-
On Constructing Secure and Hardware-Efficient Invertible Map**s
Authors:
Elena Dubrova
Abstract:
Our society becomes increasingly dependent on wireless communications. The tremendous growth in the number and type of wirelessly connected devices in a combination with the drop** cost for performing cyberattacks create new challenges for assuring security of services and applications provided by the next generation of wireless communication networks. The situation is complicated even further b…
▽ More
Our society becomes increasingly dependent on wireless communications. The tremendous growth in the number and type of wirelessly connected devices in a combination with the drop** cost for performing cyberattacks create new challenges for assuring security of services and applications provided by the next generation of wireless communication networks. The situation is complicated even further by the fact that many end-point Internet of Things (IoT) devices have very limited resources for implementing security functionality. This paper addresses one of the aspects of this important, many-faceted problem - the design of hardware-efficient cryptographic primitives suitable for the protection of resource-constrained IoT devices. We focus on cryptographic primitives based on the invertible map**s of type $\{0,1,\ldots,2^n-1\} \rightarrow \{0,1,\ldots,2^n-1\}$. In order to check if a given map** is invertible or not, we generally need an exponential in $n$ number of steps. In this paper, we derive a sufficient condition for invertibility which can be checked in $O(n^2 N)$ time, where $N$ is the size of representation of the largest function in the map**. Our results can be used for constructing cryptographically secure invertible map**s which can be efficiently implemented in hardware.
△ Less
Submitted 11 February, 2016; v1 submitted 1 December, 2015;
originally announced December 2015.
-
Two Countermeasures Against Hardware Trojans Exploiting Non-Zero Aliasing Probability of BIST
Authors:
Elena Dubrova,
Mats Näslund,
Gunnar Carlsson,
John Fornehed,
Ben Smeets
Abstract:
The threat of hardware Trojans has been widely recognized by academia, industry, and government agencies. A Trojan can compromise security of a system in spite of cryptographic protection. The damage caused by a Trojan may not be limited to a business or reputation, but could have a severe impact on public safety, national economy, or national security. An extremely stealthy way of implementing ha…
▽ More
The threat of hardware Trojans has been widely recognized by academia, industry, and government agencies. A Trojan can compromise security of a system in spite of cryptographic protection. The damage caused by a Trojan may not be limited to a business or reputation, but could have a severe impact on public safety, national economy, or national security. An extremely stealthy way of implementing hardware Trojans has been presented by Becker et al. at CHES'2012. Their work have shown that it is possible to inject a Trojan in a random number generator compliant with FIPS 140-2 and NIST SP800-90 standards by exploiting non-zero aliasing probability of Logic Built-In-Self-Test (LBIST). In this paper, we present two methods for modifying LBIST to prevent such an attack. The first method makes test patterns dependent on a configurable key which is programed into a chip after the manufacturing stage. The second method uses a remote test management system which can execute LBIST using a different set of test patterns at each test cycle.
△ Less
Submitted 24 November, 2015;
originally announced November 2015.
-
A Fast Heuristic Algorithm for Redundancy Removal
Authors:
Maxim Teslenko,
Elena Dubrova
Abstract:
Redundancy identification is an important step of the design flow that typically follows logic synthesis and optimization. In addition to reducing circuit area, power consumption, and delay, redundancy removal also improves testability. All commercially available synthesis tools include a redundancy removal engine which is often run multiple times on the same netlist during optimization. This pape…
▽ More
Redundancy identification is an important step of the design flow that typically follows logic synthesis and optimization. In addition to reducing circuit area, power consumption, and delay, redundancy removal also improves testability. All commercially available synthesis tools include a redundancy removal engine which is often run multiple times on the same netlist during optimization. This paper presents a fast heuristic algorithm for redundancy removal in combinational circuits. Our idea is to provide a quick partial solution which can be used for the intermediate redundancy removal runs instead of exact ATPG or SAT-based approaches. The presented approach has a higher implication power than the traditional heuristic algorithms, such as FIRE, e.g. on average it removes 37% more redundancies than FIRE with no penalty in runtime.
