1. Field
The present invention relates generally to network security and, more specifically, to apparatuses and methods for pipelining the MD5 digesting process.
2. Description
Networks enable computers and other devices to communicate. For example, networks can carry data representing video, audio, e-mail, and so forth. However, network systems are subject to many threats, including loss of privacy, loss of data integrity, identity spoofing, and denial-of-service attacks. To address these threats, many measures have been developed and employed to improve the security of network communications. For example, one measure is to use a message digest algorithm to generate a compact digital signature for an arbitrarily long stream of binary data. An ideal message digest algorithm would never generate the same signature for two different sets of input, but achieving such theoretical perfection would require a message digest as long as the input file. Practical message digest algorithms, such as Message Digest 5 (MD5) algorithm, use a digital signature of modest size (e.g., 128 bits for the MD5 algorithm). It is conjectured that it is computationally infeasible to produce two messages having the same message digest, or to produce any message having a given pre-specified target message digest, using the MD5 digesting process. Therefore, a receiver can use the MD5 digesting process to verify whether data have been altered since the signature was published.
The MD5 processes data in 512 bit blocks and generates a 128 bit digest. When a message spans multiple blocks, a digest generated for one block is used as the initial value of a digest to be generated for the next block. The MD5 digesting process comprises four rounds of computation, with each round including 16 iterations of computation. Although the MD5 digesting process can be implemented through software simulations, a hardware implementation of the digesting process may be more desirable because of the higher processing speed of hardware solutions. It is advantageous when a digesting process does not significantly slow down data processing speed for network communications. In a hardware implementation, a slow speed of MD5 computations may require that more than one MD5 module be used to improve the MD5 processing speed so that the overall data processing speed of a network system will not be slowed down. More MD5 modules require a larger physical area in a chip, and thus higher power consumption and higher costs. Therefore, it is desirable to improve the processing speed of an MD5 hardware implementation.