Say you had a few petabytes of user ids lying around somewhere, and someone told you that they were going to use a few kb of memory to estimate the "cardinality", or the number of distinct ids, of those petabytes of ids with decently high accuracy. It'd feel like magic! The HyperLogLog algorithm makes that magic cardinality estimation happen through the Power of Random Numbers, and some clever use of data structures.
I wanted to set up a mongo-backed hyperloglog, but I really struggled to understand the wikipedia page, the initial paper , or any of the improvements of the HLL++ algorithm  because I didn't really understand the underlying ideas and how they fit together. This post is an attempt to help describe the ideas that make the HyperLogLog work without getting too much into the details.
The Power of Random Numbers
Before we start doing any cardinality estimation, let's flip some coins. I'm going to go into a different room, and for every coin in the room, I'm going to flip that coin until I flip it and it comes up heads. I'm then going to come back and tell you the maximum number of attempts it took me to flip a head. If I tell you the maximum number of attempts it took me before I saw a head was 2, you'd be justified in guessing that there aren't that many coins in the other room. If instead I tell you that one of the coins took me 7 flips before seeing a head, you might guess that there were a decent number of coins in the other room.
This game isn't particularly fun or useful, but we can use the same technique on random numbers. We can look at the maximum number of leading zeros in the binary representation of a random number to get a measure of its "rarity". By this arbitrary measure,
01xxxxxx will both be common, and
0000001x is quite rare. If we play the same game, and I go into another room and look through my random number collection and tell you that the largest stretch of 0s (or tails) I saw before a 1 (or head) was 7, you similarly might guess that my random number collection is quite extensive (and it is).
We can formalize the idea that
000001x is low & therefore relatively rare a little bit more. If we go digit by digit through the number, we can treat each digit as a coin flip, which would have a 50/50 chance of being a 1. So, if we look at the number of leading 0s (the number of flipped "tails") or the number of leading 1s (the number of flipped "heads"), we can get a sense for how rare a particular number is.
- if the number starts with a no
0s (i.e., a
1), that's not that rare: 1/2 of randomly generated numbers start with
- if the number has at least 2
0s followed by a
1, that's more rare: 1/2 ^ 2 randomly generated numbers will start with 2
- if a number has 6 leading zeros, that's even more rare: 1 / 2 ^ 6 randomly generated numbers will start with 6 leading zeros.
1number, rarity200000000, 1 / 2 ^ 8300000001, 1 / 2 ^ 740000001x, 1 / 2 ^ 65000001xx, 1 / 2 ^ 5600001xxx, 1 / 2 ^ 470001xxxx, 1 / 2 ^ 38001xxxxx, 1 / 2 ^ 2901xxxxxx, 1 / 2 ^ 1101xxxxxxx, 1 / 2 ^ 0
Now that we have all that, we can take those "rarity" chances, and come up with some atrociously bad cardinality estimates for how many distinct numbers someone generated. If I say that the maximum number of tails I saw before seeing heads was 1 (
01xxxxxx), guessing that I'd seen somewhere around 2 coins in the other room feels reasonable. If instead I told you that the maximum number of tails I saw before seeing a head was 3 tails (
0001xxxx), I probably flipped about 8 different coins.
This estimator is incredibly inaccurate, and only works on numbers, but at least it's small!
(It's worth noting that we could have chosen to look at any pattern in these numbers for our rarity guesses. Trailing 0s, leading 1s, or any other pattern that we can turn into a chance)
Inaccurate string estimation
Going from an awful estimator that works on randomly small generated numbers to an awful estimator that works on randomly generated strings is simple! We can use a hash function on the strings to generate pseudo-randomly distributed numbers, and use that for counts of leading zeros. We'll also start using numbers that go up to 2^32 to have a few more leading zeros to work with for larger estimates.
Let's say we were going through the dictionary and we ran into the word "hello":
- We use a hashing function to generate a random number:
md5 -s 'hello':
- We can convert that long hex number to a usable binary number by taking the first 8 characters
01011101010000010100000000101010(1564557354), which has 1 leading 0.
If we go through the dictionary on my computer with this algorithm, we'll run into the word "confervoid" (resembling confervae (a type of algae) especially in being made up of branching filaments) that has an md5 hash that starts with
00003b2e and whose binary representation (
00000000000000000011101100101110) has 18 leading zeros. At this point (which is not actually that far through the dictionary!), our algorithm would estimate that this dictionary has 2^18 (262,144) words in it, and no other word causes our algorithm to exceed this estimate. The dictionary on my computer actually has 235,886 words in it, which is surprisingly close to the ballpark estimate; we got quite lucky. In general, rough estimates like this one can have incredibly high variance, and much of the HyperLogLog algorithm is trying to deal with that variance.
1cat /usr/share/dict/words | \2 xargs -n 1 md5 -s `# generate hashes for all words` | \3 sed -E 's/.+ = //' `# get rid of "MDF (word) = " prefix`| \4 nq --string-input 's => s.slice(0, 8)' | \5 nq 's => Math.clz32(parseInt(s, 16))'| \6 nq --reduce 0 '(max, curr) => curr > max ? curr : max'7# returns 188# md5 is slow, so running this on the full dictionary takes a bit
(nq is a little library that makes it easier to use node syntax on the command line)
The Wisdom of the Buckets
Only tracking a single estimate for the cardinality of a set can lead to estimates with incredibly high variance. The insight behind the LogLog family of cardinality estimators is that you can track multiple estimates, and then average them together in some way.
