use siphash > for the secure sequence numbers. Right now it pulls in a lot of code > for bigger secure hashes just for that, which is a problem for tiny > kernels.
Indeed this would be a great first candidate. There are lots of places where MD5 (!!) is pulled in for this sort of thing, when SipHash could be a faster and leaner replacement (and arguably more secure than rusty MD5).