△ Less
Submitted 23 March, 2015;
originally announced March 2015.
-
A Linear-Time Algorithm for Finding All Double-Vertex Dominators of a Given Vertex
Authors:
Maxim Teslenko,
Elena Dubrova
Abstract:
Dominators provide a general mechanism for identifying reconverging paths in graphs. This is useful for a number of applications in Computer-Aided Design (CAD) including signal probability computation in biased random simulation, switching activity estimation in power and noise analysis, and cut points identification in equivalence checking. However, traditional single-vertex dominators are too ra…
▽ More
Dominators provide a general mechanism for identifying reconverging paths in graphs. This is useful for a number of applications in Computer-Aided Design (CAD) including signal probability computation in biased random simulation, switching activity estimation in power and noise analysis, and cut points identification in equivalence checking. However, traditional single-vertex dominators are too rare in circuit graphs. In order to handle reconverging paths more efficiently, we consider the case of double-vertex dominators which occur more frequently. First, we derive a number of specific properties of double-vertex dominators. Then, we describe a data structure for representing all double-vertex dominators of a given vertex in linear space. Finally, we present an algorithm for finding all double-vertex dominators of a given vertex in linear time. Our results provide an efficient systematic way of partitioning large graphs along the reconverging points of the signal flow.
△ Less
Submitted 17 March, 2015;
originally announced March 2015.
-
Logic BIST: State-of-the-Art and Open Problems
Authors:
Nan Li,
Gunnar Carlsson,
Elena Dubrova,
Kim Petersen
Abstract:
Many believe that in-field hardware faults are too rare in practice to justify the need for Logic Built-In Self-Test (LBIST) in a design. Until now, LBIST was primarily used in safety-critical applications. However, this may change soon. First, even if costly methods like burn-in are applied, it is no longer possible to get rid of all latent defects in devices at leading-edge technology. Second, d…
▽ More
Many believe that in-field hardware faults are too rare in practice to justify the need for Logic Built-In Self-Test (LBIST) in a design. Until now, LBIST was primarily used in safety-critical applications. However, this may change soon. First, even if costly methods like burn-in are applied, it is no longer possible to get rid of all latent defects in devices at leading-edge technology. Second, demands for high reliability spread to consumer electronics as smartphones replace our wallets and IDs. However, today many ASIC vendors are reluctant to use LBIST. In this paper, we describe the needs for successful deployment of LBIST in the industrial practice and discuss how these needs can be addressed. Our work is hoped to attract a wider attention to this important research topic.
△ Less
Submitted 16 March, 2015;
originally announced March 2015.
-
An Algorithm for Constructing a Smallest Register with Non-Linear Update Generating a Given Binary Sequence
Authors:
Nan Li,
Elena Dubrova
Abstract:
Registers with Non-Linear Update (RNLUs) are a generalization of Non-Linear Feedback Shift Registers (NLFSRs) in which both, feedback and feedforward, connections are allowed and no chain connection between the stages is required. In this paper, a new algorithm for constructing RNLUs generating a given binary sequence is presented. Expected size of RNLUs constructed by the presented algorithm is p…
▽ More
Registers with Non-Linear Update (RNLUs) are a generalization of Non-Linear Feedback Shift Registers (NLFSRs) in which both, feedback and feedforward, connections are allowed and no chain connection between the stages is required. In this paper, a new algorithm for constructing RNLUs generating a given binary sequence is presented. Expected size of RNLUs constructed by the presented algorithm is proved to be O(n/log(n/p)), where n is the sequence length and p is the degree of parallelization. This is asymptotically smaller than the expected size of RNLUs constructed by previous algorithms and the expected size of LFSRs and NLFSRs generating the same sequence. The presented algorithm can potentially be useful for many applications, including testing, wireless communications, and cryptography.
