-
-
Notifications
You must be signed in to change notification settings - Fork 30.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Investigate replacing SHA3 code with OpenSSL #81811
Comments
Recent OpenSSL comes with SHA3. Now that Python is going to drop support for old OpenSSL, we can consider to use OpenSSL's SHA3 and drop the reference implementation from Python. For variable length SHAKE API, OpenSSL added EVP_MD_CTRL_XOF_LEN and EVP_DigestFinalXOF(). |
I'll add a whatsnew later. |
OpenSSL's SHA-3 implementation is a tiny bit faster than our builtin copy of SHA-3. builtin SHA-3 with PGO $ python3 -m timeit -s "from _sha3 import sha3_256; d = b'12345678' * 1000" "sha3_256(d)"
10000 loops, best of 5: 20.3 usec per loop builtin SHA-3 without PGO $ ./python -m timeit -s "from _sha3 import sha3_256; d = b'12345678' * 1000" "sha3_256(d)"
10000 loops, best of 5: 21.1 usec per loop OpenSSL SHA-3 $ ./python -m timeit -s "from _hashlib import openssl_sha3_256 as sha3_256; d = b'12345678' * 1000" "sha3_256(d)"
20000 loops, best of 5: 19.1 usec per loop OpenSSL's Blake2 implementation is also a tiny bit faster. (b.copy().update() because the _hashlib module doesn't have fast constructor yet) $ python3 -m timeit -s "from _blake2 import blake2b; b = blake2b(); d = b'12345678' * 1000" "b.copy().update(d)"
50000 loops, best of 5: 9.67 usec per loop
$ python3 -m timeit -s "from _hashlib import new; b = new('blake2b512'); d = b'12345678' * 1000" "b.copy().update(d)"
50000 loops, best of 5: 8.87 usec per loop |
LibreSSL does neither include SHA3/SHAKE family nor Blake2. Feature requests have been open for 1.5 to almost four years. The first reply on each feature request don't come as a surprise to me... |
OpenSSL doesn't have to provide sha3. LibreSSL noted above does not. BoringSSL does not. You can compile without it or disable it. etc. We've switched our built-in implementation used when OpenSSL does not offer it to use a verified HACL* sha3 implementation instead of the 3.11 tiny_sha3 one which replaced the <=3.10 reference implementation sha3. |
Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.
Show more details
GitHub fields:
bugs.python.org fields:
The text was updated successfully, but these errors were encountered: