In this paper, we explore the potential of improving AES-based schemes by integrating SHA instructions alongside AES instructions, starting from the key observation that SHA instructions can be executed in parallel with AES instructions on modern processors. We investigate conditions for parallel execution, the invocation ratio, and overhead of type conversions, and then provide guidelines for efficient SHA instruction usage with AES instructions. Applying these guidelines, we integrate SHA round functions into the AES-based short-input hash functions of Simpira and Areion, resulting in approximately 50% faster performance by achieving security with fewer iterations. Besides, we apply integration of SHA instructions to AES-based AEAD schemes of AEGIS-128L, which supports a 256-bit tag but has recently been shown to fall short of providing full 256-bit forgery security. We demonstrate that hybrid schemes can achieve 256-bit forgery security for AEGIS-128L while preserving performance.
References
[ABC
+
24]
Ravi Anand, Subhadeep Banik, Andrea Caforio, Tatsuya Ishikawa, Takanori Isobe, Fukang Liu, Kazuhiko Minematsu, Mostafizar Rahman, and Kosei Sakamoto. Gleeok: A Family of Low-Latency PRFs and its Applications to Authenticated Encryption.
IACR Trans. Cryptogr. Hardw. Embed. Syst.
, 2024(2):545–587, 2024. DOI:
10.46586/TCHES.V2024.I2.545-587
Ange Albertini, Thai Duong, Shay Gueron, Stefan Kölbl, Atul Luykx, and Sophie Schmieg.
How to Abuse and Fix Authenticated Encryption Without Key Commitment
. In Kevin R. B. Butler and Kurt Thomas, editors,
31st USENIX Security Symposium, USENIX Security 2022, Boston, MA, USA, August 10-12, 2022
, pages 3291–3308. 2022. USENIX Association.
Kazumaro Aoki, Jian Guo, Krystian Matusiewicz, Yu Sasaki, and Lei Wang. Preimages for Step-Reduced SHA-2. In Mitsuru Matsui, editor,
Advances in Cryptology - ASIACRYPT 2009, 15th International Conference on the Theory and Application of Cryptology and Information Security, Tokyo, Japan, December 6-10, 2009. Proceedings
, volume 5912 of
Lecture Notes in Computer Science
, pages 578–597. 2009. Springer. DOI:
10.1007/978-3-642-10366-7_34
Kazumaro Aoki and Yu Sasaki. Preimage Attacks on One-Block MD4, 63-Step MD5 and More. In Roberto Maria Avanzi, Liam Keliher, and Francesco Sica, editors,
Selected Areas in Cryptography, 15th International Workshop, SAC 2008, Sackville, New Brunswick, Canada, August 14-15, Revised Selected Papers
, volume 5381 of
Lecture Notes in Computer Science
, pages 103–119. 2008. Springer. DOI:
10.1007/978-3-642-04159-4_7
Subhadeep Banik, Andrey Bogdanov, and Francesco Regazzoni. Exploring Energy Efficiency of Lightweight Block Ciphers. In Orr Dunkelman and Liam Keliher, editors,
Selected Areas in Cryptography - SAC 2015 - 22nd International Conference, Sackville, NB, Canada, August 12-14, 2015, Revised Selected Papers
, volume 9566 of
Lecture Notes in Computer Science
, pages 178–194. 2015. Springer. DOI:
10.1007/978-3-319-31301-6_10
Mihir Bellare and Viet Tung Hoang. Efficient Schemes for Committing Authenticated Encryption. In Orr Dunkelman and Stefan Dziembowski, editors,
Advances in Cryptology - EUROCRYPT 2022 - 41st Annual International Conference on the Theory and Applications of Cryptographic Techniques, Trondheim, Norway, May 30 - June 3, 2022, Proceedings, Part II
, volume 13276 of
Lecture Notes in Computer Science
, pages 845–875. 2022. Springer. DOI:
10.1007/978-3-031-07085-3_29