△ Less
Submitted 24 June, 2013;
originally announced June 2013.
-
Embedding of Deterministic Test Data for In-Field Testing
Authors:
Nan Li,
Elena Dubrova
Abstract:
This paper presents a new feedback shift register-based method for embedding deterministic test patterns on-chip suitable for complementing conventional BIST techniques for in-field testing. Our experimental results on 8 real designs show that the presented approach outperforms the bit-flip** approach by 24.7% on average. We also show that it is possible to exploit the uneven distribution of don…
▽ More
This paper presents a new feedback shift register-based method for embedding deterministic test patterns on-chip suitable for complementing conventional BIST techniques for in-field testing. Our experimental results on 8 real designs show that the presented approach outperforms the bit-flip** approach by 24.7% on average. We also show that it is possible to exploit the uneven distribution of don't care bits in test patterns in order to reduce the area required for storing deterministic test patterns more than 3 times with less than 2% fault coverage drop.
△ Less
Submitted 23 January, 2013;
originally announced February 2013.
-
Ring Oscillator Physical Unclonable Function with Multi Level Supply Voltages
Authors:
Shohreh Sharif Mansouri,
Elena Dubrova
Abstract:
One of the most common types of Physical Unclonable Functions (PUFs) is the ring oscillator PUF (RO-PUF), in which the output bits are obtained by comparing the oscillation frequencies of different ring oscillators. In this paper we design a new type of ring oscillator PUF in which the different inverters composing the ring oscillators can be supplied by different voltages. The new RO-PUF can be u…
▽ More
One of the most common types of Physical Unclonable Functions (PUFs) is the ring oscillator PUF (RO-PUF), in which the output bits are obtained by comparing the oscillation frequencies of different ring oscillators. In this paper we design a new type of ring oscillator PUF in which the different inverters composing the ring oscillators can be supplied by different voltages. The new RO-PUF can be used to (1) increase the maximum number of possible challenge/response pairs produced by the PUF; (2) generate a high number of bits while consuming a low area; (3) improve the reliability of the PUF in case of temperature variations. We present the basic idea of the new RO-PUF and then discuss its applications.
△ Less
Submitted 17 July, 2012;
originally announced July 2012.
-
AIG Rewriting Using 5-Input Cuts
Authors:
Nan Li,
Elena Dubrova
Abstract:
Rewriting is a common approach to logic optimization based on local transformations. Most commercially available logic synthesis tools include a rewriting engine that may be used multiple times on the same netlist during optimization. This paper presents an And-Inverter graph based rewriting algorithm using 5-input cuts. The best circuits are pre-computed for a subset of NPN classes of 5-variable…
▽ More
Rewriting is a common approach to logic optimization based on local transformations. Most commercially available logic synthesis tools include a rewriting engine that may be used multiple times on the same netlist during optimization. This paper presents an And-Inverter graph based rewriting algorithm using 5-input cuts. The best circuits are pre-computed for a subset of NPN classes of 5-variable functions. Cut enumeration and Boolean matching are used to identify replacement candidates. The presented approach is expected to complement existing rewriting approaches which are usually based on 4-input cuts. The experimental results show that, by adding the new rewriting algorithm to ABC synthesis tool, we can further reduce the area of heavily optimized large circuits by 5.57% on average.
△ Less
Submitted 18 August, 2011;
originally announced August 2011.
-
Synthesis of Parallel Binary Machines
Authors:
Elena Dubrova
Abstract:
Binary machines are a generalization of Feedback Shift Registers (FSRs) in which both, feedback and feedforward, connections are allowed and no chain connection between the register stages is required. In this paper, we present an algorithm for synthesis of binary machines with the minimum number of stages for a given degree of parallelization. Our experimental results show that for sequences with…
▽ More
Binary machines are a generalization of Feedback Shift Registers (FSRs) in which both, feedback and feedforward, connections are allowed and no chain connection between the register stages is required. In this paper, we present an algorithm for synthesis of binary machines with the minimum number of stages for a given degree of parallelization. Our experimental results show that for sequences with high linear complexity such as complementary, Legendre, or truly random, parallel binary machines are an order of magnitude smaller than parallel FSRs generating the same sequence. The presented approach can potentially be of advantage for any application which requires sequences with high spectrum efficiency or high security, such as data transmission, wireless communications, and cryptography.
