Can we add the BLAKE3 hash?
Created a PR here: add BLAKE3 hash by divinity76 · Pull Request #13194 · php/php-src · GitHub
Created a RFC draft here: PHP: rfc:blake3
BLAKE3 is a cryptographic hash function based on the SHA3-finalist
BLAKE, offering SHA3-256-like security at much higher speed.
Benchmarks from /ext/hash/bench.php highlight BLAKE3's performance: it
is over four times faster than SHA3-256 on AMD Ryzen 9 7950x:
Hi
(Hans, apologies for the duplicate copy, I accidentally did not send the first reply to the list)
Am 2025-01-24 20:39, schrieb Hans Henrik Bergan:
Can we add the BLAKE3 hash?
Created a PR here: add BLAKE3 hash by divinity76 · Pull Request #13194 · php/php-src · GitHub
Created a RFC draft here: PHP: rfc:blake3BLAKE3 is a cryptographic hash function based on the SHA3-finalist
BLAKE, offering SHA3-256-like security at much higher speed.
Benchmarks from /ext/hash/bench.php highlight BLAKE3's performance: it
is over four times faster than SHA3-256 on AMD Ryzen 9 7950x:
rfc:output_5_.png [PHP Wiki]
Thank you for your RFC. I'm a little confused by the benchmark results. According to https://www.amd.com/de/products/processors/desktops/ryzen/7000-series/amd-ryzen-9-7950x.html, the Ryzen 9 7950x should support SHA-NI, which should make SHA-256 much faster than SHA-1. On my i7-1365U I get SHA-256 results that are competitive with BLAKE3 and with SHA-256 being a well-established algorithm, the benefit of having BLAKE3 becomes much smaller when also considering that will likely remain under much less scrunity of the cryptographic community.
crc32b 0.001059
crc32 0.001060
crc32c 0.001068
xxh3 0.001888
xxh128 0.001915
xxh64 0.002003
murmur3f 0.003031
xxh32 0.003147
murmur3c 0.003590
murmur3a 0.006133
adler32 0.007285
blake3 0.010877
sha224 0.013217
sha256 0.013227
md4 0.017892
fnv164 0.021882
fnv132 0.021941
fnv1a32 0.021953
fnv1a64 0.021960
sha1 0.026227
joaat 0.027386
tiger128,3 0.028267
tiger160,3 0.028301
tiger192,3 0.028335
md5 0.028426
tiger128,4 0.037212
tiger160,4 0.037262
tiger192,4 0.037312
ripemd128 0.037685
ripemd256 0.037950
sha3-224 0.048985
sha384 0.050335
sha512/256 0.050597
sha512 0.050732
sha512/224 0.050744
sha3-256 0.052112
haval160,3 0.059909
haval128,3 0.059922
haval224,3 0.059940
haval256,3 0.060034
haval192,3 0.060077
ripemd320 0.062434
ripemd160 0.062976
sha3-384 0.064828
haval128,4 0.082339
haval192,4 0.082374
haval160,4 0.082414
haval224,4 0.082511
haval256,4 0.082513
sha3-512 0.093178
haval128,5 0.104438
haval160,5 0.104576
haval256,5 0.104610
haval192,5 0.104631
haval224,5 0.104929
whirlpool 0.108009
gost 0.243599
gost-crypto 0.243799
snefru 0.595979
snefru256 0.596615
md2 1.752960
Is your benchmark perhaps not reflecting the latest changes with PHP 8.4? SHA-NI support was added in hash: Add SHA-NI implementation of SHA-256 by TimWolla · Pull Request #15152 · php/php-src · GitHub.
As for the RFC itself: I suggest to already add the (closed) voting doodle to the proposed voting choices section. The way the section is currently worded doesn't make sense, because it implies two distinct votes.
Other than the above, I don't have a strong opinion either about the RFC. I don't see much benefit of having it, but also not much against.
Best regards
Tim Düsterhus
On Fri, 24 Jan 2025 at 21:54, Tim Düsterhus <tim@bastelstu.be> wrote:
Hi
(Hans, apologies for the duplicate copy, I accidentally did not send the
first reply to the list)Am 2025-01-24 20:39, schrieb Hans Henrik Bergan:
> Can we add the BLAKE3 hash?
