Implementation of Sha-1 Algorithm on Fpga

1K. sandeep kumar, 2Y jagadeesh, 3P rajeshwar  
1,2 Assistant Professor, Department Of Electronics & Communication Engineering 
Holy Mary Institute Of Technology & Science  
3 Assistant Professor, Department Of Electronics & Communication Engineering, 
Annamacharya Institute Of Technology & Science

Abstract: SHA (Secure Hash Algorithm) is famous message compress standard used in computer cryptography, it can compress a long message to become a short message abstract. The algorithm can be used in many Secure Algorithm, especially for DSS. In this paper, the improved version SHA-1 is implemented and analysed. It is then improved and implemented in Verilog and FPGA. Xilinx is used to compile and generate the function modules, RTL level description circuit and simulated waveform. RTL level description is the circuit connection in FPGA chip. It shows the connection of the modules. Simulated waveform shows us the timing and the function of the SHA-1 module. SHA-1 module that designed in this paper used less memory units and logic elements. It can be used in DSA or any protocols or secure algorithm.

Keywords: SHA-1; Secure Hash Algorithm; FPGA; Networks Security

I. INTRODUCTION

Nowadays, network is not only a way for us to get more information. It has already become a new lifestyle for people. For example, network bank, net-shopping, online chat, e-government, etc. All these need a high security network. So networks security has become a very important problem in information age.

In this paper, message compress standard SHA-1 (Secure Hash Algorithm) will be implemented by FPGA (Field Programmable Gate Array) to cooperate the DSS. And it will be used in DSA (Digital Signature Arithmetic) that implemented by FPGA.

II. SHA-1

Hash function is an important part of many cryptoalgorithm, there are 3 famous Hash Algorithm, SHA, MD (Message Digest) and RIPEMD-160 message compress algorithm. In comparison, the security of SHA-1 is better than MD and RIPEMD-160.

SHA (Secure Hash Algorithm) is designed by National Security Agency of the U.S.A. It is a message compress standard used to cooperate DSS (Digital Signature Standard) that designed by NIST(National Institute of Standards and Technology). Though SHA is designed for DSS, it can be also used in many protocols or secure algorithm. The original version of SHA is called SHA or SHA-0. SHA-1 is the improved version of SHA-0.

Using SHA-1, a message which is no longer than 2^64 bit can be generated a 160bit message abstract. Message abstract is much shorter than the message itself, so it will spend less time to generate a digital signature. The more important is that the digital signature generate by message abstract has the same security as generate by message.[1] The most important of all, SHA-1 is implied easily.

III. SHA-1 ARITHMETIC DESIGN AND SYNTHESIS ANALYSIS

Message compress standard SHA is designed for DSS. The input of SHA is a message which is no longer than 2^64 bit, and it can generate a 160 bit message abstract.

If a message no longer than 264 bit, it needs to be added zeros to make the message become a 264 bit one. And if a message longer than 264 bit, it needs to be separated into several groups. Every group contains 264 bit. Then the message groups will be converted into message abstract groups by SHA algorithm.[2,3]

When message abstract is generated, five 32 bit initial values A, B, C, D, E will be used.

A=67452301
B=EFCDAB89
C=98BADCFE
D=10325476
E=C3D2E1F0
These registers are initialized to the above 32-bit integers (hexadecimal values)

The first four values are the same as those used in MD5. However, in the case of SHA-1, these values are stored in big-endian format, which is the most significant byte of a word in the low-address byte position.

As 32-bit strings, the initialization values (in hexadecimal) appear as follows

Word A: 67 45 23 01
Word B: EF CD AB 89
Word C: 98 BA DC FE
Word D: 10 32 54 76
Word E: C3 D2 E1 F0

![Figure 1: SHA-1 processing of single 512 bit block (Compression function)](image)

The heart of the algorithm is a module that consists of four rounds of processing of 20 steps each. The four rounds have a similar structure, but each uses a different primitive logical function, which we referred to as f1, f2, f3 and f4.

Each round takes as input the current 512-bit block being processed (Yq) and the 160-bit buffer value ABCDE and updates the contents of the buffer. Each round also makes use of an additive constant Kt, where 0≤t≤79 indicates one of the 80 steps across five rounds. In fact, only four distinct constants are used. The values, in hexadecimal and decimal, are as follows

<table>
<thead>
<tr>
<th>Step Number</th>
<th>Hexadecimal</th>
<th>Take integer part of</th>
</tr>
</thead>
<tbody>
<tr>
<td>0≤t≤19</td>
<td>Kt= 5A827999</td>
<td>[230×√2]</td>
</tr>
<tr>
<td>20≤t≤39</td>
<td>Kt= 6ED9EBA1</td>
<td>[230×√3]</td>
</tr>
<tr>
<td>40≤t≤59</td>
<td>Kt= 8F1BBCDC</td>
<td>[230×√5]</td>
</tr>
<tr>
<td>60≤t≤79</td>
<td>Kt= CA62C1D6</td>
<td>[230×√10]</td>
</tr>
</tbody>
</table>

The output of the fourth round (eightieth step) is added to the input to the first round (CVq) to produce CVq+1. The addition is done independently for each of the five words in the buffer with each of the corresponding words in CVq, addition modulo 232.

