SHA-256 256-bit SHA Cryptoprocessor
Core
Description | Applications | Features | Symbol Diagram | Block Diagram | Functional Description | Implementation Results | Support | Verification | Export Permits | Deliverables
The SHA-256 core is a fully compliant implementation of the Message Digest Algorithm SHA-256. It computes a 256-bit message digest for messages of up to (264 – 1) bits.
The SHA-256 has a simple, fully synchronous design with low gate count and is developed for easy reuse in ASIC and FPGA applications.
Applications
The SHA-256 core can be utilized for a variety of encryption applications including:
- Electronic Funds Transfer
- Authenticated Electronic data transfer
- Encrypted data storage
Features
- FIPS 180-2 compliant
- Suitable for data authentication applications
- Fully synchronous design
- Available as fully functional and synthesizable VHDL or Verilog soft-core
- FPGA netlist available for various devices
Symbol Diagram
Block Diagram
Functional Description
The timing diagram below for the first message block input shows the first message block of sixteen words being clocked into the core.
The INIT signal is asserted at the start of each message. The SHA-256 core is ready to accept data when REQ is asserted.
Each 32-bit word is clocked into the core on the rising edge of CLK when ACK is asserted. The ACK signal is used to acknowledge a data request from the core. If the ACK is LOW when the core requests a new data with REQ HIGH, the core stalls.
The main difference between EN and ACK is that ACK only stalls the core when a data is being requested, whereas EN low suspends all the core operations.
After a block of 16 words has been input, REQ is deasserted as the SHA-256 core computes the message digest.
After another 49 clock cycles, the message digest for that 16 word block is computed and REQ is asserted again to indicate that more words can be clocked in.
Timing diagram for first message block input
The standard specifies that the maximum number of bits in the message is 264 - 1. Therefore, maximum number of 32-bit words that can be clocked in is 259 - 1. The core can cope with any number of words up to 259 - 1 being input.
The timing diagram below showing the last message block input shows the last message block being clocked into the core. The LAST signal is asserted by the user when clocking in the last word. At least one pad, and two length words need to be added to the end of the message as part of the SHA-256 calculation.
Note that the BYTES signal is considered valid and sampled by the core when the LAST signal is high. This signal is used by the core to determine how many bytes in the last word are part of the input data. See the signal list to see how the core interprets this signal.
If the total number of input words plus three is not a multiple of 16, additional pad bytes are added by the core to calculate the message digest as specified in the standard.
The two length words that contain the bit-length of the original message are also added by the core. Note the three clock cycle delay for adding the pad and length words.
The 256-bit message digest is output on H0-H7 when READY is asserted. READY indicates that the digest calculation is complete and it remains asserted until INIT is raised.
Timing diagram showing last message block input
The core can be asynchronously reset by lowering the RSTN input port.
The clock enable signal is asserted high for normal operation. Registers are not updated when EN is forced to 0.
Implementation Results
SHA-256 reference designs have been evaluated in a variety of technologies. The following are sample ASIC results optimized for speed.
Technology |
Approx. Area |
Frequency
|
ASIC TSMC 0.13μ process
|
22,000 gates
|
@ 308 MHz |
ASIC UMC 0.18μ process
|
19 ,500 gates |
@ 220 MHz |
Support
The core as delivered is warranted against defects for three years from purchase. Thirty days of phone and email technical support are included, starting with the first interaction. Additional maintenance and support options are available.
Verification
The core has been verified through extensive simulation and rigorous code coverage measurements.
Export Permits
The core is available for export to all countries for non-military applications, except to the following countries:
| Cuba |
Iran |
Iraq |
Libya |
| North Korea |
Sudan |
Syria |
|
For military application only Australia and the United States are allowed. It is the customer's responsibility to check with relevant authorities regarding the reexport of equipment containing the SHA-256 technology.
Deliverables
The core is available in ASIC (synthesizable HDL) and FPGA (netlist) forms, and includes everything required for successful implementation:
- HDL RTL source code (ASICs) or post-synthesis EDIF netlist (FPGAs)
- C model for test generation
- Sophisticated HDL Testbench including external FIFOs, buffers, models of interfaces, and the core
- Simulation script, vectors, expected results, and comparison utility
- Synthesis script (ASICs) or place and route script (FPGAs)
- Comprehensive user documentation, including detailed specifications and a system integration guide
|