>
> Created a PR here: add BLAKE3 hash by divinity76 · Pull Request #13194 · php/php-src · GitHub
> Created a RFC draft here: PHP: rfc:blake3
>
> BLAKE3 is a cryptographic hash function based on the SHA3-finalist
> BLAKE, offering SHA3-256-like security at much higher speed.
> Benchmarks from /ext/hash/bench.php highlight BLAKE3's performance: it
> is over four times faster than SHA3-256 on AMD Ryzen 9 7950x:
> rfc:output_5_.png [PHP Wiki]Thank you for your RFC. I'm a little confused by the benchmark results.
According to
https://www.amd.com/de/products/processors/desktops/ryzen/7000-series/amd-ryzen-9-7950x.html,
the Ryzen 9 7950x should support SHA-NI, which should make SHA-256 much
faster than SHA-1. On my i7-1365U I get SHA-256 results that are
competitive with BLAKE3 and with SHA-256 being a well-established
algorithm, the benefit of having BLAKE3 becomes much smaller when also
considering that will likely remain under much less scrunity of the
cryptographic community.
BLAKE3 keeping up with dedicated SHA CPU instructions (i.e SHA-NI) is
impressive.
ARM is getting more and more common, and I don't think ARM has SHA
instructions (yet?) tho.
BLAKE3 offers security superior to SHA2 and comparable to SHA3, among
the 3, only SHA2 is vulnerable to length extension attacks.
blake3 0.010877
sha3-256 0.052112
On your system, it seems BLAKE3 is 4.7 times (almost 5 times?) faster
than sha3-256, interesting.
Is your benchmark perhaps not reflecting the latest changes with PHP
8.4? SHA-NI support was added in
hash: Add SHA-NI implementation of SHA-256 by TimWolla · Pull Request #15152 · php/php-src · GitHub.
ah yes, the benchmarks is from commit
dating to 19 january 2024 (the benchmark is in the commit message), 6
months prior to hash: Add SHA-NI implementation of SHA-256 by TimWolla · Pull Request #15152 · php/php-src · GitHub
... I tried getting BLAKE3 added back in january 2024, but ran out of steam.
As for the RFC itself: I suggest to already add the (closed) voting
doodle to the proposed voting choices section. The way the section is
currently worded doesn't make sense, because it implies two distinct
votes.
like this I guess:
<doodle title="Integrate BLAKE3?" auth="divinity76" voteType="single"
closed="true">
* Yes
* No
</doodle>
added.
On 24.01.2025 at 20:39, Hans Henrik Bergan wrote:
Can we add the BLAKE3 hash?
Created a PR here: add BLAKE3 hash by divinity76 · Pull Request #13194 · php/php-src · GitHub
Created a RFC draft here: PHP: rfc:blake3
I'm *generally* somewhat concerned regarding the amount of code (growth)
in ext/hash, which is a bundled extension and such must not rely on
external libraries. All this code needs to be maintained by the php-src
maintainers, and build by everyone who wants to build php-src, although
probably few actually use the less common hash algorithms.
Maybe we should consider creating a new PECL/PIE extension, where new
algorithms can be added first, and if popular enough, later be moved
into ext/hash. And it might be worthwhile to move some of the less
useful algorithms to the new PECL/PIE extension.
Christoph
Hi
Am 2025-01-24 22:37, schrieb Hans Henrik Bergan:
BLAKE3 keeping up with dedicated SHA CPU instructions (i.e SHA-NI) is
impressive.
I would assume that that's the AVX2 implementation (my CPU can't AVX512), which makes it less impressive.
ARM is getting more and more common, and I don't think ARM has SHA
instructions (yet?) tho.
The ARM architecture has them, but PHP does not yet make use of them. This is mainly due to me being unable to test the integration, due to lacking an appropriate system. libcperciva where I've taken the SHA-NI implementation from also includes the ARM implementation and I checked with the author regarding the necessary attribution as part of the x64 SHA-NI PR: hash: Add SHA-NI implementation of SHA-256 by TimWolla · Pull Request #15152 · php/php-src · GitHub.
As for the RFC itself: I suggest to already add the (closed) voting
doodle to the proposed voting choices section. The way the section is
currently worded doesn't make sense, because it implies two distinct
votes.like this I guess:
Yes. Ideally mention above that it requires a "2/3 majority" (as with any other RFC, but good to spell it out explicitly).
Best regards
Tim Düsterhus