Upload
karthik-sravanam
View
58
Download
0
Embed Size (px)
Citation preview
5/16/2018 2(a) Design of SHA-1 Algorithm Based on FPGA - slidepdf.com
http://slidepdf.com/reader/full/2a-design-of-sha-1-algorithm-based-on-fpga 1/3
Design of SHA-1 Algorithm based on FPGA
Cheng Xiao-hui, Deng Jian-zhiCollege of Information Science and Engineering
Guilin University of TechnologyGuilin, China
E-mail: [email protected] , [email protected]
Abstract — SHA (Secure Hash Algorithm) is a famous
message compress standard used in computer cryptography,
it can compress a long message to become a short message
abstract. The algorithm can be used in many protocols or
Secure Algorithm, especially for DSS. In this paper, the
improved version SHA-1 is analysised, then improved and
implemented in HDL (Hardware Description Language) and
FPGA. QuartusII is used to compile and generate the function
modules, RTL level description circuit and simulatedwaveform. RTL level description is the circuit connection in
FPGA chip. It shows the connection of the modules. Simulated
waveform shows us the timing and the function of the SHA-1
module. The algorithm is implied easily. And the SHA-1
module that design in this paper used less memory units and
logic elements. It can be used in DSA or any protocols or
secure algorithm.
Keywords-SHA-1; Secure Hash Algorithm; FPGA;
Networks Security
I. I NTRODUCTION
Nowadays, network is not only a way for us to getmore information. It has already become a new life-style for
people. For example, network bank, net-shopping, online
chat, e-government, etc. All these need a high securitynetwork. So networks security has become a very important
problem in information age.In this paper, message compress standard SHA-1
(Secure Hash Algorithm) will be implemented byFPGA(Field Programmable Gate Array) to cooperate theDSS. And it will be used in DSA(Digital SignatureArithmetic) that implemented by FPGA.
II. SHA-1
Hash function is an important part of many crypto-
algorithm, there are 3 famous Hash Algorithm, SHA,MD(Message Digest) and RIPEMD-160 message compress
algorithm. In comparison, the security of SHA-1 is better than MD and RIPEMD-160.
SHA (Secure Hash Algorithm) is designed by National
Security Agency of the U.S.A. It is a message compressstandard is used to cooperate DSS(Digital SignatureStandard) that designed by NIST(National Institute of
Standards and Technology). Though SHA is designed for DSS, it can be also used in many protocols or secure
algorithm. The original version of SHA is called SHA or
SHA-0. SHA-1 is the improved version of SHA-0.
Using SHA-1, a message which is no longer than bitcan be generated a 160bit message abstract. Message abstractis much shorter than the message itself, so it will spend lesstime to generate a digital signature. The more important isthat the digital signature generate by message abstract hasthe same security as generate by message.[1]
642
The most important of all, SHA-1 is implied easily.
III. SHA-1 ARITHMETIC DESIGN AND SYNTHESIS
ANALYSIS
Message compress standard SHA is designed for DSS.The input of SHA is a message which is no longer than 264
bit, and it can generate a 160 bit message abstract.If a message no longer than 264 bit, it needs to be added
zeros to make the message become a 264 bit one. And if amessage longer than 264 bit, it need to be separated intoseveral groups. Every group contains 264 bit. Then themessage groups will be converted into message abstractgroups by SHA algorithm.[2,3]
When message abstract is generated, five 32 bit initialvalues A, B, C, D, E will be used.
A0x67452301
B0xefcdab89
C0x98badcfe
D0x10325476
E0xc3d2e1f0
Every time SHA-1 operate, non-linear function F t ,constant W t and K t are different if t is different value.According to parameter t , the non-linear function F t is
F t ( x, y, z ) = ( x y) ( z) (t =0~19)
F t ( x, y, z )= x y z (t =20~39)
F t ( x, y, z )= ( x y) ( x z) ( y z) (t =40~59) F t ( x, y, z )= x y z (t =60~79)
The symbol ‘ ’ means and logic. ‘ ’ means or logic. x
means the opposite number of x. ‘ ’ means xor logic. ‘<<’means shift left.
Constant K t is different according to parameter t .
K t =0x5a82799 (t =0~19) K t =0x6ed9eba1 (t =20~39) K t =0x8f1bbcdc (t =40~59)
2010 Second International Conference on Networks Security, Wireless Communications and Trusted Computing
978-0-7695-4011-5/10 $26.00 © 2010 IEEE
DOI 10.1109/NSWCTC.2010.131
532
5/16/2018 2(a) Design of SHA-1 Algorithm Based on FPGA - slidepdf.com
http://slidepdf.com/reader/full/2a-design-of-sha-1-algorithm-based-on-fpga 2/3
Figure 1. SHA-1 operated flowchart in one time
K t =0xca62c1d6 (t =60~79)
The message m should be separated into groups. Everygroup contains 512bit. Then every group needs to beseparated into 16 sub-groups W t which contains 32bit ineveryone.
t t M W (t =0~15)1)( 161483
t t t t t M M M M W (t =16~79)
A. SHA arithmetic
Fig.1 show SHA-1 operated flowchart in one time.According to the flowchart, the SHA-1 arithmetic can be listas follow.
SHA-1 arithmetic:
Input: message m (m is the message no longer than 264 bit)Output: SHA-1 message abstract H(m)
S1. According to the rule, we can find the right W t , K t , K 1, K 2, K 3, when t are different.