Jannis Bossert, Eik List, Stefan Lucks, and Sebastian Schmitz. Pholkos - Efficient Large-State Tweakable Block Ciphers from the AES Round Function. In Steven D. Galbraith, editor,
Topics in Cryptology - CT-RSA 2022 - Cryptographers' Track at the RSA Conference 2022, Virtual Event, March 1-2, 2022, Proceedings
, volume 13161 of
Lecture Notes in Computer Science
, pages 511–536. 2022. Springer. DOI:
10.1007/978-3-030-95312-6_21
Tim Beyne and Vincent Rijmen. Differential Cryptanalysis in the Fixed-Key Model. In Yevgeniy Dodis and Thomas Shrimpton, editors,
Advances in Cryptology - CRYPTO 2022 - 42nd Annual International Cryptology Conference, CRYPTO 2022, Santa Barbara, CA, USA, August 15-18, 2022, Proceedings, Part III
, volume 13509 of
Lecture Notes in Computer Science
, pages 687–716. 2022. Springer. DOI:
10.1007/978-3-031-15982-4_23
Subhadeep Banik and Francesco Regazzoni. Faster and More Energy-Efficient Equation Solvers over GF(2). In Johann Knechtel, Urbi Chatterjee, and Domenic Forte, editors,
Security, Privacy, and Applied Cryptography Engineering - 14th International Conference, SPACE 2024, Kottayam, India, December 14-17, 2024, Proceedings
, volume 15351 of
Lecture Notes in Computer Science
, pages 16–39. 2024. Springer. DOI:
10.1007/978-3-031-80408-3_3
Jean-Sébastien Coron, Johann Großschädl, Mehdi Tibouchi, and Praveen Kumar Vadnala. Conversion from Arithmetic to Boolean Masking with Logarithmic Complexity. In Gregor Leander, editor,
Fast Software Encryption - 22nd International Workshop, FSE 2015, Istanbul, Turkey, March 8-11, 2015, Revised Selected Papers
, volume 9054 of
Lecture Notes in Computer Science
, pages 130–149. 2015. Springer. DOI:
10.1007/978-3-662-48116-5_7
John Chan and Phillip Rogaway. On Committing Authenticated-Encryption. In Vijayalakshmi Atluri, Roberto Di Pietro, Christian Damsgaard Jensen, and Weizhi Meng, editors,
Computer Security - ESORICS 2022 - 27th European Symposium on Research in Computer Security, Copenhagen, Denmark, September 26-30, 2022, Proceedings, Part II
, volume 13555 of
Lecture Notes in Computer Science
, pages 275–294. 2022. Springer. DOI:
10.1007/978-3-031-17146-8_14
Yevgeniy Dodis, Paul Grubbs, Thomas Ristenpart, and Joanne Woodage. Fast Message Franking: From Invisible Salamanders to Encryptment. In Hovav Shacham and Alexandra Boldyreva, editors,
Advances in Cryptology - CRYPTO 2018 - 38th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 19-23, 2018, Proceedings, Part I
, volume 10991 of
Lecture Notes in Computer Science
, pages 155–186. 2018. Springer. DOI:
10.1007/978-3-319-96884-1_6
Antonio Flórez-Gutiérrez, Lorenzo Grassi, Gregor Leander, Ferdinand Sibleyras, and Yosuke Todo. General Practical Cryptanalysis of the Sum of Round-Reduced Block Ciphers and ZIP-AES. In Kai-Min Chung and Yu Sasaki, editors,
Advances in Cryptology - ASIACRYPT 2024 - 30th International Conference on the Theory and Application of Cryptology and Information Security, Kolkata, India, December 9-13, 2024, Proceedings, Part IX
, volume 15492 of
Lecture Notes in Computer Science
, pages 280–311. 2024. Springer. DOI:
10.1007/978-981-96-0947-5_10
Paul Grubbs, Jiahui Lu, and Thomas Ristenpart. Message Franking via Committing Authenticated Encryption. In Jonathan Katz and Hovav Shacham, editors,
Advances in Cryptology - CRYPTO 2017 - 37th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 20-24, 2017, Proceedings, Part III
, volume 10403 of
Lecture Notes in Computer Science
, pages 66–97. 2017. Springer. DOI:
10.1007/978-3-319-63697-9_3