△ Less
Submitted 23 May, 2011;
originally announced May 2011.
-
Synthesis of Binary k-Stage Machines
Authors:
Elena Dubrova
Abstract:
An algorithm for constructing a shortest binary k-stage machine generating a given binary sequence is presented. This algorithm can be considered as an extension of Berlekamp-Massey algorithm to the non-linear case.
An algorithm for constructing a shortest binary k-stage machine generating a given binary sequence is presented. This algorithm can be considered as an extension of Berlekamp-Massey algorithm to the non-linear case.
△ Less
Submitted 29 September, 2010;
originally announced September 2010.
-
An Improved Implementation of Grain
Authors:
Shohreh Sharif Mansouri,
Elena Dubrova
Abstract:
A common approach to protect confidential information is to use a stream cipher which combines plain text bits with a pseudo-random bit sequence. Among the existing stream ciphers, Non-Linear Feedback Shift Register (NLFSR)-based ones provide the best trade-off between cryptographic security and hardware efficiency. In this paper, we show how to further improve the hardware efficiency of Grain s…
▽ More
A common approach to protect confidential information is to use a stream cipher which combines plain text bits with a pseudo-random bit sequence. Among the existing stream ciphers, Non-Linear Feedback Shift Register (NLFSR)-based ones provide the best trade-off between cryptographic security and hardware efficiency. In this paper, we show how to further improve the hardware efficiency of Grain stream cipher. By transforming the NLFSR of Grain from its original Fibonacci configuration to the Galois configuration and by introducing a clock division block, we double the throughput of the 80 and 128-bit key 1bit/cycle architectures of Grain with no area penalty.
△ Less
Submitted 29 October, 2009;
originally announced October 2009.
-
Finding matching initial states for equivalent NLFSRs in the fibonacci and the galois configurations
Authors:
Elena Dubrova
Abstract:
In this paper, a map** between initial states of the Fibonacci and the Galois configurations of NLFSRs is established. We show how to choose initial states for two configurations so that the resulting output sequences are equivalent.
In this paper, a map** between initial states of the Fibonacci and the Galois configurations of NLFSRs is established. We show how to choose initial states for two configurations so that the resulting output sequences are equivalent.
△ Less
Submitted 18 March, 2009;
originally announced March 2009.
-
An equivalence preserving transformation from the Fibonacci to the Galois NLFSRs
Authors:
Elena Dubrova
Abstract:
Conventional Non-Linear Feedback Shift Registers (NLFSRs) use the Fibonacci configuration in which the value of the first bit is updated according to some non-linear feedback function of previous values of other bits, and each remaining bit repeats the value of its previous bit. We show how to transform the feedback function of a Fibonacci NLFSR into several smaller feedback functions of individ…
▽ More
Conventional Non-Linear Feedback Shift Registers (NLFSRs) use the Fibonacci configuration in which the value of the first bit is updated according to some non-linear feedback function of previous values of other bits, and each remaining bit repeats the value of its previous bit. We show how to transform the feedback function of a Fibonacci NLFSR into several smaller feedback functions of individual bits. Such a transformation reduces the propagation time, thus increasing the speed of pseudo-random sequence generation. The practical significance of the presented technique is that is makes possible increasing the keystream generation speed of any Fibonacci NLFSR-based stream cipher with no penalty in area.
△ Less
Submitted 30 January, 2008; v1 submitted 28 January, 2008;
originally announced January 2008.