S2. assign the initial valuea0=Ab0=Bc0=Cd 0=D
e0=E
S3. While t from 1 to 79, loop the follow step S3.1S3.1. e’ = F t ( x, y, z ) + W t + K t + ei-1+ (ai-1<<5)
ai= e’, bi = ai-1 , ci =( bi-1<<30), d i = ci-1, ei = d i-1Return: SHA-1 message abstract H(m)
The SHA-1 message abstract module can be designedaccording to the algorithm. The SHA-1 message abstractH(m) is a 160 bit abstract combined with an, bn, cn, d n, en.
B. SHA-1 module design and generate
There are two ways to design a system in FPGA or HDL.One is top-to-down, another is down-to-top. Top-to-downdesigns the system or module first, then design the sub-system, sub-module or gate circuit. Down-to-top is theopposite way. It design gate circuit first, then design the sub-system or sub-module, and design the system or module atlast. Top-to-down is used in this design.[4,5,6]
Fig.2 is SHA-1 module pin assignment diagram. Thereare 6 input signals and 3 output signals in this module. Theinput signals are clock(clk), reset(rst), enable(en),
Figure 2. SHA-1 module pin assignment diagram
ready(rdy), message-in(msgin), message-in control(msg_in).And the output signals are sha-out, sha-out control(sha_out),finish(fnsh). All the control signals are high level enable.
There are 4 sub-modules in SHA-1 module, input/outputsub-module, memory sub-module, message abstract operate
sub-module. Input/output sub-module controls the data inand out. Memory sub-module just like the cache in CPU, it isused to store the temporary data. Message abstract operatesub-module is the core in SHA-1 module, it is used to carryout the SHA-1 arithmetic.
Besides, the bus of the module is set 64 bits, so beforethe long message is inputted into the module, it should be
separated into several groups. Input signals msg_in canknow the number of the groups.
C. Synthesis and simulate
The module is designed by FPGA. FPGA is a half-order circuit of ASIC(Application Specific Integrated Circuit). It
aflow summary
( b ) compilation hierarchy
Figure 3. flow summary and compilation hierarchy
1ia
1ib
1ic
1id
1ie
ia
ib
id
ic
iet K
<<5
<<30
non-linear function
t W
533
5/16/2018 2(a) Design of SHA-1 Algorithm Based on FPGA - slidepdf.com
http://slidepdf.com/reader/full/2a-design-of-sha-1-algorithm-based-on-fpga 3/3
Figure 5. SHA-1 simulated waveform
(a) (b)
The design of SHA-1 module in this paper can be usedto cooperate with DSA, or be an independent module used in
many protocols or secure algorithm.Figure 4. SHA-1 RTL level description
contains many logic cells that has already been distributed inthe chip. So it is easy for people to design a system or module for some special function.
ACKNOWLEDGMENT
The research of the paper got sponsored from GuangXi Natural Science Funded Project(No: 0832264), and spon-sored project in Department of Education GuangXi (projectcode: 200708MS165), so we would like to extend our
gratitude to them.
EP1S80F15 is used to implement the SHA-1 module.EP1S80F15 is the Stratix series FPGA of Altera. It contains
79040 logic elements, 1212 pins, 7427520 memory units,176 DSP block 9-bit elements, 12 PLLs and 2 DLLs.
Fig.3 is the compilation hierarchy and the flow summary by QuartusII6.0. In this design, the SHA-1 module contains74 pins, 1584 logic elements, 893 LC registers, and 691LUT-only LCs. And LUT(Look-Up-Table) is a RAMessentially.
R EFERENCES
[1] Deng An-Wen. Cryptography(in Chinese). China WaterPower Press.2006:150-152
We also use QuartusII6.0 to synthesis and simulate theSHA-1 module, then generate RTL level description circuitand module simulated waveform. RTL is the circuitconnection in chip. It shows us the connection of themodules, sub-module and the logic cells. It is also follow thetop-to-down structure. We can see the detail structure of thesub-module when we click the sub-module block.
[2] Wang Yu-Min. Information hidden:Theory and Technology(inChinese). Tsinghua Publishing House. 2006:30-35
[3] Wenbo Mao.Modern Cryptography: Theory and Practice. PearsonEducation. 2004:184-190
[4] Zhang Fang-Guo. The Research on Hyperelliptic Curve Cryp-tosystems(in Chinese). Xidian University. 2001:22-30
[5] Wade Trappe, Lawrence C. washington.Introduction to cryptographywith coding theary (2nd Editon ). Pearson Education. 2006:133-136
When we use FPGA to implement the SHA-1 module, itwill be organized according to the RTL level description.RTL is a top-to-down structure. Fig.4 is the top level moduleof SHA-1.
[6] Deng Jian-zhi, Cheng Xiao-hui, Gui Qiong, “Design of Hyper Elliptic
Curve Digital Signature,” Proc. IEEE International Conference onInformation Technology and Computer Science 2009(ITCS 09),IEEEPress, Jul. 2009, pp.45-47
Fig.5 is the simulated waveform of SHA-1 module, itshows us the timing and the function of the module. Theclock period is 20.0ns. The message abstract which is nolonger than 264 bit can be generated in about 100ms.
IV. CONCLUSION
SHA is a famous message compress standard used incomputer cryptography. Its improved version SHA-1algorithm has been analysised in this paper, and implied by
HDL. QuartusII is used to synthesis the module, and thengenerated RTL level description circuit and simulatedwaveform. The SHA-1 module only needs 74 pins, 893 LCregisters, 691 LUT-only LCs and 1584 logic elements.
Using the SHA-1 module, a long message can begenerated a short and safe message abstract in a very shorttime.
534