Junhui Li,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/asicon.2017.8252460

2017-01-01

Abstract:The Keyed-Hash Message Authentication Codes (HMAC) is a widely used method to ensure the integrity and authentication of data. In this paper an FPGA-based efficient processor of the Keyed-Hash Message Authentication Codes (HMAC) using the Secure Hash Algorithm3-224 (SHA3-224) is presented. Any length of message and key can be processed by this processer. To achieve the high throughput which can reach up to 2.3Gbps, some optimizations such as pre-process, key reusing and two SHA-3 cores cooperation are employed. As a result, this proposed HMAC processor is applicable for a wide range of performance-oriented security systems.

Jia-wei Ma,Xu-guang Guan,Tong Zhou,Tao Sun

DOI: https://doi.org/10.1109/asicon.2017.8252479

2017-01-01

Abstract:With the application of Hash-based Message Authentication Code(HMAC) in the field of security, the research on its Side Channel Attack(SCA) has been paid more and more attention. In this paper, a new countermeasure against side channel attack for HMAC-SM3 is proposed, which uses the ring oscillator technology to construct the power disorder module. Through analyzing the power consumption of the improved HMAC-SM3 hardware circuit on FPGA, we proved the effectiveness of this countermeasure. Compared with the traditional masking protection technique, the power disorder module has the advantages of simpler design, less hardware cost, and no influence on the performance at all.

Junhui Li,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/edssc.2017.8126543

2017-01-01

Abstract:The Keyed-Hash Message Authentication Codes(HMAC) is a useful mechanism for message authentication. In this paper, a high-performance HMAC/SHA-3 processor which can generate HMAC message digest and hash message digest is presented. Not only the standard length (224,256,384,512) of the message digest can be generated, but also a length of 64-bit message digest. Due to the application of new generation Hash function, the performance, in term of area and throughput, achieve a greatly improvement.

Ye Yuan,Kai-ge Qu,Li-ji Wu,Jia-wei Ma,Xiang-min Zhang

DOI: https://doi.org/10.1631/fitee.1800312

IF: 2.526

2019-01-01

Frontiers of Information Technology & Electronic Engineering

Abstract:Hash-based message authentication code (HMAC) is widely used in authentication and message integrity. As a Chinese hash algorithm, the SM3 algorithm is gradually winning domestic market value in China. The side channel security of HMAC based on SM3 (HMAC-SM3) is still to be evaluated, especially in hardware implementation, where only intermediate values stored in registers have apparent Hamming distance leakage. In addition, the algorithm structure of SM3 determines the difficulty in HMAC-SM3 side channel analysis. In this paper, a skillful bit-wise chosen-plaintext correlation power attack procedure is proposed for HMAC-SM3 hardware implementation. Real attack experiments on a field programmable gate array (FPGA) board have been performed. Experimental results show that we can recover the key from the hypothesis space of 2256 based on the proposed procedure.

Xin Zhou,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/asid52932.2021.9651693

2021-01-01

Abstract:As the computing power of quantum computers continues to improve, the security of the mathematical problems on current-used cryptographic algorithm are facing more and more serious challenge. It is necessary to formulate the standard of post-quantum cryptographic algorithm. Classic McEliece is one of the 7 candidates entering the Round 3 of NIST PQC contest. In the decryption module of Classic McEliece, H module uses the SHA-3 algorithm. As a new generation of hash algorithm, SHA-3 algorithm uses the Keccak sponge function, which has the advantages of higher speed, higher throughput and stronger security. Keccak truly realizes the processing of input information of any length, and can also generate hash values of any length. In the future, SHA-3 will be applied to more fields, so the high-performance and flexible implementation of the SHA-3 is especially important. This paper analyzed the four SHA-3 algorithms, and integrated the four algorithm standards into one implementation for Classic McEliece. The Xilinx Zynq-7000 series FPGA is chosen as the implementation and verification platform, and the performance are compared with the algorithm implementation of Keccak official team.

Xufan Wu,Shuguo Li

DOI: https://doi.org/10.1109/edssc.2017.8126446

2017-01-01

Abstract:In this paper, we propose two different hardware structure of SHA-3 hash algorithm for different width of circuit interface. They both support the four functions SHA3-224/256/384/512 of SHA-3 algorithm. The padding unit of our design is also implemented by hardware instead of software. Besides, a 3-round-in-1 structure is proposed to speed up the throughput of our circuit. We conduct an implementation based in SMIC 65 nm technology, SHA3-224, SHA3-256, SHA3-384 and SHA3-512 achieve the throughput of 65.5 Gbps, 61.8 Gbps, 47.2 Gbps and 32.7 Gbps respectively which are better than the reported designs.

Argyrios Sideris,Theodora Sanida,Minas Dasygenis

DOI: https://doi.org/10.1007/s13389-023-00334-0

2023-09-01

Journal of Cryptographic Engineering

Abstract:In sensitive communications, the cryptographic hash function plays a crucial role, including in the military, healthcare, and banking, ensuring secure transmission by verifying data integrity and carrying out other vital tasks. Compared to other cryptographic hash algorithms, such as SHA-1 and SHA-2, the Keccak hash function (SHA-3) boasts superior hardware performance and is more resilient to modern cryptanalysis techniques. Nonetheless, hardware performance enhancements, such as boosting speed or reducing area usage, are constantly required. This research focuses on increasing the Keccak hash algorithm's throughput rate by introducing a novel architecture that reduces the total number of clock cycles required to obtain the result of a hash function. Additionally, the new simplified structure of the round constant (RC) generator design assures a reasonably low area and achieves the highest throughput and efficiency. Thus, when implemented, it achieved the highest throughput of 19.515 Gbps, 24.428 Gbps, 33.393 Gbps, and 36.358 Gbps on FPGA devices with the Virtex-5, Artix-7, Virtex-6, and Virtex-7, respectively. Finally, our approach is compared to recently published designs.

computer science, theory & methods

Zhenhao He,Liji Wu,Xiangmin Zhang

DOI: https://doi.org/10.1109/icasid.2018.8693229

2018-01-01

Abstract:In order to speed up the HMAC SHA-256 algorithm, this paper proposes a three-stage pipeline hardware implementation of this algorithm. The 3:2 compressor is used to optimize the critical path delay of the hardware. The synthesis verification is performed on Altera’s Cyclone II FPGA platform. The throughput rate reaches 875.22Mbps. After that, the simulation of the correlation power analysis (CPA) is carried out to recover the key of the designed HMAC SHA-256 hardware by using 4000 simulated energy traces, which proves the design’s shortcomings in resisting the power analysis attack. Therefore, a masking scheme is proposed for this CPA attack, and its FPGA synthesis is also fulfilled. The throughput rate of the masked HMAC SHA-256 algorithm reaches 655.66Mbps, which is 25% lower than the one without masking.

Bing-qing CAI,Guo-qiang BAI

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2015.07.004

2015-01-01

Abstract:An implementation of the HMAC algorithm with an underlying hash function SM 3 is presented . Multiplexed module SM3 and carry‐save adder are applied in this implementation to achieve a better performance .

Limin Guo,Lihui Wang,Dan Liu,Weijun Shan,Zhimin Zhang,Qing Li,Jun Yu

DOI: https://doi.org/10.1109/cis.2015.91

2015-01-01

Abstract:The HMAC algorithm involves a hash function with a secret key. And SM3 is the only standard hash algorithm of China. HMAC-SM3 algorithm is based on the mixing of different algebraic operations, such as XOR and addition modulo 2(32), thus the classical side-channel attacks on it are mainly against these basic group operations and need to exploit multiple leakage models. Therefore, the attack procedures are complicated. What's more, it is difficult to recover the whole inner keyed state if the noise level of the target implementation are relatively high. In this paper, we present a chosen-plaintext differential power analysis attack on HMAC-SM3. The new proposed chosen-plaintext attack method is simply against modulo addition operation and can be easily carried out by collecting power consumption traces four times while certain chosen messages are processed by the target device separately. Experimental results are given using an implementation of HMAC-SM3 algorithm in a smart card.

Limin Guo,Lihui Wang,Qing Li,Zhimin Zhang,Dan Liu,Weijun Shan

DOI: https://doi.org/10.2991/iset-15.2015.25

2015-01-01

Abstract:HMAC algorithm is one of the most famous keyed hash functions, and widely utilized. And SM3 is the only standard hash algorithm of China. However, most cryptographic algorithms implementations are vulnerable against side channel attacks. But specific side channel attacks on HMAC-SM3 have not been given so far. This paper presents a first-order DPA attack on HMAC-SM3. HMAC-SM3 hash algorithm is based on the mixing of different algebraic operations, such as XOR and addition modulo 2(32), thus the proposed DPA attack is mainly against these basic group operations. Experimental results are given by attacking an implementation of HMAC-SM3 in a smart card, which demonstrate the practicability of such attacks described in this paper.

Junshang Li,Zishang He,Yajie Qin

DOI: https://doi.org/10.1109/asicon47005.2019.8983530

2019-01-01

Abstract:One of the major issues in implementation of hash functions algorithm is how to decrease the critical path delay and required area effectively. How to expand flexibility, generality and integrity are also important issues as well. As more information are stored and processed on the general-purpose microcontroller in the edge of internet of things (IoT), more efficient data encryption must be ensured. Before encryption of large data sets, it is preferred that the encryption is adapt to asynchronous operation for different volume and arrival data rate. In this paper, an asynchronous SHA-256 hardware accelerator with 32 computation clock cycles for each block is proposed and is at liberty to buffer intermediate hash values, which provides high throughput, robust transmission, adjustable computation frequency and is also easily integrated to microcontroller. The proposed design was implemented in SMIC 40nm technology and performed simulation and verification with Synopsys VCS. The results of post-synthesis simulation show the throughput up to 3.6Gbps.

Cankun Zhao,Hang Zhao,Jiangxue Liu,Bohan Yang,Wenping Zhu,Shuying Yin,Min Zhu,Shaojun Wei,Leibo Liu

DOI: https://doi.org/10.46586/tches.v2024.i4.231-257

2024-01-01

Abstract:SHA-3, the latest hash standard from NIST, is utilized by numerous cryptographic algorithms to handle sensitive information. Consequently, SHA-3 has become a prime target for side-channel attacks, with numerous studies demonstrating successful breaches in unprotected implementations. Masking, a countermeasure capable of providing theoretical security, has been explored in various studies to protect SHA-3. However, masking for hardware implementations may significantly increase area costs and introduce additional delays, substantially impacting the speed and area of higher-level algorithms. In particular, current low-latency first-order masked SHA-3 hardware implementations require more than four times the area of unprotected implementations. To date, the specific structure of SHA-3 has not been thoroughly analyzed for exploitation in the context of masking design, leading to difficulties in minimizing the associated area costs using existing methods. We bridge this gap by conducting detailed leakage path and data dependency analyses on two-share masked SHA-3 implementations. Based on these analyses, we propose a compact and low-latency first-order SHA-3 masked hardware implementation, requiring only three times the area of unprotected implementations and almost no fresh random number demand. We also present a complete theoretical security proof for the proposed implementation in the glitch+register-transition-robust probing model. Additionally, we conduct leakage detection experiments using PROLEAD, TVLA and VerMI to complement the theoretical evidence. Compared to state-of-theart designs, our implementation achieves a 28% reduction in area consumption. Our design can be integrated into first-order implementations of higher-level cryptographic algorithms, contributing to a reduction in overall area costs.

Xiao CAI,Shu-guo LI

DOI: https://doi.org/10.19304/j.cnki.issn1000-7180.2015.09.020

2015-01-01

Abstract:Data integrity and authenticity are very important in field of information security.HMAC-MD5 algorithm is one of the algorithms that achieve this target.The performance of its software implementation is very low and its FPGA hardware implementation is much higher.For the sake of higher throughput,this paper propose a two-to-one structure.As the result,it costs only 33 cycles to process 5 12 bits data.At the same time,the design support three kinds of mode:HMAC-MD5 computation with Key,HMAC-MD5 computation without key,MD5 computation. The design contains many optimization strategies such as pre-computation, microinstruction controller, the resources reuse etc.After synthesizing by Quartus II 13.0 on Stratix III devices,the clock frequency reaches 100 MHz,the throughput reaches 1.55 Gb/s and 1 120 ALUTs logic resources have been used.

Jianwei Yang,Weizhen Wang,Zhicheng Xie,Jun Han,Zhiyi Yu,Xiaoyang Zeng

DOI: https://doi.org/10.1109/asicon.2017.8252635

2017-01-01

Abstract:In August 2015, SHA-3 Standard was published as the next generation of Secure Hashing Algorithm. Several optimized implementations of SHA-3 on a 24-core processor with software and hardware co-design are proposed in this paper. For software designs, a 4-core mapping scheme with shared-memory reduces the delay time by exploring the internal parallelism of the algorithm; the scheme of 5 cores with packet router improves flexibility; and 24-core mapping with circuit router fully explores the parallelism with higher energy efficiency. Hardware approaches: specific instructions and novel latch-based accelerators, are proposed to improve performance and energy efficiency. The three software mappings provide a speedup of 3.1, 3.6 and 19.6, respectively. Almost 2 times better performance and energy efficiency are obtained with three specific instructions. The implementation of 4 latch-based accelerators achieves a throughput of 81.9 Gbps at 850MHz with 3.7 pJ/bit energy consumption per bit.

