Hacker News new | comments | show | ask | jobs | submit login
Show HN: Go version of HighwayHash with optimized assembly implementations (github.com)
48 points by y4m4b4 6 months ago | hide | past | web | favorite | 13 comments

How does performance compare with XXhash, possibly the current leader in the non-cryptographic hash category?

XXhash is only fast with digest workloads, not hash tables. There the hash function needs to be fast and small, XXhash is too big and trashes the icache.

The current leaders are on my smhasher site, https://github.com/rurban/smhasher/

Thank you!

The benchmarks on the xxHash Github page were done on a 32-bit system using an old Visual C++ compiler. Of course you can beat hash functions that were explicitly designed for modern 64-bit architectures. The Core 2 lacks the CRC instruction introduced by the SSE 4.2 extension, which is the main reason Google wrote their hashes.

Look at XXH64.

xxHash has a 64-bit version.

All modern hashes are designed for 64-bit architectures and some even rely on recent instruction sets. So a benchmark on an old 32-bit CPU isn't indicative of the performance you'll see on a modern processor, e.g. Metrohash will definitely not be 5x slower than xxHash.

Not sure what you're trying to say.

I'm asking for an apples-to-apples comparison here. Using one figure from a random CPU on github and comparing it to another figure from a different random CPU on github is not an apples to apples comparison.

I don't think anyone claimed xxhash would be 5x faster than metrohash. (Maybe you are getting the 5x number from metrohash's claim that it is 5x faster than siphash?)

This seems incredibly fast. Taking the benchmarks on the sites at face value, this seems like it's roughly twice as fast as xxHash.

I also appreciate this line in the README: "HighwayHash is not a general purpose cryptographic hash function (such as Blake2b, SHA-3 or SHA-2) and should not be used if strong collision resistance is required"

I am curious to know what the threshold for "strong collision resistance" is.

It's used for 32bit hashes in hash tables, so brute forcing this to create thousands of collisions on a desktop PC takes 2-4 min. Same for SipHash btw.

For hash tables you should not rely on the false security claims of these slow hashes anyway, rather implement proper collisions strategies to get rid of O(n) attacks.

Check out the graph at https://github.com/fwessels/HashCompare that compares different hashing techniques.

And also we've done some predictions for collisions, see: https://github.com/fwessels/HashCompare/issues/1#issuecommen...

Not a cryptographer, but basically it must not be computability feasible (ie not just hard) to find a collision.

Note that performance is strongly dependent on message size. My Cuckoo Cycle proof of work hashes roughly a billion 8-byte messages with the 'cryptographically strong' SipHash in 4 seconds, for a single-core speed of 2000MB/s, while HighwayHash on longer 16-byte messages slows down to only 200MB/s (no figure provided for 8-byte messages).

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact