Replacing the Journal hashing algorithm

[hicka]

Hi @ekmungai

Instead of using the default password hashing algo, something like Crc32 is an extremely fast hashing algorithm that is not designed for cryptographic purposes like hashing passwords, but can be used to check the integrity of the ledger, checking if it has been tempered with. This fulfills the purpose while gaining huge performance improvements.

Was able to get to ~0.13 seconds with crc32, which took around ~1 second when using the password hashing algorithm. While working with huge databases and transacting with millions of rows, this is a huge improvement. I was able to import the transactions and create the ledgers much faster.

//        $this->hash = password_hash(
//            $this->hashed(),
//            config('ifrs')['hashing_algorithm']
//        );
        $this->hash = crc32($this->hashed());

Alternatives, SHA1 / MD5

Maybe we can add the option in the config file if not replace it?

[ekmungai]

Hi @hicka,

Thanks for pointing this out, when I first thought about the hashing I didnt actually give much thought to performance. I'll do some research on the crc32 function as well as some others and see how to incorporate them without removing the flexibilty for a user to select their preferred algorithm.

Cheers, Edward

[richmondnursery]

If you want more hashing options, you can always use:

hash( $algo, $value );

There seem to be a lot more hashing options there than with password_hash(). Somebody actually tested the performance of various algorithms in PHP a few years ago and compared the output lengths: https://ideone.com/embed/0iwuGn

[hicka]

@richmondnursery yep that's actually a good solution. Maybe we can use the current 'hashing_algorithm' key in config file and use the hash function to get a hash instead of using password_hash. Enables a broad range of algorithms to choose for the user.