400G ultra low latency 56/112G FEC and SERDES IP sub 10ns latency
Industry Expert Blogs
Why the HMAC did we do this?DCD Blog - DCDMar. 23, 2020 |
HMAC-SHA2-256 can significantly boost hash function compliant with FIPS PUB 180-4, computing message digest in either 256 or 224 bit modes. Depending on the core configuration it also natively supports the SHA2-256 HMAC (Keyed-Hash Message Authentication Code), a cryptographic function defined in RFC 2104. But do we really need it when designing or implementing an SoC?
Security has been an issue for the IT world for so many years, but to be honest, recent weeks are real renaissance of it. The hash functions are everywhere, in operating systems, secure communication, banking, cryptocurrency, databases. Everywhere, where security and data integrity matters.
DCD’s latest design, the DSHA2-256, boosts the key operation like HMAC-SHA2-256 – but our engineers managed to do it in the way, which distinguishes it from competitive designs. The HMAC key is precomputed once and stored in secure memory, while in some of the other solutions, HMAC key is precomputed twice each time and is stored "somewhere" in data memory.
You may ask yourself why did we do this? The answer is easy, because such an approach makes DSHA2-256 two times faster when computing e.g. HMAC-based One-time Password and far more secure when compared with other solutions in which an attacker can read HMAC key from data memory.
Ask for more? For sure – here’s another feature worth mentioning – a context switching. Imagine OS, where hundreds of processes might want to compute HASH/HMAC and your urgent kitty picture is loading in a web browser. While some basic SHA IP might have to finish some Blue Ray disc digest computing, DSHA2-256 just enables preemption of such lower priority task, then computes the digest of your kitty's picture and here it is:
Heading to the end, consider another common issue: most of nowadays processors process and store data in little-endian mode, realize that SHA2 just operates over big-endian ordered streams of data and computing digest in software just needs a change of endian order of each input word of data. What a terrible waste of time and energy it is... Probably, some sweet kitty, somewhere, somehow, is crying because of it. Let’s help!
To sum up, properly designed SHA2-256 software implementations will work and do what they are supposed to do. But if you want something more – I mean MORE:
- more performance,
- more security
- more flexibility
then DSHA2-256 is the answer – don’t waste your time on doing things which can be done automatically by the IP Core. Of course, if you need additional information, just let me know at info@dcd.pl.