{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,10,12]],"date-time":"2025-10-12T04:05:24Z","timestamp":1760241924471,"version":"build-2065373602"},"reference-count":21,"publisher":"MDPI AG","issue":"4","license":[{"start":{"date-parts":[[2018,10,15]],"date-time":"2018-10-15T00:00:00Z","timestamp":1539561600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"DOI":"10.13039\/100000001","name":"National Science Foundation","doi-asserted-by":"publisher","award":["1314592"],"award-info":[{"award-number":["1314592"]}],"id":[{"id":"10.13039\/100000001","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Cryptography"],"abstract":"<jats:p>Two of the fastest types of cryptographic algorithms are the stream cipher and the almost-universal hash function. There are secure examples of each that process data in software using less than one CPU cycle per byte. Hashstream combines the two types of algorithms in a straightforward manner yielding a PRF that can both consume inputs of and produce pseudorandom outputs of any desired length. The result is an object useful in many contexts: authentication, encryption, authenticated encryption, random generation, mask generation, etc. The HS1-SIV authenticated-encryption algorithm\u2014a CAESAR competition second round selection\u2014was based on Hashstream and showed the promise of such an approach by having provable security and topping the speed charts in several test configurations.<\/jats:p>","DOI":"10.3390\/cryptography2040031","type":"journal-article","created":{"date-parts":[[2018,10,16]],"date-time":"2018-10-16T02:52:53Z","timestamp":1539658373000},"page":"31","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":0,"title":["The Definition and Software Performance of Hashstream, a Fast Length-Flexible PRF"],"prefix":"10.3390","volume":"2","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-3640-9134","authenticated-orcid":false,"given":"Ted","family":"Krovetz","sequence":"first","affiliation":[{"name":"Computer Science Department, California State University, Sacramento, CA 95819, USA"}]}],"member":"1968","published-online":{"date-parts":[[2018,10,15]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Gilbert, H., and Handschuh, H. (2005). The Poly1305-AES message-authentication code. Fast Software Encryption, Springer. Lecture Notes in Computer Science 3557.","DOI":"10.1007\/b137506"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Canteaut, A., and Viswanathan, K. (2004). The Security and Performance of the Galois\/Counter Mode (GCM) of Operation. Progress in Cryptology\u2014INDOCRYPT 2004, Springer. Lecture Notes in Computer Science 3348.","DOI":"10.1007\/b104579"},{"key":"ref_3","unstructured":"Bernstein, D.J. (2018, June 01). ChaCha, A Variant of Salsa20. Presented at SASC 2008: The State of the Art of Stream Ciphers, Lausanne, Switzerland. Available online: http:\/\/www.ecrypt.eu.org\/stvl\/sasc2008\/."},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Dworkin, M. (2001). Recommendation for Block Cipher Modes of Operation: Methods and Techniques.","DOI":"10.6028\/NIST.SP.800-38a"},{"key":"ref_5","unstructured":"Krovetz, T. (2018, June 01). HS1-SIV (v2). CAESAR Submissions. Available online: https:\/\/competitions.cr.yp.to\/round2\/hs1sivv2c.pdf."},{"key":"ref_6","doi-asserted-by":"crossref","unstructured":"Vaudenay, S. (2006). A provable-security treatment of the keywrap problem. Advances in Cryptology\u2014EUROCRYPT 2006, Springer. Lecture Notes in Computer Science 4004.","DOI":"10.1007\/11761679"},{"key":"ref_7","doi-asserted-by":"crossref","unstructured":"Yung, M. (2002). Tweakable Block Ciphers. Advances in Cryptology\u2014CRYPTO 2002, Springer. Lecture Notes in Computer Science 2442.","DOI":"10.1007\/3-540-45708-9"},{"key":"ref_8","doi-asserted-by":"crossref","first-page":"1","DOI":"10.46586\/tosc.v2017.i2.1-26","article-title":"Tweakable blockciphers for efficient authenticated encryptions with beyond the birthday-bound security","volume":"2","author":"Naito","year":"2017","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"ref_9","unstructured":"Biham, E., and Youssef, A.M. (2007). MMH: Software message authentication in the Gbit\/second rates. Fast Software Encryption, Springer. Lecture Notes in Computer Science 4356."