Design and Performance Analysis of a Unified, Reconfigurable HMAC-Hash Unit

Citations Over TimeTop 10% of 2007 papers

Abstract

Hash functions are important security primitives used for authentication and data integrity. Among the most popular hash functions are MD5, SHA-1, and RIPEMD-160, which are all based on the function MD4. This similarity can be exploited for designing a unified engine to perform all three hash functions. Hash message authentication code (HMAC) is a shared-key security algorithm that uses these hash functions alternatively for IPSec authentication. Since some other security applications, such as digital signature, also use these three hash functions, it is prudent to design a unified, reconfigurable engine that can perform any one of them alone or with HMAC. In this work, we design an HMAC-hash unit that can be reconfigured to perform one of six standard security algorithms; namely, MD5, SHA-1, RIPEMD-160, HMAC-MD5, HMAC-SHA-1, and HMAC-RIPEMD-160. This paper applied pipelining and parallelism to the design of the HMAC-hash unit to improve throughput, especially for large message sizes. We achieved higher throughput than engines that integrated three hash functions or more and comparable throughput to those integrated only two hash functions.

Related Papers

• → Design and Performance Analysis of a Unified, Reconfigurable HMAC-Hash Unit(2007)28 cited
• → A system-level architecture for hash message authentication code(2005)9 cited
• → A Reconfigurable Hardware Unit for the HMAC Algorithm(2006)5 cited
• → A Secure Hash Function MD-192 With Modified Message Expansion(2010)16 cited
• → Hash Function, Message Authentication Code, and Data Expansion Function(2009)2 cited