# Short-input hashing ## Example ```c #define SHORT_DATA ((const unsigned char *) "Sparkling water") #define SHORT_DATA_LEN 15 unsigned char hash[crypto_shorthash_BYTES]; unsigned char key[crypto_shorthash_KEYBYTES]; crypto_shorthash_keygen(key); crypto_shorthash(hash, SHORT_DATA, SHORT_DATA_LEN, key); ``` ## Purpose Many applications and programming language implementations were recently found to be vulnerable to denial-of-service (DoS) attacks when a hash function with weak security guarantees, such as MurmurHash3, was used to construct a hash table. To address this, Sodium provides the `crypto_shorthash()` function, which outputs short but unpredictable (without knowing the secret key) values suitable for picking a list in a hash table for a given key. This function is optimized for short inputs. The output of this function is only 64 bits. Therefore, it should *not* be considered collision-resistant. Use cases: * Hash tables * Probabilistic data structures, such as Bloom filters * Integrity checking in interactive protocols ## Usage ```c int crypto_shorthash(unsigned char *out, const unsigned char *in, unsigned long long inlen, const unsigned char *k); ``` Compute a fixed-size (`crypto_shorthash_BYTES` bytes) fingerprint for the message `in` whose length is `inlen` bytes, using the key `k`. The `k` is `crypto_shorthash_KEYBYTES` bytes and can be created using `crypto_shorthash_keygen()`. The same message hashed with the same key will always produce the same output. ## Constants * `crypto_shorthash_BYTES` * `crypto_shorthash_KEYBYTES` ## Algorithm details SipHash-2-4 ## Notes * The key must remain secret. This function will not provide any mitigations against DoS attacks if the key is known from attackers. * When building hash tables, it is recommended to use a prime number for the table size. This ensures that all bits from the output of the hash function are being used. Mapping the range of the hash function to `[0..N)` can be done efficiently [without modulo reduction](http://lemire.me/blog/2016/06/27/a-fast-alternative-to-the-modulo-reduction/). * libsodium >= 1.0.12 also implements a variant of SipHash with the same key size but a 128-bit output, accessible as `crypto_shorthash_siphashx24()`. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://libsodium.gitbook.io/doc/hashing/short-input_hashing.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.