简体繁体 English

SHA-1 创建哈希需要多长时间？

[英]How long does SHA-1 take to create hashes?

原文 2011-08-14 22:18:31 2 3 java/ php/ c++/ hash/ sha1

Roughly how long, and how much processing power is required to create SHA-1 hashes of data?创建数据的 SHA-1 哈希值大约需要多长时间和多少处理能力？ Does this differ a lot depending on the original data size?这是否因原始数据大小而有很大差异？ Would generating the hash of a standard HTML file take significantly longer than the string "blah"?生成标准 HTML 文件的 hash 会比字符串“blah”花费更长的时间吗？ How would C++, Java, and PHP compare in speed? C++、Java 和 PHP 的速度如何比较？

3 个解决方案

You've asked a lot of questions, so hopefully I can try to answer each one in turn.你问了很多问题，所以希望我可以尝试依次回答每个问题。

SHA-1 (and many other hashes designed to be cryptographically strong) are based on repeated application of an encryption or decryption routine to fixed-sized blocks of data. SHA-1（以及许多其他设计为具有加密强度的哈希）基于对固定大小的数据块重复应用加密或解密例程。 Consequently, when computing a hash value of a long string, the algorithm takes proportionally more time than computing the hash value of a small string.因此，在计算长字符串的 hash 值时，该算法花费的时间比计算小字符串的 hash 值的时间要多。 Mathematically, we say that the runtime to hash a string of length N is O(N) when using SHA-1.从数学上讲，当使用 SHA-1 时，我们说 hash 一个长度为 N 的字符串的运行时间是 O(N)。 Consequently, hashing an HTML document should take longer than hashing the string "blah," but only proportionally so.因此，散列 HTML 文档应该比散列字符串“blah”花费更长的时间，但只是成比例地如此。 It won't take dramatically longer to do the hash.完成 hash 不会花费太多时间。

As for comparing C++, Java, and PHP in terms of speed, this is dangerous territory and my answer is likely to get blasted, but generally speaking C++ is slightly faster than Java, which is slightly faster than PHP. As for comparing C++, Java, and PHP in terms of speed, this is dangerous territory and my answer is likely to get blasted, but generally speaking C++ is slightly faster than Java, which is slightly faster than PHP. A good hash implementation written in one of those languages might dramatically outperform the others if they aren't written well.如果用其中一种语言编写的一个好的 hash 实现可能会大大优于其他语言，如果它们写得不好。 However, you shouldn't need to worry about this.但是，您不必担心这一点。 It is generally considered a bad idea to implement your own hash functions, encryption routines, or decryption routines because they are often vulnerable to side-channel attacks in which an attacker can break your security by using bugs in the implementation that are often extremely difficult to have anticipated.实现您自己的 hash 函数、加密例程或解密例程通常被认为是一个坏主意，因为它们通常容易受到侧信道攻击，其中攻击者可以通过在实现中使用通常极难解决的错误来破坏您的安全性已经预料到了。 If you want to use a good hash function, use a prewritten version.如果你想使用好的 hash function，使用预写的版本。 It's likely to be faster, safer, and less error-prone than anything you do by hand.它可能比您手动执行的任何操作都更快、更安全且更不容易出错。

Finally, I'd suggest not using SHA-1 at all.最后，我建议根本不要使用 SHA-1。 SHA-1 has known cryptographic weaknesses and you should consider using a strong hash algorithm instead, such as SHA-256. SHA-1 具有已知的加密弱点，您应该考虑改用强大的 hash 算法，例如 SHA-256。

Hope this helps!希望这可以帮助！

The "speed" of cryptographic hash functions is often measured in " clock cycles per byte".加密 hash 函数的“速度”通常以“每字节时钟周期”来衡量。 See this page for an admittedly outdated comparison - you can see how implementation and architecture influence the results.请参阅此页面以获得公认的过时比较 - 您可以看到实现和架构如何影响结果。 The results vary largely not only due to the algorithm being used, but they are also largely dependent on your processor architecture, the quality of the implementation and if the implementation uses the hardware efficiently.结果差异很大，不仅因为所使用的算法，而且在很大程度上取决于您的处理器架构、实现的质量以及实现是否有效地使用了硬件。 That's why some companies specialize in creating hardware especially well suited for the exact purpose of performing certain cryptographic algorithms as efficiently as possible.这就是为什么一些公司专注于创建特别适合于尽可能高效地执行某些加密算法的确切目的的硬件。

