ASIC hardware implementations for 512-bit hash function Whirlpool

Hardware architectures for the 512-bit hash function Whirlpool, which is one of the ISO/IEC 10118-3 standard algorithms, are proposed and the performances of the proposed architectures are evaluated using a 0.18-mum CMOS standard cell library. The fastest implementation achieved a throughput of 9.59 Gbps with a gate count of 167.4 K, which is two times faster than the fastest conventional implementation on an FPGA platform. A compact implementation obtained 38.9 Kgates with 2.49 Gbps. The FIPS 180-2 standard hash functions SHA-256 and SHA-512, which are the most popular algorithms in practical use, were also synthesized using the same ASIC library for performance comparisons. The small and fast SHA-256 implementations achieved 11.0 Kgates with 726 Mbps and 30.7 Kgates with 1.97 Gbps, respectively. The gate count and throughput are both approximately 1/4 those of to Whirlpool, and thus the hardware efficiencies defined as the throughput/gate are almost the same for SHA-256/- 512 and Whirlpool in the present implementations. However, Whirlpool is more flexible than SHA-256/-512 in terms of the variety of hardware architectures. The various architectures for the datapath and primitive function blocks are also described in the present paper.