Skip to content

Commit

Permalink
[prim/doc] Add pointer to hardened Keccak implementation in prim_keccak
Browse files Browse the repository at this point in the history
The unhardened prim_keccak primitive is not actually used in the design.
It's purpose is serve as an FPV example.

Signed-off-by: Pirmin Vogel <vogelpi@lowrisc.org>
  • Loading branch information
vogelpi committed Dec 20, 2024
1 parent a5b6055 commit 1f5772d
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 4 deletions.
6 changes: 3 additions & 3 deletions hw/ip/prim/doc/prim_keccak.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,11 +2,11 @@

# Overview

`prim_keccak` is a single round implementation of the permutation stage in [SHA3 algorithm][fibs-pub-202].
`prim_keccak` is a single round implementation of the Keccak_p permutation stage in [SHA3 algorithm][fibs-pub-202].
Keccak primitive module assumes the number of rounds is less than or equal to 12 + 2L.
It supports all combinations of the data width described in the [spec][fibs-pub-202].
This implementation is not currently hardened against side-channel or fault injection attacks.
It implements the Keccak_p function.
Note that this implementation does not include any countermeasures for security hardening against implementation attacks.
Please refer to the [`keccak_2share` module](https://github.com/lowRISC/opentitan/blob/master/hw/ip/kmac/rtl/keccak_2share.sv) for the side-channel-hardened implementation used in the [hardened KMAC hardware IP block](../../kmac/README.md).

[fibs-pub-202]: https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.202.pdf

Expand Down
5 changes: 4 additions & 1 deletion hw/ip/prim/rtl/prim_keccak.sv
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,10 @@
// Licensed under the Apache License, Version 2.0, see LICENSE for details.
// SPDX-License-Identifier: Apache-2.0
//
// prim_keccak is single round permutation module
// This module implements a single-round Keccak permutation. It is unhardened. For an
// implementation with side-channel hardening, refer to the keccak_2share module used in the
// KMAC hardware IP block.

`include "prim_assert.sv"
module prim_keccak #(
parameter int Width = 1600, // b= {25, 50, 100, 200, 400, 800, 1600}
Expand Down

0 comments on commit 1f5772d

Please sign in to comment.