The stability of Non-Linear Feedback Shift Registers(NFSRs)plays an important role in the cryptographic security.Due to the complexity of nonlinear systems and the lack of efficient algebraic tools,the theorems relate...The stability of Non-Linear Feedback Shift Registers(NFSRs)plays an important role in the cryptographic security.Due to the complexity of nonlinear systems and the lack of efficient algebraic tools,the theorems related to the stability of NFSRs are still not well-developed.In this paper,we view the NFSR with periodic inputs as a Boolean control network.Based on the mathematical tool of semi-tensor product(STP),the Boolean network can be mapped into an algebraic form.Through these basic theories,we analyze the state space of non-autonomous NFSRs,and discuss the stability of an NFSR with periodic inputs of limited length or unlimited length.The simulation results are provided to prove the efficiency of the model.Based on these works,we can provide a method to analyze the stability of the NFSR with periodic input,including limited length and unlimited length.By this,we can efficiently reduce the computational complexity,and its efficiency is demonstrated by applying the theorem in simulations dealing with the stability of a non-autonomous NFSR.展开更多
Stream ciphers based on linear feedback shift register(LFSR)are suitable for constrained environments,such as satellite communications,radio frequency identification devices tag,sensor networks and Internet of Things,...Stream ciphers based on linear feedback shift register(LFSR)are suitable for constrained environments,such as satellite communications,radio frequency identification devices tag,sensor networks and Internet of Things,due to its simple hardware structures,high speed encryption and lower power consumption.LFSR,as a cryptographic primitive,has been used to generate a maximum period sequence.Because the switching of the status bits is regular,the power consumption of the LFSR is correlated in a linear way.As a result,the power consumption characteristics of stream cipher based on LFSR are vulnerable to leaking initialization vectors under the power attacks.In this paper,a new design of LFSR against power attacks is proposed.The power consumption characteristics of LFSR can be masked by using an additional LFSR and confused by adding a new filter Boolean function and a flip-flop.The design method has been implemented easily by circuits in this new design in comparison with the others.展开更多
In the current time there is an important problem that is for a received linear or nonlinear binary sequence{z_(n)}how we can find the nonlinear feedback shift register and its linear equivalent which generate this se...In the current time there is an important problem that is for a received linear or nonlinear binary sequence{z_(n)}how we can find the nonlinear feedback shift register and its linear equivalent which generate this sequence.The linear orthogonal sequences,special M-Sequences,play a big role in these methods for solving this problem.In the current research trying give illuminations about the methods which are very useful for solving this problem under short sequences,and study these methods for finding the nonlinear feedback shift register of a multiplication sequence and its linear equivalent feedback shift register of a received multiplication binary sequence{z_(n)}where the multiplication on h degrees of a binary linear sequence{a_(n)},or finding the equivalent linear feedback shift register of{z_(n)},where the sequence{z_(n)}of the form M-sequence,and these methods are very effectively.We can extend these methods for the large sequences using programming and modern computers with large memory.展开更多
An algorithm based on eigenanalysis technique and Walsh-Hadamard transform (WriT) is proposed. The algorithm contains two steps. Firstly, the received sequence is divided into temporal windows, and a covariance matr...An algorithm based on eigenanalysis technique and Walsh-Hadamard transform (WriT) is proposed. The algorithm contains two steps. Firstly, the received sequence is divided into temporal windows, and a covariance matrix is computed. The linear feedback shift register (LFSR) sequence is reconstructed from the first eigenvector of this matrix. Secondly, equations according to the recovered LFSR sequence are constructed, and the Walsh spectrum corresponding to the equations is computed. The feedback polynomial of LFSR is estimated from the Walsh spectrum. The validity of the algorithm is verified by the simulation result. Finally, case studies are presented to illustrate the performance of the blind reconstruction method.展开更多
Random numbers play a crucial role in modern security schemes. Couple to the rapid development of cryptography, the strength of security protocols and encryption algorithms consumingly relies on the quality of random ...Random numbers play a crucial role in modern security schemes. Couple to the rapid development of cryptography, the strength of security protocols and encryption algorithms consumingly relies on the quality of random number. With simple architecture and faster speed, linear feedback shift register often is selected in many applications. However, the random sequence generated by LFSR can not meet the demand of unpredictability for secure mechanism. Genetic algorithm improves the linear property of LFSR and constructs a novel random sequence generator with longer period and complex architecture.展开更多
The linear complexity of a new kind of keystream sequences.FCSR sequences,is discussed by use of the properties of cyclotomic polynomials.Based on the results of C.Seo's,an upper bound and a lower bound on the li...The linear complexity of a new kind of keystream sequences.FCSR sequences,is discussed by use of the properties of cyclotomic polynomials.Based on the results of C.Seo's,an upper bound and a lower bound on the linear complexity of a significant kind of FCSR sequences—l-sequences are presented.展开更多
In this paper, an Ethernet controller SoC solution and its low power design for testability (DFT) for information appliances are presented. On a single chip, an enhanced one-cycle 8-bit micro controller unit (MCU)...In this paper, an Ethernet controller SoC solution and its low power design for testability (DFT) for information appliances are presented. On a single chip, an enhanced one-cycle 8-bit micro controller unit (MCU), media access control (MAC) circuit and embedded memories such as static random access memory (SRAM), read only memory (ROM) and flash are all integrated together. In order to achieve high fault coverage, at the same time with low test power, different DFT techniques are adopted for different circuits: the scan circuit that reduces switching activity is implemented for digital logic circuits; BIST-based method is employed for the on-chip SRAM and ROM. According to the fault-modeling of embedded flash, we resort to a March-like method for flash built in self test (BIST). By all means above, the result shows that the fault coverage may reach 97%, and the SoC chip is implemented successfully by using 0.25 μm two-poly four-metal mixed signal complementary metal oxide semiconductor (CMOS) technology, the die area is 4.8×4.6 mm^2. Test results show that the maximum throughput of Ethemet packets may reach 7Mb·s^1.展开更多
Observability ensures that any two distinct initial states can be uniquely determined by their outputs,so the stream ciphers can avoid unobservable nonlinear feedback shift registers(NFSRs)to prevent the occurrence of...Observability ensures that any two distinct initial states can be uniquely determined by their outputs,so the stream ciphers can avoid unobservable nonlinear feedback shift registers(NFSRs)to prevent the occurrence of equivalent keys.This paper discusses the observability of Galois NFSRs over finite fields.Galois NFSRs are treated as logical networks using the semi-tensor product.The vector form of the state transition matrix is introduced,by which a necessary and sufficient condition is proposed,as well as an algorithm for determining the observability of general Galois NFSRs.Moreover,a new observability matrix is defined,which can derive a matrix method with lower computation complexity.Furthermore,the observability of two special types of Galois NFSRs,a full-length Galois NFSR and a nonsingular Galois NFSR,is investigated.Two methods are proposed to determine the observability of these two special types of NFSRs,and some numerical examples are provided to support these results.展开更多
For nonlinear feedback shift registers (NFSRs), their greatest common subfamily may be not unique. Given two NFSRs, the authors only consider the case that their greatest common subfamily exists and is unique. If th...For nonlinear feedback shift registers (NFSRs), their greatest common subfamily may be not unique. Given two NFSRs, the authors only consider the case that their greatest common subfamily exists and is unique. If the greatest common subfamily is exactly the set of all sequences which can be generated by both of them, the authors can determine it by Grobner basis theory. Otherwise, the authors can determine it under some conditions and partly solve the problem.展开更多
Based on analysis of the structure characteristics and implementation methods of some representative word oriented linear feedback shift registers (LFSRs) in several modem software oriented stream ciphers, this pape...Based on analysis of the structure characteristics and implementation methods of some representative word oriented linear feedback shift registers (LFSRs) in several modem software oriented stream ciphers, this paper firstly classifies the word oriented LFSRs into two classes: the machine instruction type and the arithmetic type. The similarities and differences between each type are illustrated by concrete examples. Then we give a detailed analysis about the word oriented LFSRs in each category from design structure, cryptographic properties and implementation issue aspects. Finally, some basic design criteria for modem word oriented LFSRs and suitable for software implementation are summarized.展开更多
A novel BIST scheme for reducing the test storage( TS) is presented. The proposed approach relies on a two-dimensional compression scheme,which combines the advantages of the previous LFSR reseeding scheme and test se...A novel BIST scheme for reducing the test storage( TS) is presented. The proposed approach relies on a two-dimensional compression scheme,which combines the advantages of the previous LFSR reseeding scheme and test set embedding technique based on ring counters( RCs) to improve the encoding efficiency. It presents a general method to determine the probability of encoding as a function of the number of specified bits in the test cube,the length of the LFSR and the width of the test set,and conclude that the probability of encoding a n-bit test cube with s specified bits using a( smax+ 1 + 20 / n)-stage LFSR with a fixed polynomial is1- 10-6. Experimental results for the ISCAS '89 benchmark circuits show that compared with the previous schemes,the proposed scheme based on LFSR-RC reseeding requires 57% less TS and 99. 1% test application time( TAT) with simple and uniform BIST control logic.展开更多
In this paper, we analyze the security of a new stream cipher-COSvd(2,128). This cipher was proposed by E. Filiol et al. at the ECRYPT SASC'2004 (The State of the Art of Stream Ciphers). It uses clock-controlled ...In this paper, we analyze the security of a new stream cipher-COSvd(2,128). This cipher was proposed by E. Filiol et al. at the ECRYPT SASC'2004 (The State of the Art of Stream Ciphers). It uses clock-controlled non-linear feedback registers together with an S-box controlled by a chaotic sequence and was claimed to prevent any existing attacks. However, our analysis shows that there are some serious security flaws in the design of the S-box, resulting in heavy biased byte distribution in the keystream. In some broadcast applications, this flaw will cause a ciphertext-only attack with high success rate. Besides, there are also many security flaws in other parts of the cipher. We point out these flaws one by one and develop a divide-and-conquer attack to recover the secret keys from O(2^26)-byte known plaintext with success rate 93.4597% and complexity O(2^113), which is much lower than 2^512, the complexity of exhaustive search.展开更多
Scan-based design for test (DFT) is a powerful and the most popular testing technique. However, while scan-based DFT improves test efficiency, it also leaves a side channel to the privacy information stored in the c...Scan-based design for test (DFT) is a powerful and the most popular testing technique. However, while scan-based DFT improves test efficiency, it also leaves a side channel to the privacy information stored in the chip. This paper investigates the side channel and proposes a simple but powerful scan-based attack that can reveal the key and/or state stored in the chips that implement the state-of-the-art stream ciphers with less than 85 scan-out vectors.展开更多
基金This work is supported by the National Natural Science Foundation of China(Grants Nos.61672020,U1803263,61662069,61762068,31560622,31260538,30960246,31672385,71761029)Project funded by China Postdoctoral Science Foundation(2013M542560,2015T81129)+6 种基金A Project of Shandong Province Higher Educational Science and Technology Program(No.J16LN61)Inner Mongolia Colleges and Universities Scientific and Technological Research Projects(Grant No.NJZC17148)CERNET Innovation Project(No.NGII20161209)Natural Science Foundation of Inner Mongolia Autonomous Region of china(No.2017MS0610,No.2017MS717)Program for Young Talents of Science and Technology in Universities of Inner Mongolia Autonomous Region(No.NJYT-18-A13)Inner Mongolia Key Laboratory of economic data analysis and mining China-Mongolia Scientific Research Capacity Building of Incubator,Joint Laboratory and Technology Transfer Center,Education research project of national finance and economics(No.MZCJYB1803)Postgraduate research and innovation project of Inner Mongolia university of finance and economics.
文摘The stability of Non-Linear Feedback Shift Registers(NFSRs)plays an important role in the cryptographic security.Due to the complexity of nonlinear systems and the lack of efficient algebraic tools,the theorems related to the stability of NFSRs are still not well-developed.In this paper,we view the NFSR with periodic inputs as a Boolean control network.Based on the mathematical tool of semi-tensor product(STP),the Boolean network can be mapped into an algebraic form.Through these basic theories,we analyze the state space of non-autonomous NFSRs,and discuss the stability of an NFSR with periodic inputs of limited length or unlimited length.The simulation results are provided to prove the efficiency of the model.Based on these works,we can provide a method to analyze the stability of the NFSR with periodic input,including limited length and unlimited length.By this,we can efficiently reduce the computational complexity,and its efficiency is demonstrated by applying the theorem in simulations dealing with the stability of a non-autonomous NFSR.
文摘Stream ciphers based on linear feedback shift register(LFSR)are suitable for constrained environments,such as satellite communications,radio frequency identification devices tag,sensor networks and Internet of Things,due to its simple hardware structures,high speed encryption and lower power consumption.LFSR,as a cryptographic primitive,has been used to generate a maximum period sequence.Because the switching of the status bits is regular,the power consumption of the LFSR is correlated in a linear way.As a result,the power consumption characteristics of stream cipher based on LFSR are vulnerable to leaking initialization vectors under the power attacks.In this paper,a new design of LFSR against power attacks is proposed.The power consumption characteristics of LFSR can be masked by using an additional LFSR and confused by adding a new filter Boolean function and a flip-flop.The design method has been implemented easily by circuits in this new design in comparison with the others.
文摘In the current time there is an important problem that is for a received linear or nonlinear binary sequence{z_(n)}how we can find the nonlinear feedback shift register and its linear equivalent which generate this sequence.The linear orthogonal sequences,special M-Sequences,play a big role in these methods for solving this problem.In the current research trying give illuminations about the methods which are very useful for solving this problem under short sequences,and study these methods for finding the nonlinear feedback shift register of a multiplication sequence and its linear equivalent feedback shift register of a received multiplication binary sequence{z_(n)}where the multiplication on h degrees of a binary linear sequence{a_(n)},or finding the equivalent linear feedback shift register of{z_(n)},where the sequence{z_(n)}of the form M-sequence,and these methods are very effectively.We can extend these methods for the large sequences using programming and modern computers with large memory.
基金supported by the National Natural Science Foundation of China(61072120)
文摘An algorithm based on eigenanalysis technique and Walsh-Hadamard transform (WriT) is proposed. The algorithm contains two steps. Firstly, the received sequence is divided into temporal windows, and a covariance matrix is computed. The linear feedback shift register (LFSR) sequence is reconstructed from the first eigenvector of this matrix. Secondly, equations according to the recovered LFSR sequence are constructed, and the Walsh spectrum corresponding to the equations is computed. The feedback polynomial of LFSR is estimated from the Walsh spectrum. The validity of the algorithm is verified by the simulation result. Finally, case studies are presented to illustrate the performance of the blind reconstruction method.
基金Supported by the National Natural Science Foundation of China (60373087, 90104005 and 60473023)
文摘Random numbers play a crucial role in modern security schemes. Couple to the rapid development of cryptography, the strength of security protocols and encryption algorithms consumingly relies on the quality of random number. With simple architecture and faster speed, linear feedback shift register often is selected in many applications. However, the random sequence generated by LFSR can not meet the demand of unpredictability for secure mechanism. Genetic algorithm improves the linear property of LFSR and constructs a novel random sequence generator with longer period and complex architecture.
基金The work is supported by the Special Fund of National Excellently Doctoral Paper and HAIPURT.
文摘The linear complexity of a new kind of keystream sequences.FCSR sequences,is discussed by use of the properties of cyclotomic polynomials.Based on the results of C.Seo's,an upper bound and a lower bound on the linear complexity of a significant kind of FCSR sequences—l-sequences are presented.
基金Supported by the National High Technology Research and Development Program of China (2006AA01Z226)
文摘In this paper, an Ethernet controller SoC solution and its low power design for testability (DFT) for information appliances are presented. On a single chip, an enhanced one-cycle 8-bit micro controller unit (MCU), media access control (MAC) circuit and embedded memories such as static random access memory (SRAM), read only memory (ROM) and flash are all integrated together. In order to achieve high fault coverage, at the same time with low test power, different DFT techniques are adopted for different circuits: the scan circuit that reduces switching activity is implemented for digital logic circuits; BIST-based method is employed for the on-chip SRAM and ROM. According to the fault-modeling of embedded flash, we resort to a March-like method for flash built in self test (BIST). By all means above, the result shows that the fault coverage may reach 97%, and the SoC chip is implemented successfully by using 0.25 μm two-poly four-metal mixed signal complementary metal oxide semiconductor (CMOS) technology, the die area is 4.8×4.6 mm^2. Test results show that the maximum throughput of Ethemet packets may reach 7Mb·s^1.
