To pass the time until siphash arrives in userland... I'd like to suggest some changes to the manpage of SipHash24(9): I added some more details about the intended purpose of SipHash and I moved the recommendation to use arc4random for the key to the beginning.
In case you don't like this diff, I'd like to point out a grammar error in the original manpage: You mitigate sth., not *against* sth. One question: Since e.g. the manpage of MD5 lists the RFC that defines MD5, would it make sense to refer to the paper that defines SipHash? Index: share/man/man9/SipHash24.9 =================================================================== RCS file: /cvs/src/share/man/man9/SipHash24.9,v retrieving revision 1.3 diff -u -p -r1.3 SipHash24.9 --- share/man/man9/SipHash24.9 5 Nov 2014 07:01:49 -0000 1.3 +++ share/man/man9/SipHash24.9 6 Dec 2014 19:10:49 -0000 @@ -42,6 +42,12 @@ inputs which produces a 64-bit digest of The SipHash24 functions implement the algorithm with 2 compression rounds and 4 finalisation rounds. .Pp +SipHash is well-suited for hash tables because of its good +performance on short inputs and because it provides resistance to +hash-flooding denial-of-service attacks. +If such attacks are a concern, the key should be generated using +.Xr arc4random_buf 9 . +.Pp .Fn SipHash24_Init initialises a .Vt SIPHASH_CTX @@ -87,11 +93,6 @@ of length with the secret .Fa key . -.Pp -If SipHash is being used to mitigate against hash-table flooding -attacks, it is recommended that the -.Vt SIPHASH_KEY -key be generated with -.Xr arc4random_buf 9 . .Sh CONTEXT .Fn SipHash24_Init , .Fn SipHash24_Update ,
