Tone down "DOS resistant" claim

ogxd · Nov 18, 2023 · 50f4410 · 50f4410
1 parent 34ce8cc
commit 50f4410
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 8 deletions.
diff --git a/README.md b/README.md
@@ -38,12 +38,12 @@ hashset.insert("hello world");
 > Other platforms are currently not supported (there is no fallback)
 
 ## Security
-### DOS Resistance ✅
-GxHash is a seeded hashing algorithm, meaning that depending on the seed used, it will generate completely different hashes. The default `HasherBuilder` (`GxHasherBuilder::default()`) uses seed randomization, making it any `HashMap`/`HashSet` using it DOS-resistant, as no attacker will be able to predict which hashes may collide without knowing the seed used.
-### Multicollisions Resistance ✅
+### DOS Resistance
+GxHash is a seeded hashing algorithm, meaning that depending on the seed used, it will generate completely different hashes. The default `HasherBuilder` (`GxHasherBuilder::default()`) uses seed randomization, making any `HashMap`/`HashSet` more DOS resistant, as it will make it much more difficult for attackers to be able to predict which hashes may collide without knowing the seed used. This does not mean however that it is completely DOS resistant. This has to be analyzed further.
+### Multicollisions Resistance
 GxHash uses a 128-bit internal state (and even 256-bit with the `avx2` feature). This makes GxHash [a widepipe construction](https://en.wikipedia.org/wiki/Merkle%E2%80%93Damg%C3%A5rd_construction#Wide_pipe_construction) when generating hashes of size 64-bit or smaller, which had amongst other properties to be inherently more resistant to multicollision attacks. See [this paper](https://www.iacr.org/archive/crypto2004/31520306/multicollisions.pdf) for more details.
 ### Cryptographic Properties ❌
-GxHash is a non-cryptographic hashing algorithm, thus it is not recommended to use it as a cryptographic algorithm (it is not a replacement for SHA). It has not been assessed if GxHash is preimage resistant and whether how likely it is to be reversed.
+GxHash is a non-cryptographic hashing algorithm, thus it is not recommended to use it as a cryptographic algorithm (it is not a replacement for SHA). It has not been assessed if GxHash is preimage resistant and how likely it is to be reversed.
 
 ## Benchmarks
 Displayed numbers are throughput in Mibibytes of data hashed per second. Higher is better.  

diff --git a/src/hasher.rs b/src/hasher.rs
@@ -10,7 +10,7 @@ use crate::gxhash::platform::*;
 /// # Features
 /// - The fastest [`Hasher`] of its class<sup>1</sup>, for all input sizes
 /// - Highly collision resitant
-/// - DOS resistant thanks to seed randomization when using [`GxHasher::default()`]
+/// - DOS resistance thanks to seed randomization when using [`GxHasher::default()`]
 /// 
 /// *<sup>1</sup>There might me faster alternatives, such as `fxhash` for very small input sizes, but that usually have low quality properties.*
 pub struct GxHasher(State);
@@ -20,7 +20,7 @@ impl Default for GxHasher {
     /// 
     /// # Warning ⚠️
     /// Not using a seed may make your [`Hasher`] vulnerable to DOS attacks.  
-    /// It is recommended to use [`GxBuildHasher::default()`] to create a DOS resistant [`Hasher`]s.
+    /// It is recommended to use [`GxBuildHasher::default()`] for improved DOS resistance.
     /// 
     /// # Example
     ///
@@ -47,7 +47,7 @@ impl GxHasher {
     /// 
     /// # Warning ⚠️
     /// Hardcoding a seed may make your [`Hasher`] vulnerable to DOS attacks.  
-    /// It is recommended to use [`GxBuildHasher::default()`] to create a DOS resistant [`Hasher`]s.
+    /// It is recommended to use [`GxBuildHasher::default()`] for improved DOS resistance.
     ///
     /// # Example
     ///
@@ -98,7 +98,7 @@ impl Hasher for GxHasher {
     }
 }
 
-/// A builder for building DOS-resistant [`GxHasher`]s.
+/// A builder for building GxHasher with randomized seeds by default, for improved DOS resistance.
 pub struct GxBuildHasher(i64);
 
 impl Default for GxBuildHasher {