Fault-resilient Sha-3/Shake Architecture Achieves 100% Detection of Keccak State Faults and Reduces Area Requirements

The increasing demand for secure communication drives the development of Post-Quantum Cryptography (PQC), where hash functions like Sha-3 and Shake play a crucial role, yet often require substantial computational resources. Christian Ewert, Amrit Sharma Poudel, and colleagues at the Universität zu Lübeck, alongside Mouadh Ayache from Synopsys GmbH, now present a unified and lightweight hash engine designed to support both Sha-3 and Shake standards, while also incorporating a novel fault-resilient mechanism. This innovative architecture achieves complete detection of up to three faults within the Keccak state, and maintains near-perfect detection rates for higher numbers of faults, significantly exceeding the performance of current state-of-the-art designs. By employing a unique multidimensional cross-parity check, the team demonstrates a 3. 7x reduction in area overhead and delivers an overall 4. 5x smaller fault-resilient engine, making it ideally suited for resource-constrained applications and bolstering the reliability of emerging PQC systems.

Cryptography, particularly Post-Quantum Cryptography (PQC) schemes like Sha-3 and Shake, demands efficient and lightweight hardware implementations. Ensuring reliability is paramount, making fault-resilient designs essential for secure systems. This work introduces a unified hash engine supporting both Sha-3 and Shake, streamlining implementation and enhancing security. The engine utilizes a byte-wise, in-place partitioning mechanism of the Keccak state, allowing a single architecture to cover all standard hash configurations.

Fault-Resilient Keccak Hardware Architecture for IoT

This research details a novel hardware architecture for implementing SHA-3 and SHAKE functions, focusing on fault resilience and efficient resource utilization. The core challenge lies in protecting cryptographic implementations from fault attacks, where malicious actors intentionally induce errors during computation. Simultaneously, the demand for cryptographic solutions in resource-constrained environments, such as IoT devices and embedded systems, necessitates lightweight hardware designs. The team addressed these challenges by creating a unified architecture capable of efficiently implementing both SHA-3 and SHAKE functions.

The proposed architecture features a shared datapath for both SHA-3 and SHAKE, maximizing resource utilization. Crucially, the innovation lies in the integration of a novel fault detection and correction mechanism based on three-dimensional parity check (3D-PC) codes. This technique adds redundancy to the Keccak state, enabling the detection and correction of single-bit errors and enhancing resilience against fault attacks. The 3D-PC codes are applied directly to the Keccak state, providing robust protection. The architecture is designed to minimize area and power consumption, making it suitable for resource-constrained devices.

The key contribution of this work is the application of 3D-PC codes to the Keccak state for fault tolerance. The architecture supports both SHA-3 and SHAKE functions without significant modifications, providing a versatile solution. The 3D-PC codes provide protection against single-bit faults, improving the security of the implementation. The lightweight design ensures efficient resource utilization. Comprehensive simulations demonstrate the performance, area, and power consumption of the proposed architecture.

The architecture is implemented using Verilog, a hardware description language, and evaluated using a 45nm technology node with Synopsys Design Compiler. Performance is measured in terms of throughput and latency, while area and power consumption are also carefully evaluated. The simulation results demonstrate that the proposed architecture achieves a good balance between performance, area, and power consumption, while providing enhanced fault resilience. This research positions itself within the context of lightweight cryptographic implementations and compares its approach to existing fault detection and correction techniques, highlighting the advantages of the proposed 3D-PC-based approach.

Unified Hash Engine with Fault Detection

Scientists have developed a unified hardware architecture for Sha-3 and Shake hash functions, achieving significant improvements in fault resilience and area efficiency. The core of this work is a novel design that supports all standard hash configurations within a single engine, utilizing a byte-wise in-place partitioning mechanism of the Keccak state. This approach allows for a streamlined implementation, reducing complexity and resource requirements. The team measured 100% detection of up to three faults within the Keccak state, and achieved near 100% detection of higher numbers of faults, demonstrating a substantial advancement in security.

This fault detection relies on a two-dimensional parity check system that exploits the cube structure of the Keccak state. Critically, the introduced multidimensional cross-parity check mechanism delivers a 3. 7x improvement in area overhead compared to existing solutions. Experiments reveal that the overall fault-resilient engine design is 4. 5x smaller than state-of-the-art alternatives, as demonstrated through implementations in both Application-Specific Integrated Circuits (ASICs) and Field-Programmable Gate Arrays (FPGAs).

Integration into a 32-bit RISC-V microcontroller resulted in less than 8% area overhead, confirming the suitability of this approach for resource-constrained embedded systems and edge-level Post-Quantum Cryptography (PQC) applications. The research delivers a robust and lightweight fault-detection solution, enhancing the security and efficiency of hash functions in critical applications. The Keccak state, fundamental to Sha-3 and Shake, is structured as a three-dimensional block of 5x5x64 bits, comprising elements named columns and planes. The team’s architecture efficiently manages this state, enabling the high fault detection rates and reduced area requirements. The Keccak-f permutation, a core component of the hash function, involves a series of layers that manipulate the state through bitwise operations and constant additions. The optimized implementation of these layers contributes to the overall performance and efficiency of the unified engine.

Unified Keccak Engine With Fault Detection

This research presents a new, unified hash engine supporting both Sha-3 and Shake, crucial components of modern and post-quantum cryptographic schemes. The team achieved this by developing a byte-wise partitioning mechanism for the Keccak state, enabling a single engine to cover all standard hash configurations. This unified design directly addresses the need for lightweight cryptography, particularly in terms of area and power consumption. Beyond the engine itself, the researchers introduced a novel fault-detection mechanism to protect the Keccak state from bit-flip faults, a significant security concern.

By exploiting the cube structure of the Keccak state and employing a two-dimensional cross-parity check, they achieved 100% detection of up to three faults and near 100% detection of higher numbers of faults. Importantly, this protection mechanism demonstrates a substantial reduction in area overhead, a 3. 7x improvement and a 4. 5x smaller overall engine, compared to existing solutions. Integration into a PULPissimo system-on-chip showed less than 8% area increase, confirming its suitability for resource-constrained applications like embedded IoT devices. The authors acknowledge that future work will focus on extending this lightweight protection to the Keccak logic layer, aiming to further enhance the reliability and security of the unified engine against a broader range of faults. This ongoing research seeks to address the challenges of protecting larger chip areas and increasing overall system resilience.