After all L 512-bit blocks have been processed, the output from Lth stage is the 160-bit message digest. We can summarize the behavior of SHA-1 as follows:

CV0 = IV
CVq+1 = SUM32(CVq, ABCDEq)
MD = CVL

Where

IV: initial value of the ABCDE buffer, defined in step 3
ABCDEx: The output of the last round of processing of the qth message block
L: The number of blocks in the message (including padding and length fields)
SUM32: addition modulo 232 performed separately on each word of the pair of inputs
MD: Final message digest value
The logic in each of the 80 steps of the processing of one 512-bit block. Each round is of the form
A,B,C,D,E ← (E+f(t,B,C,D)+S^t(A)+W_t+ K_t), A,S^{30}(B),C,D

Where
A,B,C,D,E = the five words of the buffer

f(t,B,C,D) = primitive logical function for step t
S^t = circular left shift(rotation) of the 32-bit argument by the k bits
W_t = 32-bit word derived from the current 512-bit input block
K_t = an additive constant; four distinct values are used, as defined previously
+= addition modulo 2^{32}

Each primitive function takes three 32-bit words as input and produces a 32-bit word output. Each function performs a set of bitwise logical operations; that is, the nth bit of the output is a function of the nth bit of the three inputs.

The functions can be summarized as follows:

Table 2: Logic Operations In Sha

<table>
<thead>
<tr>
<th>Step</th>
<th>Function Name</th>
<th>Function Value</th>
</tr>
</thead>
<tbody>
<tr>
<td>0≤T≤19</td>
<td>F1=F(T,B,C,D)</td>
<td>(BAC)\lor(BAD)</td>
</tr>
<tr>
<td>20≤T≤39</td>
<td>F2=F(T,B,C,D)</td>
<td>B \oplus C \oplus D</td>
</tr>
<tr>
<td>40≤T≤59</td>
<td>F3=F(T,B,C,D)</td>
<td>(BAC)\lor(BAD)\lor(CAD)</td>
</tr>
<tr>
<td>60≤T≤79</td>
<td>F4=F(T,B,C,D)</td>
<td>B \oplus C \oplus D</td>
</tr>
</tbody>
</table>

The logical operators (AND, OR, NOT) are represented by the symbols (\land,\lor,\neg) . As can be seen only three different functions are used. For 0≤t≤19, the function is the conditional function: If B, then C else D.

For 20≤t≤39 and 60≤t≤79, the function produces a parity bit. For 40≤t≤59, the function is true if two or three of the arguments are true. Table 12.2 is a truth table of these functions.

It remains to indicate how the 32-bit word values W_t are derived from the 512-bit message. The first 16 values of W_t are taken directly from the 16 words of the current block. The remaining values are defined as follows:

\[
W_t = S^t(W_{t-16} \oplus W_{t-14} \oplus W_{t-8} \oplus W_{t-3})
\]

Thus, in the first 16 steps of processing, the value of W_t is equal to the corresponding word in the message block. For the remaining 64 steps, the value of W_t consists of the circular left shift by one bit of the XOR of four of the preceding values of W_t

This is a notable difference from MD5 and RIPEMD-160, both if which use one of the 16 words of a message block directly as input to each step function; only the order of the words is permuted from round to round. SHA-1 expands the 16 block words to 80 words for use in the compression function. This introduces a great deal of redundancy and interdependence into the message blocks that are compressed, which complicates the task of finding a different message block that maps to the same compression function output.
IV. RESULT AND ANALYSIS

The module is designed by FPGA. FPGA is a half-order circuit of ASIC(Application Specific Integrated Circuit). It contains many logic cells that has already been distributed in the chip. So it is easy for people to design a system or module for some special function. RTL is the circuit connection in chip. It shows us the connection of the modules, sub-module and the logic cells. It is also follow the top-to-bottom structure. We can see the detail structure of the sub-module when we click the sub-module block. When we use FPGA to implement the SHA-1 module, it will be organized according to the RTL level description. RTL is a top-to-down structure. Fig.4 is the top level module of SHA-1.

Fig.5 is the simulated waveform of SHA-1 module, it shows us the timing and the function of the module. The clock period is 20.0ns. The message abstract which is no longer than 264 bit can be generated in about 100ms.

V. CONCLUSION

SHA is famous message compress standard used in computer cryptography. Its improved version SHA-1 algorithm has been analysised in this paper, and implied by Verilog. Xilinx is used to synthesis the module, and then generated RTL level description circuit and simulated waveform.

The SHA-1 module only needs 74 pins, 857 LC registers, 691 LUT-only LCs and 1029 logic elements. Using the SHA-1 module, a long message can be generated a short and safe message abstract in a very short time.
The design of SHA-1 module in this paper can be used to cooperate with DSA, or be an independent module used in many protocols or secure algorithm.

<table>
<thead>
<tr>
<th>SI No.</th>
<th>Compilation Hierarchy node</th>
<th>Total thermal power by hierarchy (1)</th>
<th>Block thermal static power (1)</th>
</tr>
</thead>
<tbody>
<tr>
<td>1</td>
<td>sha</td>
<td>118.69mW</td>
<td>0.00mW</td>
</tr>
</tbody>
</table>

REFERENCES