Reasons to Prefer Blake3 over Sha256

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
Multiformats Benchmark hash-functions Benchmarking varint

WorkOS
Our great sponsors
  • WorkOS - The modern identity platform for B2B SaaS
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • BLAKE3-specs

    The BLAKE3 paper: specifications, analysis, and design rationale

    • We go over some of our reasoning around that in section 7.5 of https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blak.... An early BLAKE3 prototype actually didn't include the chunk counter (https://github.com/oconnor663/bao/blob/master/docs/spec_0.9....), so I'm definitely sympathetic to the use cases that wish it wasn't there. However, after publication we found out that something like a chunk counter is necessary for the security of the Bao streaming verification tool: https://github.com/oconnor663/bao/issues/41. It could be that there's a design that's the best of both worlds, but I'm not sure.

  • bao

    an implementation of BLAKE3 verified streaming

    • We go over some of our reasoning around that in section 7.5 of https://github.com/BLAKE3-team/BLAKE3-specs/blob/master/blak.... An early BLAKE3 prototype actually didn't include the chunk counter (https://github.com/oconnor663/bao/blob/master/docs/spec_0.9....), so I'm definitely sympathetic to the use cases that wish it wasn't there. However, after publication we found out that something like a chunk counter is necessary for the security of the Bao streaming verification tool: https://github.com/oconnor663/bao/issues/41. It could be that there's a design that's the best of both worlds, but I'm not sure.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • BLAKE3

    the official Rust and C implementations of the BLAKE3 cryptographic hash function

    • > might be easier with a public domain license instead of the current ones

    There reference implementation is public domain (CC0) or at your choice Apache 2.0

    https://github.com/BLAKE3-team/BLAKE3/blob/master/LICENSE

  • multihash

    Self describing hashes - for future proofing

    • Since you seem to have done a fair bit of research in this area, do you have any opinions or thoughts about the Multihash format?

    https://multiformats.io/multihash/

    It fills in some of the blanks in your "prefixing the hash with the value of the enum for the hash" step.

  • go-benchmarks

    Comprehensive and reproducible benchmarks for Go developers and architects. (by skerkour)

    • At the end of the day, what matters really for most people is

    1) Certifications (FIPS...)

    2) Speed.

    SHA-256 is fast enough for maybe 99,9% of use cases as you will saturate your I/O way before SHA-256 becomes your bottleneck[0][1]. Also, from my experience with the different available implementations, SHA-256 is up to 1.8 times faster than Blake3 on arm64.

    [0] https://github.com/skerkour/go-benchmarks/blob/main/results/...

    [1] https://kerkour.com/fast-hashing-algorithms

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo
NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts