130 likes | 475 Vues
Secured Hash Function Efficient hardware implementation by Liron Cohen Based on “LFSR-based Hashing and Authentication” by Hugo Krawvzyk (IBM). LFSR-based Hash. LFSR-based (Toeplitz) hashing, same as in RSS.
E N D
Secured Hash FunctionEfficient hardware implementationby Liron CohenBased on “LFSR-based Hashing and Authentication” by Hugo Krawvzyk (IBM)
LFSR-based Hash • LFSR-based (Toeplitz) hashing, same as in RSS. • Given a key of m bits returns hash value of n bits ( ). • Guarantees that , Where . • Note that in the (best) random case. • In our framework of m=188b, n=32b we get , • Where in the random case we get .
Example Compute the hash result via matrix multiplication : The secret key that generates this matrix is 100110.
Example • Compute the hash value via our algorithm : Secret key - 1 0 0 1 1 0 Hash Result – 0 0 0 1 0 0 1 0 1 0 1 1 Message – 1 1 0 1
Hash Type • Advertises what message length should the hash expect, 4 options :
Seed • Instead of generating pseudo-random bit sequence with LFSR we can receive a seed (secret key) from the firmware/driver. • For IPv4 the seed should be (2B+2B+4B+4B+32b=)16 Bytes long. • For IPv6 the seed should be (2B+2B+16B+16B+32b=)40 Bytes long. • Note that the number should be generated by a LFSR with connections corresponding to the coefficients of an irreducible polynomial.
Mask Type • Determines the output size in bits. • Value between 1-31. • We will use different mask types for different uses, for example : • On-die search – mask_type = 01011 (hash_result[10:0]) • Off-die search for iScsi – mask_type = 01001 (hash_result[9:0]) • Off-die search for RDMA – mask_type = 10001 (hash_result[16:0])
Timing • Assuming low power, 65nm process, pipelined – • Throughput of 1 hash result per cycle • Latency of 4 cycles per hash result.