FPGA design and performance analysis of SHA-512, whirlpool and PHASH hashing functions

Hashing functions play a fundamental role in modern cryptography. Such functions process data of finite length and produce a small fixed size output referred to as a digest or hash. Typical applications of these functions include data integrity verification and message authentication schemes. With the ever increasing amounts of data that needs to be hashed, the throughput of hashing functions becomes an important factor. This work presents and compares high performance FPGA implementations of SHA- 512, Whirlpool and a recently proposed parallelizable hash function, PHASH. The novelty of PHASH is that it is able to process multiple data blocks at once, making it suitable for achieving ultra high-performance. It utilizes the W cipher, as described in Whirlpool, at its core. The SHA (SHA-0, SHA-1, SHA-2) family of functions is one of the first widely accepted standards for hashing. According to currently published literature, the fastest SHA-512 (a variant of SHA-2) implementation achieves a throughput of 1550 Mbps. A recently introduced hashing function, Whirlpool, provides comparable security to SHA- 512 and is able to achieve much better performance. According to currently published literature, the fastest Whirlpool implementation achieves a throughput of 4896 Mbps. The proposed PHASH hash function greatly outperforms both SHA-512 and Whirlpool. All implementations are targeted for the state-of-the-art Xilinx Virtex-5 LX330 FPGA. The SHA-512 implementation attains a throughput of 1828 Mbps, and Whirlpool attains 7687 Mbps. PHASH achieves a throughput over 15 Gbps using a singleWcipher instance. Using 8 W cipher instances a throughput over 100 Gbps is achieved and 16 instances provide a throughput over 182 Gbps

Cryptoraptor : high throughput reconfigurable cryptographic processor for symmetric key encryption and cryptographic hash functions

textIn cryptographic processor design, the selection of functional primitives and connection structures between these primitives are extremely crucial to maximize throughput and flexibility. Hence, detailed analysis on the specifications and requirements of existing crypto-systems plays a crucial role in cryptographic processor design. This thesis provides the most comprehensive literature review that we are aware of on the widest range of existing cryptographic algorithms, their specifications, requirements, and hardware structures. In the light of this analysis, it also describes a high performance, low power, and highly flexible cryptographic processor, Cryptoraptor, that is designed to support both today's and tomorrow's encryption standards. To the best of our knowledge, the proposed cryptographic processor supports the widest range of cryptographic algorithms compared to other solutions in the literature and is the only crypto-specific processor targeting the future standards as well. Unlike previous work, we aim for maximum throughput for all known encryption standards, and to support future standards as well. Our 1GHz design achieves a peak throughput of 128Gbps for AES-128 which is competitive with ASIC designs and has 25X and 160X higher throughput per area than CPU and GPU solutions, respectively.Electrical and Computer Engineerin

Study of Data Security Algorithms using Verilog HDL

This paper describes an overview of data security algorithms and its performance evaluation. AES, RC5 and SHA algorithms have been taken under this study. Three different types of security algorithms used to analyze the performance study. The designs were implemented in Quartus-II software. The results obtained for encryption and decryption procedures show a significant improvement on the performance of the three algorithms. In this paper, 128-bit AES, 64-bit of RC5 and 512-bit of SHA256 encryption and Decryption has been made using Verilog Hardware Description Language and simulated using ModelSim

