Lightweight Unified Sha-3/Shake Architecture with a Fault-Resilient State

Hash functions have become a key part of standard Post-quantum cryptography (PQC) schemes, especially Sha-3 and Shake, calling arXiv:submit/7045552 [cs.AR] 3 Dec 2025 for lightweight implementation. A fault-resilient design is always desirable to make the whole PQC system reliable. We, therefore, propose a) a unified hash engine supporting Sha-3 and Shake that follows a byte-wise in-place partitioning mechanism of the so-called Keccak state, and b) an according fault detection for Keccak state protection exploiting its cube structure by deploying two-dimensional parity checks. It outperforms the state-of-the-art (SoA) regarding area requirements at competitive register-level fault detection by achieving 100% detection of three and still near 100% of higher numbers of Keccak state faults. Unlike SoA solutions, the proposed unified hash engine covers all standard hash configurations. Moreover, the introduced multidimensional cross-parity check mechanism achieves a 3.7x improvement in area overhead, with an overall 4.5x smaller fault-resilient engine design as demonstrated in ASIC and FPGA implementations. Integrated into a RISC-V environment, the unified hash engine with the integrated fault-resilient mechanism introduced less than 8% area overhead. Our approach thus provides a robust and lightweight fault-detection solution for protecting hash functions deployed in resource-constrained PQC applications.