You are on page 1of 3

Hardware Design for SHA-1 Based on FPGA

Zhou Hua Department of Electronics Guizhou University Guiyang, P.R.China

Zhouhua97@gmail.com

Abstract— The SHA-1 algorithm in Hash Function was widely used in TPM hardware design. This paper proposes a design of SHA-1 hash function operations on FPGA hardware implementations. Optimized the structure of the module about the algorithm, which implement the simulation and synthesis. The frequency and resource used was satisfied with the TPM specification. Implement the modules use Hardware Design Language in RTL level, could generate in Soft-Core, which used in Trusted Computing hardware design.

Keywords- SHA-1, TPM, FPGA

I. INTRODUCTION(HEADING 1)

Cryptographic Hash Functions play an important role in modern cryptography as a tool for providing message integrity and authentication. Currently the most common hash functions are the MD5 and the SHA-1. The Trusted Computing Group (TCG) released a specification which defined a fundamental of trusted computing platform, namely a Trusted Platform Module (TPM). TPM could implement as a chip mounted on computer motherboard, and could provide a ‘root’ for all trusted functionality on the computer. SHA-1 engine is an important part of the TPM, figure 1 specifies the TPM structure [1]. In this paper, we propose standard SHA-1 algorithm that implemented by FPGA hardware. Implement the hardware design, simulation and synthesis analysis use Altera FPGA.

design, simulation and synthesis analysis use Altera FPGA. Figure.1. TPM structure in TPM 1.2 specification 1.

Figure.1. TPM structure in TPM 1.2 specification

1. Guizhou Province Natural Science Foundation item: Qian Ke He J Zi (2011)2194

978-1-4577-0321-8/11/$26.00 ©2011 IEEE

2076

Liu Qiao * Department of Electronics Guizhou University Guiyang, P.R.China

liuqiao1955@163.com

II. SHA-1 ALGORITHM

The Secure Hash Standard (SHA) was first publishes by the NIST in 1993, and is known as SHA-0. In 1995 a minor change to SHA-0 known as SHA-1. SHA-1 specifies the Secure Hash Algorithm for computing a condensed representation of a message or a data file. When a message of

any length < 2

a 160-bit output called a message digest [1, 2]. The SHA-1 algorithm is used to compute a message digest for the received version of the message during the process of verifying the signature. Any change to the message in transit will, with very high probability, result in a different message digest, and the signature will fail to verify. The SHA-1 produces a single output message digest (the output hash value) of 160-bit from an input message. The input message is composed by multiple blocks of 512 bits each. Afterwards, the input block is expanded into 80 32-bit

words ( W ), one 32-bit word for each round of the SHA-1

64 bits is input, the SHA-1 algorithm produces

t

processing. Each round computation comprises additions and logical operations, such as bitwise logical operations ( f ) and

bitwise rotations to the left. The function ( f ) calculation depends on the round being

t

t

executed, as well as the value of the constant k , the SHA-1

t

80 rounds are divided into four groups of 20 rounds each.

Table 1 presents the values of

executed, according to the round. In this Table,

the bitwise AND operation and

XOR operation [3]. The initial values of the A to E variables in the beginning of each data block calculation correspond to the value of the current 160-bit hash value, H0 to H4. After the 80 rounds have been computed, the A to E 32-bit values are added to the current Hash values [4].

k and the logical function

t

represents

represents the bitwise

TABLE 1. SHA-1 functions and constants

[4]. k and the logical function t ⊕ ∧ represents represents the bitwise TABLE 1. SHA-1

The Initialization Vector of the hash value for the first block is a predefined constant value. The output digest message is the final hash value, after all the data blocks have been computed. In some higher level applications such as the keyed-Hash Message Authentication Code (HMAC) or when a message is fragmented, the initial hash value may differ from the constant specified in [5, 6]. When message abstract is generated, five 32 bit initial values A, B, C, D, E will be used.

