Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Lightweight Unified Sha-3/Shake Architecture with a Fault-Resilient State

Christian Ewert, Amrit Sharma Poudel, Mouadh Ayache, Andrija Neskovic, Rainer Buchty, Mladen Berekovic, Sebastian Berndt, Saleh Mulhem

TL;DR

The paper addresses the need for a lightweight, fault-resilient, unified Sha-3/Shake engine suitable for post-quantum cryptography on resource-constrained devices. It proposes a novel byte-wise in-place partitioning of the Keccak state combined with a multidimensional cross-parity fault-detection scheme (c-plane, f-slice, z-sheet) to protect the state with minimal hardware overhead. The design is validated through ASIC and FPGA implementations, including round-based and unrolled Keccak realizations, and integrated into a 32-bit RISC-V / PULPissimo SoC, showing significant area advantages (up to 4.5x smaller engine) and competitive fault detectability (up to three-bit faults). The work demonstrates practical, robust protection for hash functions in PQC at the edge, with potential for extending protection to the Keccak logic layer.

Abstract

Hash functions have become a key part of standard Post-quantum cryptography (PQC) schemes, especially Sha-3 and Shake, calling arXiv:submit/7045552 [cs.AR] 3 Dec 2025 for lightweight implementation. A fault-resilient design is always desirable to make the whole PQC system reliable. We, therefore, propose a) a unified hash engine supporting Sha-3 and Shake that follows a byte-wise in-place partitioning mechanism of the so-called Keccak state, and b) an according fault detection for Keccak state protection exploiting its cube structure by deploying two-dimensional parity checks. It outperforms the state-of-the-art (SoA) regarding area requirements at competitive register-level fault detection by achieving 100% detection of three and still near 100% of higher numbers of Keccak state faults. Unlike SoA solutions, the proposed unified hash engine covers all standard hash configurations. Moreover, the introduced multidimensional cross-parity check mechanism achieves a 3.7x improvement in area overhead, with an overall 4.5x smaller fault-resilient engine design as demonstrated in ASIC and FPGA implementations. Integrated into a RISC-V environment, the unified hash engine with the integrated fault-resilient mechanism introduced less than 8% area overhead. Our approach thus provides a robust and lightweight fault-detection solution for protecting hash functions deployed in resource-constrained PQC applications.

Lightweight Unified Sha-3/Shake Architecture with a Fault-Resilient State

TL;DR

The paper addresses the need for a lightweight, fault-resilient, unified Sha-3/Shake engine suitable for post-quantum cryptography on resource-constrained devices. It proposes a novel byte-wise in-place partitioning of the Keccak state combined with a multidimensional cross-parity fault-detection scheme (c-plane, f-slice, z-sheet) to protect the state with minimal hardware overhead. The design is validated through ASIC and FPGA implementations, including round-based and unrolled Keccak realizations, and integrated into a 32-bit RISC-V / PULPissimo SoC, showing significant area advantages (up to 4.5x smaller engine) and competitive fault detectability (up to three-bit faults). The work demonstrates practical, robust protection for hash functions in PQC at the edge, with potential for extending protection to the Keccak logic layer.

Abstract

Hash functions have become a key part of standard Post-quantum cryptography (PQC) schemes, especially Sha-3 and Shake, calling arXiv:submit/7045552 [cs.AR] 3 Dec 2025 for lightweight implementation. A fault-resilient design is always desirable to make the whole PQC system reliable. We, therefore, propose a) a unified hash engine supporting Sha-3 and Shake that follows a byte-wise in-place partitioning mechanism of the so-called Keccak state, and b) an according fault detection for Keccak state protection exploiting its cube structure by deploying two-dimensional parity checks. It outperforms the state-of-the-art (SoA) regarding area requirements at competitive register-level fault detection by achieving 100% detection of three and still near 100% of higher numbers of Keccak state faults. Unlike SoA solutions, the proposed unified hash engine covers all standard hash configurations. Moreover, the introduced multidimensional cross-parity check mechanism achieves a 3.7x improvement in area overhead, with an overall 4.5x smaller fault-resilient engine design as demonstrated in ASIC and FPGA implementations. Integrated into a RISC-V environment, the unified hash engine with the integrated fault-resilient mechanism introduced less than 8% area overhead. Our approach thus provides a robust and lightweight fault-detection solution for protecting hash functions deployed in resource-constrained PQC applications.

Paper Structure

This paper contains 32 sections, 1 equation, 14 figures, 8 tables, 6 algorithms.

Table of Contents

  1. Introduction
  2. Related Work
  3. Unified Cryptographic Engine
  4. Fault Resilient Sha-3 and Shake Engine
  5. Motivation & Contributions
  6. Outline
  7. BACKGROUND
  8. Notation
  9. S HA-3 and S HAKE
  10. K ECCAK
  11. Unified SHA-3/Shake Architecture
  12. Lightweight Fault Detection Mechanism for Keccak State
  13. Spatial & Information Redundancy Scheme for Fault Detection
  14. c-plane-based Parity Check
  15. f-slice Lane Sum Computation
  16. ...and 17 more sections

Figures (14)

  • Figure 1: Representation of Keccak Sponge construction fipsnist. f denotes Keccak-f$[1600]$
  • Figure 2: Trade-offs in Cryptographic Hardware Design
  • Figure 3: Naming convention for the subelements of a Keccak state fipsnist.
  • Figure 4: Sha-3/Shake Unified Engine Design
  • Figure 5: Keccak State Update by (Padded) Message
  • ...and 9 more figures