Fast SHA1 implementation
First Claim
1. An authentication engine architecture for a SHA-1 multi-round authentication algorithm, comprising:
- a hash engine configured to implement hash round logic for an SHA1 authentication algorithm, said hash round logic implementation including, a combined adder tree with a timing critical path having a single 32-bit carry look-ahead adder (CLA).
4 Assignments
0 Petitions
Accused Products
Abstract
Provided is an architecture (hardware implementation) for an authentication engine to increase the speed at which SHA1 multi-loop and/or multi-round authentication algorithms may be performed on data packets transmitted over a computer network. As described in this application, the invention has particular application to the variant of the SHA1 authentication algorithms specified by the IPSec cryptography standard. In accordance with the IPSec standard, the invention may be used in conjunction with data encryption/encryption architecture and protocols. However it is also suitable for use in conjunction with other non-IPSec cryptography algorithms, and for applications in which encryption/decryption is not conducted (in IPSec or not) and where it is purely authentication that is accelerated. Among other advantages, an authentication engine in accordance with the present invention provides improved performance with regard to the processing of short data packets.
109 Citations
22 Claims
-
1. An authentication engine architecture for a SHA-1 multi-round authentication algorithm, comprising:
a hash engine configured to implement hash round logic for an SHA1 authentication algorithm, said hash round logic implementation including, a combined adder tree with a timing critical path having a single 32-bit carry look-ahead adder (CLA). - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
-
10. A method of authenticating data transmitted over a computer network, comprising:
-
receiving a data packet stream;
splitting the packet data stream into fixed-size data blocks; and
processing the fixed-size data blocks using an SHA-1 multi-round authentication engine architecture, said architecture implementing hash round logic for an SHA1 authentication algorithm including a combined adder tree with a timing critical path having a single 32-bit carry look-ahead adder (CLA). - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
Specification