One simple way of keeping multiple estimates is using multiple hashing functions (or using the same hashing function with different seeds) to generate different pseudorandom numbers. You can then average the estimates together to get a decent final estimate. You can even improve the estimate a bit if you throw away some of the outlying estimates, or if you simply take the median estimate.
Rather than hashing the same value multiple times, the HyperLogLog algorithm instead hashes the value once. It uses part of the randomly generated number to choose an estimate to update, and the rest to calculate that same count of leading zeros. If we take our same 'hello' example from before:
- We use a hashing function to generate a random number:
md5 -s 'word':
- Let's take the first character to choose which estimate to update (
0-f): we'll update estimate
c. Because we're using the first character to decide on which estimate to update, that means that we'll end up with 16 estimates.
- We then take the next 8 characters
47d18706to calculate the number of leading zeros (it happens to have 1 leading zero). If that's more leading zeros than the current estimate has, we'll update the estimate.
Then, once we have those estimates, we need to combine them together. One relatively naive way of sticking them together could be something like taking the median estimate and then multiplying it by the number of estimates:
estimate = median_estimate * number_of_estimates. When people looked at this problem carefully, they figured out a better algorithm to figure out how to combine those partial estimates into an estimate of the whole. The formula they came up with is:
estimate = number_of_estimates * harmonic_mean_of_estimates * magic_collisions_constant. Harmonic means are relatively insensitive to outliers, and the magic constant adjusts for the chance that multiple values hash to the same bucket & value.
Dealing with small cardinalities
If you test out this HyperLogLog algorithm, you'll start noticing variance is quite high for low cardinalities (meaning the estimates for smaller sets can be pretty far off). The algorithm described above starts being decently accurate around
3 * number_of_estimates, and many implementations keep around 2^14 = 16,384 distinct estimates, which means this algorithm is inaccurate below ~50k. That's a pretty big range to be inaccurate!
(Redis's implementation of hyperloglog includes formulae improvements described in New cardinality estimation algorithms for HyperLogLog sketches that reduce variance and improve the accuracy of how you stick the different estimates together, but most implementations & discussions I've seen online use Linear Counting instead)
estimate = number_of_estimates * harmonic_mean_of_estimates * magic_collisions_constant formula has high variance for low cardinalities, so let's not use it at all when estimated cardinalities are low. Other algorithms, like Linear Counting, work quite well when you know the range of cardinalities that you'll want accurate estimates for, and take up very little memory.
Linear Counting is a beautiful little algorithm: set up a lot of zeros or "buckets" (say 2^32 of them). Whenever a value (like "world") comes in, hash it to a pseudo-random number (like
5d41402a = 1564557354), modulo it by the number of zeros, and then put a 1 (a "marker") at that spot. A naive counting technique would be to just count the number of markers, and this works pretty well! A more accurate counting technique is to include the chance that you're seeing a hash collision from two different values, which increases as you add more items, and use the formula
-total_bucket_count * log(buckets_at_0 / total_bucket_count).
Rather than having separate Linear Counting buckets, and HyperLogLog estimates, almost all HyperLogLog implementations have their estimates (or "registers") perform double duty. The presence of any value in a bucket is used as a Linear Counting marker when estimated cardinality is low. This saves space, and is beautiful, and wonderfully clever. But, if you wanted increased accuracy at low cardinalities, you could set up a completely distinct Linear Counter for low cardinalities and increase the cardinality estimator's size a bit.
Dealing with large cardinalities
Most HyperLogLog implementations use 2^64 bit estimators that are accurate up to ~2^57, which is such an absurdly large number that the theoretical bias here shouldn't be an actual concern. You can use a bias correction table (described in ), or a better formula (described in ), but almost every use case won't need to worry about counting numbers that large.
Counting this all up
Despite what the Wikipedia article might have you believe, HyperLogLogs boil down to few simple things:
- Looking at the rarity of random patterns from hashed functions give us rough cardinality estimates
- Figuring out some way to average estimates reduces variance. Using a harmonic mean has so far proved to be a good estimate averaging technique
- Even averaged estimates have high variance at low cardinalities, so we should use a completely different algorithm there that has nothing whatsoever to do with the zero counting and averaging algorithm except that it can take advantage of the same data store (Linear Counting)
Hopefully, that bit of background makes future readings about HyperLogLogs more intelligible. There's some great stuff out there!
 Philippe Flajolet, Eric Fusy, Olivier Gandouet, et al. HyperLogLog: the analysis of a near-optimal cardinality estimation algorithm http://algo.inria.fr/flajolet/Publications/FlFuGaMe07.pdf
 Stefan Heule, Marc Nunkesser, Alex Hall HyperLogLog in practice: algorithmic engineering of a state of the art cardinality estimation algorithm https://dl.acm.org/doi/abs/10.1145/2452376.2452456)
: Otmar Ertl, New cardinality estimation algorithms for HyperLogLog sketches https://arxiv.org/abs/1702.01284