},{"key":"ref_10","doi-asserted-by":"crossref","unstructured":"Wiener, M. (1999). UMAC: Fast and secure message authentication. Advances in Cryptology\u2014CRYPTO \u201999, Springer. Lecture Notes in Computer Science 1666.","DOI":"10.1007\/3-540-48405-1"},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Gilbert, H., and Handschuh, H. (2005). Message authentication on 64-bit architectures. Fast Software Encryption, Springer. Lecture Notes in Computer Science 3557.","DOI":"10.1007\/b137506"},{"key":"ref_12","unstructured":"(2018, June 01). OpenSSL: Cryptography and SSL\/TLS Toolkit. Available online: https:\/\/www.openssl.org."},{"key":"ref_13","unstructured":"Bernstein, D.J., and Lange, T. (2018, June 01). eBACS: ECRYPT Benchmarking of Cryptographic Systems. Available online: https:\/\/bench.cr.yp.to."},{"key":"ref_14","unstructured":"Bernstein, D.J. (2018, June 01). Response to \u201cOn the Salsa20 Core Function\u201d. Available online: https:\/\/cr.yp.to\/snuffle\/reoncore-20080224.pdf."},{"key":"ref_15","doi-asserted-by":"crossref","unstructured":"De Santis, A. (1995). Optimal asymmetric encryption. Advances in Cryptology\u2014EUROCRYPT \u201994, Springer. Lecture Notes in Computer Science 950.","DOI":"10.1007\/BFb0053418"},{"key":"ref_16","doi-asserted-by":"crossref","unstructured":"Joux, A. (2009). Order-preserving symmetric encryption. Advances in Cryptology\u2014EUROCRYPT 2009, Springer. Lecture Notes in Computer Science 5479.","DOI":"10.1007\/978-3-642-01001-9"},{"key":"ref_17","unstructured":"CAESAR (2018, June 01). Competition for Authenticated Encryption, Security, Applicability, and Robustness. Available online: https:\/\/competitions.cr.yp.to\/caesar.html."},{"key":"ref_18","unstructured":"Bernstein, D.J. (2016, January 15). Some Challenges in Heavyweight Cipher Design. Presented at Dagstuhl Seminar on Symmetric Encryption, Dagstuhl, Germany. Available online: https:\/\/cr.yp.to\/talks\/2016.01.15\/slides-djb-20160115-a4.pdf."},{"key":"ref_19","doi-asserted-by":"crossref","first-page":"1","DOI":"10.46586\/tosc.v2017.i4.1-38","article-title":"Farfalle: parallel permutation-based cryptography","volume":"4","author":"Bertoni","year":"2017","journal-title":"IACR Trans. Symmetric Cryptol."},{"key":"ref_20","unstructured":"Gueron, S., Langley, A., and Lindell, Y. (2018, June 01). AES-GCM-SIV: Specification and Analysis. Available online: https:\/\/eprint.iacr.org\/2017\/168Report2017\/168."},{"key":"ref_21","unstructured":"Krovetz, T. (2018, June 01). Hashstream Code. GitHub Repository. Available online: https:\/\/github.com\/krovetz\/Hashstream."}],"container-title":["Cryptography"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2410-387X\/2\/4\/31\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T15:25:38Z","timestamp":1760196338000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2410-387X\/2\/4\/31"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018,10,15]]},"references-count":21,"journal-issue":{"issue":"4","published-online":{"date-parts":[[2018,12]]}},"alternative-id":["cryptography2040031"],"URL":"https:\/\/doi.org\/10.3390\/cryptography2040031","relation":{},"ISSN":["2410-387X"],"issn-type":[{"type":"electronic","value":"2410-387X"}],"subject":[],"published":{"date-parts":[[2018,10,15]]}}}