DIGITAL VLSI ON SYSTEM CHIP DESIGN USING MULTI-HASHING...

Vol 04, Issue 03; May - June 2013 International Journal of VLSI and Embedded Systems-IJVES

http://ijves.com ISSN: 2249 – 6556

2010-2013 – IJVES Indexing in Process - EMBASE, EmCARE, Electronics & Communication Abstracts, SCIRUS, SPARC, GOOGLE Database, EBSCO, NewJour, Worldcat,

DOAJ, and other major databases etc.,

350

DIGITAL VLSI ON SYSTEM CHIP DESIGN USING

MULTI-HASHING TECHNIQUE RASHI KOHLI1, MANOJ KUMAR2

12Department of Computer Science & Engineering, Amity University [email protected] , [email protected]

ABSTRACT

In this paper the main focus lies on increasing the security over the network using Multi-Hashing Technique. To

minimize the attacks like brute force attacks, truncated hash attacks over the system or the network, the hash

functions plays an eminent light over the cryptographic algorithms, although they require a number of

resources but if only security needs to be increased over the channel then hashing technology can provide

significant level of security .Hashing algorithms serve as a building block of message authentication. There is

growing need of hardware implementation of such technique over the network; the algorithm which will be used

in this paper is SHA-Multi-Hashing technique. Since the hardware implementation of Multi-Hashing Technique

will have higher throughput. Since in this paper our main focus lies on the speed and increasing the security

thus it will present the hardware implementation for the same.

Keywords: Multi-Hashing Technique, SHA, VLSI Design, Verilog, Hardware Security

I. INTRODUCTION

The domain of network security, steganography, cryptography is in demand for most of the industries, E-

government services for providing security within the system and on the network itself. With the advent of

security approaches there were many techniques invented which contributed towards the security, utilization of

hash function was one of them, many researchers provided the fact that using hash function in securing the

application over network can prove advantageous. Since hash function rotates around the one way and anti-

collision property. Dramatic enhancement over wireless technologies and ubiquitous computing is endowed

with the base for the RFID technology, where security can be accomplished via diverse domains of

cryptographic algorithms. Depending upon the needs and criterion of a designer, it may first-rate the best suited

technique. [12][13][14] The technique which will be employed in this thesis is Multi-Hashing technique which

will follow the three properties listed below:

Table 1: Properties of Hashing-Function [3][4]

One-way Property Weak Collision Resistance Strong Collision Resistance

It can be described as for any given

value of a hash function say HF, it is

computationally infeasible to find

the z such that

HF (z) = HF.

It can be described as that for

any block size say q, it is

computationally infeasible to

find q ≠z such that

HF (q) =HF (z).

It can be described as a pair such as

(z, q) such that it is computationally

infeasible to find the pair as

HF (z) =HF (q).

Important when authentication

includes the hidden secret message

It ensures that an substitute

message or data hashing to the

same value as a given message

cannot be found

This properties highlights the

importance of hash function i.e. how

resistant it can be to a type of attack

called Birthday attack

In past decades the block cipher algorithm provided the significant amount of security. But the art of block

cipher approach and hashing technique is poles apart. With the hashing technique one may use any number of

block size depending upon the purpose for which it is being designed. Secondly the hash function itself provides

security and it is not applied on to the key, where as in case of block cipher algorithms it uses the fixed size of

block correspondingly with the defined key size. Hashing approach produces the fixed length output.

II. RELATED WORK

In the past few years, there has been a great changes in the field of cryptology, SHA-0 has been changed to

SHA-1 and in many of the recent applications SHA-1 is providing beneficial results in securing applications,

since it removes certain limitations of SHA-0 i.e. problem of differential paths and collisions. There is a

growing demand for VLSI design approach in the field of mobile computing, pervasive computing,

simultaneously this demands increased security from the threats or attacks. The attacks on hash functions are

different from those of block cipher algorithm, in fact the attacks on the former approach is indeed more

powerful than the latter one. This demands the careful analysis, In past decades, during the research by various

researchers it was provided with the fact that hash functions since primitive plays an utmost role in several

domains, they have been used to fulfill the properties such as collision resistance, pre-image resistance and

http://ijves.com/

mailto:[email protected]

mailto:[email protected]





351

second-pre-image resistance, Here the keyword used i.e. “resistance” signifies the absence of any specific

technique. Hash function primarily is one way function which usually operates in pair following the resistance

properties. Since many researchers have founded different attacks or threats as a hindrance in securing the

application of a system or over internet so in this paper we will combine some of the approaches using hash

function as the main component, providing the multi-hashing technique.[3][8][11]

III. COMPARATIVE ANALYSIS

Till now in past decades block cipher and stream cipher techniques have been used to impart non linearity to the

system and they have exceptionally showed the optimized results and beneficial for small applications. But if we

talk about Complex systems that demand security at high level for that purpose we can use hashing algorithms.

