-
Notifications
You must be signed in to change notification settings - Fork 145
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Why own sha-3 implementation? #505
Comments
First, what is your concern for the fork? One big reason we keep the fork is that we expose the underlying struct, so that we can use SHA3 without having to move the inputs to the heap. (Google "golang heap escapes".) That reduces allocation significantly, which would otherwise be a big bottleneck in cryptographic primitives such as Kyber. This application is kind of niche and I doubt upstream would take that. Also there are parallel implementations of SHA3, which again are very useful for cryptographic primitives such as Kyber. |
This is not a concern, just for now as I understand std golang sha3 is not so good/fast as sha3 from the project. |
For implementing PQC you'd want to use the low-level SIMD version, which is public. For usual applications (like hashing a file), the difference between our implementation and the upstream API should be minimal. |
BTW for now I don't see a significant difference in performance:
vs.
|
You don't notice the heap escape issue in this microbenchmark, but you do notice it when you're using one or the other inside, say, Kyber. |
BTW golang.org/x/crypto has already improvements sha3: make APIs usable with zero allocations (May 8, 2024) similar to sha3: prevent state from escaping to heap (Sep 17, 2021). |
The project is using internal/sha3 which is derived from golang.org/x/crypto/sha3.
As I understand the main reason is some fundamental issues (and some optimizations/improvements).
However if so is it possible to contribute improved sha3 code to the golang std lib and use it instead own implementation?
The text was updated successfully, but these errors were encountered: