SHA instruction set

A SHA instruction set is a set of extensions to the ARM, RISC-V and x86 instruction set architecture which support hardware acceleration of the Secure Hash Algorithm (SHA) family.

ARM

SHA-1 and SHA-256 instructions appeared as optional features (FEAT_SHA1 and FEAT_SHA256) in the Arm V8.0 architecture introduced in 2011. ^[1] The instructions are:

SHA-1: SHA1C, SHA1H, SHA1M, SHA1P, SHA1SU0, SHA1SU1
SHA-256: SHA256H, SHA256H2, SHA256SU0, SHA256SU1

SHA-512 and SHA-3 instructions appeared as optional features (FEAT_SHA512 and FEAT_SHA3) in the Arm V8.2 architecture. ^[2] The instruction are:

SHA-512: SHA512H, SHA512H2, SHA512SU0, SHA512SU1
SHA-3: EOR3, RAX1, XAR, BCAX

A scalable vector extension (SVE) version of the SHA-3 instructions appeared as an optional feature (FEAT_SVE_SHA3) in the Arm V9.0 architecture. ^[3]

RISC-V

SHA2 instructions are part of the Zknh extension part of the RISC-V Cryptography Extensions Volume I: Scalar & Entropy Source Instructions ratified in November 2021^[4].

x86 architecture processors

The original SSE-based extensions added four instructions supporting SHA-1 and three for SHA-256 and were specified in 2013 by Intel.^[5] Instructions for SHA-512 was introduced in Arrow Lake and Lunar Lake in 2024. .

SHA-1: SHA1RNDS4, SHA1NEXTE, SHA1MSG1, SHA1MSG2
SHA-256: SHA256RNDS2, SHA256MSG1, SHA256MSG2

The newer SHA-512 instruction set comprises AVX-based versions of the original SHA instruction set marked with a V prefix and these three new AVX-based instructions for SHA-512:

VSHA512RNDS2, VSHA512MSG1, VSHA512MSG2

AMD

All recent AMD processors support the original SHA instruction set:

AMD Zen^[6] (2017) and later processors.

Intel

The following Intel processors support the original SHA instruction set:

Intel Goldmont^[7] (2016) and later Atom microarchitecture processors.
Intel Cannon Lake^[8] (2018/2019), Ice Lake^[9] (2019) and later processors for laptops ("mainstream mobile").
Intel Rocket Lake (2021) and later processors for desktop computers.

The following Intel processors will support the newer SHA-512 instruction set:

Intel Arrow Lake and Lunar Lake processors.

References

^ "The Armv8.0 architecture extension". Retrieved 2025-12-11.
^ "The Armv8.2 architecture extension". Retrieved 2025-12-11.
^ "The Armv9.0 architecture extension". Retrieved 2025-12-11.
^ "Ratified Extensions". Retrieved 2025-02-12.
^ "New Instructions Supporting the Secure Hash Algorithm on Intel® Architecture Processors". intel.com. Retrieved 2024-07-25.
^ "Zen - Microarchitectures - AMD - WikiChip". en.wikichip.org. Retrieved 2024-07-25.
^ "Goldmont - Microarchitectures - Intel - WikiChip". en.wikichip.org. Retrieved 2024-07-25.
^ "Cannon Lake - Microarchitectures - Intel - WikiChip". en.wikichip.org. Retrieved 2024-07-25.
^ "Ice Lake (client) - Microarchitectures - Intel - WikiChip". en.wikichip.org. Retrieved 2024-07-25.

External links

Chapter 8 of "Intel Architecture Instruction Set Extensions Programming Reference" (PDF). Archived from the original (PDF) on 2013-09-29.

This microcomputer- or microprocessor-related article is a stub. You can help Wikipedia by expanding it.

[1] "The Armv8.0 architecture extension". Retrieved 2025-12-11.

[2] "The Armv8.2 architecture extension". Retrieved 2025-12-11.

[3] "The Armv9.0 architecture extension". Retrieved 2025-12-11.

[4] "Ratified Extensions". Retrieved 2025-02-12.

[5] "New Instructions Supporting the Secure Hash Algorithm on Intel® Architecture Processors". intel.com. Retrieved 2024-07-25.

[6] "Zen - Microarchitectures - AMD - WikiChip". en.wikichip.org. Retrieved 2024-07-25.

[7] "Goldmont - Microarchitectures - Intel - WikiChip". en.wikichip.org. Retrieved 2024-07-25.

[8] "Cannon Lake - Microarchitectures - Intel - WikiChip". en.wikichip.org. Retrieved 2024-07-25.

[9] "Ice Lake (client) - Microarchitectures - Intel - WikiChip". en.wikichip.org. Retrieved 2024-07-25.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

v t e Instruction set extensions
SIMD (RISC)	Alpha MVI ARM NEON SVE MIPS MDMX MIPS-3D MXU MIPS SIMD PA-RISC MAX Power ISA VMX SPARC VIS
SIMD (x86)	MMX (1996) 3DNow! (1998) SSE (1999) SSE2 (2001) SSE3 (2004) SSSE3 (2006) SSE4 (2006) SSE5 ~~(2007)~~ AVX (2008) F16C (2009) XOP (2009) FMA (FMA4: 2011, FMA3: 2012) AVX2 (2013) AVX-512 (2015) AMX (2022) AVX10 (2023)
Bit manipulation	BMI (ABM: 2007, BMI1: 2012, BMI2: 2013, TBM: 2012) ADX (2014)
Compressed instructions	Thumb MIPS16e ASE RVC
Security and cryptography	PadLock (2003) AES-NI (2008); ARMv8 also has AES instructions CLMUL (2010) RDRAND (2012) SHA (2013) MPX (2015) SGX (2015) TDX (2021)
Transactional memory	TSX (2013) ASF
Virtualization	VT-x (2005) AMD-V (2006) VT-d (AMD-Vi)
Suspended extensions' dates are ~~struck through~~.