Shay Gueron and Nicky Mouha. Simpira v2: A Family of Efficient Permutations Using the AES Round Function. In Jung Hee Cheon and Tsuyoshi Takagi, editors,
Advances in Cryptology - ASIACRYPT 2016 - 22nd International Conference on the Theory and Application of Cryptology and Information Security, Hanoi, Vietnam, December 4-8, 2016, Proceedings, Part I
, volume 10031 of
Lecture Notes in Computer Science
, pages 95–125. 2016. DOI:
10.1007/978-3-662-53887-6_4
Louis Goubin. A Sound Method for Switching between Boolean and Arithmetic Masking. In Çetin Kaya Koç, David Naccache, and Christof Paar, editors,
Cryptographic Hardware and Embedded Systems - CHES 2001, Third International Workshop, Paris, France, May 14-16, 2001, Proceedings
, volume 2162 of
Lecture Notes in Computer Science
, pages 3–15. 2001. Springer. DOI:
10.1007/3-540-44709-1_2
Qingliang Hou, Xiaoyang Dong, Lingyue Qin, Guoyan Zhang, and Xiaoyun Wang. Automated Meet-in-the-Middle Attack Goes to Feistel. In Jian Guo and Ron Steinfeld, editors,
Advances in Cryptology - ASIACRYPT 2023 - 29th International Conference on the Theory and Application of Cryptology and Information Security, Guangzhou, China, December 4-8, 2023, Proceedings, Part III
, volume 14440 of
Lecture Notes in Computer Science
, pages 370–404. 2023. Springer. DOI:
10.1007/978-981-99-8727-6_13
Michael Hutter. Threshold Implementations in Industry: A Case Study on SHA-256. In Begül Bilgin, Svetla Nikova, and Vincent Rijmen, editors,
Proceedings of the ACM Workshop on Theory of Implementation Security, TIS@CCS 2016 Vienna, Austria, October, 2016
, pages 37. 2016. ACM. DOI:
10.1145/2996366.2996373
Stéphanie Kerckhof, François Durvaux, Cédric Hocquet, David Bol, and François-Xavier Standaert. Towards Green Cryptography: A Comparison of Lightweight Ciphers from the Energy Viewpoint. In Emmanuel Prouff and Patrick Schaumont, editors,
Cryptographic Hardware and Embedded Systems - CHES 2012 - 14th International Workshop, Leuven, Belgium, September 9-12, 2012. Proceedings
, volume 7428 of
Lecture Notes in Computer Science
, pages 390–407. 2012. Springer. DOI:
10.1007/978-3-642-33027-8_23
Fukang Liu, Christoph Dobraunig, Florian Mendel, Takanori Isobe, Gaoli Wang, and Zhenfu Cao. Efficient Collision Attack Frameworks for RIPEMD-160. In Alexandra Boldyreva and Daniele Micciancio, editors,
Advances in Cryptology - CRYPTO 2019 - 39th Annual International Cryptology Conference, Santa Barbara, CA, USA, August 18-22, 2019, Proceedings, Part II
, volume 11693 of
Lecture Notes in Computer Science
, pages 117–149. 2019. Springer. DOI:
10.1007/978-3-030-26951-7_5
Fukang Liu, Gaoli Wang, Santanu Sarkar, Ravi Anand, Willi Meier, Yingxin Li, and Takanori Isobe. Analysis of RIPEMD-160: New Collision Attacks and Finding Characteristics with MILP. In Carmit Hazay and Martijn Stam, editors,
Advances in Cryptology - EUROCRYPT 2023 - 42nd Annual International Conference on the Theory and Applications of Cryptographic Techniques, Lyon, France, April 23-27, 2023, Proceedings, Part IV
, volume 14007 of
Lecture Notes in Computer Science
, pages 189–219. 2023. Springer. DOI:
10.1007/978-3-031-30634-1_7
Brice Minaud. Linear Biases in AEGIS Keystream. In Antoine Joux and Amr M. Youssef, editors,
Selected Areas in Cryptography - SAC 2014 - 21st International Conference, Montreal, QC, Canada, August 14-15, 2014, Revised Selected Papers
, volume 8781 of
Lecture Notes in Computer Science
, pages 290–305. 2014. Springer. DOI:
10.1007/978-3-319-13051-4_18