基金the National Natural Science Foundation of China(No.61877036)。
文摘Observability ensures that any two distinct initial states can be uniquely determined by their outputs,so the stream ciphers can avoid unobservable nonlinear feedback shift registers(NFSRs)to prevent the occurrence of equivalent keys.This paper discusses the observability of Galois NFSRs over finite fields.Galois NFSRs are treated as logical networks using the semi-tensor product.The vector form of the state transition matrix is introduced,by which a necessary and sufficient condition is proposed,as well as an algorithm for determining the observability of general Galois NFSRs.Moreover,a new observability matrix is defined,which can derive a matrix method with lower computation complexity.Furthermore,the observability of two special types of Galois NFSRs,a full-length Galois NFSR and a nonsingular Galois NFSR,is investigated.Two methods are proposed to determine the observability of these two special types of NFSRs,and some numerical examples are provided to support these results.
基金supported by the Natural Science Foundation of China under Grant Nos.61272042,61100202and 61170235
文摘For nonlinear feedback shift registers (NFSRs), their greatest common subfamily may be not unique. Given two NFSRs, the authors only consider the case that their greatest common subfamily exists and is unique. If the greatest common subfamily is exactly the set of all sequences which can be generated by both of them, the authors can determine it by Grobner basis theory. Otherwise, the authors can determine it under some conditions and partly solve the problem.
基金Supported by the National Basic Research Program of China (937 Program) (2007CB807902)the National High-Technology Research and Development Program of China (863 Program) (2006AA01Z425)the National Natural Science Foundation of China (60503011, 90704003)
文摘Based on analysis of the structure characteristics and implementation methods of some representative word oriented linear feedback shift registers (LFSRs) in several modem software oriented stream ciphers, this paper firstly classifies the word oriented LFSRs into two classes: the machine instruction type and the arithmetic type. The similarities and differences between each type are illustrated by concrete examples. Then we give a detailed analysis about the word oriented LFSRs in each category from design structure, cryptographic properties and implementation issue aspects. Finally, some basic design criteria for modem word oriented LFSRs and suitable for software implementation are summarized.
基金Sponsored by the National Natural Science Foundation of China(Grant No.61100031)the Fundamental Research Funds for the Central Universities(Grant No.HIT.NSRIF.2015078)
文摘A novel BIST scheme for reducing the test storage( TS) is presented. The proposed approach relies on a two-dimensional compression scheme,which combines the advantages of the previous LFSR reseeding scheme and test set embedding technique based on ring counters( RCs) to improve the encoding efficiency. It presents a general method to determine the probability of encoding as a function of the number of specified bits in the test cube,the length of the LFSR and the width of the test set,and conclude that the probability of encoding a n-bit test cube with s specified bits using a( smax+ 1 + 20 / n)-stage LFSR with a fixed polynomial is1- 10-6. Experimental results for the ISCAS '89 benchmark circuits show that compared with the previous schemes,the proposed scheme based on LFSR-RC reseeding requires 57% less TS and 99. 1% test application time( TAT) with simple and uniform BIST control logic.
基金supported by the National Natural Science Foundation of China(Grant Nos.60273027,60373047)the National Grand Fundamental Research 973 Program of China(Grant No.2004CB318004).
文摘In this paper, we analyze the security of a new stream cipher-COSvd(2,128). This cipher was proposed by E. Filiol et al. at the ECRYPT SASC'2004 (The State of the Art of Stream Ciphers). It uses clock-controlled non-linear feedback registers together with an S-box controlled by a chaotic sequence and was claimed to prevent any existing attacks. However, our analysis shows that there are some serious security flaws in the design of the S-box, resulting in heavy biased byte distribution in the keystream. In some broadcast applications, this flaw will cause a ciphertext-only attack with high success rate. Besides, there are also many security flaws in other parts of the cipher. We point out these flaws one by one and develop a divide-and-conquer attack to recover the secret keys from O(2^26)-byte known plaintext with success rate 93.4597% and complexity O(2^113), which is much lower than 2^512, the complexity of exhaustive search.
基金partially supported by the National High Technology Research and Development 863 Program of China under Grant No.2013AA013202the Key Programs for Science and Technology Development of Chongqing of China under Grant No.cstc2012ggC40005+1 种基金the National Natural Science Foundation of China under Grant No.61173014the National Science Foundation of USA under Grant No.CNS-1015802
文摘Scan-based design for test (DFT) is a powerful and the most popular testing technique. However, while scan-based DFT improves test efficiency, it also leaves a side channel to the privacy information stored in the chip. This paper investigates the side channel and proposes a simple but powerful scan-based attack that can reveal the key and/or state stored in the chips that implement the state-of-the-art stream ciphers with less than 85 scan-out vectors.
