Authentication with RIPEMD-160 and Other Alternatives: A Hardware Design Perspective

Abstract

Taking into consideration the rapid evolution of communication standards that include message authentication and integrity verification, it is realized that constructions like MAC and HMAC, are widely used in the most popular cryptographic schemes since provision of a way to check the integrity of information transmitted over or stored in an unreliable medium is a prime necessity in the world of open computing and communications. MACs are used so as to protect both a message's integrity as well as its authenticity, by allowing verifiers (who also possess the secret key) to detect any changes to the message content. In every modern cryptographic scheme that is used to secure a crucial application that calls for security, a keyed-hash message authentication code, or HMAC, is incorporated. Beyond HMAC, a block cipher algorithm is also incorporated (i.e like AES), thus resulting to the whole security scheme. The proposed hardware design invokes a number of optimizing techniques like pipeline, evaluation-based partial unrolling, certain algorithmic transformations in space and time and computational re-ordering, leading to a highthroughput and low-power design for the whole HMAC construction. Finally, a new algorithm, CMAC, for producing message authenticating codes (MACs) which was recently proposed by NIST, is also described. The proposed security scheme incorporates a FIPS approved and a secure block cipher algorithm (that might have already been deployed in the security scheme) and was standardized by NIST in May, 2005. This work concludes with an efficient hardware implementation of the CMAC standard.