digital vlsi on system chip design using multi-hashing...
TRANSCRIPT
Vol 04, Issue 03; May - June 2013 International Journal of VLSI and Embedded Systems-IJVES
http://ijves.com ISSN: 2249 – 6556
2010-2013 – IJVES Indexing in Process - EMBASE, EmCARE, Electronics & Communication Abstracts, SCIRUS, SPARC, GOOGLE Database, EBSCO, NewJour, Worldcat,
DOAJ, and other major databases etc.,
350
DIGITAL VLSI ON SYSTEM CHIP DESIGN USING
MULTI-HASHING TECHNIQUE RASHI KOHLI1, MANOJ KUMAR2
12Department of Computer Science & Engineering, Amity University [email protected] , [email protected]
ABSTRACT
In this paper the main focus lies on increasing the security over the network using Multi-Hashing Technique. To
minimize the attacks like brute force attacks, truncated hash attacks over the system or the network, the hash
functions plays an eminent light over the cryptographic algorithms, although they require a number of
resources but if only security needs to be increased over the channel then hashing technology can provide
significant level of security .Hashing algorithms serve as a building block of message authentication. There is
growing need of hardware implementation of such technique over the network; the algorithm which will be used
in this paper is SHA-Multi-Hashing technique. Since the hardware implementation of Multi-Hashing Technique
will have higher throughput. Since in this paper our main focus lies on the speed and increasing the security
thus it will present the hardware implementation for the same.
Keywords: Multi-Hashing Technique, SHA, VLSI Design, Verilog, Hardware Security
I. INTRODUCTION
The domain of network security, steganography, cryptography is in demand for most of the industries, E-
government services for providing security within the system and on the network itself. With the advent of
security approaches there were many techniques invented which contributed towards the security, utilization of
hash function was one of them, many researchers provided the fact that using hash function in securing the
application over network can prove advantageous. Since hash function rotates around the one way and anti-
collision property. Dramatic enhancement over wireless technologies and ubiquitous computing is endowed
with the base for the RFID technology, where security can be accomplished via diverse domains of
cryptographic algorithms. Depending upon the needs and criterion of a designer, it may first-rate the best suited
technique. [12][13][14] The technique which will be employed in this thesis is Multi-Hashing technique which
will follow the three properties listed below:
Table 1: Properties of Hashing-Function [3][4]
One-way Property Weak Collision Resistance Strong Collision Resistance
It can be described as for any given
value of a hash function say HF, it is
computationally infeasible to find
the z such that
HF (z) = HF.
It can be described as that for
any block size say q, it is
computationally infeasible to
find q ≠z such that
HF (q) =HF (z).
It can be described as a pair such as
(z, q) such that it is computationally
infeasible to find the pair as
HF (z) =HF (q).
Important when authentication
includes the hidden secret message
It ensures that an substitute
message or data hashing to the
same value as a given message
cannot be found
This properties highlights the
importance of hash function i.e. how
resistant it can be to a type of attack
called Birthday attack
In past decades the block cipher algorithm provided the significant amount of security. But the art of block
cipher approach and hashing technique is poles apart. With the hashing technique one may use any number of
block size depending upon the purpose for which it is being designed. Secondly the hash function itself provides
security and it is not applied on to the key, where as in case of block cipher algorithms it uses the fixed size of
block correspondingly with the defined key size. Hashing approach produces the fixed length output.
II. RELATED WORK
In the past few years, there has been a great changes in the field of cryptology, SHA-0 has been changed to
SHA-1 and in many of the recent applications SHA-1 is providing beneficial results in securing applications,
since it removes certain limitations of SHA-0 i.e. problem of differential paths and collisions. There is a
growing demand for VLSI design approach in the field of mobile computing, pervasive computing,
simultaneously this demands increased security from the threats or attacks. The attacks on hash functions are
different from those of block cipher algorithm, in fact the attacks on the former approach is indeed more
powerful than the latter one. This demands the careful analysis, In past decades, during the research by various
researchers it was provided with the fact that hash functions since primitive plays an utmost role in several
domains, they have been used to fulfill the properties such as collision resistance, pre-image resistance and
Vol 04, Issue 03; May - June 2013 International Journal of VLSI and Embedded Systems-IJVES
http://ijves.com ISSN: 2249 – 6556
2010-2013 – IJVES Indexing in Process - EMBASE, EmCARE, Electronics & Communication Abstracts, SCIRUS, SPARC, GOOGLE Database, EBSCO, NewJour, Worldcat,
DOAJ, and other major databases etc.,
351
second-pre-image resistance, Here the keyword used i.e. “resistance” signifies the absence of any specific
technique. Hash function primarily is one way function which usually operates in pair following the resistance
properties. Since many researchers have founded different attacks or threats as a hindrance in securing the
application of a system or over internet so in this paper we will combine some of the approaches using hash
function as the main component, providing the multi-hashing technique.[3][8][11]
III. COMPARATIVE ANALYSIS
Till now in past decades block cipher and stream cipher techniques have been used to impart non linearity to the
system and they have exceptionally showed the optimized results and beneficial for small applications. But if we
talk about Complex systems that demand security at high level for that purpose we can use hashing algorithms.
The Table 1.2 shows the comparative analysis of highly effective algorithms chiefly Block cipher algorithm along
with that of Hashing algorithm such as SHA-1
Table 2: Comparative Analyses [1][2]
Parameters SHA-1 RC-6 X-TEA AES
1) Domain Cryptographic
Hashing
Algorithm
Block Cipher
Algorithm
Block Cipher
Algorithm
Block Cipher
Algorithm
2) Block Size Arbitrary length Fixed Fixed Fixed
3) Degree of
Difficulty
Difficult Difficult Medium Difficult
4) Resource
Consumption
High Medium Low High
5)Applications
Storage of
passwords, Digital
Signature
Algorithms,
Integrity checking
etc
Ubiquitous
computing,Soft
computing
Embedded system
design etc
WSN’s,
pervasive
computing,
RFID
Technology
etc.
Android
applications,
Military
Applications,
embedded
systems etc.
IV. PROPOSED ALGORITHMIC ROUTINE
The structure used in implementing SHA-1 on FPGA platform requires the array of initial value (Iv) along with
that equivalent value of chaining variable at each step depending upon the number of rounds for which it has
been designed. The algorithmic routine requires repetitive use of the compression function which is responsible
for mending security along with the input data bits. The function used in designing SHA-1 requires the use of 2
set of input variables, The first set of input variables comes from the previous step which is usually refer to as
the chaining variable and b-bit block. Before taking into an account the procedure for VLSI implementation, it
necessary to formulate the steps for hashing technique.[7][8] Here, we have proposed multi-hashing technique
by repetitively calling the compression function. At the beginning of the multi-hashing technique, the fixing
variable has an initial value defined by the user; the final outcome of the fixing variable will be the hash value
which will be generated by going through compression function. The condition at which the compression
function will be executed is b>n i.e. the length of input block.
Figure: 1 Architectural Design of Hash Function
The architectural design of hash function in Figure 1 above describes the process of hashing before implementing
the algorithmic logic. Certain inputs and outputs are defined as follows
Iv= Initial Value
Vol 04, Issue 03; May - June 2013 International Journal of VLSI and Embedded Systems-IJVES
http://ijves.com ISSN: 2249 – 6556
2010-2013 – IJVES Indexing in Process - EMBASE, EmCARE, Electronics & Communication Abstracts, SCIRUS, SPARC, GOOGLE Database, EBSCO, NewJour, Worldcat,
DOAJ, and other major databases etc.,
352
Cv= Chaining variable
b= Length of input block
n= Length of hash code
Iₓ= ith input block
Fn= Compression Function
x= Number of input blocks
V. PROCEDURE DESIGN STEPS
In this paper we will implement the SHA-1 logic using multi-hashing technique which encompasses the
architectural design of hash function by making the use of the compression function which is responsible for
security. This approach will be designed with the help of VLSI technology using Verilog as Hardware
Description Language. Secure Hash Algorithm was specified in RFC3174 and been revised time to time by
National Institute of Standards and Technology. The following steps will guide, to implement the SHA-1 logic
using XILINX, FPGA technology [5][6]
Step 1: Padding –Length of data
This step provides which the fact, that without the loss of the actual message as an input, the input message
needs to be congruent to 448 modulo512. This padding is necessary even if the input to the application is of
desired length.
Step 2: Appending Length
If the given block size is 64-bits & it is appended to the input data, then this block will be treated as an unsigned
64 -bit integer and is treated as MSB of the data which will highlight the original input message length. The
conclusion of the first two steps defined above would significantly capitulate a input message that is an integer
multiple of 512 bits in length.
Step 3: Initializing the Hash (Intermediate Buffer)
This technique will firstly generate the hash function using multi-hashing process via compression function, If
suppose the input message length is taken as 160 bit block, then the hash buffer is initialized to store the
intermediate results which will be needed when decryption process starts. The buffer can be of 32-bit each,
which work as same that was used in Rc-6 block cipher algorithm, the only difference is that, these registers
were the main components in Rc-6 implementation and here in SHA-1, it act as a intermediate modules for
storing partial results. The data values which will be stored in registers (M, N, O, R, P) will be in big-endian
format i.e. the MSB of the stored data will be located and found at the low (leftmost) address byte position.
Step 4: Processing of SHA-1 logic function
SHA-1 operates here using 4 similar rounds which is implemented in 20 steps, these 4 rounds have similar
structure and This step is the heart, of implementing the multi-hashing logic. Each round uses different primitive
logic function. Each round which is implemented takes 160-bit buffer value i.e. m, n, o, p, and q. Every round
makes use of the round constant i.e. Kt which is called as additive constant where 0<=t<=79, represents one of
the 80 rounds.
Step 5: Output
The output which will be generated after the message input passes through all the processing the output will be
the message digest encrypted data.
Table 3: Functions in Compression Function
Number of
Rounds
Function Name Function Value Constant Kt
Value
0<=t<=19 Fn1=f(t,N,O,P) (N^ O) v ( N^P ) 5A827999
20<=t<=39 Fn1=f(t,N,O,P) (N xor O xor P) 6ED9EBA1
40<=t<=59 Fn1=f(t,N,O,P) (N ^ O) v (N^P)
v(O^D)
8F1BBCDC
60<=t<=79 Fn1=f(t,N,O,P) (N xor O xor P) CA62C1D6
VI. IMPROVISED COMPRESSION FUNCTION
Since it has already been specified that 4 similar rounds will be implemented for SHA-1 for designing the hardware
part, at each level the function is differently implemented and functions at different levels are also different, this
process is endowed with multi-hashing technique which states that at every level different. Till now different
attacks have been there on the Hash function to make the process more secure, each level would have different
value of hash function so that it will be difficult for an attacker to gain important information or data. This
improvisation of using multi-hashing technique will make the process of securing information via SHA-1 mode of
Vol 04, Issue 03; May - June 2013 International Journal of VLSI and Embedded Systems-IJVES
http://ijves.com ISSN: 2249 – 6556
2010-2013 – IJVES Indexing in Process - EMBASE, EmCARE, Electronics & Communication Abstracts, SCIRUS, SPARC, GOOGLE Database, EBSCO, NewJour, Worldcat,
DOAJ, and other major databases etc.,
353
algorithm more secure. The figure 1.2 below describes the architectural design for Improvised Compression
function. [3][4][5].
Mathematical Formulation M, N, O, P, Q (E + Fn( t, N,O,P) + S5 (M) + Wt + Kt ),M, S^30 (N),O,P
Where
1. M, N, O, P, Q = the five words of the buffer
2. T = step number; 0<= t <=79
3. Fn (t, N,O,P)= is primitive logic function of logic t
4. SK = circular left shift (rotation) of the 32-bit argument by k bits
5. Wt = a 32-bit word derived from the current 512-bit input block
6. Kt = is an additive constant; four distinct values are used in the process
7. + = additive module of 232
Figure: 2 Multi Hashing-Compression Function
VII. SHA-1 BLOCK DIAGRAM
The given below figure shows the block diagram of sha-1 after synthesis. This block diagram shows the input
and output port. In input port the cv shows the input hash value which is pre -defined in the algorithm and
data_in, global clock, load_in is high when data is loading an low when data is loaded and global reset and start
signal. When reset signal is 1 then all value is 0 in output.
The output signal CV_next shows the output hash signal of 160 bit. Output valid signal shows that output is
valid when signal is 1 and not valid when signal is 0.busy signal represent the busy of hash output.[3][4]This
architecture processes in figure 3 shows the serial implementation of secure hash algorithm -1. All the architectural
components are serially implemented and the last add initial hash value and internal hash value is also determined.
In this architecture an input message is padded. The padding unit pads 1 and series of 0, the length of the message
to the input message and generate blocks of 512-bit message. Wi serial generator generate W0 to W79 of 32-bit
which is used in serial compression function.[9][10] Function generation block generates function Ft using internal
hash value. Architecture of constant Kt selection is based upon the Table 3 specified in previous sections.
Figure: 3 Process Architecture of SHA-1
Vol 04, Issue 03; May - June 2013 International Journal of VLSI and Embedded Systems-IJVES
http://ijves.com ISSN: 2249 – 6556
2010-2013 – IJVES Indexing in Process - EMBASE, EmCARE, Electronics & Communication Abstracts, SCIRUS, SPARC, GOOGLE Database, EBSCO, NewJour, Worldcat,
DOAJ, and other major databases etc.,
354
Figure: 4 Digital SHA-1 Block Diagram
VIII. RESULTS
A. Waveform Analysis
After performing all the necessary steps to formulate the process initially and generating the hash function
required in the compression function. Next is to formulate and verify the behaviour of the proposed approach
using the simulation process by generating waveforms. Given below is shows the simulation results of SHA-1
algorithm. In this simulation result clock is global and output comes after 70 clock period and reset signal is a
also global reset. Signal data_in shows the value of input data and load_inis equal to 1 show that the value is
loaded and when it is equal to o then all the value of data_in has been loaded. CV signal is the input hash signal
which is pre defined value in the SHA -1 algorithm. The value of use_prescv signal equal to 0 to show that cv is
available or not. Start signal is 0. When reset signal s 1 then all value is 0 in output.
Figure: 5 Simulation Result of SHA-1
The given below figure shows the simulation results of text bench. The clock and reset signal is global signal
.Output comes after 70 clock cycle all input are same as above declared in simulation of SHA-1 This figure 6&7
below shows the verification of SHA-1 using two test vector and check the value output which will be
“a9993e364706aba3a25717850c26c9cd0d89d”
Figure: 6 Test Bench (I) Simulation SHA-1
Vol 04, Issue 03; May - June 2013 International Journal of VLSI and Embedded Systems-IJVES
http://ijves.com ISSN: 2249 – 6556
2010-2013 – IJVES Indexing in Process - EMBASE, EmCARE, Electronics & Communication Abstracts, SCIRUS, SPARC, GOOGLE Database, EBSCO, NewJour, Worldcat,
DOAJ, and other major databases etc.,
355
Figure: 7 Test Bench (II) Simulation SHA-1
Figure: 8 Round Function Simulation SHA-1
B. Hardware on system Chip Design For generating the gate level schematic we use the mentor tool (Design Architect) by importing the verilog net list
file which is generated by Leonardo spectrum. And for layout generation, we use IC Station Tool and imported
the verilog net list file.For the layout generation we use ASIC design flow instead of FPGA design flow. We use
180 nanometer technologies. Here in this digital design the routing between the modules takes place this routing
can be intra-routing cells or inter routing cells. This hardware component can act as a intermediate component
while designing the RFID base system, Secondly this hardware routing is an important component in the
applications like Smart cards, Crypto cards, credit or Debit cards etc. This hardware design accumulates all the
steps described above for the creating of hardware platform.
Figure: 9: Hardware Layout of SHA-1
Vol 04, Issue 03; May - June 2013 International Journal of VLSI and Embedded Systems-IJVES
http://ijves.com ISSN: 2249 – 6556
2010-2013 – IJVES Indexing in Process - EMBASE, EmCARE, Electronics & Communication Abstracts, SCIRUS, SPARC, GOOGLE Database, EBSCO, NewJour, Worldcat,
DOAJ, and other major databases etc.,
356
CONCLUSION
This paper highlights the on system chip design of the SHA-1 algorithm; with the improvisation in the
compression function. And also provides the significance that if we are making complex applications where
optimization is not an important task only security is important then in that case hashing technique can be used.
