Throughput vs. Area Trade-offs in High-Speed Architectures of Five Round 3 SHA-3 Candidates Implemented Using Xilinx and Altera FPGAs

Homsirikamol, Ekawat; Rogawski, Marcin; Gaj, Kris

doi:10.1007/978-3-642-23951-9_32

Cited by 26 publications

(17 citation statements)

References 7 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Three different architectures were discuss in [9], which are parallel processing of P and Q, unrolling of both P and Q and using nstages pipelining, can be used for high throughput implementation. In unrolling increment in area is too high as compare to throughput, while pipelining can increase latency of the design.…”

Section: Design Methodologymentioning

confidence: 99%

“…The implementation results are 2906 Slices, 7214Mbps throughput and TPA is 2.48. In [9,10] E. Homsirikamol et.al, showed their work with the same approach in [8] and uses 1912 Slices to achieve throughput of 6072Mbps and TPA of 3.18. In [11] B. Baldwin et.al, implemented basic iterative architecture on Virtex-5 FPGA, using Combinational Logic only with I/O wrapper for real world interface.…”

Section: Literature Reviewmentioning

confidence: 99%

See 1 more Smart Citation

Efficient Hardware Implementation of SHA-3 Candidate Grøstl using FPGA

Adnan¹,

Aziz²

2012

IJCA

View full text Add to dashboard Cite

In 2007 NIST announced a public competition to develop a new cryptographic hash algorithm. This competition was announced due to the fact that in recent years, several successful attacks have been reported against SHA-1, thus raised significant alarming conditions against SHA-2. This new algorithm will replace the SHA-2 and can be used in various security applications in the information infrastructure. This paper focuses on efficient implementation of one of the SHA-3 candidates and round-3 finalist Grøstl on FPGA. The aim of this work is to achieve high throughput to area ratio (TPA) simultaneously by achieving high throughput by considering tradeoff between area and speed. The design is implemented as fully autonomous with both permutations P and Q are executed in parallel, and are equipped with I/O wrapper. The developed hardware has two designs, first with S-box is implemented using Look-Up- Table (LUT) or Distributed Memory and second with S-box implemented as Block RAM (BRAM). The implementation results obtained using virtex-5, when S-box is implemented as LUT has a throughput of 9.360Gbps and occupied 2253 Slices including I/O wrapper, thus achieves TPA of 4.154 and when S-box implemented as BRAM has throughput of 5.565Gbps and occupied 1356 Slices with wrapper, thus achieves 4.104 throughput per unit area (TPA) .

show abstract

Section: Design Methodologymentioning

confidence: 99%

Section: Literature Reviewmentioning

confidence: 99%

Efficient Hardware Implementation of SHA-3 Candidate Grøstl using FPGA

Adnan¹,

Aziz²

2012

IJCA

View full text Add to dashboard Cite

show abstract

“…Due to the fact that the subkeys are inserted every four rounds, another approach is the 4-round unrolled alternative that is followed in many works [27], [29], [36][37][38], [41]. Additionally, the fact that the round constants, R, are different for the first eight rounds and then they are repeated every eight rounds, the third alternative for unrolling is the 8-round unrolled one, which is also followed by many researchers, as well as the creators of the Skein family [17], [22], [37][38], [41]. Due to the above facts, all the intermediate possible alternatives with different unrolling factor are considered as non-effective in terms of area because they demand more steering logic for the sub-keys and the rotation constants resulting in an increase of the critical path.…”

Section: Loop-unrolling Explorationmentioning

confidence: 99%

“…Regarding the hardware implementations of Skein, the works presented in literature can be classified in two main categories. The first category includes the works that perform comparative studies among the candidates of NIST's hash competition [24][25][26][27][28][29][30][31][32][33][34][35][36][37][38][39][40][41]. The main goal of these works is not to develop sophisticated architectures but to study the performance of these algorithms when they are implemented in hardware.…”

Section: Introductionmentioning

confidence: 99%

Throughput/Area Trade-Offs of Loop-Unrolling, Functional and Structural Pipeline for Skein Hash Function

Athanasiou¹,

Τσίνγκας²,

Michail³

et al. 2013

CSEIJ

View full text Add to dashboard Cite

show abstract

“…This way, we will be also able to provide comparison for an alternative FPGA family, Stratix III from Altera. [25] x1 (P/Q) 6200 1419 4.37 Gaj et al [16] x1 (P/Q) 6117 1795 3.41 Homsirikamol et al [18] x1 (P/Q) 6072 1912 3.18 Gaj et al [16] /2(v) (P/Q) 3721 1195 3.11 Homsirikamol et al [18] /2(v) (P+Q) 4014 1598 2.51 Gaj et al [16] x1 (P+Q) 7213 2906 2.48 Baldwin et al [2] x1 (P+Q) 7709 3137 2.46 Guo et al [2] x1 (P+Q) 5027 3798 1.32…”

Section: Motivation and Previous Workmentioning

confidence: 99%

A Novel Permutation-Based Hash Mode of Operation FP and the Hash Function SAMOSA

Paul

Homsirikamol

Gaj

2012

Lecture Notes in Computer Science

Self Cite

View full text Add to dashboard Cite

The contribution of the paper is two-fold. First, we design a novel permutationbased hash mode of operation FP, and analyze its security. The FP mode is derived by replacing the hard-to-invert primitive of the FWP mode -designed by Nandi and Paul, and presented at Indocrypt 2010 -with an easy-to-invert permutation; since easy-to-invert permutations with good cryptographic properties are normally easier to design, and are more efficient than the hard-to-invert functions, the FP mode is more suitable in practical applications than the FWP mode.We show that any n-bit hash function that uses the FP mode is indifferentiable from a random oracle up to 2 n/2 queries (up to a constant factor), if the underlying 2n-bit permutation is free from any structural weaknesses. Based on our further analysis and experiments, we conjecture that the FP mode is resistant to all non-trivial generic attacks with work less than the brute force, mainly due to its large internal state. We compare the FP mode with other permutation-based hash modes, and observe that it displays the so far best security/rate trade-off.To put this into perspective, our second contribution is a proposal for a concrete hash function SAMOSA using the new mode and the P -permutations of the SHA-3 finalist Grøstl. Based on our analysis we claim that the SAMOSA family cannot be attacked with work significantly less than the brute force. We also provide hardware implementation (FPGA) results for SAMOSA to compare it with the SHA-3 finalists. In our implementations, SAMOSA family consistently beats Grøstl, Blake and Skein in the throughput to area ratio. With more efficient underlying permutation, it seems possible to design a hash function based on the FP mode that can achieve even higher performances.

show abstract

Throughput vs. Area Trade-offs in High-Speed Architectures of Five Round 3 SHA-3 Candidates Implemented Using Xilinx and Altera FPGAs

Cited by 26 publications

References 7 publications

Efficient Hardware Implementation of SHA-3 Candidate Grøstl using FPGA

Efficient Hardware Implementation of SHA-3 Candidate Grøstl using FPGA

Throughput/Area Trade-Offs of Loop-Unrolling, Functional and Structural Pipeline for Skein Hash Function

A Novel Permutation-Based Hash Mode of Operation FP and the Hash Function SAMOSA

Contact Info

Product

Resources

About