Perils of hashing

-

I describe the basics of hashing in this blog here though I'd like to explore some of the perils.

I used this blog as my starting point. It describes solving a real world problem and does involve taking string hashes. The strings it takes hashes of are not good for hashing as they are all very similar varying only in a few numeric characters.

Such is the real world though it often presents harsh conditions for algorithms.

In the example there are 4 hash functions you can choose from and you can also change the number of array elements in a sparse array. By sparse I mean that it has capacity for many times the elements we will put in it, and hence we achieve rapid lookup of elements in an unordered map container.

Github link

//gcc std_hash.cpp -lstdc++
#include <stdlib.h>
#include <stdio.h>
#include <cstring>
#include <string>
#include <stdint.h>
#include <functional>
using namespace std;

unsigned long simple_hash(const char *str)
{
unsigned long hash = 5381;
int c;

while (c = *str++)
hash = ((hash << 5) + hash) + c; /* hash * 33 + c */

return hash;
}

#define FNV_PRIME_32 16777619
#define FNV_OFFSET_32 2166136261U

uint32_t FNV32(const char *s)
{
uint32_t hash = FNV_OFFSET_32, i;
for (i = 0; i < strlen(s); i++)
{
hash = hash ^ (s[i]); // xor next byte into the bottom of the hash
hash = hash * FNV_PRIME_32; // Multiply by prime number found to work well
}
return hash;
}

static inline uint32_t murmur_32_scramble(uint32_t k)
{
k *= 0xcc9e2d51;
k = (k << 15) | (k >> 17);
k *= 0x1b873593;
return k;
}
uint32_t murmur3_32(const uint8_t *key, size_t len, uint32_t seed)
{
uint32_t h = seed;
uint32_t k;
/* Read in groups of 4. */
for (size_t i = len >> 2; i; i--)
{
// Here is a source of differing results across endiannesses.
// A swap here has no effects on hash properties though.
memcpy(&k, key, sizeof(uint32_t));
key += sizeof(uint32_t);
h ^= murmur_32_scramble(k);
h = (h << 13) | (h >> 19);
h = h * 5 + 0xe6546b64;
}
/* Read the rest. */
k = 0;
for (size_t i = len & 3; i; i--)
{
k <<= 8;
k |= key[i - 1];
}
// A swap is *not* necessary here because the preceding loop already
// places the low bytes in the low places according to whatever endianness
// we use. Swaps only apply when the memory is copied in a chunk.
h ^= murmur_32_scramble(k);
/* Finalize. */
h ^= len;
h ^= h >> 16;
h *= 0x85ebca6b;
h ^= h >> 13;
h *= 0xc2b2ae35;
h ^= h >> 16;
return h;
}

struct custom_map
{
string sql;
int count;
int collisions;
};

//
// generate random test strings
//
#define MAX 1000

static int getRandom(int low, int high)
{
return rand() % (high + 1 - low) + low;
}

char *GetTestString()
{
static char sql[256];
sprintf(sql, "UPDATE table SET total=total+__TOTAL__ WHERE key = %d", getRandom(0, MAX));
return sql;
}

// change the sparseness of the array
#define SPARSITY (MAX * 5 + 1)
#define TESTRUNS 1000
#define UPDATES 10000
int main(int args, char **argc)
{
int count = 0;
int entries = 0;

struct custom_map map_entry[SPARSITY];

for (int i = 0; i < SPARSITY; i++)
{
map_entry[i].sql = "";
map_entry[i].count = 1;
map_entry[i].collisions = 0;
}

for (int tests = 0; tests < TESTRUNS; tests++)
{
for (int i = 0; i < UPDATES; i++)
{
string sql = GetTestString();

// choose your hash
//int index =FNV32(sql.c_str()) % SPARSITY;
int index = simple_hash(sql.c_str()) % SPARSITY;
// int index =murmur3_32((uint8_t *)sql.c_str(),sql.length(),0) % SPARSITY;
//int index =hash<std::string>{}(sql) % SPARSITY;

// find or create the sql entry in a sparse array
do
{
if (map_entry[index].sql == sql) // we have the entry
{
map_entry[index].count++;
break;
}
else if (map_entry[index].sql == "") // blank entry
{
map_entry[index].sql = sql;
break;
}
else // collision so move to next element
{
map_entry[index].collisions++;
index = (index + 1) % SPARSITY;
}
} while (1);
}

for (int i = 0; i < SPARSITY; i++)
{
if (map_entry[i].sql != "")
{
count += map_entry[i].count;
entries += 1;
map_entry[i].sql = "";
map_entry[i].count = 1;
}
}
}
int total_collisions = 0;
for (int i = 0; i < SPARSITY; i++)
{
total_collisions += map_entry[i].collisions;
}
printf("Total %d %d collisions %d\n", count, entries, total_collisions);
}

Run this as it stands and we get the remarkable result:

Total 10000000 1000956 collisions 0
from the simplest hash function with an array that isn't even very sparse! Zero collisions.

