|
|
Boost : |
From: Дмитрий Ðрхипов (grisumbras_at_[hidden])
Date: 2024-12-15 16:30:33
Ñб, 14 дек. 2024 г. в 19:15, Matt Borland via Boost <boost_at_[hidden]>:
> > The review of Hash2 by Peter Dimov and Christian Mazakas begins today Saturday, December 7th through Sunday December 15th, 2024.
This is my review of the proposed Hash2 library. Before the review I
want to state that I am affiliated with the C++ Alliance.
> - What is your evaluation of the design?
I read the paper on which the library is based on years ago and was
very fond of the design outlined in it. It's great to see it finally
realised. The library has a few innovations with regards to the
original paper and after reading all of the review I consider those
innovations useful.
> - What is your evaluation of the implementation?
I only glanced at the implementation.
> - What is your evaluation of the documentation?
I think, the documentation should be much more explicit about the
implications of the design choices it made. After reading other
people's comments and reviews it is clear to me that many people have
not considered that the implications of the requirements of the
HashAlgorithm concept are deliberate and not a mistake. Also, it will
probably be good to explicitly state that no vetting by crypto experts
or certifications by relevant agencies was done for any of the hashers
provided by the library.
> - What is your evaluation of the potential usefulness of the library? Do you already use it in industry?
I think that the library achieves what it tried to achieve (see
below). And I consider that very useful.
> - Did you try to use the library? With which compiler(s)? Did you have any problems?
In order to review Hash2 I experimented with integrating it into
Boost.JSON. Hashing is used in 2 places in Boost.JSON. One of the uses
is boost:: and std::hash support for JSON containers. Rewriting the
existing code with Hash2 was very straightforward, as it is extremely
similar to the existing usage of ContainerHash. The benefit of using
Hash2 is exactly the one outlined in the original paper: ease of
switching hashing algorithms.
The second use of hashing in Boost.JSON is hashing of object keys.
Rewriting the existing hashing function to become a HashAlgorithm was
very straightforward (although, this could be because our algorithm is
so simple). After that I experimented with changing the hashing
algorithm with several of the ones provided by Hash2. This was
extremely easy: changing an include line and changing the hash object
type.
This ability to trivially change hashing algorithms is as far as I can
tell the main objective of the library. That is the reason for the
requirements of HashAlgorithm. While those requirements may exclude
many of the algorithms provided by the existing libraries today, I
hope that maintainers of those libraries will see the utility of these
additional operations and will provide them.
> - How much effort did you put into your evaluation? A glance? A quick reading? In-depth study?
With reading documentation, all reviews and comments, and trying the
library out, I've spent around 5 hours.
> - Are you knowledgeable about the problem domain?
I'm not an expert on either hashing or cryptography.
I suggest we ACCEPT the library into Boost.
Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk