Various embodiments are generally directed to techniques for secure message authentication and digital signatures, such as with a cipher-based hash function, for instance. Some embodiments are particularly directed to a secure authentication system that implements various aspects of the cipher-based hash function in dedicated hardware or circuitry. In various embodiments, the secure authentication system may implement one or more elements of the Whirlpool hash function in dedicated hardware. For instance, the compute-intensive substitute byte and mix rows blocks of the block cipher in the Whirlpool hash function may be implemented in dedicated hardware or circuitry using a combination of Galois Field arithmetic and fused scale/reduce circuits. In some embodiments, the microarchitecture of the secure authentication system may be implemented with delayed add key to limit the memory requirement to three sequential registers.

The disclosure provides a very flexible mechanism for a storage controller to create RAID stripes and to re-create corrupted stripes when necessary using the erasure coding scheme. Typically, this is known as a RAID 6 implementation/feature. The erasure code calculations are generated using the Galois Multiplication hardware and the system controller can pass any polynomial into the hardware on a per stripe calculation basis. The polynomial value is passed to the hardware via an input descriptor field. The descriptor controls the entire computation process.

For example, the present techniques may provide an energy-efficient multipurpose encryption engine capable of processing both AES and CRC algorithms using a shared Galois Field Computation Unit (GFCU). In an embodiment, an apparatus may comprise computation circuitry adapted to perform Galois Field computations and control circuitry adapted to control the computation circuitry so as to selectively compute either an Advanced Encryption Standard cipher or a Cyclic Redundancy Check.

Systems and methods are provided for comparing a first number A.sup.bit with a second number B.sup.bit. A method includes receiving, from a first computing device associated with the first number A.sup.bit, a share a.sub.1.sup.bit and a share b.sub.1.sup.bit; receiving, from a second computing device associated with the second number B.sup.bit, a share a.sub.2.sup.bit and a share b.sub.2.sup.bit, wherein the first number A.sup.bit=a.sub.1.sup.bit+a.sub.2.sup.bit mod 2.sup.64 and wherein the second number B.sup.bit=b.sub.1.sup.bit+b.sub.2.sup.bit mod 2.sup.64. The first number A.sup.bit=a.sub.1.sup.bit XOR a.sub.2.sup.bit and the second number B.sup.bit=b.sub.1.sup.bit XOR b.sub.2.sup.bit. The XOR operation includes an XOR function that applies addition modulo 2 to corresponding pairs of bits of two strings. The method includes comparing, via a comparison function that compares numbers as modulo 2.sup.64, the first number A.sup.bit and the second number B.sup.bit to generate a shared output bit indicating which number is larger.

According to one embodiment, an arithmetic circuitry is configured to: calculate an AND value that is a result of an AND operation of elements a and b of a Galois field; and calculate, for each of a plurality of mutually different sets of (u, v), a {circumflex over ()} (2.sup.u)?b {circumflex over ()} (2.sup.v), which is a product of a 2.sup.u-th power of a and a 2.sup.v-th power of b, from an XOR operation based on the AND value and a connected tensor obtained by collecting a plurality of tensors different for each set.

Disclosed apparatus and method improve the computational efficiency of encoding and decoding data having erasures according to a maximum distance separable (MDS) code based on a Reed-Solomon code. Thus, n encoded fragments are formed by multiplying k data fragments by an nk generator matrix for the MDS code. The code is formed by reducing, in the generator matrix to the extent possible, the size of the finite field to which entries belongin some cases to the base field having only two elements. In this way, unlike codes known in the art, the generator matrix has more than one column whose entries each take values in the finite field having two elements. In some cases, the generator matrix has a column whose entries each take values in one or more intermediate fields between the finite field having two elements and the encoding field.

A computing device (e.g., an FPGA or integrated circuit) processes an incoming packet comprising data to compute a Galois hash. The computing device includes a plurality of circuits, each circuit providing a respective result used to determine the Galois hash, and each circuit including: a first multiplier configured to receive a portion of the data; a first exclusive-OR gate configured to receive an output of the first multiplier as a first input, and to provide the respective result; and a second multiplier configured to receive an output of the first exclusive-OR gate, wherein the first exclusive-OR gate is further configured to receive an output of the second multiplier as a second input. In one embodiment, the computing device further comprises a second exclusive-OR gate configured to output the Galois hash, wherein each respective result is provided as an input to the second exclusive-OR gate.

Galois-field reduction circuitry for reducing a Galois-field expansion value, using an irreducible polynomial, includes a plurality of memories, each for storing a respective value derived from the irreducible polynomial and a respective combination of expansion bit values, wherein expansion bits of the expansion value address the plurality of memories to output one or more of the respective values. The Galois-field reduction circuitry also includes exclusive-OR circuitry for combining output of the plurality of memories with in-field bits of said expansion value. There are also a method of operating such Galois-field reduction circuitry to reduce a Galois-field expansion value, a programmable integrated circuit device incorporating the circuitry, a method of performing a Galois-field multiplication operation on such a programmable integrated circuit device, and a method of configuring a programmable integrated circuit device to perform such a Galois-field multiplication operation.

Subject matter disclosed herein may relate to arithmetic units of processors, and may relate more particularly to configurable arithmetic units. Configurable arithmetic units may comprise a plurality of basic units, and may further comprise a programmable fabric to selectively connect the plurality of basic units at least in part to process one or more sets of parameters in accordance with one or more specified arithmetic operations.

To reduce the processing amount of a field multiplication. A matrix application apparatus computes a vector b by multiplying a vector a and a matrix A, provided that a denotes a k-th order vector having elements a.sub.0, . . . , a.sub.k1 (a.sub.0, . . . , a.sub.k1GF(x.sup.q)), b denotes an m-th order vector having elements b.sub.0, . . . , b.sub.m1 (b.sub.0, . . . , b.sub.m1GF(x.sup.q)), and A denotes a m-by-k Vandennonde matrix. A polynomial multiplication part computes a value b.sub.i. An order reduction part designates g.sub.ih.sub.if as the value b.sub.i by using a polynomial h.sub.i obtained by dividing a part of the value b.sub.i having an order equal to or higher than q by X.sup.q and a polynomial g.sub.i formed by a part of the value b.sub.i having an order lower than q.