On the Use of (Non-)Cryptographic Hashes on FPGAs

  • Andreas FiesslerEmail author
  • Daniel Loebenberger
  • Sven Hager
  • Björn Scheuermann
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 10216)


Hash functions are used for numerous applications in computer networking, both on classical CPU-based systems and on dedicated hardware like FPGAs. During system development, hardware implementations require particular attention to take full advantage of performance gains through parallelization when using hashes. For many use cases, such as hash tables or Bloom filters, several independent short hash values for the same input key are needed. Here we consider the question how to save resources by splitting one large hash value into multiple sub-hashes. We demonstrate that even small flaws in the avalanche effect of a hash function induce significant deviation from a uniform distribution in such sub-hashes, which allows potential denial-of-service attacks. We further consider the cryptographic hash SHA3 and other non-cryptographic hashes, which do not exhibit such weaknesses, in terms of resource usage and latency in an FPGA implementation. The results show that while SHA3 was intended for security applications, it also outperforms the non-cryptographic hashes for other use cases on FPGAs.


FPGA Packet processing Hash table Bloom filter Hash function Avalanche effect 



We would like to acknowledge the support of the German Federal Ministry for Economic Affairs and Energy.


  1. 1.
    Shi, Z., Ma, C., Cote, J., Wang, B.: Hardware implementation of hash functions. In: Tehranipoor, M., Wang, C. (eds.) Introduction to Hardware Security and Trust, pp. 27–50. Springer, Heidelberg (2012)CrossRefGoogle Scholar
  2. 2.
    Bookstein, A.: Double hashing. J. Am. Soc. Inf. Sci. 23(6), 402 (1972)CrossRefGoogle Scholar
  3. 3.
    Pagh, R., Rodler, F.F.: Cuckoo hashing. In: Heide, F.M. (ed.) ESA 2001. LNCS, vol. 2161, pp. 121–133. Springer, Heidelberg (2001). doi: 10.1007/3-540-44676-1_10 CrossRefGoogle Scholar
  4. 4.
    Bloom, B.H.: Space/time trade-offs in hash coding with allowable errors. Commun. ACM 13(7), 422–426 (1970)CrossRefzbMATHGoogle Scholar
  5. 5.
    Broder, A., Mitzenmacher, M.: Using multiple hash functions to improve IP lookups. In: Proceedings of INFOCOM 2001, Twentieth Annual Joint Conference of the IEEE Computer and Communications Societies, vol. 3. IEEE (2001)Google Scholar
  6. 6.
    Feistel, H.: Cryptography and computer privacy. Sci. Am. 228(5), 15–23 (1973)CrossRefGoogle Scholar
  7. 7.
    Neustar Inc, “Choosing a Good Hash Function, Part 3,” February 2012. Accessed 15 November 2016
  8. 8., “#2012-001 multiple implementations denial-of-service via MurmurHash algorithm collision” (2012). Accessed 14 November 2016
  9. 9.
    “Federal Register, vol. 72, no. 212”. Accessed 14 November 2016
  10. 10.
    Song, H., Dharmapurikar, S., Turner, J., Lockwood, J.: Fast hash table lookup using extended bloom filter: an aid to network processing. ACM SIGCOMM Comput. Commun. Rev. 35(4), 181–192 (2005)CrossRefGoogle Scholar
  11. 11.
    Broder, A., Mitzenmacher, M.: Network applications of bloom filters: a survey. Internet Math. 1(4), 485–509 (2004)MathSciNetCrossRefzbMATHGoogle Scholar
  12. 12.
    Attig, M., Dharmapurikar, S., Lockwood, J.: Implementation results of bloom filters for string matching. In: 12th Annual IEEE Symposium on Field-Programmable Custom Computing Machines, FCCM 2004, pp. 322–323. IEEE (2004)Google Scholar
  13. 13.
    Klima, V.: Tunnels in hash functions: MD5 collisions within a minute. IACR Cryptol. ePrint Arch. 2006, 105 (2006)Google Scholar
  14. 14.
    Crosby, S., Wallach, D.: Denial of service via algorithmic complexity attacks. In: Usenix Security, vol. 2 (2003)Google Scholar
  15. 15., “#2011-003 multiple implementations denial-of-service via hash algorithm collision” (2011). Accessed 14 November 2016
  16. 16.
    Bar-Yosef, N., Wool, A.: Remote algorithmic complexity attacks against randomized hash tables. In: Filipe, J., Obaidat, M.S. (eds.) ICETE 2007. CCIS, vol. 23, pp. 162–174. Springer, Heidelberg (2008). doi: 10.1007/978-3-540-88653-2_12 CrossRefGoogle Scholar
  17. 17.
    Jenkins, B.: Various publications on hash functions.,/hash/spooky.html,/c/lookup2.c,/c/lookup3.c. Accessed 15 November 2016
  18. 18.
    Das, A., Nguyen, D., Zambreno, J., Memik, G., Choudhary, A.: An FPGA-based network intrusion detection architecture. IEEE Trans. Inf. Forensics Secur. 3(1), 118–132 (2008)CrossRefGoogle Scholar
  19. 19.
    Aumasson, J., Bernstein, D.: C++ program to find universal (key-independent) multicollisions for CityHash64. Accessed 14 November 2016
  20. 20.
    Aumasson, J.-P., Bernstein, D.J.: SipHash: a fast short-input PRF. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol. 7668, pp. 489–508. Springer, Heidelberg (2012). doi: 10.1007/978-3-642-34931-7_28 CrossRefGoogle Scholar
  21. 21.
    Dworkin, M.: FIPS PUB 202. SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions, August 2015Google Scholar
  22. 22.
    Secworks Sweden AB, “Siphash verilog.” Accessed 15 November 2016
  23. 23.
    Hsing, H.:,sha3 (2012). Accessed 15 November 2016

Copyright information

© Springer International Publishing AG 2017

Authors and Affiliations

  • Andreas Fiessler
    • 1
    Email author
  • Daniel Loebenberger
    • 1
  • Sven Hager
    • 2
  • Björn Scheuermann
    • 2
  1. 1.Research and Project Developmentgenua GmbHMunichGermany
  2. 2.Department of Computer ScienceHumboldt University of BerlinBerlinGermany

Personalised recommendations