PERTANIKA JOURNAL OF TROPICAL AGRICULTURAL SCIENCE

 

e-ISSN 2231-8542
ISSN 1511-3701

Home / Regular Issue / JTAS Vol. 32 (1) Jan. 2024 / JST-4050-2022

 

Towards Maximising Hardware Resources and Design Efficiency via High-Speed Implementation of HMAC based on SHA-256 Design

Shamsiah Suhaili, Norhuzaimin Julai, Rohana Sapawi and Nordiana Rajaee

Pertanika Journal of Tropical Agricultural Science, Volume 32, Issue 1, January 2024

DOI: https://doi.org/10.47836/pjst.32.1.02

Keywords: Field Programmable Gate Array, hash function, Hash-based Message Authentication Code, Secure Hash Algorithm 256, Verilog Hardware Description Language

Published on: 15 January 2024

Some applications, such as Message Authentication Code (MAC), rely on different hashing operations. There are various hash functions, including Message-Digest 5 (MD5), RACE Integrity Primitives Evaluation Message Digest 160 (RIPEMD-160), Secure Hash Algorithm 1 (SHA-1), and Secure Hash Algorithm 256 (SHA-256), among others. The network layer is the third of seven layers of the Open Systems Interconnection (OSI) concept, also known as the Internet. It handles network addressing and physical data routing. Nowadays, enhanced internet security is necessary to safeguard networks from illegal surveillance. As a result, Internet Protocol Security (IPsec) introduces secure communication across the Internet by encrypting and/or authenticating network traffic at the IP level. IPsec is an internet-based security protocol. Encapsulating Security Payload (ESP) and Authentication Header (AH) protocols are separated into two protocols. The MAC value is stored in the authentication data files of the Authentication Header and Encapsulating Security Payload. This article analyses a fast implementation of the Hash-based Message Authentication Code (HMAC), which uses its algorithm to ensure the validity and integrity of data to optimise hardware efficiency and design efficacy using the SHA-256 algorithm. During data transfer, HMAC is critical for message authentication. It was successfully developed using Verilog Hardware Description Language (HDL) code with the implementation of a Field Programmable Gate Array (FPGA) device using the Altera Quartus II Computer-Aided Design (CAD) tool to enhance the maximum frequency of the design. The accuracy of the HMAC design, which is based on the SHA-256 design, was examined and confirmed using ModelSim. The results indicate that the maximum frequency of the HMAC-SHA-256 design is approximately 195.16 MHz.

  • Chen, F., & Yuan J. (2012). Enhanced key derivation function of HMAC-SHA-256 algorithm in LTE network. In 2012 Fourth International Conference on Multimedia Information Networking and Security (pp. 15-18). IEEE Publishing. https://doi.org/10.1109/MINES.2012.106

  • Choi, H., & Seo, S. C. (2020). Optimization of PBKDF2-HMAC-SHA256 and PBKDF2-HMAC-LSH256 in CPU environments. In I. You (Ed.), Information Security Applications (pp. 321-333). Springer Cham.

  • https://doi.org/10.1007/978-3-030-65299-9_24

  • FIPS PUB 198-1. (2008). Federal Information Processing Standards, The Keyed-Hash Message Authentication Code (HMAC). Information Technology Laboratory National Institute of Standards and Technology Gaithersburg. https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.198-1.pdf

  • FIPS PUB 180-4. (2015). Federal Information Processing Standards, Secure Hash Standard (SHS). Information Technology Laboratory National Institute of Standards and Technology Gaithersburg. https://nvlpubs.nist.gov/nistpubs/fips/nist.fips.180-4.pdf

  • Juliato, M., & Gebotys, C. (2011). FPGA Implementation of an HMAC Processor based on the SHA-2 Family of Hash Functions. University of Waterloo Technical Report. https://citeseerx.ist.psu.edu/document?repid=rep1&type=pdf&doi=5043ce0a65691fd16ff7a546e6c0013d9ee190ca

  • Jung, S. W., & Jung, S. (2013). HRP: A HMAC-based RFID mutual authentication protocol using PUF. In The International Conference on Information Networking 2013 (ICOIN) (pp. 578-582). IEEE Publishing. https://doi.org/10.1109/ICOIN.2013.6496690

