Recent attacks to currently used hash functions have motivated a considerable amount of concern in the Internet community. The recommended approach to deal with this issue is first to analyze the impact of these attacks on the different Internet protocols that use hash functions and second to make sure that the different Internet protocols that use hash functions are capable of migrating to an alternative (more secure) hash function without a major disruption in the Internet operation. SBC Coin is concurrently tested on the design of Multiple Hashing Algorithms published by Intel Company.
Overview Cryptographic hashes such as MD5, SHA1, SHA256 and SHA512 are expensive in terms of computation on general purpose processors. They work on a single buffer of data sequentially, updating a hash digest state with the computations derived from each data block, using a number of rounds of processing that are dependent on each other. The sequential processing of the blocks of a single buffer seriously limits the performance on modern processors. Methods such as multi-buffer processing using vector Single.
Instruction Multiple Data (SIMD) units have been proposed for better performance on usages where it is possible to work on multiple independent data buffers. However, these are not applicable to usages of hashing a single buffer. Tree hashing has been around for many years; however, its usage has generally evolved to be thought of across multiple cores or engines. We aim to take the concepts of tree hashing and apply them to the goal of the highest possible performance on a single buffer in a single thread of a single core of a modern microprocessor.
In this white paper, we describe a set of extensions to existing or future cryptographic hash algorithms that can achieve multi-buffer performance on a single buffer at comparable security strengths of the underlying hash algorithm, and generate a (different) digest of the same size as the original hash algorithm. The performance gains will be roughly proportional to the SIMD data-path width of the processor.
Some critical usages that require fast hashing of a single buffer are:
• Secure loading of files during boot/resume of a system
• Streaming applications where it is infeasible to buffer many streams for later processing
The basic idea behind Multi-Hash is to treat the single buffer as a set of interleaved independent buffers, which we call segments, and generate a number of independent hash digests for those segments in parallel. We use the notation xi to denote treating the data buffer as a set of i interleaved segments, where i > 0. It is expected that for efficiency i will be a power of 2.
The set of digests from the parallel segments are then hashed to form a final digest of the same size as the original underlying hash algorithm. The method of interleaving the data at a fine granularity is one of the main differences of Multi-Hash and current tree-hashing implementations, which tend to break buffers down into blocks or greater. This technique is meant to accelerate processing of hashing a single data buffer on a single thread of a single core of a modern microprocessor. However, the technique can easily be defined to be across multiple cores of a microprocessor for a second level of parallelism and performance.