Implementation and Benchmarking of Padding Units and HMAC for SHA-3 Candidates in FPGAs and ASICs




Vyas, Ambarish

Journal Title

Journal ISSN

Volume Title



In 2005, a major security flaw was discovered in Secure Hash Algorithm-1 (SHA-1), an NSA-designed cryptographic hash function, standardized by National Institute of Science and Technology (NIST) since 1995. Basic components in the more recent NIST standard SHA-2, introduced in 2002, are quite similar to SHA-1. As both functions are quite similar, it is prudent to expect that the equivalent attacks can be found against SHA-2 in the future. In retort to this possibility, NIST established a contest in search of a new cryptographic hash function family called SHA-3. Presently, the competition is in Round 3 evaluations, with 5 finalists shortlisted out of the 14 from Round 2. Various research groups from the cryptographic community are evaluating the performance of the finalists in hardware while trying their best to be fair in their design decisions. One of the topic of debate in the cryptographic community is whether padding should be included in hardware design or should it be done externally in software and not taken in consideration while evaluating the designs. We propose that padding should be included in the designs for fair evaluations, but should be designed intelligently so that the overall Throughput/Area ratio is not affected by an undesirable amount. In this thesis, we design and implement padding units for 5 Round 3 SHA 3 finalists for two hardware platforms, FPGAs and ASICs. We show that the worst effect of padding unit on the performance of the candidates does not exceed 18% in FPGAs and the overall ranking of the finalists does not change from the ranking derived from the architectures which do not support padding. Universal padding unit supporting all finalists and SHA-2 was designed for ASICs and the maximum area overhead due to the inclusion of a padding unit is around 9% with no effect on maximum clock frequency. This thesis also focuses on designing a Hash-based Message Authentication Code (HMAC) wrapper for all the SHA-3 finalists and SHA-2.



FPGA, Hash Function, SHA-3, Cryptography, Padding, HMAC