  • Khan, E., El-Kharashi, M. W., Gebali, F., & Abd-El-Barr, M. (2007). Design and performance analysis of a unified, reconfigurable HMAC-Hash unit. IEEE Transactions on Circuits and Systems-I: Regular Papers, 54(12), 2683-2695. https://doi.org/10.1109/TCSI.2007.910539

  • Kieu-Do-Nguyen, B., Hoang, T. T., Tsukamoto, A., Suzaki, K., & Pham, C. K. (2022). High-performance multi-function HMAC-SHA2 FPGA implementation. In 20th IEEE International Interregional NEWCAS Conference, NEWCAS 2022 (pp. 30-34). IEEE Publishing. https://10.1109/NEWCAS52662.2022.9842174

  • Lin, L., Chen, K., & Zhong, S. (2017). Enhancing the session security of zen cart based on HMAC-SHA256. KSII Transactions on Internet and Information Systems, 11(1), 466-483.

  • McLoone, M., & McCanny, J. V. (2002). A single-chip IPSec cryptographic processor. In IEEE Workshop on Signal Processing Systems (pp. 133-138). IEEE Publishing. https://doi.org/10.1109/SIPS.2002.1049698

  • Michail, H. E., Kakarountas, A. P., Milidonis, A., & Goutis, C. E. (2004). Efficient implementation of the keyed-hash message authentication code (HMAC) using the SHA-1 hash function. In Proceedings of the 2004 11th IEEE International Conference on Electronics, Circuits and Systems, 2004 (ICECS 2004) (pp. 567-570). IEEE Publishing. https://doi.org/10.1109/ICECS.2004.1399744

  • Oku, D., Yanagisawa, M., & Togawa, N. (2018). Scan-based side-channel attack against HMAC-256 circuits based on isolating bit-transition groups using scan signatures. IPSJ Transactions on System LSI Design Methodology, 11, 16-28. https://doi.org/10.2197/ipsjtsldm.11.16

  • Pham, H. L., Tran, T. H., Duong Le, V. T., & Nakashima, Y. (2022). A high-efficiency FPGA-based multimode SHA-2 accelerator. IEEE Access Open Access, 10, 11830-11845. https://doi.org/10.1109/ACCESS.2022.3146148

  • Randall, K. N. (1999). ISCA Guide to Cryptography. McGraw-Hill.

  • Ravilla, D., & Putta, C. S. R. (2015a). Routing using trust-based system with SHA-2 authentication. Procedia Computer Science Open Access, 46, 1108-1115. https://doi.org/10.1016/j.procs.2015.01.023

  • Ravilla, D., & Putta, C. S. R. (2015b). Implementation of HMAC-SHA256 algorithm for hybrid routing protocols in MANETs. In 2015 International Conference on Electronic Design, Computer Networks & Automated Verification (EDCAV) (pp. 154-159). IEEE Publishing. https://doi.org/10.1109/EDCAV.2015.7060558

  • Rubayya, R. S., & Resmi, R. (2015). Memory optimization of HMAC/SHA-2 encryption. In 2014 First International Conference on Computational Systems and Communications (ICCSC) (pp. 282-287). IEEE Publishing. https://doi.org/10.1109/COMPSC.2014.7032663

  • Selimis, G., Sklavos, N., & Koufopavlou, O. (2003). VLSI implementation of the keyed-hash message authentication code for the wireless application protocol. In 10th IEEE International Conference on Electronics, Circuits and Systems, 2003 (ICECS 2003) (Vol. 1, pp. 24-27). IEEE Publishing. https://doi.org/10.1109/ICECS.2003.1301967

  • Stallings, W. (1996). Data & Computer Communications (6th ed.). Prentice Hall.

  • Wang, M. Y., Su, C. P., Huang, C. T., & Wu, C. W. (2004). An HMAC processor with integrated SHA- 1 and MD5 algorithm. In ASP-DAC 2004: Asia and South Pacific Design Automation Conference 2004 (IEEE Cat. No. 04EX753) (pp. 456-458). IEEE Publishing. https://doi.org/10.1109/ASPDAC.2004.1337618

  • Yiakoumis, I., Papadonikolakis, M., Michail, H., Kakarountas, A. P., & Goutis, C. E. (2005). Efficient small-sized implementation of the Keyed-Hash message authentication code. In EUROCON 2005-The International Conference on” Computer as a Tool” (Vol. 2, pp. 1875-1878). IEEE Publishing. https://doi.org/10.1109/EURCON.2005.1630347