A hash value, which is calculated by using a cryptographic hash algorithm, is utilized for checking data alteration. It has been already verified that Secure Hash Algorithm 1 (SHA-1), which is a cryptographic hash algorithm (cryptographic hash), is not capable of securing safety. It has been pointed out that SHA-2 family (SHA-224, SHA-256, SHA-384, and SHA-512) may lack security. Therefore, National Institute of Standards and Technology (NIST) asked the public to come up with a new algorithm to establish a next-generation cryptographic hash algorithm (SHA-3). Then, the KECCAK algorithm (“The KECCAK reference”, Version 3.0, Jan. 14, 2011, (http://keccak.noekeon.org/Keccak-reference-3.0.pdf)) was assigned as the SHA-3 in December 2012.
The SHA-3 outputs a cryptographic hash value of a fixed length from an input message (data) of any length. In the KECCAK algorithm, a permutation function is used, and in the permutation function, round processing of five sequential steps (θ, ρ, π, χ, and ι) is repeated twenty-four times. The round processing is performed on data called a “state” data piece having a length of 1600 bits.
A lot of results of preceding processing has to be once stored in a memory for the θ processing and the π processing out of the five steps of the round processing. Therefore, when the round processing is performed in the order of the steps θ, ρ, π, χ, and ι, a lot of results of preceding processing has to be once stored in a memory twice within one-time round processing, and thus speedup has been difficult.