Yu Sasaki and Kazumaro Aoki. Finding Preimages in Full MD5 Faster Than Exhaustive Search. In Antoine Joux, editor,
Advances in Cryptology - EUROCRYPT 2009, 28th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Cologne, Germany, April 26-30, 2009. Proceedings
, volume 5479 of
Lecture Notes in Computer Science
, pages 134–152. 2009. Springer. DOI:
10.1007/978-3-642-01001-9_8
Yu Sasaki. Meet-in-the-Middle Preimage Attacks on AES Hashing Modes and an Application to Whirlpool. In Antoine Joux, editor,
Fast Software Encryption - 18th International Workshop, FSE 2011, Lyngby, Denmark, February 13-16, 2011, Revised Selected Papers
, volume 6733 of
Lecture Notes in Computer Science
, pages 378–396. 2011. Springer. DOI:
10.1007/978-3-642-21702-9_22
Yu Sasaki. Preimage Attacks on Feistel-SP Functions: Impact of Omitting the Last Network Twist. In Michael J. Jacobson Jr., Michael E. Locasto, Payman Mohassel, and Reihaneh Safavi-Naini, editors,
Applied Cryptography and Network Security - 11th International Conference, ACNS 2013, Banff, AB, Canada, June 25-28, 2013. Proceedings
, volume 7954 of
Lecture Notes in Computer Science
, pages 170–185. 2013. Springer. DOI:
10.1007/978-3-642-38980-1_11
Takuro Shiraya, Kosei Sakamoto, and Takanori Isobe. Bit-Wise Analysis for Forgery Attacks on AES-Based AEAD Schemes. In Kazuhiko Minematsu and Mamoru Mimura, editors,
Advances in Information and Computer Security - 19th International Workshop on Security, IWSEC 2024, Kyoto, Japan, September 17-19, 2024, Proceedings
, volume 14977 of
Lecture Notes in Computer Science
, pages 3–22. 2024. Springer. DOI:
10.1007/978-981-97-7737-2_1
Ivan Tjuawinata, Tao Huang, and Hongjun Wu. Cryptanalysis of Simpira v2. In Josef Pieprzyk and Suriadi Suriadi, editors,
Information Security and Privacy - 22nd Australasian Conference, ACISP 2017, Auckland, New Zealand, July 3-5, 2017, Proceedings, Part I
, volume 10342 of
Lecture Notes in Computer Science
, pages 384–401. 2017. Springer. DOI:
10.1007/978-3-319-60055-0_20
Kazuma Taka, Tatsuya Ishikawa, Kosei Sakamoto, and Takanori Isobe. An Efficient Strategy to Construct a Better Differential on Multiple-Branch-Based Designs: Application to Orthros. In Mike Rosulek, editor,
Topics in Cryptology - CT-RSA 2023 - Cryptographers' Track at the RSA Conference 2023, San Francisco, CA, USA, April 24-27, 2023, Proceedings
, volume 13871 of
Lecture Notes in Computer Science
, pages 277–304. 2023. Springer. DOI:
10.1007/978-3-031-30872-7_11
Kodai Taiyama, Kosei Sakamoto, Rentaro Shiba, and Takanori Isobe. Collision Attacks on Hashing Modes of Areion. In Markulf Kohlweiss, Roberto Di Pietro, and Alastair Beresford, editors,
Cryptology and Network Security - 23rd International Conference, CANS 2024, Cambridge, UK, September 24-27, 2024, Proceedings, Part II
, volume 14906 of
Lecture Notes in Computer Science
, pages 265–285. 2024. Springer. DOI:
10.1007/978-981-97-8016-7_12
Hongjun Wu and Bart Preneel. AEGIS: A Fast Authenticated Encryption Algorithm. In Tanja Lange, Kristin E. Lauter, and Petr Lisonek, editors,
Selected Areas in Cryptography - SAC 2013 - 20th International Conference, Burnaby, BC, Canada, August 14-16, 2013, Revised Selected Papers
, volume 8282 of
Lecture Notes in Computer Science
, pages 185–201. 2013. Springer. DOI:
10.1007/978-3-662-43414-7_10
Takuro Shiraya, Subhadeep Banik, Tatsuya Ishikawa, Ryoma Ito, Mostafizar Rahman, Kosei Sakamoto, Atsushi Tanaka, Shion Utsumi, and
Takanori Isobe, Exploring SHA Instructions and Its Application to AES-based Schemes.
