单向散列函数SHA-512的优化设计

在分析NIST的散列函数SHA-512基础上，对散列函数SHA-512中的关键运算部分进行了分解，通过采用中间变量进行预行计算，达到了SHA-512中迭代部分的并行计算处理，提高了运算速度。通过这种新的硬件结构，优化后的散列函数SHA-512在71.5MHz时钟频率下性能达到了1 652Mbit/s的数据吞吐量，比优化前性能提高了约2倍，最后还将实验结果与MD-5、SHA-1商用IP核性能进行了比较。     

Hardware implementation analysis of SHA-256 and SHA-512 algorithms on FPGAs

Hash functions are common and important cryptographic primitives, which are very critical for data integrity assurance and data origin authentication security services. Field programmable gate arrays (FPGAs) being reconfigurable, flexible and physically secure are a natural choice for implementation of hash functions in a broad range of applications with different area-performance requirements. In this paper, we explore alternative architectures for the implementation of hash algorithms of the secure hash standards SHA-256 and SHA-512 on FPGAs and study their area-performance trade-offs. As several 64-bit adders are needed in SHA-512 hash value computation, new architectures proposed in this paper implement modulo-64 addition as modulo-32, modulo-16 and modulo-8 additions with a view to reduce the chip area. Hash function SHA-512 is implemented in different FPGA families of ALTERA to compare their performance metrics such as area, memory, latency, clocking frequency and throughput to guide a designer to select the most suitable FPGA for an application. In addition, a common architecture is designed for implementing SHA-256 and SHA-512 algorithms.     

Implementation of the SHA-2 Hash Family Standard Using FPGAs

The continued growth of both wired and wireless communications has triggered the revolution for the generation of new cryptographic algorithms. SHA-2 hash family is a new standard in the widely used hash functions category. An architecture and the VLSI implementation of this standard are proposed in this work. The proposed architecture supports a multi-mode operation in the sense that it performs all the three hash functions (256, 384 and 512) of the SHA-2 standard. The proposed system is compared with the implementation of each hash function in a separate FPGA device. Comparing with previous designs, the introduced system can work in higher operation frequency and needs less silicon area resources. The achieved performance in the term of throughput of the proposed system/architecture is much higher (in a range from 277 to 417%) than the other hardware implementations. The introduced architecture also performs much better than the implementations of the existing standard SHA-1, and also offers a higher security level strength. The proposed system could be used for the implementation of integrity units, and in many other sensitive cryptographic applications, such as, digital signatures, message authentication codes and random number generators.     

SM3哈希算法的硬件实现与研究

随着信息社会的进一步发展,哈希算法作为保护信息完整性的重要密码算法,它的应用越来越广泛。美国NIST组织已经顺利完成了哈希算法标准SHA0,SHA1和SHA2的征集工作,并且SHA-3的征集工作将于2012年结束。SM3作为国内商业应用中的国家标准哈希算法,于2010年12月公开。本文在硬件平台FPGA上实现了高吞吐率的SM3,经过优化处理SM3在Xilinxv5平台上的吞吐率可以达到1．5Gbps左右,并且就SM3在FPGA上的效率和SHA1,SHA2以及SHA-3的候选算法BLAKE在FPGA平台上的效率做了比较和分析。     

A Top-Down Design Methodology for Ultrahigh-Performance Hashing Cores

Many cryptographic primitives that are used in cryptographic schemes and security protocols such as SET, PKI, IPSec, and VPNs utilize hash functions, which form a special family of cryptographic algorithms. Applications that use these security schemes are becoming very popular as time goes by and this means that some of these applications call for higher throughput either due to their rapid acceptance by the market or due to their nature. In this work, a new methodology is presented for achieving high operating frequency and throughput for the implementations of all widely used—and those expected to be used in the near future—hash functions such as MD-5, SHA-1, RIPEMD (all versions), SHA-256, SHA-384, SHA-512, and so forth. In the proposed methodology, five different techniques have been developed and combined with the finest way so as to achieve the maximum performance. Compared to conventional pipelined implementations of hash functions (in FPGAs), the proposed methodology can lead even to a 160 percent throughput increase.     

