Professional Documents
Culture Documents
Abstract—Today, security is a topic which attacks the great specific chip takes for every algorithm separately. The
interest of researchers. Many encryption algorithms have been advantage of reconfigurable crypto chip combines flexibility
investigated, and developed in the last years. Hash functions of implementing many cryptographic algorithms and ease of
are important security primitives used for authentication and upgrade with the improved physical security and
data integrity. The reconfigurable cryptographic chip is an performance that characterize hardware implementations.
integrated circuit that is designed by means of the method of The purpose of this paper is to present a hardware
reconfigurable architecture, and is used for encryption and implementation of the above five hash algorithms, with the
decryption. It can implement many different cipher algorithms scope of reconfigurable design of computation. We have
flexibly and quickly, and be used in many fields. This work is
devised means to reach the scope that, to our knowledge, are
related to hash functions FPGA implementation. Five different
hash functions SHA-1, SHA-224, SHA-256, SHA-384 and
new and efficient. We don’t yet reach the level of a physical
SHA-512 are studied. A reconfigurable architecture is layout of the circuit, having proved the functionality and the
proposed for the implementation of all of them in the same efficiency at the level of simulation and hardware synthesis.
hardware module. Finally, it gives the implementation results This paper is organized as follows: in Section II the five
based on the FPGA of the family of Stratix II of Altera hash algorithms SHA-1, SHA-224, SHA-256, SHA-384 and
Corporation. The proposed system reaches throughput values SHA-512 are introduced. In the next section the
equal to 727.853Mbps for SHA-1, 909.816Mbps for SHA- reconfigurable design for these hash functions is presented in
224/256, and 1.456Gbps for SHA-384/512 respectively. detail. The implementation results are given in Section IV.
Finally, conclusions are discussed in the last section.
Reconfigurable cryptographic chip, SHA-1/224/256/384/512,
FPGA II. SHA-1/224/256/384/512 ALGORITHM
SHA-1, SHA-224, SHA-256, SHA-384, and SHA-512[3]
I. INTRODUCTION are iterative, one-way security hash functions that can
NIST (The National Institute of Standards and process a message to produce a condensed representation.
Technology) standardized a 160-bit hash function SHA When a message of any length less than 264 bits (for SHA-
(Secure Hash Algorithm) for the use with a digital signature 1/224/256) or less than 2128 bits (for SHA-384/512) is input
algorithm DSS (Digital Signature Standard) in 1993. Soon to a hash algorithm, the result is an output called a message
after that, a way was found to cause collisions in the digest. The message digests range in length from 160 to 512
compression function by analyzing the message expansion bits, depending on the algorithms. Secure hash algorithms
function. In order to counter this, SHA was modified to are typically used with other cryptographic algorithms, such
SHA-1. In 2001, NIST standardized the new block cipher as digital signature algorithms and keyed-hash message
AES to replace the DES that had been used for more than 20 authentication codes, or in the generation of random numbers
years. AES supports three key lengths: 128, 192, and 256 (bits).
bits, whose security levels are higher than SHA-1. In order to The five hash algorithms are called secure because, for a
match these security levels, NIST developed three new hash given algorithm, it is computationally infeasible 1) to find a
functions SHA-256, -384, and -512 whose hash value sizes message that corresponds to a given message digest, or 2) to
are 256, 384, and 512 bits respectively. These hash functions find two different messages that produce the same message
are standardized with SHA-1 as SHS (Secure Hash digest. Any change to a message will, with a very high
Standard), and a 224-bit hash function, SHA-224, based on probability, result in a different message digest. This will
SHA-256, was added to SHS in 2004[1]. result in a verification failure when the secure hash algorithm
Reconfigurable crypto chip[2] deals with data with is used with a digital signature algorithm or a keyed-hash
cryptographic algorithms based on reconfigurable design message authentication algorithm. Given these properties,
idea. Its logic circuits can be reorganized to form different the hash calculation becomes an essential service to be
circuit structures and implement different functions, so as to provided in electronic mail, e-commerce, financial
match different cryptographic algorithms. Moreover, transactions, and software distribution.
