Abstract
While SHA-2 is a ubiquitous cryptographic hashing primitive, its role in emerging application domains, e.g. blockchains or trusted IoT components, has made the acceleration of SHA-2 very challenging due to new stringent classes of requirements, especially implementation cost and energy efficiency. The survey discusses these emerging applications and their fundamental requirements. Then, the work presents a comprehensive review of the different design techniques available in the literature for SHA-2 acceleration. The main focus of the presentation is placed on the impact of each design technique on the area, energy, power, and performance of the resulting accelerator, guiding the designer through the identification of the appropriate technique mixes which meet the constraints of any given application.
Highlights
Cryptographic hash functions have been employed for decades as a fundamental building block of information security
Modern applications relying on SECURE HASH ALGORITHM 2 (SHA-2) have strict requirements in terms of performance, area, electrical energy or power, often involving multiple of these metrics in conflicting tradeoffs
Different design techniques have been proposed in the technical literature for Secure Hash Algorithm (SHA)-2 hardware acceleration, among which the designer can choose to implement their own customized accelerator
Summary
Cryptographic hash functions have been employed for decades as a fundamental building block of information security. 3) PIPELINING Hardware pipelining as used in many dedicated SHA-2 architectures consists of instantiating S blocks each performing a fraction of the total number of iterations In other words, such architectures distribute the R rounds required by a single hash calculation onto S pipeline stages, each handling R/S iterations. Relying on hardware replication, pipelined SHA-2 architectures increase the steady-state throughput, since they are capable of outputting a new hash value every R/S cycles, or even less if loop unrolling is used: compared with the nonpipelined implementation employing a single transformation round core, the throughput improvement reaches a factor S. One adder is used to perform all the operations of the Compressor and the Expander, which do not operate in parallel and can be disconnected from the clock network
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
