Skip to main content
SpringerLink
Log in

High performance GHASH and impacts of a class of unconventional bases

  • Regular Paper
  • Published:
Journal of Cryptographic Engineering Aims and scope Submit manuscript

Abstract

This work presents a new method to compute the GHASH function involved in the Galois/Counter Mode of operation for block ciphers. If \({X= X_1\ldots X_n}\) is a bit string made of n blocks of 128 bits each, then the GHASH function essentially computes \({X_1H^n + X_2H^{n-1} + \cdots+ X_nH}\) , where H is the hash key and an element of the binary field \({\mathbb{F}_{2^{128}}}\) . This operation is usually computed using n successive multiply-and-add operations over \({\mathbb{F}_{2^{128}}}\) . Our proposed method replaces all but a fixed number of those multiplications by additions on the field. This is achieved using the characteristic polynomial of H. We present both how to use this polynomial to speed up the GHASH function and how to efficiently compute it for each session that uses a new H. We also show that the proposed technique can be parallelized to compute GHASH even faster. In order to completely eliminate the need for a field multiplication, we investigate a different set of bases for the field element representation and report their architectural and possible security impacts.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Similar content being viewed by others

References

  1. Bajard, J.-C., Imbert, L., Jullien, G.A.: Parallel Montgomery multiplication in GF (2k) using trinomial residue arithmetic. In: Proceedings of 17th IEEE Symposium on Computer Arithmetic (ARITH), pp. 164–171 (2005)

  2. Bulens P., Standaert F.-X., Quisquater J.-J., Pellegrin P., Rouvroy G.: Implementation of the AES-128 on Virtex-5 FPGAs. In: Progress in Cryptology—AFRICACRYPT. LNCS, vol. 5023, pp. 16–26. Springer, Berlin (2008)

    Google Scholar 

  3. Fan H., Hasan M.A.: A new approach to subquadratic space complexity parallel multipliers for extended binary fields. IEEE Trans. Comput. 56(2), 224–233 (2007)

    Article  MathSciNet  Google Scholar 

  4. Good T., Benaissa M.: AES on FPGA from the fastest to the smallest. In: Cryptographic Hardware and Embedded Systems—CHES. LNCS, vol. 3659, pp. 427–440. Springer, Berlin (2005)

    Google Scholar 

  5. Gordon J.A.: Very simple method to find the minimum polynomial of an arbitrary nonzero element of a finite field. Electron. Lett. 12(25), 663–664 (1976)

    Article  MathSciNet  Google Scholar 

  6. Jarvinen K.U., Tommiska M.T., Skyttae J.O.: A fully pipelined memoryless 17.8 Gbps AES-128 encryptor. In: International symposium on Field programmable gate arrays—FPGA, pp. 207–215. ACM, New York (2003)

    Google Scholar 

  7. Lemsitzer S., Wolkerstorfer J., Felber N., Braendli M.: Multi-Gigabit GCM-AES Architecture Optimized for FPGAs. In: Cryptographic Hardware and Embedded Systems—CHES, vol. 4727, pp. 227–238. Springer, Berlin (2007)

    Google Scholar 

  8. Mastrovito, E.D.: VLSI Architectures for Computation in Galois Fields. PhD thesis, Dept. of Electrical Eng., Link ping Univ., Sweden (1991)

  9. McGrew D.A., Viega J.: The Security and Performance of the Galois/Counter Mode (GCM) of Operation. In: INDOCRYPT. LNCS, vol. 3348, pp. 343–355 (2004)

  10. McGrew, D.A., Viega, J.: The Galois/Counter Mode of Operation (GCM) (2005)

  11. Meloni, N., Negre, C., Hasan, M.A.: High performance GHASH function for Galois/Counter Mode. In: Applied Cryptography and Network Security (ACNS), Beijing, China. LNCS, vol. 6123 (2010)

  12. NIST: Recommendation for block cipher modes of operation: Galois/Counter Mode (GCM) and GMAC (2007)

  13. Paar C.: A new architecture for a parallel finite field multiplier with low complexity based on composite fields. IEEE Trans. Comput. 45(7), 856–861 (1996)

    Article  MathSciNet  MATH  Google Scholar 

  14. Patel, P.: Parallel multiplier designs for the Galois/counter mode of operation. Master’s thesis, Electrical and Computer Engineering, University of Waterloo (2008)

  15. Rogaway, P.: Authenticated-encryption with associated-data. In: Proceedings of the 9th ACM Conference on Computer and Communications Security, pp. 98–107 (2002)

  16. Sarkar P.: Efficient tweakable enciphering schemes from (block-wise) universal hash functions. IEEE Trans. Inform. Theory 55(10), 4749–4760 (2009)

    Article  MathSciNet  Google Scholar 

  17. Satoh, A.: High-speed hardware architectures for authenticated encryption mode GCM. In: IEEE International Symposium on Circuits and Systems—ISCAS, pp. 4831–4834 (2006)

  18. Satoh, A.: High-Speed Parallel Hardware Architecture for Galois Counter Mode. In: IEEE International Symposium on Circuits and Systems—ISCAS, pp. 1863–1866 (2007)

  19. Sugawara T., Aoki T.: High-Speed Pipelined Hardware Architecture for Galois Counter Mode. In: 10th International Conference—ISC. LNCS, vol. 4779, pp. 1863–1866. Springer, Berlin (2007)

    Google Scholar 

  20. Standaert F.X., Rouvroy G., Quisquater J.-J., Legat J.-D: Efficient implementation of Rijndael encryption in reconfigurable hardware: improvements and design tradeoffs. In: Cryptographic Hardware and Embedded Systems—CHES. LNCS, vol. 2779, pp. 334–350. Springer, Berlin (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Université de Toulon, Toulon, France

    Nicolas Méloni

  2. ECE Department, University of Waterloo, Waterloo, Canada

    Christophe Negre

  3. LIRMM, Université Montpellier 2, Montpellier, France

    Christophe Negre

  4. Team DALI, Université de Perpignan, Perpignan, France

    Christophe Negre

  5. Department of Electrical and Computer Engineering, University of Waterloo, Waterloo, Canada

    M. Anwar Hasan

Authors
  1. Nicolas Méloni
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christophe Negre
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. M. Anwar Hasan
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Christophe Negre.

Additional information

This work was done while N. Méloni was at the University of Waterloo, Canada.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Méloni, N., Negre, C. & Hasan, M.A. High performance GHASH and impacts of a class of unconventional bases. J Cryptogr Eng 1, 201–218 (2011). https://doi.org/10.1007/s13389-011-0013-z

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s13389-011-0013-z

Keywords

Search

Navigation