Authentication with RIPEMD-160 and Other Alternatives: A Hardware Design Perspective

Taking into consideration the rapid evolution of communication standards that include message authentication and integrity verification, it is realized that constructions like MAC and HMAC, are widely used in the most popular cryptographic schemes since provision of a way to check the integrity of information transmitted over or stored in an unreliable medium is a prime necessity in the world of open computing and communications. MACs are used so as to protect both a message's integrity as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content. In every modern cryptographic scheme that is used to secure a crucial application that calls for security, a keyed-hash message authentication code, or HMAC, is incorporated. Beyond HMAC, a block cipher algorithm is also incorporated (i.e like AES), thus resulting to the whole security scheme. The proposed hardware design invokes a number of optimizing techniques like pipeline, evaluation-based partial unrolling, certain algorithmic transformations in space and time and computational re-ordering, leading to a highthroughput and low-power design for the whole HMAC construction. Finally, a new algorithm, CMAC, for producing message authenticating codes (MACs) which was recently proposed by NIST, is also described. The proposed security scheme incorporates a FIPS approved and a secure block cipher algorithm (that might have already been deployed in the security scheme) and was standardized by NIST in May, 2005. This work concludes with an efficient hardware implementation of the CMAC standard.

[1]  Bernard P. Zajac Applied cryptography: Protocols, algorithms, and source code in C , 1994 .

[2]  Sandra Dominikus,et al.  A hardware implementation of MD4-family hash algorithms , 2002, 9th International Conference on Electronics, Circuits and Systems.

[3]  Bart Preneel,et al.  RIPEMD-160: A Strengthened Version of RIPEMD , 1996, FSE.

[4]  Larry Loeb Secure Electronic Transactions Introduction and Technical Reference , 1998 .

[5]  Fayez Gebali,et al.  An FPGA design of a unified hash engine for IPSec authentication , 2005, Fifth International Workshop on System-on-Chip for Real-Time Applications (IWSOC'05).

[6]  Stephen A. Thomas,et al.  SSL & TLS Essentials: Securing the Web , 2000 .

[7]  Odysseas G. Koufopavlou,et al.  On the hardware implementation of RIPEMD processor: Networking high speed hashing, up to 2Gbps , 2005, Comput. Electr. Eng..

[8]  Ilya Mironov,et al.  Hash functions: Theory, attacks, and applications , 2005 .

[9]  Kevin S. McCurley A fast portable implementation of the Secure Hash Algorithm, III. , 1992 .

[10]  David Johnston,et al.  Overview of IEEE 802.16 security , 2004, IEEE Security & Privacy Magazine.

[11]  Joos Vandewalle,et al.  Fast Hashing on the Pentium , 1996, CRYPTO.

[12]  Ingrid Verbauwhede,et al.  A 21.54 Gbits/s fully pipelined AES processor on FPGA , 2004, 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines.

[13]  Eugene H. Spafford,et al.  The design and implementation of tripwire: a file system integrity checker , 1994, CCS '94.

[14]  Ken Thompson,et al.  Password security: a case history , 1979, CACM.

[15]  Mitsuru Matsui,et al.  Performance Analysis and Parallel Implementation of Dedicated Hash Functions , 2002, EUROCRYPT.

[16]  Morris J. Dworkin,et al.  SP 800-38D. Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC , 2007 .

[17]  Paul C. van Oorschot,et al.  Hardware-assisted circumvention of self-hashing software tamper resistance , 2005, IEEE Transactions on Dependable and Secure Computing.

[18]  Akashi Satoh,et al.  ASIC hardware focused comparison for hash functions MD5, RIPEMD-160, and SHS , 2005, International Conference on Information Technology: Coding and Computing (ITCC'05) - Volume II.

[19]  Tung-Sang Ng,et al.  A unified architecture of MD5 and RIPEMD-160 hash algorithms , 2004, 2004 IEEE International Symposium on Circuits and Systems (IEEE Cat. No.04CH37512).