Last active
June 18, 2020 13:59
-
-
Save Indigo744/e92356282eb808b94d08d9cc6e37884c to your computer and use it in GitHub Desktop.
PHP Argon2 benchmark
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* Password Argon2 Hash Benchmark | |
* Argon2 is available since PHP 7.2 | |
* | |
* Just upload this script to your server and run it, either through CLI or by calling it in your browser. | |
* | |
* See Argon2 specs https://password-hashing.net/argon2-specs.pdf chapter 9 Recommended Parameters | |
*/ | |
// Upper time limit to check | |
$upperTimeLimit = 2500; | |
$threads = [1, 2, 4]; | |
$time_cost_min = 1; | |
$time_cost_max = 8; | |
$memory_cost_min = 1 << 10; // 1 MB | |
$memory_cost_max = 1 << 18; // 256 MB | |
$password = 'this_is_just_a_long_string_to_test_on_U8WNZqmz8ZVBNiNTQR8r'; | |
if (php_sapi_name() !== 'cli' ) echo "<pre>"; | |
echo "\nPassword ARGON2 Benchmark"; | |
echo "\nWill run until the upper limit of {$upperTimeLimit}ms is reached for each thread value"; | |
echo "\n\nTimes are expressed in milliseconds."; | |
$start = microtime(true); | |
$hash = password_hash($password, PASSWORD_ARGON2I); | |
$time = round((microtime(true) - $start) * 1000); | |
echo "\n\n\nTime with default settings: {$time}ms"; | |
echo "\nHash = $hash"; | |
foreach($threads as $thread) { | |
echo "\n\n\n=Testing with $thread threads"; | |
echo "\n m_cost (MB) "; | |
for ($m_cost = $memory_cost_min; $m_cost <= $memory_cost_max; $m_cost *= 2) { | |
$m_cost_mb = $m_cost / 1024; | |
echo '|' . str_pad($m_cost_mb, 5, ' ', STR_PAD_BOTH); | |
} | |
echo "\n ====================================================="; | |
for ($time_cost = $time_cost_min; $time_cost <= $time_cost_max; $time_cost++) { | |
echo "\n t_cost=$time_cost "; | |
for ($m_cost = $memory_cost_min; $m_cost <= $memory_cost_max; $m_cost *= 2) { | |
$start = microtime(true); | |
password_hash($password, PASSWORD_ARGON2I, [ | |
'memory_cost' => $m_cost, | |
'time_cost' => $time_cost, | |
'threads' => $thread, | |
]); | |
$time = round((microtime(true) - $start) * 1000); | |
if ($time < $upperTimeLimit) { | |
echo '|' . str_pad($time, 5, ' ', STR_PAD_BOTH); | |
} else { | |
echo '|' . str_pad(">LIM", 5, ' ', STR_PAD_BOTH); | |
$m_cost = $memory_cost_max; | |
$time_cost = $time_cost_max; | |
} | |
} | |
} | |
} | |
echo "\n\n"; | |
if (php_sapi_name() !== 'cli' ) echo "</pre>"; |
Results on Linode 1GB - 1CPU
Password ARGON2 Benchmark
Will run until the upper limit of 2500ms is reached for each thread value
Times are expressed in milliseconds.
Time with default settings: 4ms
Hash = $argon2i$v=19$m=1024,t=2,p=2$cXJiMGpaRVBBajFiZml5cQ$hhIj9JiTcBVZKYNuZDKyictTA0g4uZFlDroDGFmNiwE
=Testing with 1 threads
m_cost (MB) | 1 | 2 | 4 | 8 | 16 | 32 | 64 | 128 | 256
=====================================================
t_cost=1 | 1 | 3 | 10 | 13 | 29 | 65 | 127 | 273 | 759
t_cost=2 | 3 | 5 | 10 | 21 | 44 | 103 | 215 | 433 | 934
t_cost=3 | 4 | 7 | 14 | 30 | 65 | 148 | 296 | 616 |1271
t_cost=4 | 5 | 9 | 19 | 38 | 82 | 186 | 391 | 799 |1653
t_cost=5 | 6 | 11 | 23 | 48 | 105 | 229 | 475 |1101 |2141
t_cost=6 | 7 | 13 | 28 | 57 | 126 | 275 | 563 |1425 |2446
t_cost=7 | 8 | 16 | 32 | 66 | 141 | 315 | 679 |1350 |>LIM
=Testing with 2 threads
m_cost (MB) | 1 | 2 | 4 | 8 | 16 | 32 | 64 | 128 | 256
=====================================================
t_cost=1 | 2 | 3 | 5 | 11 | 24 | 62 | 126 | 258 | 525
t_cost=2 | 3 | 5 | 10 | 20 | 42 | 105 | 221 | 433 | 888
t_cost=3 | 5 | 8 | 15 | 30 | 72 | 151 | 303 | 638 |1349
t_cost=4 | 6 | 12 | 21 | 42 | 87 | 213 | 408 | 916 |1657
t_cost=5 | 8 | 13 | 25 | 49 | 101 | 240 | 474 | 981 |2110
t_cost=6 | 10 | 16 | 30 | 62 | 133 | 293 | 616 |1257 |>LIM
=Testing with 4 threads
m_cost (MB) | 1 | 2 | 4 | 8 | 16 | 32 | 64 | 128 | 256
=====================================================
t_cost=1 | 2 | 3 | 6 | 12 | 25 | 63 | 128 | 269 | 531
t_cost=2 | 4 | 6 | 11 | 22 | 46 | 107 | 217 | 439 | 907
t_cost=3 | 6 | 9 | 17 | 32 | 68 | 150 | 312 | 644 |1278
t_cost=4 | 8 | 13 | 22 | 64 | 182 | 409 | 452 | 880 |1716
t_cost=5 | 9 | 15 | 27 | 55 | 110 | 264 | 484 | 982 |2043
t_cost=6 | 11 | 18 | 32 | 63 | 130 | 287 | 583 |1177 |2426
t_cost=7 | 13 | 21 | 39 | 73 | 150 | 330 | 681 |1353 |>LIM
Thought I'd let you know - the filename is misnamed, you spelled agron2
and not argon2
!
@smileytechguy thanks, fixed!
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Here is an example output: