Networking Data Integrity: High Speed Architectures and Hardware Implementations
Hash functions are widely used in encryption schemes and security layers of communication protocols (wap, ipsec) for data integrity, digital signature and message authentication codes. In addition to the demanded high security level, the need for high performance is a major factor of the security implementations. In this work, an ultra high speed architecture for the hardware implementation of both md5 and sha-1 is proposed. Both hash functions have been developed with vhdl description language and have been integrated in fpga devices. The introduced md5 implementation performance is equal to 2,1 gbps while sha-1 proposed implementation achieves throughput equal to 2,3 gbps. Both proposed implementations are compared in throughput, operating frequency and in the area-delay product, with other related works. From these comparisons, it is proven that the md5 proposed implementation is better by a factor range from 700% to 1500%. The sha-1 proposed implementation is better by about 800% to 1700% in the term of performance, compared with the other conventional works.
[1] Bruce Schneier, Applied Cryptography– Protocols, Algorithms and Source Code in C, Second Edition, John Wiley and Sons, New York, 1996.
[2] Deepakumara J., Heys H. M., and Venkatesan R., “FPGA Implementation of MD5 Hash Algorithm,” in Proceedings of IEEE Canadian Conference on Electrical and Computer Engineering (CCECE'2001), Toronto, Ontario, May 2001.
[3] Dobbertin H., Bosselaers A., and Preneel B., “RIPEMD-160: A strengthened version of RIPEMD,” in Proceedings of Fast Software Encryption, LNCS 1039, Springer-Verlag, pp. 71-82, 1996.
[4] Dominikus S., “A Hardware Implementation of MD4-Family Hash Algorithms,” proceedings of IEEE International Conference on Electronics Circuits and Systems (ICECS’02), Dubrovnik, Croatia, September 15-18, 2002.
[5] HMAC Standard, National Institute of Standards and Technology, The Keyed-Hash Message Authentication Code, http://csrc.nist.gov/ publications/fips/dfips- HMAC.pdf, 2003.
[6] Kitsos P., Sklavos N., and Koufopavlou O., “An Efficient Implementation of the Digital Signature Algorithm,” in Proceedings of IEEE International Conference on Electronics Circuits and Systems (ICECS’02), Croatia, vol. 3, pp. 1151-1154, September 15-18, 2002.
[7] Menezes A., Oorchot P., and Vanstone S., Handbook of Applied Cryptography, CRC Press, October 1997.
[8] National Institute of Standards and Technology (NIST), Digital Signature Standard, FIPS PUB 186-2, http://csrc.nist.gov/publications/fips/fips 186- 2.htm, 2003.
[9] Roe M., “Performance of Block Ciphers and Hash Functions-One Year Later,” in Proceedings of Second International Workshop for Fast Software Encryption ’94, Leuven, Belgium, December 14-16, 1994.
[10] Rivest R., The MD5 Message-Digest Algorithm, RFC 1321, MIT LCS and RSA Data Security Inc., April 1992.
[11] SHA-1 Standard, National Institute of Standards and Technology (NIST), Secure Hash Standard, FIPS PUB 180-1, www.itl.nist.gov/fipspubs/fip180-1, 2003.
[12] Stinson D. R., Cryptography: Theory and Practice, CRC Press LLC, 1995.
[13] Touch J. D., “Performance Analysis of MD5,” in Proceedings of ACM SIGCOMM’95, Cambridge, Massachusetts, 1995.
[14] Xilinx, Virtex, 2.5 V Field Programmable Gate Arrays, San Jose, California, USA, www.xilinx. com, 2003. Nicolas Sklavos received a Diploma in electrical and computer engineering from the University of Patras, Greece, in 2000. He is currently pursuing the PhD degree at Department of Electrical and Computer Engineering, University of Patras, Greece. His research interests include security/cryptography, VLSI and low power design, hardware implementations for wireless communications security and reconfigurable computing architectures. He is an IEEE member and referee of international journals and conferences. He has published many technical papers in the areas of his research. Epaminondas Alexopoulos is a student of the Department of Electrical and Computer Engineering at University of Patras, Greece. His research includes hardware implementations, mobile computing and security. Odysseas Koufopavlou received the Diploma of electrical engineering in 1983 and the PhD degree in electrical engineering in 1990, both from University of Patras, Greece. From 1990 to 1994 he was at the IBM Thomas J. Watson Research Center, Yorktown Heights, NY, USA. He is currently an associate professor with the Department of Electrical and Computer Engineering, University of Patras. His research interests include VLSI, low power design, VLSI crypto systems, and high performance communication subsystems architecture and implementation. Dr. Koufopavlou has published more than 80 technical papers and received patents and inventions in these areas. He served as general chairman for the IEEE ICECS’1999. He is IEEE member.