White Paper
SHA-1 Hash Function
Introduction
Altera® SHA-1 hash function implements the SHA-1 message-digest algorithm, as described in FIPS PUB 180-1, and
is optimized for Altera FLEX® 10KE and APEX™ 20K devices.
The SHA-1 algorithm generates a 160-bit message-digest, or hash function, of an arbitrary length input, and is used
for digital signature applications.
The core supports the SHA-1 algorithm, except for the following exceptions:
„
„
The maximum number of bits in the input message is limited to 232.
The resolution of the input message is in bytes, not bits.
A test case generator is included with the core, which converts a text file into a simulation file for the core.
Ports and Parameters
The SHA-1 core is fixed function, and therefore has no parameters.
Table 1 shows the input signals.
Table 1 Input Signals
Signal Name
Description
SYSCLK
SYSCLK is the main system clock.
RESET
The core is asynchronously reset when the RESET signal is
asserted high.
DATIN[8..1]
Input bytes are written into the core using this bus, when the
DSIN input is set high, and the core has asserted the RDYIN
output. A total of 64 bytes is written into the core during an input
cycle, except for the last block in the message, when the number
of remaining bytes may be less than 64.
DSIN
The DSIN input strobes the DATIN[] bus into the core.
LASTBYTE
The LASTBYTE signal is asserted high for one clock cycle with
the last byte in a message.
Table 2 shows the output signals.
WP-SHA1-1.0
Date: June 2002
1
Altera Corporation
SHA-1 Hash Function
Table 2 Output Signals
Signal Name
Description
RDYIN
RDYIN is asserted high by the core when it is ready to receive
data. No data is read in unless DSIN is high as well.
HA[32..1], HB[32..1], HC[32..1], HD[32..1],
HE[32..1]
This bus contains the output hash from the core. The SHA-1
specification describes the output as being the H0, H1, H2, H3, H4,
words, starting with the least significant byte. The output is split
into these five busses, so that the user can more readily adapt to
the endian of their system.
Compiling the Core
The core is optimized for Altera FLEX 10KE and APEX 20K devices. It must be compiled into a device that
supports dual port RAM. For best results, the core should be compiled with Global Logic Synthesis set to fast, or
with a synthesis style that supports carry chains.
In a 10K50S-1, the core requires 1346 LEs and 6 EABs, with an fMAX of 75 MHz.
In a 20K60E-1, the core requires 1377 EABs, and 6 ESBs with an fMAX of 78 MHz.
The system performance of the core can be calculated as follows:
Performance (Mbits/s) = 160 bits × (fMAX / 335 clocks_per_hash);
At 78 MHz, this translates to:
Performance = 160 × (78/335) = 37 Mbits/s.
Testing the Core
Utilities
The testing utility, HASHAA.EXE, generates test cases for both SHA-1 and MD5 hashing algorithm cores, as well
as being a reference for the SHA-1 hashing algorithm.
Example Test – Standard Sequence
The HASHAA utility can perform a hash on a standard set of test sequences, or a file.
Running one of the standard set of tests:
HASHAA 1
This selects the calculation of the hash of “abc”, which is “A9993E36 4706816A BA3E2571 7850C26C
9CD0D89D”.
Running the utility also creates the test case for this sequence. From the simulator window, in Inputs/Outputs option
(File menu), select the vector file SHAA.VEC, and start the simulation.
2
Altera Corporation
SHA-1 Hash Function
The result of simulating the testcase is:
HA = “A9993E36”
HB = “4706816A”
HC = “BA3E2571”
HD = “7850C26C”
HD = “9CD0D89D”
Upon inspection, this is the same as the reference utility output.
Example Test – File
Create a file, TEST.TXT, containing (in capitals):
HELLO WORLD
Running a test on this file:
HASHAA TEST.TXT
Creates a hash of “2f36c116 141a8d05 827f9abe a0f617fe 25287505”.
Running the HASHAA.EXE utility, pointing to TEST.TXT, creates the test case for this.
HASHAA TEST.TXT
From the simulator window, in Inputs/Outputs option (File menu), select the vector file HASHAA.VEC, and start
the simulation.
The result of simulating the testcase is:
HA = “2F36C116”
HB = “141A8D05”
HC = “827F9ABE”
HD = “A0F617FE”
HE = “25287505”
Upon inspection, this is the same as the reference utility output.
3
Altera Corporation
SHA-1 Hash Function
Appendix A - Top Level Wrapper
An unencrypted top level wrapper, TOP_LEVEL_SHAA.TDF is provided, to make it easier to instantiate the core.
The source code of the wrapper is as follows:
FUNCTION shaa (sysclk, reset, datin[8..1], dsin, lastbyte)
RETURNS (rdyin, ha[32..1], hb[32..1], hc[32..1], hd[32..1], he[32..1]);
subdesign top_level_shaa
(
sysclk, reset : INPUT;
datin[8..1] : INPUT;
dsin, lastbyte : INPUT;
rdyin : OUTPUT;
ha[32..1], hb[32..1], hc[32..1], hd[32..1], he[32..1] : OUTPUT;
)
BEGIN
(rdyin, ha[32..1], hb[32..1], hc[32..1], hd[32..1], he[32..1]) = shaa
(sysclk, reset, datin[8..1], dsin, lastbyte);
END;
101 Innovation Drive
San Jose, CA 95134
(408) 544-7000
http://www.altera.com
Copyright © 2002 Altera Corporation. All rights reserved. Altera, The Programmable Solutions Company, the stylized Altera logo, specific device
designations, and all other words and logos that are identified as trademarks and/or service marks are, unless noted otherwise, the trademarks and
service marks of Altera Corporation in the U.S. and other countries. All other product or service names are the property of their respective holders.
Altera products are protected under numerous U.S. and foreign patents and pending applications, mask work rights, and copyrights. Altera warrants
performance of its semiconductor products to current specifications in accordance with Altera's standard warranty, but reserves the right to make
changes to any products and services at any time without notice. Altera assumes no responsibility or liability arising out of the application or use of any
information, product, or service described herein except as expressly agreed to in writing by Altera Corporation. Altera customers are advised to obtain
the latest version of device specifications before relying on any published information and before placing orders for products or services.
4