IACR Communications in Cryptology
, vol. 2, no. 3, Oct 06, 2025, doi: 10.62056/anxrudy6b.
BibTeX, etc
@article{10.62056/anxrudy6b,
author={Takuro Shiraya and Subhadeep Banik and Tatsuya Ishikawa and Ryoma Ito and Mostafizar Rahman and Kosei Sakamoto and Atsushi Tanaka and Shion Utsumi and Takanori Isobe},
title={Exploring {SHA} Instructions and Its Application to {AES}-based Schemes},
volume={2},
number={3},
year={2025},
date={2025-10-06},
issn={3006-5496},
doi={10.62056/anxrudy6b},
journal={{IACR} Communications in Cryptology},
publisher={International Association for Cryptologic Research}
TY - JOUR
AU - Takuro Shiraya
AU - Subhadeep Banik
AU - Tatsuya Ishikawa
AU - Ryoma Ito
AU - Mostafizar Rahman
AU - Kosei Sakamoto
AU - Atsushi Tanaka
AU - Shion Utsumi
AU - Takanori Isobe
PY - 2025
TI - Exploring SHA Instructions and Its Application to AES-based Schemes
JF - IACR Communications in Cryptology
JA - CIC
VL - 2
IS - 3
DO - 10.62056/anxrudy6b
UR - https://doi.org/10.62056/anxrudy6b
AB - <p>In this paper, we explore the potential of improving AES-based schemes by integrating SHA instructions alongside AES instructions, starting from the key observation that SHA instructions can be executed in parallel with AES instructions on modern processors. We investigate conditions for parallel execution, the invocation ratio, and overhead of type conversions, and then provide guidelines for efficient SHA instruction usage with AES instructions. Applying these guidelines, we integrate SHA round functions into the AES-based short-input hash functions of Simpira and Areion, resulting in approximately 50% faster performance by achieving security with fewer iterations. Besides, we apply integration of SHA instructions to AES-based AEAD schemes of AEGIS-128L, which supports a 256-bit tag but has recently been shown to fall short of providing full 256-bit forgery security. We demonstrate that hybrid schemes can achieve 256-bit forgery security for AEGIS-128L while preserving performance. </p>
ER -
Takuro Shiraya, Subhadeep Banik, Tatsuya Ishikawa, Ryoma Ito, Mostafizar Rahman, Kosei Sakamoto, Atsushi Tanaka, Shion Utsumi, and
Takanori Isobe, Exploring SHA Instructions and Its Application to AES-based Schemes. IACR Communications in Cryptology, vol. 2, no. 3, Oct 06, 2025, doi: 10.62056/anxrudy6b.
We do not crawl the web, so we are only able to identify
citations from papers that are registered with a DOI in
crossref.org and the publisher reports their citations to
crossref, and crossref can identify a DOI from the
reference. That includes (most) articles from Springer and
many from ACM, but it excludes citations from USENIX because
they don't issue DOIs. It also excludes citations from arxiv
and eprint. You may find more citations in
Google Scholar.
