A High-Speed Hardware Architecture for Universal Message Authentication Code

We present an architecture level optimization technique called divide-and-concatenate based on two observations: 1) the area of an array multiplier and its associated data path decreases quadratically and their delay decreases linearly as their operand size is reduced and 2) in universal hash functions and their associated message authentication codes, two one-way hash functions are equivalent if they have the same collision probability property. In the proposed approach, we divide a 2w-bit data path (with collision probability 2^-2w) into two w-bit data paths (each with collision probability 2^-w) and concatenate their results to construct an equivalent 2w-bit data path (with a collision probability 2^-2w ). We applied this technique on NH universal hash, a universal hash function that uses multiplications and additions. We implemented the straightforward 32-bit pipelined NH universal hash data path and the divide-and-concatenate architecture that uses four equivalent 8-bit divide-and-concatenate NH universal hash data paths on a Xilinx Virtex II XC2VP7-7 field programmable gate array (FPGA) device. This divide-and-concatenate architecture yielded a 94% increase in throughput with only 40% hardware overhead. Finally, the implementation of universal message authentication code (UMAC) with collision probability 2^-32 using the divide-and-concatenate NH hash as a building block yielded a throughput of 79.2 Gb/s with only 3840 Virtex II XC2VP7-7 FPGA slices