This paper also throws the light upon the fact that SHA-1 is no doubt is secure where security is the only
parameter but when optimization of resources comes into picture then it may fail to give positive results for that
purpose we can use light weight cryptographic algorithms or block cipher cryptology approach.
REFERENCES
[1] Kohli Rashi, Manoj Kumar “Optimized on System Analysis Using AES and X-tea” International Journal of
Advanced Research in Computer Science and Software Engineering, (2277-128X), Volume 3 Issue 2, February
2013.
[2] Kohli Rashi, Divya Sharma, Manoj kr.Baliyan “S-Box Design Analysis and Parameter Variation in AES
Algorithm“International Journal of Computer Applications (0975 – 8887) Volume 60– No.2, December 2012.
[3]. FPGA Implementation of SHA-1 Algorithm, Dai Zibin Zhou Ning, Institute of Electronic Technology,
Information Engineering University, Zhengzhou, 450004, P.R. China
[4]. The Realization and optimization of Secure Hash Algorithm (SHA-1) based on LEON2 Coprocessor, Xia
Hong, Ning Hui-ming, Yan Jiang-yu, School of Computer Science and Technology, North China Electric Power
University, China-102206, 2008
[5]. National Institute of Standards and Technology (NIST), Secure Hash Standard (SHSJ, National Technical
Information Service, Springfield. VA 22161, Aug. 2002.
[6].J.Deepakuniara, H.M. Heys, and R. Venkatesan,Proceedings of IEEE Canadian Conference on Electrical
and Computer Engineering, (Toronto,Ontario, May 2001), p.176
[7]. FIPS 180-1, Secure hash standard, NIST, US Deparment of Comerce, Washington D. C., April 1995.
[8] An HMAC Processor with Integrated SHA- 1 and MD5 Algorithms, Mao-Yin Wang, Chih-Pin Su, Chih-
Tsun Huang, and Cheng-Wen wu Laboratory for Reliable Computing, Department of Electrical Engineering
National Tsing Hua University ,Hsinchu, Taiwan 30013
[9]. L. Dadda, M. Macchetti, and J. Owen. An ASIC design for a high speed implementation of the hash
function SHA-256 (384, 512). In ACM Great Lakes Symposium on VLSI, pages 421–425. ACM, 2004.
[10].McLoone M, McCanny JV. Efficient single-chip implementation of SHA-384 and SHA-512. In:
Proceedings of the IEEE international conference on field-programmable technology (FPT), Hong Kong, July
2002. p. 311–4.
[11]. N. Sklavos, E. Alexopoulos and . Koufopavlou “Networking Data Integrity: High Speed Architectures
and Hardware Implementations ”The International Ara Journal of Information Technology, Vol. 1
[12].B. Preneel, "Analysis and design of cryptographic hash functions," Ph.D. dissertation, Catholic University
of Leuven, Belgium,Feb. 1993.
[13].N. Sklavos, G. Dimitroulakos, and 0. Koufopavlou, "An ultra highspeed architecture for VLSI
implementation of hash functions," in Proc.of 10th IEEE International Conference on Electronics, Circuits and
Systems (ICECS 2003), Dec. 2003, pp. 990-993.
[14] Kohli Rashi, Manoj Kumar ““FPGA Implementation of Cryptographic Algorithms using Multi-
Encryption Technique” International Journal of Advanced Research in Computer Science and Software
Engineering, (2277-128X), Volume 3 Issue 5, May 2013.
AUTHORS BIOGRAPHY
Rashi Kohli is an M.Tech student in the department of Computer science & Engineering, ASET,
Amity University, Uttar Pradesh. She received her B.Tech degree in Information and Technology
from Amity University, India. Her research interests include Cryptography, VLSI, network security
and software engineering domain.
Mr. Manoj Kumar, currently working as an Assistant Professor in the department of Computer
science & Engineering, ASET, Amity University, Uttar Pradesh, India He has received degrees in
M.Sc, M.Tech & PG Diploma. His research interests include Network Security, Embedded Systems
& Algorithm Design.