Hi all,
I am working on a project that requires me to run the SHAKE128 and SHAKE256 algorithms as specified in FIPS 203. I am wondering if it is possible to implement these via the CRACEN hardware accelerator on the nRF54L15. Looking through the nRF Connect SDK (v3.3.0), I can see support for the SHA-3 algorithms, and what appears to be limited (fixed-output-size) support for SHAKE256, but no SHAKE128 or variable-output-size SHAKE256. Here are some specific questions I have:
1. What exactly does the SHA-3 module of CRACEN actually do? Is it just a hardware implementation of Keccak-f, or does it also implement the sponge construction surrounding Keccak-f? If it's the latter, can we specify parameters like the rate/capacity and the output length, or are these hard-wired? I am trying to understand whether it would be feasible to create a custom driver for the SHAKE algorithms.
2. Are there any plans to update the nRF Connect SDK to support variable-length CRACEN-accelerated SHAKE128 and SHAKE256 in the near future?
If you know of any good documentation on the specific CRACEN module behaviors I would be happy to take a look. Thanks!