On Mon, Sep 19, 2011 at 12:12 AM, Anthony wikimail@inbox.org wrote:
Did you try any of the non-secure hash functions? If you're going to go with MD5, might as well go with the significantly faster CRC-64.
I included MD5 because MediaWiki currently uses it for some things, and SHA-1 because it had been suggested in this discussion. I didn't feel the need to include anything non-cryptographic because points have been made that choosing a cryptographic hash function would be wise (because the feature might be used for something different later, among other things) and worries were expressed that SHA-256 might be too slow. I think these benchmarks show that that slowness is not a real problem, so I think we should pick the right tool for the job rather than try to pick the fastest hash function. It wasn't a contest, just a test to see whether SHA-256 was within the realm of feasibility, performance-wise.
Roan