reconfigurable architecture is based on the fact that some Each algorithm can be described in two stages:
hardware resources can be reused in different applications, of preprocessing and hash computation. Preprocessing involves
which it consumes are less than the sum of that application padding a message, parsing the padded message into m-bit
382
σ0 σ1
383
TABLE I. SHA-1/224/256/384/512 IMPLEMENTATION RESOURCES AND PERFORMANCES
Maximum Frequency Resource Throughput(Mbps)
Device
(MHz) ALUT registers Pin SHA-1 SHA-224/256 SHA-384/512
EP2S15F484C3 105.664 5887 2124 136 727.853 909.816 1455.706
Algorithm
SHA-1/224
SHA-1 SHA-224 SHA-256 SHA-384 SHA-512
/256/384/512
Resource
Maximum Frequency
171.821 136.780 143.164 128.584 127.535 105.664
(MHz)
After accomplishing the architectural design, each provide a good solution to the practical IPSEC chip
algorithm is implemented as an RTL description using implementation through the performance results. The
Verilog language. The design process continues with the reconfigurable cryptographic chip can be widely applied for
compile using Quartus II 6.0, the simulation using financial and other electronic transactions as well as
Modelsim SE 6.0c and the synthesis using Simplify Pro authentication purposes in a number of communication
8.1[8]. Finally, Altera’s Stratix II[9] family is chosen as the protocols. At the same time, a good trend for researching in
target FPGA. The implemented design is verified to be FIPS saving hardware resources is also presented in this paper.
180-3 compliant. The feature of the designed reconfigurable
SHA-1/224/256/384/512 cryptographic chip is shown in REFERENCES
Table I. [1] Akashi Satoh, Tadanobu Inoue. ASIC-Hardware-Focused
The implementation of SHA-1/224/256/384/512 Comparison for Hash Functions MD5, RIPEMD-160, and
algorithms with the thought and method of the SHS. Proceedings of the International Conference on
reconfigurable architecture can reduce hardware resources Information Technology: Coding and Computing (ITCC’05),
efficiently. In the case of same architecture of the 2005.
reconfigurable SHA-1/224/256/384/512 design, the hardware [2] Renchrr M, Hutchincs B L. Automated target recognition on
resources needed in SHA-1/224/256/384/512, SHA-1, SHA- SPLASH2. IEEE Symposium on Field-Programmable Custom
Computing Machine, 1997: 192-200.
224, SHA-256, SHA-384 and SHA-512 cryptographic chip
are compared in Table II. The selected target FPGA is [3] National Institute of Standards and Technology. Announcing
the Secure Hash Standard. FIPS 180-3, 2007 June.
EP2S15F484C3 of Stratix II.
[4] W.Stallings. Cryptography and Network Security[M]. 1999
V. CONCLUSIONS Prentice-Hall, Inc. Upper Saddle River, New Jersey 07458.2nd
Edition
In this paper, a new reconfigurable architecture to reduce
[5] Yang Xiaohui, Dai Zibin, Liu Yuanfeng & Wang Ting.
the chip size by using the reusable blocks has been Researching and implementation of reconfigurable Hash chip
presented. A reconfigurable SHA-1/224/256/384/512 based on FPGA. Journal of Systems Engineering and
cryptographic chip is designed and mapped in FPGA. The Electronics, Vol. 18, No. 1, 2007, pp. 183~187.
proposed architecture can be reconfigured at runtime to [6] Behrooz Parhami. Computer arithmetic: algorithms and
perform one of the five hash functions. The results of our hardware design. Oxford University Press, 1999.
work show that the proposed reconfigurable architecture has [7] Gaj K, Chodowiec P. Comparison of the hardware
a balance between area and throughput. performance of the AES candidates using configurable
The reconfigurable cryptographic chip is innovative. It hardware. http://csrc.nist .gov/encryption/aes/round2/
overcomes the disadvantage of specific cryptographic chip [8] Diez J M. Hash algorithms for cryptographic protocols: FPGA
that can only implement given cryptographic algorithm, and implementations. 10th Telecommunications Forum
users can select needed algorithms or design new algorithms TELFOR’2002, Belgrade, Yugoslavia, 2002:26-28.
flexibly and expediently. This can improve the flexibility, [9] Altera Corporation. Stratix II Architecture.
safety and expansibility of cryptographic system well, and http://www.Altera.com. 2004.
384