CSDL Home IEEE Transactions on Dependable and Secure Computing 2009 vol.6 Issue No.04 - October-December

Subscribe

Issue No.04 - October-December (2009 vol.6)

pp: 255-268

Harris E. Michail , University of Patras, Rion

Athanasios P. Kakarountas , University of Patras, Rion

Athanasios S. Milidonis , University of Patras, Rion

Costas E. Goutis , University of Patras, Rion

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/TDSC.2008.15

ABSTRACT

Many cryptographic primitives that are used in cryptographic schemes and security protocols such as SET, PKI, IPSec, and VPNs utilize hash functions, which form a special family of cryptographic algorithms. Applications that use these security schemes are becoming very popular as time goes by and this means that some of these applications call for higher throughput either due to their rapid acceptance by the market or due to their nature. In this work, a new methodology is presented for achieving high operating frequency and throughput for the implementations of all widely used—and those expected to be used in the near future—hash functions such as MD-5, SHA-1, RIPEMD (all versions), SHA-256, SHA-384, SHA-512, and so forth. In the proposed methodology, five different techniques have been developed and combined with the finest way so as to achieve the maximum performance. Compared to conventional pipelined implementations of hash functions (in FPGAs), the proposed methodology can lead even to a 160 percent throughput increase.

INDEX TERMS

Authentication, VLSI, security and privacy protection, security, integrity, protection.

CITATION

Harris E. Michail, Athanasios P. Kakarountas, Athanasios S. Milidonis, Costas E. Goutis, "A Top-Down Design Methodology for Ultrahigh-Performance Hashing Cores",

*IEEE Transactions on Dependable and Secure Computing*, vol.6, no. 4, pp. 255-268, October-December 2009, doi:10.1109/TDSC.2008.15REFERENCES