可重构散列函数密码芯片的设计与实现

根据不同环境对安全散列算法安全强度的不同要求,采用可重构体系结构的思想和方法,设计一种可重构的散列函数密码芯片。实验结果表明,在Altera Stratix II系列现场可编程门阵列上,SHA-1, SHA-224/256, SHA-384/512的吞吐率分别可达到727.853 Mb/s, 909.816 Mb/s和1.456 Gb/s。     

FPGA上SHA-1算法的流水线结构实现

哈希算法SHA-1算法广泛地应用于电子商务、商用加密软件等信息安全领域。通过对SHA-1算法的深入分析,提出了流水线结构的硬件实现方案。通过缩短关键路径,使用片内RAM代替LE寄存器实现流水线中间变量的数据传递,有效地提高了工作频率和单位SHA-1算法的计算速度。这种硬件结构在Altera系列芯片上的实现性能是Altcra商用SHA-1算法IP核的3倍以上。     

Design and implementation of totally-self checking SHA-1 and SHA-256 hash functions’ architectures

Many cryptographic primitives that are used in cryptographic schemes and security protocols such as SET, PKI, IPSec and VPN's utilize hash functions - a special family of cryptographic algorithms. Hardware implementations of cryptographic hash functions provide high performance and increased security. However, potential faults during their normal operation cause significant problems in the authentication procedure. Hence, the on-time detection of errors is of great importance, especially when they are used in security-critical applications, such as military or space. In this paper, two Totally Self-Checking (TSC) designs are introduced for the two most-widely used hash functions: SHA-1 and SHA-256. To the best of authors’ knowledge, there is no previously published work presenting TSC hashing cores. The achieved fault coverage is 100% in the case of odd erroneous bits. The same coverage is achieved for even erroneous bits, if they are appropriately spread. Additionally, experimental results in terms of frequency, area, throughput, and power consumption are provided. Compared to the corresponding Duplicated with Checking (DWC) architectures, the proposed TSC-based designs are more efficient in terms of area, throughput/area, and power consumption. Specifically, the introduced TSC SHA-1 and SHA-256 cores are more efficient by 16.1% and 20.8% in terms of area and by 17.7% and 23.3% in terms of throughput/area, respectively. Also, compared to the corresponding DWC architectures, the proposed TSC-based designs are on average almost 20% more efficient in terms of power consumption.     

应用于后量子密码的高速高效SHA-3硬件单元设计

随着量子计算技术的高速发展,传统的公钥密码体制正在遭受破译的威胁,将现有加密技术过渡到具有量子安全的后量子密码方案上是现阶段密码学界的研究热点。在现有的后量子密码(Post-Quantum Cryptography,PQC)方案中,基于格问题的密码方案由于其安全性,易实施性和使用灵活的众多优点,成为了最具潜力的PQC方案。SHA-3作为格密码方案中用于生成伪随机序列以及对关键信息散列的核心算子之一,其实现性能对整体后量子密码方案性能具有重要影响。考虑到今后PQC在多种设备场景下部署的巨大需求,SHA-3的硬件实现面临着高性能与有限资源开销相互制约的瓶颈挑战。对此,本文提出了一种高效高速的SHA-3硬件结构,这种结构可以应用于所有的SHA-3家族函数中。首先,本设计将64 bit轮常数简化为7 bit,既减少了轮常数所需的存储空间,也降低了运算复杂度。其次,提出了一种新型的流水线结构,这种新型结构相比于通常的流水线结构对关键路径分割得更加均匀。最后,将新型流水线结构与展开的优化方法结合,使系统的吞吐量大幅提高。本设计基于XilinxVirtex-6现场可编程逻辑阵列(FPGA)完成了原型实现,结果显示,所设计的SHA-3硬件单元最高工作频率可达459 MHz,效率达到14.71 Mbps/Slice。相比于现有的相关设计,最大工作频率提高了10.9%,效率提升了28.2%。     

On the hardware implementation of RIPEMD processor: Networking high speed hashing, up to 2 Gbps

The continued growth of both wired and wireless communications has triggered the revolution for high speed security implementations. RIPEMD hash functions are widely used, in many applications of cryptography. A reconfigurable processor architecture and the VLSI implementation of these functions are proposed in this work. The introduced processor is reconfigurable in the sense that performs alternatively all RIPEMD hash functions. In order to indicate the advantages of the proposed design, each one of these hash functions has also been implemented in a separate hardware device (FPGA). The proposed processor FPGA implementation achieves high speed hashing up to 2 Gbps. Comparing with previous published hardware designs, the proposed processor has higher performance in the range from 22 to 30 times. It also performs much better than the assembly language implementations of the RIPEMD-128 and RIPEMD-160. The proposed processor could be used for the implementation of data integrity units, and in many other sensitive cryptographic applications, such as, digital signatures, message authentication codes and random number generators.     

基于Matlab的Hash算法BLAKE的设计与实现

Hash算法I3工AKE是新一代安全Hash标准SHA-3全球公开征集过程中进入最后一轮的5个候选者之一。 给出一种基于Matlab的带有图形界面GUI的BLAKE程序的设计与实现过程。本程序可用于实际的BLAKE Hash 值的运算,最重要的是为BLAKE的教学与实验提供了更方便直观的工具。     

BLAKE算法的硬件实现研究

随着对MD5和SHA1攻击方法的提出,美国国家标准技术研究所(NIST)组织启动了SHA-3的征集计划,目前已进入第3轮.BLAKE算法进入了最后一轮竞赛,文中首先综述了BLAKE算法从提交到目前为止在硬件评估方面的状况.在此基础上优化了BLAKE压缩函数在FPGA上实现的关键路径,并在FPGA平台上实现了BLAKE算法.和现有的BLAKE算法在FPGA上实现的吞吐率相比,文中实现结构的吞吐率又有提升.     

