Standards Support
- FIPS 202, SHA-3 Standard: Permutation-Based Hash and Extendable-Output Functions
- FIPS 180-4: Secure Hash Functions (limited to SHA-3 use)
- All four fixed-length SHA-3 Hash Functions:
- SHA3-224
- SHA3-256
- SHA3-384
- SHA3-512
- Both SHA-3 Extendable Output Functions (XOF)::
- SHAKE-128
- SHAKE-256
Performance
-
Scalable throughput starting from:
- SHA3-224: 48.0 Mbits/MHz
- SHA3-256: 45.3 Mbits/MHz
- SHA3-384: 34.7 Mbits/MHz
- SHA30-512: 24.0 Mbits/MHz
- SHAKE-128: 56.0 Mbits/MHz
- SHAKE-256: 45.3 Mbits/MHz
- Intelligent buffers management optionally allows receiving new input while processing previous message
- Throughput over 20 Gb/s in most modern ASIC technologies
Interfaces
- AMBA® AXI4-Stream I/O data interfaces
Fully autonomous operation
- Requires no assistance from host processor
- Automatic padding insertion
Configuration Options
- Hashing function
- Input & output bus bit width
- Number of input buffers
- Number of Hash rounds per cycle
Deliverables
- Verilog RTL source code or targeted FPGA netlist
- Integration Test-Bench
- Software C-Model
- User documentation
Contact Sales
Call or click.
+1 201.391.8300
Downloads (PDFs)
Related Products
Resources
- NIST Releases SHA-3 Cryptographic Hash Standard
- The Keccak sponge function family
- SHA-3 Video Tutorial by Jean-Philippe Aumasson at the Security & Risk Conference
SHA-3SHA-3 Secure Hash Function Core
The SHA-3 is a high-throughput, area-efficient hardware implementation of the SHA-3 cryptographic hashing functions, compliant to NISTS’s FIPS 180-4 and FIPS 202 standards.
The core implements all the fixed-length and extendable hashing functions provisioned by these standards. The hashing function is synthesis-time configurable; a version supporting run-time hashing function selection can be made available upon request.
The SHA-3 core’s processing bitrate is impressively high even in its minimum throughput configuration, for which it processes 24 to 56 bits per cycle depending on the hashing function. This high throughput can scale to practically meet any processing rate. The number of hashing rounds per clock is configurable at synthesis time, allowing users to scale performance at the cost of silicon resources when desired.
The core is designed for ease of use and integration and adheres to industry best-standards coding and verification practices. It requires no assistance from a host pro-cessor, and uses standard AMBA® AXI4-Stream interfaces for input and output data. Technology mapping, timing closure, and scan insertion are trouble-free, as the core contains no multi-cycle or false paths, and uses only rising-edge-triggered D-type flip-flops, no tri-states, and a single-clock/reset domain. Its reliability and low risk have been proven through rigorous verification and FPGA validation.
This core can be mapped to any any Intel, Lattice, MicroSemi, or Xilinx programmable device, or to any ASIC technology, provided sufficient silicon resources are available. Please contact CAST Sales to get accurate characterization data for your specific implementation requirements. Meanwhile, we provide the following representative results (each in a new pop-up window):
Applications
The SHA-3 IP core can ensure data integrity and/or user authentication in a range of applications including IPsec and TLS/SSL protocol engines, encrypted data storage, secure processing systems, e-commerce, and financial transaction systems.
Block Diagram