17 \h'-\w'\\$1\ 'u'\\$1\ \c
36 .TH unihash 3 "5 July 2003" "Straylight/Edgeware" "mLib utilities library"
38 unihash \- simple and efficient universal hashing for hashtables
46 .B "#include <mLib/unihash.h>"
48 .B "typedef struct { ...\& } unihash_info;"
50 .B "unihash_info unihash_global;"
52 .BI "void unihash_setkey(unihash_info *" i ", uint32 " k );
53 .BI "uint32 UNIHASH_INIT(const unihash_info *" i );
54 .BI "uint32 unihash_hash(const unihash_info *" i ", uint32 " a ,
55 .BI " const void *" p ", size_t " sz );
56 .BI "uint32 unihash(const unihash_info *" i ", const void *" p ", size_t " sz );
57 .BI "uint32 UNIHASH(const unihash_info *" i ", const void *" p ", size_t " sz );
62 system implements a simple and relatively efficient
63 .IR "universal hashing family" .
64 Using a such a universal hashing family means that it's provably
65 difficult for an adversary to choose input data whose hashes collide,
66 thus guaranteeing good average performance even on maliciously chosen
75 \- in addition to the data to be hashed, the function takes as input a
76 32-bit key. This key should be chosen at random each time the program
78 .SS "Preprocessing a key"
79 Before use, a key must be
81 into a large (16K) table which is used by the main hashing functions.
82 The preprocessing is done by
84 pass it a pointer to a
86 structure and the 32-bit key you've chosen, and it stores the table in
91 don't contain any pointers to other data and are safe to free when
92 you've finished with them; or you can just allocate them statically or
93 on the stack if that's more convenient.
99 .BI "const unihash_info *" i
100 A pointer to the precomputed tables for a key.
103 An accumulator value. This should be
104 .BI UNIHASH_INIT( i )
105 for the first chunk of a multi-chunk input, or the result of the
108 call for subsequent chunks.
111 A pointer to the start of a buffer containing this chunk of data.
114 The length of the chunk.
116 The function returns a new accumulator value, which is also the hash of
117 the data so far. So, to hash multiple chunks of data, do something like
119 uint32 a = UNIHASH_INIT(i);
120 a = unihash_hash(i, a, p_0, sz_0);
121 a = unihash_hash(i, a, p_1, sz_1);
123 a = unihash_hash(i, a, p_n, sz_n);
129 are convenient interfaces to
131 if you only wanted to hash one chunk.
132 .SS "Global hash info table"
133 There's no problem with using the same key for several purposes, as long
134 as it's secret from all of your adversaries. Therefore, there is a
139 This initially contains information for a fixed key which the author
140 chose at random, but if you need to you can set a different key into it
142 it gets used to hash any data (otherwise your hash tables will become
144 .SS "Theoretical issues"
145 The hash function implemented by
148 .RI ( l \ +\ 1)/2\*(ss32\*(se-almost
151 is the length (in bytes) of the longest string you hash. That means
152 that, for any pair of strings
156 and any 32-bit value \*(*d, the probability taken over all choices of the
160 .IR H\*(usk\*(ue ( x )\ \c
162 .RI \ H\*(usk\*(ue ( y )\ =\ \*(*d
164 .RI ( l \ +\ 1)/2\*(ss32\*(se.
166 This fact is proven in the header file, but it requires more
167 sophisticated typesetting than is available here.
169 The function evaluates a polynomial over GF(2\*(ss32\*(se) whose
170 coefficients are the bytes of the message and whose variable is the key.
171 Details are given in the header file.
173 For best results, you should choose the key as a random 32-bit number
174 each time your program starts. Choosing a different key for different
175 hashtables isn't necessary. It's probably a good idea to avoid the keys
176 0 and 1. This raises the collision bound to
177 .RI ( l \ +\ 1)/(2\*(ss32\*(se\ \-\ 2)
178 (which isn't a significant increase) but eliminates keys for which the
179 hash's behaviour is particularly poor.
183 actually performed better than
185 so if you want to just use it as a fast-ish hash with good statistical
186 properties, choose some fixed key
189 We emphasize that the proof of this function's collision behaviour is
191 dependent on any unproven assumptions (unlike many `proofs' of
192 cryptographic security, which actually reduce the security of some
193 construction to the security of its components). It's just a fact.
195 .BR unihash-mkstatic (3),
199 Mark Wooding (mdw@distorted.org.uk).