RE: MD5 is slow

[Vasilenko Eduard via NANOG <nanog () lists nanog org>]

Hi Jay,
Big thanks for the test!

This is not a valid assumption: "For protocols such as IP you can independently hash a buffer of packets in series to 
fill a CPU pipeline".
Because if we have a network event, we may have just 1 ISIS LSP to broadcast/propagate.

There is a high probability that your "desktop CPU" is more powerful than the CPU used by routing vendors.
Especially now, when there is a temptation to move to ARM. Even the best ARM cores are much less powerful than CISC 
cores.

Indeed, 0.6ms looks not important for the control plane. (there was a jump to 3.876ms)
I have referenced in a different message how it becomes 4ms average for the best ARM core.
Hence, it is probably time for me to accept that hash is meaningful only for RISC architectures.

Eduard
-----Original Message-----
From: Jay Acuna <mysidia () gmail com> 
Sent: Wednesday, September 10, 2025 11:19
To: North American Network Operators Group <nanog () lists nanog org>
Cc: Vasilenko Eduard <vasilenko.eduard () huawei com>
Subject: Re: MD5 is slow

On Wed, Sep 10, 2025 at 1:08 AM Vasilenko Eduard via NANOG <nanog () lists nanog org> wrote:

> But it's reality. Many passwords are not strong enough.
True, but a digest algorithm (MD5, SHA2, etc) is a cryptographic primitive.
It is not a solution to the password problem, but a component that can be used in a secure algorithm.

Message digests are Not designed to address the "weak password" problem.
Cryptographic primitives do not provide security properties unless used responsibly.

The hash is designed with complexity to resist analytic attacks specifically, Just like AES and other block ciphers are 
designed with complexity to resist analysis, not to protect you if you provide a weak key as input.

The cipher does not work if the key is weak, and a digest does not work if the input is weak.

> More importantly, hash has XX rounds to give a really random output.
> Hence, the hash is designed to be slow.

Real world numbers for SHA2 are in the 10 million hashes per second per CPU core when hashing multiple values in 
parallel.  For protocols such as IP you can independently hash a buffer of packets in series to fill a CPU pipeline,  
So long as the auth hash for each packet is independent of the auth hash of each other packet.

For example;  Single-threaded, even my puny desktop CPU can average
0.62 milliseconds per SHA2
hash
With  unoptimized nodeJS javascript  over 15 different single-threaded Iterations  with 1500 input bytes each:

Sha2(1500 bytes): Start
 - Sha2 Done: 1.4767500000000098 milliseconds,  Hash result:
GrTiJlJLamiDP8PIUnsNhumCcCf9yfJMcR/eCZlAIOk=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.13516599999999812 milliseconds,  Hash result:
jaTVUK6vsXNwGbiT9cmy47DRsKNVjE7gtITEMIBMOws=
Sha2(1500 bytes): Start
 - Sha2 Done: 1.1061659999999875 milliseconds,  Hash result:
4ubia4JqMWuq9R4Q35sdq1NJ115+ZK83E/nOz9q9uYo=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.05308299999998667 milliseconds,  Hash result:
okaqlyoiuIA84fhkpajx4Qx2nsRvStwgeBIShlfzG+4=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.37487500000000296 milliseconds,  Hash result:
+FnXQpA5clQPxThov0LheQtfxqBmpmh2N3XNuJGNO/g=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.5407499999999885 milliseconds,  Hash result:
fRqXSApGDmUdonbr0C+At+J0jQpHWJCFMCPF/scV6HY=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.05229199999999423 milliseconds,  Hash result:
5QPDcBCyqSezAVf0/lBhBj69ido5hlLq8E2kppBC9h4=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.4628330000000034 milliseconds,  Hash result:
bSXNEItlxRNio//+nZ9oQPVMnp+WGZzGgMiZpd9TqgE=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.5801250000000095 milliseconds,  Hash result:
t4X4TZx4jEEZsRZTjZ2uLPAui87FKeRlaWPmAM2n4yc=
Sha2(1500 bytes): Start
 - Sha2 Done: 3.876041999999998 milliseconds,  Hash result:
NVAA36H5u1hhKLdRi6OvB0L2oE9EUXtGKYUACiC/2cw=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.47479199999999366 milliseconds,  Hash result:
ecWELiRxHLG7N7J7Mk39DTUlc2bUMUxFdXZ18wQPSWg=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.09158299999999997 milliseconds,  Hash result:
wYhXGHUsvXj3DbfwCZqjkSQOaMsFS3YBX+8yp6H7siw=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.056416999999996165 milliseconds,  Hash result:
t4sUzPFMPq4xmgGIeUI5ltL7we6z6Rp0izNUM/7mxcA=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.07050000000000978 milliseconds,  Hash result:
/5hsS84g0s86g9NsNTxflDcPKfiAT63e+dlNugekqDk=
Sha2(1500 bytes): Start
 - Sha2 Done: 0.05216599999999971 milliseconds,  Hash result:
flZ3xlAS6e1Jxcfeyl1X+jL8Zj8yzIhHTO+EAx2ZKGk=
--------
async function run() {
    for(i=0;i<15;i++){
        var data, result, start, end, dataBuffer;
        data = new Uint32Array(1500)
        crypto.getRandomValues(data);
        dataBuffer = new Uint8Array(data);
        data = String.fromCharCode.apply(null, dataBuffer);
        console.log(`Sha2(${data.length} bytes): Start`)
        start = performance.now();
        await crypto.subtle.digest("SHA-256", dataBuffer ).then(function (hash) { result = hash;});
        end = performance.now();
        console.log(` - Sha2 Done: ${end - start} milliseconds,  Hash
result: ${btoa(String.fromCharCode(...new Uint8Array(result)))}`)
    }
}
run()


--
-JA
_______________________________________________
NANOG mailing list 
https://lists.nanog.org/archives/list/nanog () lists nanog org/message/A7267HMOOQVC7B2XRR35E63XG3K2ZRAA/