Open ogxd opened 6 months ago
Wow nice!
Performance is indeed much worse, but I was expecting even worse results tbh (like at least 2 orders of magnitude slower).
That said, it is still much slower than using another algorithm as a fallback. We are currently constrained by the hash "stability" feature advertised in this crate. We can decide to remove that constraint, but it would imply that using the algorithm shouldn't be used outside of the process lifetime scope. This is what they went for in ahash.
AHash does not have a fixed standard for its output. This allows it to improve over time. For example, if any faster algorithm is found, aHash will be updated to incorporate the technique. Similarly, should any flaw in aHash's DOS resistance be found, aHash will be changed to correct the flaw.
Because it does not have a fixed standard, different computers or computers on different versions of the code will observe different hash values. As such, aHash is not recommended for use other than in-memory maps. Specifically, aHash is not intended for network use or in applications which persist hashed values. (In these cases HighwayHash would be a better choice)
Additionally, aHash is not intended to be cryptographically secure and should not be used as a MAC, or anywhere which requires a cryptographically secure hash. (In these cases SHA-3 would be a better choice)
That leaves us with a choice on the overall objective of this crate.
Here are the possible paths I see (let me know if you have other ideas):
build.rs
with println!("cargo:warning=Software fallback!!!");
but it's the best we can do to prevent non-intentional underperforming usages of gxhash.4 sounds like the best option. I'll try to implement AES w/o AES-NI using SIMD so the performance impact isn't as bad.
I think it is acceptable to split the work into two parts (software fallback first, then alternative hash fallback as an optional feature). Both imply a substantial amount of work. The alternative hash fallback will require some refactoring as we currently reference AES explicitly in several places (needs to be abstracted away).
Can you share your current work on the software AES fallback? Even if not all tests are passing and performance is not optimal.
Sorry for the late reply. I'll share my progress on the software AES soon, and on runtime feature detection as well as it's a bit hard to work on both separately and merge them later. All of this required some restructuring of the project, but it will make cross-platform development much easier. Also, the software AES implementation should now be stable and considerably faster, but I need to do more testing.
- Have another algorithm as fallback. The crate will work everywhere, but we loose hash stability (do we need it?).
In regards to this, the reason I use gxhash
is its stability. It's the only 'stable' hash I could find - most hashing crates don't document whether they guarantee stability or not. I'd appreciate some way to ensure stability, even at the cost of performance.
I've been working on this and I got it mostly working (fails
is_stable
), however the performance is, as I feared, abysmal. I ran this test on an old Chromebook which doesn't haveAES-NI
and this is the fastest I could get it to run.It would break stability, but maybe AES emulation isn't the right solution.