Cryptographic hash standards: where do we go from here?

Successful attacks against the two most commonly used cryptographic hash functions, MD5 and SHA-1, have triggered a kind of feeding frenzy in the cryptographic community. Many researchers are now working on hash function attacks, and we can expect new results in this area for the next several years. This article discusses the SHA-1 attack and the US National Institute of Standards and Technology's (NIST's) plans for SHA-1 and hash functions in general.     

SHA-3候选算法Keccak的Matlab设计与实现

由KIST发起的新一代Hash函数标准SHA-3的全球公开征集过程目前已进入最后一轮筛选,Kcccak是进入最后一轮的J个候选者之一。介绍了Keccak算法及特点,给出了一种基于Matlab、带有图形界面GUI的Keccak程序设计与实现过程。本程序既可用于实际的Keccak Hash值运算,最重要的是为Keccak的教学与研究提供了一个方便直观的工具。     

SHA2 and SHA-3 accelerator design in a 7 nm technology within the European Processor Initiative

This paper proposes the architecture of the hash accelerator, developed in the framework of the European Processor Initiative. The proposed circuit supports all the SHA2 and SHA-3 operative modes and is to be one of the hardware cryptographic accelerators within the crypto-tile of the European Processor Initiative. The accelerator has been verified on a Stratix IV FPGA and then synthesised on the Artisan 7 nanometres TSMC silicon technology, obtaining throughputs higher than 50 Gbps for the SHA2 and 230 Gbps for the SHA-3, with complexity ranging from 15 to about 30 kGE and estimated power dissipation of about 13 (SHA2) to 26 (SHA-3) mW (supply voltage 0.75 V). The proposed design demonstrates absolute performances beyond the state-of-the-art and efficiency aligned with it. One of the main contributions is that this is the first SHA-2 SHA-3 accelerator synthesised on such advanced technology.     

小面积高性能的SHA-1/SHA-256/SM3IP复用电路的设计

Hash算法的快速发展导致了两个问题,一个是旧算法与新算法在应用于产品时更新换代的问题,另一个是基于应用环境的安全性选择不同算法时的复用问题。为解决这两个问题,实现了SHA-1/SHA-256/SM3算法的IP复用电路,电路采用循环展开方式,并加入流水线的设计,在支持多种算法的同时,还具有小面积高性能的优势。首先,基于Xilinx Virtex-6FPGA对电路设计进行性能分析,电路共占用776Slice单元,最大吞吐率可以达到0.964Gbps。然后,采用SMIC 0.13μm CMOS工艺实现了该设计,最后电路的面积是30.6k门,比单独实现三种算法的电路面积总和减小了41.7%,工作频率是177.62 MHz,最大吞吐率达到1.34Gbps。     

密码杂凑函数及其安全性分析

文章提出了针对密码杂凑函数及其安全性进行研究的重要意义,列举了单向杂凑函数、MD5、SHA-1等技术原理进行了技术分析,并从攻击手段入手,分析了密码杂凑函数的安全性,提出对SHA-1与MD-5的＂破解＂应客观看待的观点。     

Multi-mode operator for SHA-2 hash functions

We propose an improved implementation of the SHA-2 hash family, with minimal operator latency and reduced hardware requirements. We also propose a high frequency version at the cost of only two cycles of latency per message. Finally we present a multi-mode architecture able to perform either a SHA-384 or SHA-512 hash or to behave as two independent SHA-224 or SHA-256 operators. Such capability adds increased flexibility for applications ranging from a server running multiple streams to independent pseudorandom number generation. We also demonstrate that our architecture achieves a performance comparable to separate implementations while requiring much less hardware.     

基于FPGA的SM3算法优化设计与实现

介绍SM3密码杂凑算法的基本流程,基于现场可编程门阵列(FPGA)平台,设计SM3算法IP核的整体架构,对关键逻辑进行优化设计。选用Cyclone系列器件作为目标器件,与现有算法进行实现比较,结果表明SM3算法IP核耗费较少的逻辑单元和存储单元,具有最高的算法效率,可为密码片上系统产品的开发提供算法引擎支持。     

The NIST Cryptographic Workshop on Hash Functions

In light of recent breakthroughs on the cryptanalysis of hash functions, the US National Institute for Standards and Technology (NIST) organized a workshop to solicit input on the current status of the Secure Hash Algorithm-1 (SHA-1) family of hash functions.