- [1]
Introduction to Public Key Technology and the Federal PKI Infrastructure, NIST, US Dept. Commerce, SP 800-32, 2001.- [2]
Guide to IPSec VPN's, SP800-77, NIST, US Dept. Commerce, 2005.- [3] L. Loeb,
Secure Electronic Transactions: Introduction and Technical Reference. Artech House, 1998.- [4] D. Johnston and J. Walker, “Overview of IEEE802.16 Security,”
IEEE Security and Privacy, May-June 2004.- [5] I. Mironov,
Hash Functions: Theory, Attacks, and Applications. Microsoft Research, Silicon Valley Campus, Oct. 2005.- [6] S. Thomas,
SSL and TLS Essentials: Securing the Web. John Wiley and Sons, 2000.- [7]
The Keyed-Hash Message Authentication Code (HMAC '07), FIPS 198-1, FIPS Publication 180-1, NIST, US Dept. Commerce, 2007.- [9] A. Dandalis and V. Prasanna, “An Adaptive Cryptographic Engine for IPSec Architectures,”
ACM Trans. Design Automation of Electronic Systems, vol. 9, no. 3, pp. 333-353, July 2004.- [10] B. Schneier,
Applied Cryptography—Protocols, Algorithms and Source Code in C, second ed. John Wiley and Sons, 1996.- [11] K.S. McCurley, “A Fast Portable Implementation of the Secure Hash Algorithm, Technical Report SAND93-2591, Sandia Nat'l Laboratories, 1994.
- [12] J. Nakajima and M. Matsui, “Performance Analysis and Parallel Implementation of Dedicated Hash Functions,”
LNCS, vol. 2332, pp. 165-180, 2002.- [13] K. Ballard,
DigestIT 2004, http://digestit.kennethballard.com/blog/ index.php?/archivesP2.html, 2004.- [15] A. Hodjat and I. Verbauwhede, “A 21.54 Gbits/s Fully Pipelined AES Processor on FPGA,”
Proc. IEEE Symp. Field-Programmable Custom Computing Machines Systems (FCCM '04), pp. 308-309, 2004.- [16] R.L. Rivest,
The MD5 Message Digest Algorithm, IETF Network Working Group, RFC 1321, 1992.- [17]
Secure Hash Standard, FIPS 180-1, FIPS Publication 180-1, NIST, US Dept. Commerce, 1995.- [18] H. Dobertin, A. Bosselaers, and B. Prennel, “RIPEMD-160: A Strengthened Version of RIPEMD,”
LNCS, vol. 1039, Springer, pp. 71-82, 1996.- [19]
Secure Hash Standard, FIPS 180-2, FIPS Publication 180-1, NIST, US Dept. Commerce, 2002.- [20] X. Wang, Y.L. Yin, and H. Yu, “Finding Collisions in the Full SHA1,”
LNCS, vol. 3621, Springer, pp. 17-36, 2005.- [21] H. Dobbertin, “The Status of MD5 after a Recent Attack,”
RSALabs' CryptoBytes, vol. 2, no. 2, 1996.- [23] R. Hoare, P. Menon, and M. Ramos, “427 Mbits/sec Hardware Implementation of the SHA-1 Algorithm in an FPGA,”
Proc. IASTED Int'l Conf. Comm. and Computer Networks (CCN '02), pp. 188-193, 2002.- [24] T. Grembowski, R. Lien, K. Gaj, N. Nguyen, P. Bellows, J. Flidr, T. Lehman, and B. Schott, “Comparative Analysis of the Hardware Implementations of Hash Functions Sha-1 and Sha-512,”
Proc. Information Security Conf. (ISC '02), vol. 2433, pp. 75-89, 2002.- [25] J.M. Diez, S. Bojanic, C. Carreras, and O. Nieto-Taladriz, “Hash Algorithms for Cryptographic Protocols: FPGA Implementations,”
Proc. Telecomm. Forum (TELEFOR), 2002.- [27] N. Sklavos, E. Alexopoulos, and O. Koufopavlou, “Networking Data Integrity: High Speed Architectures and Hardware Implementations,”
IAJIT J., vol. 1, no. 0, pp. 54-59, 2003.- [28] R. Lien, T. Grembowski, and K. Gaj, “A 1 Gbit/s Partially Unrolled Architecture of Hash Functions SHA-1 and SHA-512,”
LNCS, vol. 2964, pp. 324-338, 2004.- [29] N. Sklavos, P. Kitsos, E. Alexopoulos, and O. Koufopavlou, “Open Mobile Alliance (OMA) Security Layer: Architecture, Implementation and Performance Evaluation of the Integrity Unit,”
New Generation Computing: Computing Paradigms and Computational Intelligence, vol. 23, no. 1, pp. 77-100, Springer-Verlag, 2005.- [31] Y.K. Lee, H. Chan, and I. Verbauwhede, “Throughput Optimized SHA-1 Architecture Using Unfolding Transformation,”
Proc. IEEE 17th Int'l Conf. Application-specific Systems, Architectures and Processors (ASAP '06), pp. 354-359, 2006.- [32] K.K. Ting, S.C.L. Yuen, K.-H. Lee, and P.H.W. Leong, “An FPGA Based SHA-256 Processor,”
LNCS, vol. 2438, pp. 577-585, 2002.- [34] R. Chaves, G.K. Kuzmanov, L.A. Sousa, and S. Vassiliadis, “Improving SHA-2 Hardware Implementations,”
Proc. Workshop Cryptographic Hardware and Embedded Systems (CHES '06), pp. 298-310, 2006.- [37] H. Michail, A. Milidonis, A.P. Kakarountas, and C.E. Goutis, “Novel High Throughput Implementation of SHA-256 Hash Function Through Pre-Computation Technique,”
Proc. IEEE Int'l Conf. Electronics, Circuits and Systems (ICECS), 2005.- [38]
CAST, http://www.cast-inc.comcores, 2008.- [39]
Data Security Products, Helion Technology, http://www.helion tech.comauth.htm, 2008.- [40]
Hashing Algorithm Generator SHA-256: Technical Data Sheet, http://www.cadence.com/datasheetsSHA256_Datasheet.pdf , Cadence, 2008.- [41] T. Kim, W.I. Jao, and S. Tjiang, “Arithmetic Optimization Using Carry-Save-Adders,”
Proc. 35th ACM/IEEE Design Automation Conf. (DAC '98), pp. 433-438, 1998. |