MD5 Hash Function Core

The MD5 core is a high performance implementation of the MD5 Message Digest algorithm, a one-way hash function, compliant with RFC1321. The core is composed of two main modules, the MD5 Engine Module and the Input Interface Module as shown in the block diagram. The MD5 Engine Module applies the MD5 loops on a single 512-bit message block, while the Input Interface Module performs the message padding.

The processing of one 512-bit block is performed in 66 clock cycles and the bit-rate achieved is 7.75Mbps / MHz on the input of the MD5 engine.

The MD5 core is equipped with easy to use fully stallable interfaces both for input and output. These are designed to permit the user’s application to stop the data stream from the core when it is not able to receive data or to stop the input stream towards the core according to data arrival rate.

Applications

The high-performance MD5 core is suitable for a variety of applications, including:

- E-commerce
- Data integrity
- Bulk Encryption
- High speed networking equipment
- Secure wireless applications

Features

- Compliant to the RFC1321 specification of MD5.
- Bit padding.
- \(2^{64}-1\) bits maximum message length.
- Supported Message lengths multiple of 8-bits.
- Initial values of Chaining Variables selected before synthesis.
- 66 processing cycles per message block.
- Fully stallable input and output interfaces, ideal for streaming applications.
- Optimized design for ASIC or FPGA implementations.
- Robust verification environment includes bit-accurate software model.
Functional Description

The input message data is passed in 32-bit words to the core, masked with the input_valid signal. As long as the input_ready signal is active, the external application should keep feeding input data to the core. When the core has received a complete message 512-bit packet, it pauses the input stream, and continues the message processing internally. When the message is processed and the core is ready for the next message, the core permits input data to be fed again. On the final message block, when the last 32-bit word is written, the last_word input must be activated, to indicate that a hash value has to be generated to the core’s output. Along with the last_word, the last_bytes input must indicate how many bytes are valid in the last word, so that the padding unit knows how many bytes to pad.

The core can easily be modified to support programmable Initial Vectors for the Chaining Variables in place of the constants defined in the algorithm’s specification.

Implementation Results

The following are sample Xilinx results with all I/Os assumed to be routed off-chip.

<table>
<thead>
<tr>
<th>Xilinx Device</th>
<th>Slices</th>
<th>Fmax (MHz)</th>
<th>I/O</th>
<th>BRAM</th>
<th>Special Features</th>
<th>ISE</th>
</tr>
</thead>
<tbody>
<tr>
<td>Spartan-3 3S400-5</td>
<td>731</td>
<td>66</td>
<td>170</td>
<td>1 RAMB16</td>
<td>-</td>
<td>12.2</td>
</tr>
<tr>
<td>Spartan-6 6SLX9-3</td>
<td>312</td>
<td>125</td>
<td>170</td>
<td>2 RAMB16</td>
<td>-</td>
<td>12.2</td>
</tr>
<tr>
<td>Virtex-5 5VLX30-3</td>
<td>232</td>
<td>170</td>
<td>170</td>
<td>1 RAMB36</td>
<td>-</td>
<td>12.2</td>
</tr>
<tr>
<td>Virtex-6 6VLX75T-3</td>
<td>300</td>
<td>200</td>
<td>170</td>
<td>2 RAMB36</td>
<td>-</td>
<td>12.2</td>
</tr>
</tbody>
</table>

Export Permits

This encryption technology is governed internationally by export regulations. Immediate export of the core is permitted to the following countries for uses not related to weapons of mass destruction:

- Australia
- Japan
- Switzerland
- Canada
- New Zealand
- United States
- European Union
- Norway

Please contact CAST to discuss delivery to other destinations; approval is subject to the applicable export licenses being granted. The license can be generated from either the EU or the USA. Please note that licensees are responsible for complying with the applicable requirements for re-export of electronics containing strong encryption technology.

Support

The MD5 core as delivered is warranted against defects for ninety days from purchase. Thirty days of phone and email technical support are included, starting with the first interaction. Additional maintenance and support options are available.

Verification

The MD5 core has been verified through extensive synthesis, place and route and simulation runs. It has also been verified in a prototyping FPGA board platform.

Deliverables

The MD5 is available in ASIC (synthesizable HDL) and FPGA (netlist) forms, and includes everything required for successful implementation. The Xilinx version includes:

- Post-synthesis EDIF or NC netlist
- Sophisticated self-checking Testbench (Verilog versions use Verilog 2001)
- Software (C++) Bit-Accurate Model and test vector generator
- Simulation scripts, test vectors and expected results
- Place and route scripts
- Comprehensive user documentation, including detailed specifications and a system integration guide