Honesthash NPM

Honest Hash

The best hashing algorithm for speed, uniqueness, speed and length for Javascript

Problems of conventional hashes and honest hash solutions

problem SPEED: can't be too slow (for big files) or too fast (because of rainbow(*) tables) solution: honest hash has an optional speed parameter and can be set between 4ms ~ 22000ms

problem LENGTH: can't be too long (shorter hashes means faster and cheaper databases) solution: honest hash is only 40 characters long and still without any collisions

problem SALTING: can't be hashed without salt (rainbow tables have 43.745(*) billion results) solution: honest hash has a mandatory salt and optional number of hashing

problem UNIVERSALITY: you must be able to reuse the same library on cliend and server solution: honest hash has just one implementation for Node.js and client JS

problem COLLISIONS: many hashes have already known collisions (MD5, SHA0, SHA1..) solution: honest hash uses internally SHA3-512 and RIPEMD-160 (not known collisions)

HonestHash

How to install and use Honest Hash?

Installation on server within package.json

> npm install honesthash
> node require("./Honesthash.js")

Short usage with salt and speed options

var options = { salt : "744bdf813e57252146", speed : 15000 };
var result = require("./Honesthash.js")(options).hex("123");

console.log(result);
> e457227529744e2146bdf813e57259f256fd7cdc

var hashModule = require("./Honesthash.js");

var develHash = hashModule({ speed: 1, salt: "1f5a5ab970a1945c91394", logs: true });
var testHash = hashModule({ speed: 10000, salt: "159139413f5a5970a", logs: true });
var prodHash = hashModule({ speed: 10000, salt: "d73ce9fc1776ad4f", logs: false  });

console.log( develHash.hex("123"), testHash.hex("123"), prodHash.hex("123") );

Shortest usage without options

console.log( require("./Honesthash.js")().hex("string") );
> 1176e5c9188f73a5203656949848c19680ecc062

Available options

{
  (mandatory) salt: "1234567890", // your custom hash, can be any string
  (optional) loop: 1, //  can be between 1 and 1000000
  (optional) logs: false // logs everything to console (speed, hash, string)
}

How Honest Hash works?

Hashing

Honest Hash puts raw string to SHA512 with given salt. SHA3-512 is used because its the best implementation of famous SHA serie and result is unique, without any collisions and strong. Problem is that is too long. This SHA3 result is given to hashing function RIPE160 and it result is provided back.

uniqButLong = SHA3-512("your string" + salt);
shortAndUniq = RIPE160(uniqButLong + salt);

Speed

Speed is inspired by Niels Provos(*) and David Mazières and theirs bcrypt. Optional speed besides incorporating a salt protects against rainbow table attacks. Hashing iterates within a loop that is set by optional parameter speed. Iteration makes hashing slower, so it remains resistant to brute-force search attacks even with increasing computer power.

HonestHash

Backward compatibility algorithms

Honest Hash is tested not just for English characters, but also for the Cyrillic script (1), numbers (2), special characters (3), Eastern European characters (4) and many others..

1: `бвгдеёжзийклмнопрстуфхцчшщъыьэюя`
2: `1234567890`
3: `!@#$%^&*()_-+={[}]:;"'|\?/>.<,œ∑´†¥¨ˆπ¬˚∆˙ƒ∂ßåΩ≈ç√∫˜Ω`
4: `ąàáäâãåæăăâćęèéëêìíïîîłńòóöôõøśșşțţùúüûñçżźа`
5: `zxcvbnmlkjhgfdsaqwertyuiop`

Bechmark

For a full benchmark see file docs/bechmark.md, that contains results of our benchmark. We used iMac 2011 with OSX Yosimite and Node.js v10.17. Computer had installed 4GB RAM.