{{{ #!htmlcomment This page is maintained automatically by a script. Don't modify this page by hand, your changes will just be overwritten the next time the script runs. Talk to your Friendly Neighborhood Repository Maintainer if you need to change something here. }}} {{{ #!html

sha256

Hardware implementation of the SHA-256 cryptographic hash function. The implementation is written in Verilog 2001 compliant code. The implementation includes a core and a wrapper that provides a 32-bit interface for simple integration. There is also an alternative wrapper that implements a Wishbone compliant interface.

This is a low area implementation that iterates over the rounds but there is no sharing of operations such as adders.

The hardware implementation is complemented by a functional model written in Python.

Implementation details

The sha256 is divided into the following sections.

The actual core consists of the following files:

The top level entity is called sha256_core. This entity has wide interfaces (512 bit block input, 256 bit digest). In order to make it usable you probably want to wrap the core with a bus interface.

Unless you want to provide your own interface you therefore also need to select one top level wrapper. There are two wrappers provided:

Do not include both wrappers in the same project.

The core (sha256_core) will sample all data inputs when given the init or next signal. the wrappers provided contains additional data registers. This allows you to load a new block while the core is processing the previous block.

The W-memory scheduler is based on 16 32-bit registers. Thee registers are loaded with the current block. After 16 rounds the contents of the registers slide through the registers r5..r0 while the new W word is inserted at r15 as well as being returned to the core.

FPGA-results

Altera Cyclone FPGAs

Implementation results using Altera Quartus-II 13.1.

Cyclone IV E

Cyclone IV GX

Cyclone V

Xilinx Artix-7 FPGAs

Implementation results using Xilinx ISE 14.7 This implementation includes pipeline regsisters.

TODO

Status

(2016-05-31)

The core now supports both sha224 and sha256 modes. The default mode is sha256.

NOTE: The mode bit is located in the ADDR_CTRL API register and this means that when writing to this register to start processing a block, care must be taken to set the mode bit to the intended mode. This means that old code that for example simply wrote 0x01 to initiate SHA256 processing will now initiate SHA224 processing. Writing 0x05 will now initiate SHA256 processing.

The API version has been bumped a major number to reflect this change.

Regarding SHA224, it is up to the user to only read seven, not eight words from the digest registers. The core will update the LSW too.

(2013-02-23)

Cleanup, more results etc. Move all wmem update logic to a separate process for a cleaner code.

(2014-02-22)

Redesigned the W-memory into a sliding window solution. This not only removed 48 32-registers but also several muxes and address decoders.

The old implementation resources and performance:

The new implementation resources and performance:

(2014-02-19) - The core has been added to the Cryptech repo. The core comes from https://github.com/secworks/sha256

}}} [[RepositoryIndex(format=table,glob=core/hash/sha256)]] || Clone `https://git.cryptech.is/core/hash/sha256.git` ||