Flipping to the hash function from the C++ standard library

int index =hash<std::string>{}(sql) % SPARSITY;

and it returns:

Total 10000000 1000956 collisions 1356826

Well over 1 millions collisions from a hash function we would expect to be very good indeed. 

Let's try murmur3_32 another function we have good expectations of:

int index =murmur3_32((uint8_t *)sql.c_str(),sql.length(),0) % SPARSITY;

Total 10000000 1000956 collisions 1390821

Very very similar result. Lastly a somewhat respectable function.

int index =FNV32(sql.c_str()) % SPARSITY;

Total 10000000 1000956 collisions 1410589

Again pretty close to the other good hash functions.

So is our simply hash function deceptively good? Not a bit of it. Lets change the SPARSITY to see what happens.

#define SPARSITY (MAX * 9)

I'm just going to tabulate the runs for clarity here:

simple_hash    3,4446,020
FLV32                680,738
murmur3_32  605,694
hash_<std::string>  529,861

Things revert with a bang. Raising sparsity to 10

simple_hash  0
FLV32                     301,363
murmur3_32         407,262
hash_<std::string>  622,756

At this point we are really seeing that an overly simplistic dataset can give very deceptive results.

We can get to the bottom of things by adding a line where in the for loop running through the sparse array at about line 155.

printf("%d",map_entry[i].sql != ""?1:0); 

This show occupancy of the element. simple_hash shows a repeating pattern: 111111100000000000000000000000

Our over simplistic dataset has produced a non random hash which gets lucky.

Meanwhile even the decent hashing functions struggle a bit. 

An exercise I'll leave to the reader is whether a really serious hash function like SHA-1 would be consistently better with this sort of dataset?

The lesson here is the danger of presumption and that if you really did know the data has that much of a pattern then you don't need to hash in the first place. The real life case this is all based on did in fact use considerably more complex SQL strings to not go rogue.





Comments

Post a Comment

Popular posts from this blog

A reliable tuya authentication in node-red

-
In passing when working with tuya and node-red I had a couple of issues, the first one was conflicts with node-red-contrib-crypto-js-dynamic and node-red-contrib-crypto-js. node-red just doesn't seem clever when it comes to duplicate node names. In this example I have replaced the "hmac" function with a copy called mj_hmac. This can be replaced with the hmac from node-red-contrib-crypto-js-dynamic or failing that you will be unable to pass the tuya secret key as a parameter and will have to enter it in the hmac node dialog. The second issue is that tuya authorisation is on a fixed timeout of two hours.  If you refresh the key at 1 hour and 59 minutes it will only be valid for 1 minute. This flow keeps track of the time remaining and refreshes just after expiry. I have not seen errors since. However as a backup plan I do have sub flows that if they see an error reauthenticate. If anyone is reading and interested I can post them as well. [ { "id" : &qu
Read more

node-red a full home automation example

-
 I'm not putting this publicly on github quite yet, though feel free to ask. It is my attempt to put my home automation on a dashboard integrated with Alexa, Logitech Harmony and in these days of scary fuel bills my solar panels and consumption monitoring smart plugs. You may or may not want my flows in all their glory, it is my house after all, but the following bits are of note. A reliable Tuya authentication mechanism. Solax solar cloud REST reading. A much extended set of harmony remote integration nodes compared to the original node-red-contrib-harmony repository I forked from. A way to read whether a Virgin TV box is on or off so a power toggle can be sent correctly. Hue lights control. Nothing special but might be easier than starting from scratch. A more useful version of the "sum" node that helps with power aggregation functions. Examples of using the alexa-node-red package so I can talk to Alexa and start node-red flows. A flow to turn an immersion heater on whe
Read more

Arduino boards - what I wish I'd known when starting

-
 Arduino boards are an alternative to raspberry pi boards, for projects that involve custom hardware IO. For example a simple thermistor attached to take temperatures. For that kind of application a full blown computer like the standard raspberry pi range is obviously massive overkill. Well frankly for the purpose of reading a thermistor so is Arduino.  But they are cheap as chips. My starting point was 3x esp32 boards for £21.95 with inbuilt wifi and bluetooth. It's hard to argue at those prices. The boards are at that price clones, but that's the point really, it is an open hardware standard. As such there are a great number of variants. Code written for builtin wifi won't be quite the same for a board where you have added a wifi shield. So how do you program them? Remarkably the default language supported by the public IDE is C++ and as an important note, if you download this for windows, get the full version don't get what the Microsoft store offers you, it lacks ev
Read more