Abstract:
In 2005, a major security
flaw was discovered in Secure Hash Algorithm-1 (SHA-1), an
NSA-designed cryptographic hash function, standardized by National Institute of Science
and Technology (NIST) since 1995. Basic components in the more recent NIST standard
SHA-2, introduced in 2002, are quite similar to SHA-1. As both functions are quite similar,
it is prudent to expect that the equivalent attacks can be found against SHA-2 in the future.
In retort to this possibility, NIST established a contest in search of a new cryptographic
hash function family called SHA-3. Presently, the competition is in Round 3 evaluations,
with 5 finalists shortlisted out of the 14 from Round 2. Various research groups from the
cryptographic community are evaluating the performance of the finalists in hardware while
trying their best to be fair in their design decisions. One of the topic of debate in the
cryptographic community is whether padding should be included in hardware design or
should it be done externally in software and not taken in consideration while evaluating the
designs. We propose that padding should be included in the designs for fair evaluations, but
should be designed intelligently so that the overall Throughput/Area ratio is not affected
by an undesirable amount. In this thesis, we design and implement padding units for 5 Round 3 SHA 3 finalists
for two hardware platforms, FPGAs and ASICs. We show that the worst effect of padding
unit on the performance of the candidates does not exceed 18% in FPGAs and the overall
ranking of the finalists does not change from the ranking derived from the architectures
which do not support padding. Universal padding unit supporting all finalists and SHA-2
was designed for ASICs and the maximum area overhead due to the inclusion of a padding
unit is around 9% with no effect on maximum clock frequency. This thesis also focuses on
designing a Hash-based Message Authentication Code (HMAC) wrapper for all the SHA-3 finalists and SHA-2.