Power Analysis Attacks on Keccak

Side Channel Attacks (SCA) exploit weaknesses in implementations of cryptographic functions resulting from unintended inputs and outputs such as operation timing, electromagnetic radiation, thermal/acoustic emanations, and power consumption to break cryptographic systems with no known weaknesses in the algorithm’s mathematical structure. Power Analysis Attack (PAA) is a type of SCA that exploits the relationship between the power consumption and secret key (secret part of input to some cryptographic process) information during the cryptographic device normal operation. PAA can be further divided into three categories: Simple Power Analysis (SPA), Differential Power Analysis (DPA) and Correlation Power Analysis (CPA). PAA was first introduced in 1998 and mostly focused on symmetric-key block cipher Data Encryption Standard (DES). Most recently this technique has been applied to cryptographic hash functions. Keccak is built on sponge construction, and it provides a new Message Authentication Code (MAC) function called MAC-Keccak. The focus of this thesis is to apply the power analysis attacks that use CPA technique to extract the key from the MAC-Keccak. So far there are attacks of physical hardware implementations of MAC-Keccak using FPGA development board, but there has been no side channel vulnerability assessment of the hardware implementations using simulated power consumption waveforms. Compared to physical power extraction, circuit simulation significantly reduces the complexity of mounting a power attack, provides quicker feedback during the implementation/study of a cryptographic device, and that ultimately reduces the cost of testing and experimentation. An attack framework was developed and applied to the Keccak high speed core hardware design from the SHA-3 competition, using gate-level circuit simulation. The framework is written in a modular fashion to be flexible to attack both simulated and physical power traces of AES, MAC-Keccak, and future crypto systems. The Keccak hardware design is synthesized with the Synopsys 130-nm CMOS standard cell library. Simulated instantaneous power consumption waveforms are generated with Synopsys PrimeTime PX. 1-bit, 2-bit, 4-bit, 8-bit, and 16-bit CPA selection function key guess size attacks are performed on the waveforms to compare/analyze the optimization and computation effort/performance of successful key extraction on MAC-Keccak using 40 byte key size that fits the whole bottom plane of the 3D Keccak state. The research shows the larger the selection function key guess size used, the better the signal-noise-ratio (SNR), therefore requiring fewer numbers of traces needed to be applied to retrieve the key but suffer from higher computation effort time. Compared to larger selection function key guess size, smaller key guess size has lower SNR that requires higher number of applied traces for successful key extraction and utilizes less computational effort time. The research also explores and analyzes the attempted method of attacking the second plane of the 3D Keccak state where the key expands beyond 40 bytes using the successful approach against the bottom plane

Lightweight password hashing scheme for embedded systems

Passwords constitute the main mean for authentication in computer systems. In order to maintain the user-related information at the service provider end, password hashing schemes (PHS) are utilized. The limited and old-fashioned solutions led the international cryptographic community to conduct the Password Hashing Competition (PHC). The competition will propose a small portfolio of schemes suitable for widespread usage until 2015. Embedded systems form a special application domain, utilizing devices with inherent computational limitations. Lightweight cryptography focuses in designing schemes for such devices and targets moderate levels of security. In this paper, a lightweight poly PHS suitable for lightweight cryptography is presented. At first, we design two lightweight versions of the PHC schemes Catena and PolyPassHash. Then, we integrate them and implement the proposed scheme – called LightPolyPHS. A fair comparison with similar proposals on mainstream computer is presented

Instruction prefetching techniques for ultra low-power multicore architectures

As the gap between processor and memory speeds increases, memory latencies have become a critical bottleneck for computing performance. To reduce this bottleneck, designers have been working on techniques to hide these latencies. On the other hand, design of embedded processors typically targets low cost and low power consumption. Therefore, techniques which can satisfy these constraints are more desirable for embedded domains. While out-of-order execution, aggressive speculation, and complex branch prediction algorithms can help hide the memory access latency in high-performance systems, yet they can cost a heavy power budget and are not suitable for embedded systems. Prefetching is another popular method for hiding the memory access latency, and has been studied very well for high-performance processors. Similarly, for embedded processors with strict power requirements, the application of complex prefetching techniques is greatly limited, and therefore, a low power/energy solution is mostly desired in this context. In this work, we focus on instruction prefetching for ultra-low power processing architectures and aim to reduce energy overhead of this operation by proposing a combination of simple, low-cost, and energy efficient prefetching techniques. We study a wide range of applications from cryptography to computer vision and show that our proposed mechanisms can effectively improve the hit-rate of almost all of them to above 95%, achieving an average performance improvement of more than 2X. Plus, by synthesizing our designs using the state-of-the-art technologies we show that the prefetchers increase system’s power consumption less than 15% and total silicon area by less than 1%. Altogether, a total energy reduction of 1.9X is achieved, thanks to the proposed schemes, enabling a significantly higher battery life

A Study on the Security of Password Hashing Based on GPU Based, Password Cracking using High-Performance Cloud Computing

In This paper the current security of various password hashing schemes that are in use today will be investigated through practical proof of concept – GPU based, password hash dump cracking using the power of cloud computing. The focus of this paper is to show the possible use of cloud computing in cracking hash dumps and the way to countermeasures them by using secure hashing algorithm and using complex passwords

АНАЛІЗ ВИКОРИСТАННЯ ВИСОКОЕФЕКТИВНОЇ РЕАЛІЗАЦІЇ ФУНКЦІЙ ХЕШУВАННЯ SHA-512 ДЛЯ РОЗРОБКИ ПРОГРАМНИХ СИСТЕМ

Hashing functions play an applied and fundamental role in the current protection of programs and data by cryptography techniques. Typically, these security features transmit latency data at the same time, producing a small and fixed-size signal. Along with an avalanche-like growing volume of data requiring quick validation, the hash function throughput is becoming a key factor. According to scientific research published in the technical literature, one of the fastest implementations of SHA-512 is the SHA-2 implementation, which provides bandwidth of the algorithm over 1550 Mbps, but is also faster such as the Whirlpool where bandwidths exceed 4896 Mbps At present, many papers have been published discussing the hardware implementation of the SHA-512. All considered implementations are usually aimed at high bandwidth or efficient use of computing resources. In general, it is impossible to know in advance which choice of functional design for this component will be the best in achieving the specific design purpose. After implementation and implementation of the algorithm with different components, it was possible to carry out system analysis and comment on the quality of this implementation, since the goal relates to the achievement of high bandwidth or low overall computing power. We systematized the results of all the calculations performed and analyzed each implementation separately. A detailed description of the stages of the expansion and compression of messages. Similarly, at different stages and refers to the stage of update hash, but its implementation is not always clearly defined. One of the reasons to skip the details of the previous stage and the stage of the hash update is that it assumes that these steps will be implemented in such a way as to minimize the negative impact on it. The data mixing function in the article does not claim to be the highest bandwidth of the algorithm, but it proved to be sufficiently stable for third-party decoding. Summarizing our research in the field of cryptographic protection by various methods, we can state that the application developed on the basis of the SHA-512 algorithm application software corresponds to the following technical parameters, namely verification of the integrity of programs and data and a sufficiently reliable authentication algorithm.Функції хешування відіграють прикладну та фундаментальну роль у сучасному захисті  програм та даних методами криптографії. Як правило такі функції захисту передають дані кінцевої довжини у той-же час виробляючи незначний та фіксованого розміру сигнал. Поряд із лавиноподібним зростаючим обсягом даних, які потребують швидкої  перевірки, пропускна властивість хеш-функцій стає ключовим фактором. Згідно з науковими дослідженнями опублікованими у даний час в технічній літературі, одна із найбільш швидких реалізацій SHA-512 а це варіант реалізації SHA-2, який забезпечує пропускну здатність алгоритму понад 1550 Мбіт/с проте є і швидші такі як, Whirlpool де пропускна здатності понад 4896 Мбіт/с. На даний час було опубліковано багато робіт, що обговорюють апаратні реалізації SHA-512. Усі розглянуті реалізації, як правило, спрямовані на високу пропускну здатність або ефективне використання обчислювальних ресурсів. Взагалі неможливо завчасно знати, який вибір функціонального дизайну для даного компонента буде найкращим у досягненні специфічної мети дизайну. Після реалізації та виконання алгоритму з різними компонентами можна було провести системний аналіз та прокоментувати якість даної реалізації, оскільки мета стосується досягнення високої пропускної здатності або низької загальної обчислювальної потужності. Ми систематизували результати усіх проведених обчислень та провели аналіз кожної реалізації окремо. Детально сформували опис етапів розширення та стиснення повідомлень. Аналогічно на різних етапах і згадується стадія оновлення хешу, однак її реалізація не завжди чітко визначена. Однією з причин пропускати подробиці попереднього етапу і етапу оновлення хешу є те, що він передбачає, що ці етапи будуть реалізовані таким чином, щоб мінімізувати негативний вплив на нього. Розглянута у статті функція перемішування даних не претендує на найвищу пропускну здатність алгоритму, проте вона виявилась достатньо стійкою для стороннього декодування. Підсумовуючи наші наукові дослідження в області криптографічного захисту різними методами ми можемо стверджувати, що розроблені на основі алгоритму SHA-512 прикладне програмне забезпечення відповідає наступним технічним параметрам, а саме верифікацію цілісності програм та даних і достатньо надійний алгоритм автентифікації

An overview of memristive cryptography

Smaller, smarter and faster edge devices in the Internet of things era demands secure data analysis and transmission under resource constraints of hardware architecture. Lightweight cryptography on edge hardware is an emerging topic that is essential to ensure data security in near-sensor computing systems such as mobiles, drones, smart cameras, and wearables. In this article, the current state of memristive cryptography is placed in the context of lightweight hardware cryptography. The paper provides a brief overview of the traditional hardware lightweight cryptography and cryptanalysis approaches. The contrast for memristive cryptography with respect to traditional approaches is evident through this article, and need to develop a more concrete approach to developing memristive cryptanalysis to test memristive cryptographic approaches is highlighted.Comment: European Physical Journal: Special Topics, Special Issue on "Memristor-based systems: Nonlinearity, dynamics and applicatio