A High-Speed Unified Hardware Architecture for AES and the SHA-3 Candidate Grøstl

The NIST competition for developing the new cryptographic hash standard SHA-3 is currently in the third round. One of the five remaining candidates, Grøstl, is inspired by the Advanced Encryption Standard. This unique feature can be exploited in a large variety of practical applications. In order to have a better picture of the Grøstl-AES computational efficiency (high-level scheduling, internal pipelining, resource sharing, etc.), we designed a high-speed coprocessor for Grøstl-based HMAC and AES in the counter mode. This coprocessor offers high-speed computations of both authentication and encryption with relatively small penalty in terms of area and speed when compared to the authentication (original Grøstl circuitry) functionality only. From our perspective, the main advantage of Grøstl over other finalists is the fact that its hardware hardware architecture naturally accommodates AES at the cost of a small area overhead.