可重构计算平台上SHA系列函数的优化实现

发布时间：2018-02-25 04:32

本文关键词： 可重构平台 FPGA 哈希函数 CSA 流水线　出处：《郑州大学》2017年硕士论文　论文类型：学位论文

【摘要】：近些年,随着互联网的普及和广泛应用,不管是在各种文档、网上银行、收发e-mail,还是在其它对安全性要求极高的数字通信领域,加密技术已经成为了保证数据传输私密性的一个重要工具。针对此类问题,美国国家标准技术研究所和美国安全局先后公布了SHA-1、SHA-224、SHA-256、SHA-384和SHA-512算法。另外,在高性能计算的性能不断刷新纪录带给人们惊喜的同时,我们不得不黯然接受两个令人沮丧的事实:计算机功耗越来越大和计算机的实际应用效率并没有获得期望的提升。高端计算的研究热点逐渐从高性能计算转向到高效能计算,越来越多的学者开始致力于可重构计算平台的研究。哈希函数被广泛应用于消息认证、数字签名、口令安全等领域。近年来,针对哈希函数硬件实现的研究较多,但多数研究只对哈希函数中的某一种进行了硬件设计与实现。然而,不同环境对哈希函数安全强度的要求不同,可能需要在不同算法之间进行切换,若使用不同的硬件电路来分别实现,既浪费资源,又降低了工作效率。另外,低功耗、高性能,小面积是当今加密芯片的发展趋势。针对上述问题,本文深入分析了SHA-1、SHA-256和SHA-512三种哈希函数的共性和不同点,采用了可重构计算思想,结合FPGA结构特点,按以下几部分展开:1、在总结、归纳三种哈希函数可重构模块与单元的基础上,采用可重构体系的设计思路,给出了SHA-1、SHA-256和SHA-512三种哈希函数的消息扩展模块、迭代压缩模块等模块的可重构设计。2、设计了可以实现SHA-1、SHA-256和SHA-512三种哈希函数的硬件结构,在关键计算路径对加法运算进行了优化,并且配合全流水线结构,实现了较高的吞吐率,SHA-1、SHA-256和SHA-512三种哈希函数也可以单独灵活地实现。3、随机选取一个加密SHA-1文件,分别在可重构组件和通用服务器上进行口令破解实验,记录了各自的破解速度和功耗,计算出相应的能效比。实验表明,可重构组件的能效比要高于通用服务器的。
[Abstract]:In recent years, with the popularity and wide application of the Internet, whether in all kinds of documents, online banking, sending and receiving e-mail, or in other areas of digital communications with high security requirements, Encryption technology has become an important tool to ensure the privacy of data transmission. In order to solve this problem, the National Institute of Standards and Technology and the United States Security Agency have successively published the SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 algorithms. While the performance of high performance computing keeps breaking records, We have to accept two depressing facts: the increasing power consumption of computers and the lack of the desired improvement in the actual application efficiency of computers. The research focus of high-end computing has gradually shifted from high performance computing to high efficiency computing. More and more scholars begin to devote themselves to the research of reconfigurable computing platform. Hash function is widely used in the fields of message authentication, digital signature, password security and so on. However, most studies only design and implement one of the hash functions. However, different environments require different security strength of the hash function, so they may need to switch between different algorithms. If different hardware circuits are used to realize them separately, it will not only waste resources but also reduce working efficiency. In addition, low power consumption, high performance and small area are the development trend of encryption chips. In this paper, we deeply analyze the commonness and difference of SHA-1n SHA-256 and SHA-512 hash functions, adopt the idea of reconfigurable computation, combine with the characteristics of FPGA structure, and expand to 1: 1 according to the following several parts. On the basis of summing up three kinds of reconfigurable modules and units of hash functions, we conclude three kinds of hash function reconfigurable modules and units. Based on the idea of reconfigurable architecture, the reconfigurable design of message extension module, iterative compression module and SHA-512 hash function of SHA-1 / SHA-256 and SHA-512 are given. The hardware structure of SHA-1 / SHA-256 and SHA-512 hashing function is designed. The addition operation is optimized in the critical computing path, and with the structure of full pipeline, three kinds of hash functions, SHA-1 SHA-256 and SHA-512, can be implemented flexibly and separately, and an encrypted SHA-1 file is selected randomly. Password cracking experiments are carried out on reconfigurable components and general purpose servers respectively. The decoding speed and power consumption are recorded and the corresponding EER is calculated. The experiments show that the EER of reconfigurable components is higher than that of common servers.
【学位授予单位】：郑州大学
【学位级别】：硕士
【学位授予年份】：2017
【分类号】：TP309

【相似文献】