Ye Hu,Liji Wu,An Wang,Beibei Wang

DOI: https://doi.org/10.1109/CIS.2014.176

2014-01-01

Abstract:This paper focuses on the circuit design for SM3, which is the only standard hash algorithm of China. This paper presents a new VLSI architecture of SM3 for financial IC card. Since there is no such hardware implementation in literature, our work is the first one to integrate SM3 into financial IC card. In accordance with the technical specifications and based on SMIC 0.13um technology, the circuit design, behavioral simulation, gate-level simulation, power analysis, and the FPGA verification are all implemented. The results show that the SM3 IP core design is correct and feasible. Comprehensive validation results show that the design is within the area of 11000 gates and the power of 1mA @ 1.2V, suitable for financial IC card, which require small area and low power, and far below the design specifications.

Jinli Rao,Tianyong Ao,Shu Xu,Kui Dai,Xuecheng Zou

DOI: https://doi.org/10.1587/transinf.2017icp0019

2018-01-01

IEICE Transactions on Information and Systems

Abstract:Data integrity is a key metric of security for Internet of Things (IoT) which refers to accuracy and reliability of data during transmission, storage and retrieval. Cryptographic hash functions are common means used for data integrity verification. Newly announced SHA-3 is the next generation hash function standard to replace existing SHA-1 and SHA-2 standards for better security. However, its underlying Keccak algorithm is computation intensive and thus limits its deployment on IoT systems which are normally equipped with 32-bit resource constrained embedded processors. This paper proposes two efficient SHA-3 ASIPs based on an open 32-bit RISC-V embedded processor named Z-scale. The first operation-oriented ASIP (OASIP) focuses on accelerating time-consuming operations with instruction set extensions to improve resource efficiency. And next datapath-oriented ASIP (DASIP) targets exploiting advance data and instruction level parallelism with extended auxiliary registers and customized datapath to achieve high performance. Implementation results show that both proposed ASIPs can effectively accelerate SHA-3 algorithm with 14.6% and 26.9% code size reductions, 30% and 87% resource efficiency improvements, 71% and 262% better maximum throughputs as well as 40% and 288% better power efficiencies than reference design. This work makes SHA-3 algorithm integration practical for both low-cost and high-performance IoT systems.

Xie Jun,Sun Wei,Gu Dawu,Guo Zheng,Liu Junrong,Bao Sigang,Ma Bo

DOI: https://doi.org/10.2991/csic-15.2015.24

2015-01-01

Abstract:The HMAC algorithm is widely used to provide authentication and message integrity in digital communications. However, if the HMAC cryptographic algorithm is implemented in cryptographic circuit, it is vulnerable to side-channel attacks. A typical example is that in 2007, McEvoy proposed an attack strategy for hardware-based implementation of HMAC-SHA2. In this paper, we research on SM3 cryptographic hash algorithm and propose a DPA attack strategy for the software-based implementation of HMAC-SM3. In the experiment, we launch a successful DPA attack on the practical cryptographic circuit and then discuss the security issues about the software-based implementation of HMAC-SM3.

Liang Han,Bai Guoqiang

DOI: https://doi.org/10.1109/ICSICT.2010.5667763

2010-01-01

Abstract:In order to select a new Standard Hash Algorithm (SHA-3) which supplies more security, a public competition was organized by NIST in 2007. Up to now, 14 candidates have passed the 2nd round. In this paper, we focus on two of these candidate algorithms, namely BLAKE and Shabal. We present the common structure for all the SHA3 candidates. We also design the VLSI circuit and give the hardware evaluations on FPGA and ASIC. Compared with SHA-256 algorithms in the same technology, we found that the SHA3 candidates provide higher throughput but cost more area. Because of raising the complexity of circuit, the efficiency (TP/area) of SHA3 is lower than SHA-256.

Di WU,Tongge XU,Ziyu WANG,Jianwei LIU

DOI: https://doi.org/10.14188/j.1671-8836.2019.02.012

2019-01-01

Abstract:This article analyzes SM3 (Chinese commercial Hash function) in details and develops a high performance hardware implementation based on field programmable gate array (FPGA). We tackled the incomplete message padding problem by integrating hardware style message padding and optimize the performance in the condition of byte input. Our results show that we improve the SM3 hardware implementation in message padding with better throughput and logical resource overhead.