A good example is SHA-512, although it works on larger data chunks than SHA-256 one might be inclined to think that it should generally perform slower than SHA-256 working on smaller input - but SHA-512 is especially well suited for 64 bit processors and performs sometimes even better than SHA-256 there.一个很好的例子是 SHA-512，尽管它适用于比 SHA-256 更大的数据块，但人们可能倾向于认为它通常应该比 SHA-256 在较小的输入上执行得慢 - 但 SHA-512 特别适合 64位处理器，有时甚至比那里的 SHA-256 性能更好。

All modern hash algorithms are working on fixed-size blocks of data.所有现代 hash 算法都在处理固定大小的数据块。 They perform a fixed number of deterministic operations on a block, and do this for every block until you finally get the result.他们对一个块执行固定数量的确定性操作，并为每个块执行此操作，直到您最终获得结果。 This also means that the longer your input, the longer the operation will take.这也意味着您输入的时间越长，操作所需的时间就越长。 From the characteristics just explained we can deduce that the length of the operation is directly proportional to the input size of a message.从刚才解释的特征我们可以推断出操作的长度与消息的输入大小成正比。 Mathematically oŕ computer-scientifically speaking we coin this as being an O(n) operation, where n is the input size of the message, as templatetypedef already pointed out.从数学上或计算机科学的角度讲，我们将其称为 O(n) 操作，其中 n 是消息的输入大小，正如 templatetypedef 已经指出的那样。

You should not let the speed of hashing influence your choice of programming language, all modern hash algorithms are really, really fast, regardless of the language.您不应该让散列的速度影响您对编程语言的选择，所有现代 hash 算法都非常非常快，无论语言如何。 Although C-based implementations will do slightly better than Java, which again will probably be slightly faster than PHP, I bet in practice you won't know the difference.尽管基于 C 的实现会比 Java 稍好一些，后者可能又会比 PHP 稍快一些，但我敢打赌，实际上你不会知道其中的区别。

SHA-1 processes the data by chunks of 64 bytes. SHA-1按 64 字节的块处理数据。 The CPU time needed to hash a file of length n bytes is thus roughly equal to n/64 times the CPU time needed to process one chunk.因此，hash 长度为n字节的文件所需的 CPU 时间大致等于处理一个块所需的 CPU 时间的n/64倍。 For a short string, you must first convert the string to a sequence of bytes (SHA-1 works on bytes, not on characters);对于短字符串，必须先将字符串转换为字节序列（SHA-1 作用于字节，而不作用于字符）； the string "blah" will become 4 or 8 bytes (if you use UTF-8 or UTF-16, respectively) so it will be hashed as a single chunk.字符串"blah"将变为 4 或 8 个字节（如果您分别使用 UTF-8 或 UTF-16），因此它将作为单个块进行散列。 Note that the conversion from characters to bytes may take more time than the hashing itself.请注意，从字符到字节的转换可能需要比散列本身更多的时间。

Using the pure Java SHA-1 implementation from sphlib , on my PC (x86 Core2, 2.4 GHz, 64-bit mode), I can hash long messages at a bandwidth of 132 MB/s (that's using a single CPU core).使用来自sphlib的纯 Java SHA-1 实现，在我的 PC（x86 Core2，2.4 GHz，64 位模式）上，我可以在 132 MB/s 的带宽下使用 hash 长消息）（即使用单个 CPU 内核。 Note that this exceeds the speed of a common hard disk, so when hashing a big file, chances are that the disk will be the bottleneck, not the CPU: the time needed to hash the file will be the time needed to read the file from the disk.请注意，这超过了普通硬盘的速度，因此在对大文件进行哈希处理时，磁盘可能会成为瓶颈，而不是 CPU：hash 文件所需的时间将是从文件中读取文件所需的时间磁盘。

(Also, using native code written in C, SHA-1 speed goes up to 330 MB/s.) （此外，使用以 C 编写的本机代码，SHA-1 速度高达 330 MB/s。）

SHA-256 is considered to be widely more secure than SHA-1, and a pure Java implementation of SHA-256 ranks at 85 MB/s on my PC, which is still quite fast. SHA-256被认为比 SHA-1 更安全，SHA-256 的纯 Java 在我的 PC 上的速度为 85 MB/s，仍然相当快。 As of 2011, SHA-1 is not recommended.自 2011 年起，不推荐使用 SHA-1。