The Table 1.2 shows the comparative analysis of highly effective algorithms chiefly Block cipher algorithm along

with that of Hashing algorithm such as SHA-1

Table 2: Comparative Analyses [1][2]

Parameters SHA-1 RC-6 X-TEA AES

1) Domain Cryptographic

Hashing

Algorithm

Block Cipher

Algorithm

Block Cipher

Algorithm

Block Cipher

Algorithm

2) Block Size Arbitrary length Fixed Fixed Fixed

3) Degree of

Difficulty

Difficult Difficult Medium Difficult

4) Resource

Consumption

High Medium Low High

5)Applications

Storage of

passwords, Digital

Signature

Algorithms,

Integrity checking

etc

Ubiquitous

computing,Soft

computing

Embedded system

design etc

WSN’s,

pervasive

computing,

RFID

Technology

etc.

Android

applications,

Military

Applications,

embedded

systems etc.

IV. PROPOSED ALGORITHMIC ROUTINE

The structure used in implementing SHA-1 on FPGA platform requires the array of initial value (Iv) along with

that equivalent value of chaining variable at each step depending upon the number of rounds for which it has

been designed. The algorithmic routine requires repetitive use of the compression function which is responsible

for mending security along with the input data bits. The function used in designing SHA-1 requires the use of 2

set of input variables, The first set of input variables comes from the previous step which is usually refer to as

the chaining variable and b-bit block. Before taking into an account the procedure for VLSI implementation, it

necessary to formulate the steps for hashing technique.[7][8] Here, we have proposed multi-hashing technique

by repetitively calling the compression function. At the beginning of the multi-hashing technique, the fixing

variable has an initial value defined by the user; the final outcome of the fixing variable will be the hash value

which will be generated by going through compression function. The condition at which the compression

function will be executed is b>n i.e. the length of input block.

Figure: 1 Architectural Design of Hash Function

The architectural design of hash function in Figure 1 above describes the process of hashing before implementing

the algorithmic logic. Certain inputs and outputs are defined as follows

Iv= Initial Value

http://ijves.com/





352

Cv= Chaining variable

b= Length of input block

n= Length of hash code

Iₓ= ith input block

Fn= Compression Function

x= Number of input blocks

V. PROCEDURE DESIGN STEPS

In this paper we will implement the SHA-1 logic using multi-hashing technique which encompasses the

architectural design of hash function by making the use of the compression function which is responsible for

security. This approach will be designed with the help of VLSI technology using Verilog as Hardware

Description Language. Secure Hash Algorithm was specified in RFC3174 and been revised time to time by

National Institute of Standards and Technology. The following steps will guide, to implement the SHA-1 logic

using XILINX, FPGA technology [5][6]

Step 1: Padding –Length of data

This step provides which the fact, that without the loss of the actual message as an input, the input message

needs to be congruent to 448 modulo512. This padding is necessary even if the input to the application is of

desired length.

Step 2: Appending Length

If the given block size is 64-bits & it is appended to the input data, then this block will be treated as an unsigned

64 -bit integer and is treated as MSB of the data which will highlight the original input message length. The

conclusion of the first two steps defined above would significantly capitulate a input message that is an integer

multiple of 512 bits in length.

Step 3: Initializing the Hash (Intermediate Buffer)

This technique will firstly generate the hash function using multi-hashing process via compression function, If

suppose the input message length is taken as 160 bit block, then the hash buffer is initialized to store the

intermediate results which will be needed when decryption process starts. The buffer can be of 32-bit each,

which work as same that was used in Rc-6 block cipher algorithm, the only difference is that, these registers

were the main components in Rc-6 implementation and here in SHA-1, it act as a intermediate modules for

storing partial results. The data values which will be stored in registers (M, N, O, R, P) will be in big-endian

format i.e. the MSB of the stored data will be located and found at the low (leftmost) address byte position.

Step 4: Processing of SHA-1 logic function

SHA-1 operates here using 4 similar rounds which is implemented in 20 steps, these 4 rounds have similar

structure and This step is the heart, of implementing the multi-hashing logic. Each round uses different primitive

logic function. Each round which is implemented takes 160-bit buffer value i.e. m, n, o, p, and q. Every round

makes use of the round constant i.e. Kt which is called as additive constant where 0<=t<=79, represents one of

the 80 rounds.

Step 5: Output

The output which will be generated after the message input passes through all the processing the output will be

the message digest encrypted data.

Table 3: Functions in Compression Function

Number of

Rounds

Function Name Function Value Constant Kt

Value

0<=t<=19 Fn1=f(t,N,O,P) (N^ O) v ( N^P ) 5A827999

20<=t<=39 Fn1=f(t,N,O,P) (N xor O xor P) 6ED9EBA1

40<=t<=59 Fn1=f(t,N,O,P) (N ^ O) v (N^P)

v(O^D)

8F1BBCDC

60<=t<=79 Fn1=f(t,N,O,P) (N xor O xor P) CA62C1D6

VI. IMPROVISED COMPRESSION FUNCTION

Since it has already been specified that 4 similar rounds will be implemented for SHA-1 for designing the hardware

part, at each level the function is differently implemented and functions at different levels are also different, this

process is endowed with multi-hashing technique which states that at every level different. Till now different

attacks have been there on the Hash function to make the process more secure, each level would have different

value of hash function so that it will be difficult for an attacker to gain important information or data. This

improvisation of using multi-hashing technique will make the process of securing information via SHA-1 mode of

http://ijves.com/





353

algorithm more secure. The figure 1.2 below describes the architectural design for Improvised Compression

function. [3][4][5].

Mathematical Formulation M, N, O, P, Q (E + Fn( t, N,O,P) + S5 (M) + Wt + Kt ),M, S^30 (N),O,P

Where

1. M, N, O, P, Q = the five words of the buffer

2. T = step number; 0<= t <=79

3. Fn (t, N,O,P)= is primitive logic function of logic t

4. SK = circular left shift (rotation) of the 32-bit argument by k bits

5. Wt = a 32-bit word derived from the current 512-bit input block

6. Kt = is an additive constant; four distinct values are used in the process

7. + = additive module of 232

Figure: 2 Multi Hashing-Compression Function

VII. SHA-1 BLOCK DIAGRAM

The given below figure shows the block diagram of sha-1 after synthesis. This block diagram shows the input

and output port. In input port the cv shows the input hash value which is pre -defined in the algorithm and

data_in, global clock, load_in is high when data is loading an low when data is loaded and global reset and start

signal. When reset signal is 1 then all value is 0 in output.

The output signal CV_next shows the output hash signal of 160 bit. Output valid signal shows that output is

valid when signal is 1 and not valid when signal is 0.busy signal represent the busy of hash output.[3][4]This

architecture processes in figure 3 shows the serial implementation of secure hash algorithm -1. All the architectural

components are serially implemented and the last add initial hash value and internal hash value is also determined.

In this architecture an input message is padded. The padding unit pads 1 and series of 0, the length of the message

to the input message and generate blocks of 512-bit message. Wi serial generator generate W0 to W79 of 32-bit

which is used in serial compression function.[9][10] Function generation block generates function Ft using internal

hash value. Architecture of constant Kt selection is based upon the Table 3 specified in previous sections.

Figure: 3 Process Architecture of SHA-1

http://ijves.com/





354

Figure: 4 Digital SHA-1 Block Diagram

VIII. RESULTS

A. Waveform Analysis

After performing all the necessary steps to formulate the process initially and generating the hash function

required in the compression function. Next is to formulate and verify the behaviour of the proposed approach

using the simulation process by generating waveforms. Given below is shows the simulation results of SHA-1

algorithm. In this simulation result clock is global and output comes after 70 clock period and reset signal is a

also global reset. Signal data_in shows the value of input data and load_inis equal to 1 show that the value is

loaded and when it is equal to o then all the value of data_in has been loaded. CV signal is the input hash signal

which is pre defined value in the SHA -1 algorithm. The value of use_prescv signal equal to 0 to show that cv is

available or not. Start signal is 0. When reset signal s 1 then all value is 0 in output.

Figure: 5 Simulation Result of SHA-1

The given below figure shows the simulation results of text bench. The clock and reset signal is global signal

.Output comes after 70 clock cycle all input are same as above declared in simulation of SHA-1 This figure 6&7

below shows the verification of SHA-1 using two test vector and check the value output which will be

“a9993e364706aba3a25717850c26c9cd0d89d”

Figure: 6 Test Bench (I) Simulation SHA-1

http://ijves.com/





355

Figure: 7 Test Bench (II) Simulation SHA-1

Figure: 8 Round Function Simulation SHA-1

B. Hardware on system Chip Design For generating the gate level schematic we use the mentor tool (Design Architect) by importing the verilog net list

file which is generated by Leonardo spectrum. And for layout generation, we use IC Station Tool and imported

the verilog net list file.For the layout generation we use ASIC design flow instead of FPGA design flow. We use

180 nanometer technologies. Here in this digital design the routing between the modules takes place this routing

can be intra-routing cells or inter routing cells. This hardware component can act as a intermediate component

while designing the RFID base system, Secondly this hardware routing is an important component in the

applications like Smart cards, Crypto cards, credit or Debit cards etc. This hardware design accumulates all the

steps described above for the creating of hardware platform.

Figure: 9: Hardware Layout of SHA-1

http://ijves.com/





356

CONCLUSION

This paper highlights the on system chip design of the SHA-1 algorithm; with the improvisation in the

compression function. And also provides the significance that if we are making complex applications where

optimization is not an important task only security is important then in that case hashing technique can be used.

This paper also throws the light upon the fact that SHA-1 is no doubt is secure where security is the only

parameter but when optimization of resources comes into picture then it may fail to give positive results for that

purpose we can use light weight cryptographic algorithms or block cipher cryptology approach.

REFERENCES

[1] Kohli Rashi, Manoj Kumar “Optimized on System Analysis Using AES and X-tea” International Journal of

Advanced Research in Computer Science and Software Engineering, (2277-128X), Volume 3 Issue 2, February

2013.

[2] Kohli Rashi, Divya Sharma, Manoj kr.Baliyan “S-Box Design Analysis and Parameter Variation in AES

Algorithm“International Journal of Computer Applications (0975 – 8887) Volume 60– No.2, December 2012.

[3]. FPGA Implementation of SHA-1 Algorithm, Dai Zibin Zhou Ning, Institute of Electronic Technology,

Information Engineering University, Zhengzhou, 450004, P.R. China

[4]. The Realization and optimization of Secure Hash Algorithm (SHA-1) based on LEON2 Coprocessor, Xia

Hong, Ning Hui-ming, Yan Jiang-yu, School of Computer Science and Technology, North China Electric Power

University, China-102206, 2008

[5]. National Institute of Standards and Technology (NIST), Secure Hash Standard (SHSJ, National Technical

Information Service, Springfield. VA 22161, Aug. 2002.

[6].J.Deepakuniara, H.M. Heys, and R. Venkatesan,Proceedings of IEEE Canadian Conference on Electrical

and Computer Engineering, (Toronto,Ontario, May 2001), p.176

[7]. FIPS 180-1, Secure hash standard, NIST, US Deparment of Comerce, Washington D. C., April 1995.

[8] An HMAC Processor with Integrated SHA- 1 and MD5 Algorithms, Mao-Yin Wang, Chih-Pin Su, Chih-

Tsun Huang, and Cheng-Wen wu Laboratory for Reliable Computing, Department of Electrical Engineering

National Tsing Hua University ,Hsinchu, Taiwan 30013

[9]. L. Dadda, M. Macchetti, and J. Owen. An ASIC design for a high speed implementation of the hash

function SHA-256 (384, 512). In ACM Great Lakes Symposium on VLSI, pages 421–425. ACM, 2004.

[10].McLoone M, McCanny JV. Efficient single-chip implementation of SHA-384 and SHA-512. In:

Proceedings of the IEEE international conference on field-programmable technology (FPT), Hong Kong, July

2002. p. 311–4.

[11]. N. Sklavos, E. Alexopoulos and . Koufopavlou “Networking Data Integrity: High Speed Architectures

and Hardware Implementations ”The International Ara Journal of Information Technology, Vol. 1

[12].B. Preneel, "Analysis and design of cryptographic hash functions," Ph.D. dissertation, Catholic University

of Leuven, Belgium,Feb. 1993.

[13].N. Sklavos, G. Dimitroulakos, and 0. Koufopavlou, "An ultra highspeed architecture for VLSI

implementation of hash functions," in Proc.of 10th IEEE International Conference on Electronics, Circuits and

Systems (ICECS 2003), Dec. 2003, pp. 990-993.

[14] Kohli Rashi, Manoj Kumar ““FPGA Implementation of Cryptographic Algorithms using Multi-

Encryption Technique” International Journal of Advanced Research in Computer Science and Software

Engineering, (2277-128X), Volume 3 Issue 5, May 2013.

AUTHORS BIOGRAPHY

Rashi Kohli is an M.Tech student in the department of Computer science & Engineering, ASET,

Amity University, Uttar Pradesh. She received her B.Tech degree in Information and Technology

from Amity University, India. Her research interests include Cryptography, VLSI, network security

and software engineering domain.

Mr. Manoj Kumar, currently working as an Assistant Professor in the department of Computer

science & Engineering, ASET, Amity University, Uttar Pradesh, India He has received degrees in

M.Sc, M.Tech & PG Diploma. His research interests include Network Security, Embedded Systems

& Algorithm Design.

http://ijves.com/

DIGITAL VLSI ON SYSTEM CHIP DESIGN USING MULTI-HASHING...

Documents

Transcript of DIGITAL VLSI ON SYSTEM CHIP DESIGN USING MULTI-HASHING...