A=0x67452301

B=0xefcdab89

C=0x98badcfe

D=0x10325476

E=0xc3d2e1f0

In the SHA-1 algorithm the computation is performed 80 times (rounds), in each round an 32-bit word obtained from the current data block is used. However, each data block only has 16 32-bits words, resulting in the need to expand the initial data block to obtain the remaining 64 32-bit words. This

expansion is performed by computing, where

the first 16 32-bit words of the i-th data block.

(i)

M denotes

t

16 32-bit words of the i-th data block. ( i ) M denotes t In order

In order to assure that the input message is a multiple of 512 bits, as required by the SHA-1 algorithm, it is necessary to pad the original message. This message padding also comprises the inclusion of the original message dimension to the padded message, which can be used to validate the size of the original message.

III. SHA-1 STRUCTURE

In this paper, we implement the SHA-1 module use Altera FPGA. Cryptographic algorithms such as SHA-1 can be implemented in both software and in hardware. There are tradeoffs between hardware- and software-based implementations [7]. The use of software and hardware both carry advantages in their specific applications. FPGA exhibit characteristics of both hardware and software and is acquiring significant attention due to its high performance and low cost. We use the Top-Down method to design the module, Figure 2 is the SHA-1 module diagram,

design the module, Figure 2 is the SHA-1 module diagram, Figure 2 The SHA-1 module diagram

Figure 2

The SHA-1 module diagram

This SHA-1 module have five main sub-modules, which is Data in module, Wt generator, Hash calculate, Control and Output module. We implement the design in RTL level, and finished the simulation and synthesis.

2077

IV. SIMULATION AND SYNTHESIS ANALYSIS

The module is designed use Verilog HDL, we use the TOP-DOWN design and implement the module with Altera FPGA EP1C6Q240C8. Use QuartusII and ModelSim to simulate and synthesis the SHA-1 module, then generate RTL level description circuit and module simulated waveform.

level description circuit and module simulated waveform. Figure.3. Module simulation wave in ModelSim Figure.4.

Figure.3. Module simulation wave in ModelSim

waveform. Figure.3. Module simulation wave in ModelSim Figure.4. Module synthesis report in Quartus II Figure3 is

Figure.4. Module synthesis report in Quartus II

Figure3 is the module simulation by ModelSim, it shows us the timing and the function of the module, and Figure4 is the synthesis report about the module. In the module design, we used 1560LUT and 74 I/O, the system frequency has 59.4 MHz, which satisfied with the TPM specification.

V.

CONCLUSION

SHA-1 module hardware implementation is very important to the TPM design for Trusted Computing research. In this paper we use FPGA hardware implement the SHA-1 module design with the TPM specification from TCG, the HDL design could generate the soft-core, which could use in Trusted Computing hardware design.

References

[1]

TCG.

Trusted

Platform

Module(TPM)

Summary.

https

:www.trustedcomputinggroup.org/.2008,5.

 

[2]

J. CAST: SHA-1 Secure Hash Algorithm Cryptoprocessor Core. http://http://www.cast-inc.com/ (2005)

[3] Jason Reid etc. Privacy and Trusted Computing. 14th International workshop on Database and Expert Systems Applications. (DEXA03),

2003.

2078

[4] Xiaoyun Wang etc. Collisions for Hash Functions MD4, MD5,

[5]

[6]

[7]

HAVAL-128 and REPEMD[A]. Rump session of CryPto04[A] and IACR Eprint archive, August2004 Cheng Xiao-hui etc. Design of SHA-1 Algorithm based on FPGA . SICNC 2010. FIPS 180-2. Secure Hash Standard, August 2002. (NIST). Imtiaz Ahmad , A. Shoba Das; Hardware implementation analysis of SHA-256and SHA-512 algorithms on FPGAs;Computers and Electrical Engineering 31 (2005) 345–360.

analysis of SHA-256and SHA-512 algorithms on FPGAs;Computers and Electrical Engineering 31 (2005) 345–360.
analysis of SHA-256and SHA-512 algorithms on FPGAs;Computers and Electrical Engineering 31 (2005) 345–360.