SHA-224, SHA-256, SHA-384 and SHA-512

This is a fast software implementation in C of the FIPS 180-2 hash algorithms SHA-224, SHA-256, SHA-384 and SHA-512. The code is distributed under the BSD license. For each algorithm the implementation has been verified with the NIST test vectors and with the additional vectors provided by Aaron D. Gifford.

News:

February 2, 2007: Add new optimizations and minor bug fix.

May 23, 2005: Include support of SHA-224.

April 30, 2005: First release.

Compilation options:

There is an UNROLL_LOOPS option which is disabled by default. Depending on your system if the option is enabled the hash time can be faster but it can also be slower.

Performances:

SHA-256 can achieve hashing at 27 cycles per byte for long size data on a Pentium 4 with the Intel compiler. Data lengths in the table below are in bytes and values are in cycles/byte.

Arch: Pentium 4 (Prescott), compiler: icc 8.1, compiler options: -O2 -xP -ip, software options: -DUNROLL_LOOPS

Data length	1	10	100	1,000	10,000	100,000
SHA-224	2120	212.8	41.20	27.80	26.56	26.66
SHA-256	2128	212.0	41.20	27.79	26.59	26.71
SHA-384	8056	807.2	80.56	60.89	59.12	58.44
SHA-512	8088	808.0	82.00	60.71	59.20	58.51

Arch: Pentium 4 (Prescott), compiler: gcc 3.3.4, compiler options: -O3 -march=pentium4 -fomit-frame-pointer, software options: none

Data length	1	10	100	1,000	10,000	100,000
SHA-224	2440	256.8	49.68	35.14	33.48	33.41
SHA-256	2448	257.6	49.44	35.16	33.66	33.40
SHA-384	16136	1626.4	162.40	126.40	123.95	122.70
SHA-512	16160	1628.8	162.64	126.52	124.11	122.75

Portability:

The implementation has been tested on numerous UNIX systems and on both little endian and big endian platforms.

Olivier Gay - olivier.gay@a3.epfl.ch

Last updated: February 2, 2007

SHA-224, SHA-256, SHA-384 and SHA-512

News:

Download:

github:

Users:

Compilation options:

Performances:

Portability: