Linear feedback shift registers (LFSRs) and nonlinear feedback shift registers (NLFSRs) are major components of stream ciphers. It has been shown that, under certain idealized assumptions, LFSRs and LFSR-based stream ciphers are susceptible to cryptanalysis using simple power analysis (SPA). In this paper, we show that simple power analysis can be practically applied to a CMOS digital hardware circuit to determine the bit values of an NLFSR and SPA therefore has applicability to NLFSR-based stream ciphers. A new approach is used with the cryptanalyst collecting power consumption information from the system on both edges (triggering and non-triggering) of the clock in the digital hardware circuit. The method is applied using simulated power measurements from an 80-bit NLFSR targeted to a 180 nm CMOS implementation. To overcome inaccuracies associated with mapping power measurements to the cipher data, we offer novel analytical techniques which help the analysis to find the bit values of the NLFSR. Using the obtained results, we analyze the complexity of the analysis on the NLFSR and show that SPA is able to successfully determine the NLFSR bits with modest computational complexity and a small number of power measurement samples.
Introduction
Stream ciphers are an important class of encryption algorithms which encrypt one character (usually a bit) of plaintext at a time. They are generally faster and less complex in hardware circuitry than block ciphers and can be effectively used in applications when characters should be processed individually as they are received. As well, low power consumption and a small circuit hardware realization make stream ciphers good candidates for lightweight applications such as RFID tags, wireless sensor nodes, and smartcards [1, 2] .
Basic components of a stream cipher typically include a linear feedback shift register (LFSR) and/or a nonlinear feedback shift register (NLFSR). If an analysis can correctly determine the bit values of the LFSR or NLFSR, it can determine the generated keystream and break the stream cipher. A side channel analysis is a class of cryptanalysis which is used to guess the key or generated keystream by examining information gained from the physical implementation of a cipher, such as timing information [3] , power consumption [4] or electromagnetic leaks [5, 6] . Some side channel attacks have been used to cryptanalyze stream ciphers. Examples include the template attack [7] , which can be applied by acquiring a device similar to one under attack and building a template of information based on power consumption for every possible key, and the fault attack [8] , which considers the information resulting from the injection of faults in the cipher hardware. As well, in [9, 10, 11] , differential power analysis is reviewed for its applicability to stream ciphers.
The applicability of the simple power analysis (SPA) of stream ciphers has been identified in [12] . The proposed method is applicable to stream ciphers based on a linear feedback shift register and was extended in [13] to apply to ciphers based on multiple LFSRs. Since many modern stream ciphers use nonlinear feedback shift registers to increase the security of the cipher, the direct methodology in [12] and [13] has limited applicability. In this paper, we propose a method based on simple power analysis to analyze the sequence of an NLFSR. Then we adapt the analysis so that, in appropriate circumstances, instead of only obtaining information at the triggering edge of the clock (i.e., the rising edge for positive edge triggered flip-flops), we may also be able to get information from power consumption at the non-triggering (i.e., falling) edge of the clock. Where such cases are possible, we can use information obtained at both the rising edge and falling edge to analyze an NLFSR to overcome the inaccuracies associated with mapping power measurements to cipher data. We use as the target environment of our studies, 180 nm CMOS standard cell technology provided by TSMC and our experimental results are obtained through simulation using Cadence design tools.
Simple Power Analysis Applied to LFSR-Based Stream Ciphers
Previously proposed SPA cryptanalyses of stream ciphers suggest measuring the dynamic power consumption of the circuit at the triggering edge of the clock (which we shall assume is the rising edge) and using the obtained data to analyze the stream cipher. In the following, we review the proposed analysis in [12] which is applicable to stream ciphers based on one LFSR and a nonlinear filtering function. Where appropriate, we have made modifications to the notation and terminology in [12] so that the analysis can be extended to apply to NLFSRs in the subsequent sections.
In such ciphers, the cipher key is typically used to initialize the bits of the LFSR.
It should be noted that the attack of [12] is an idealized attack, assuming perfect mapping between power consumption information and cipher data.
During each clock cycle, assume each bit value in the LFSR is shifted to the right and the leftmost bit of the LFSR is updated with a linear combination of current register bit values (the feedback function in Fig. 1 ). Changing the value of each bit in the register is due to change in gate outputs and transistor states and causes dynamic power consumption. We refer to the L-bit value of the register as the state.
At clock cycle t, the current state is represented as S t and the state for the next clock cycle is given as S t+1 . The Hamming distance between S t and S t−1 is given as HD t where HD t is calculated from
where s t (i) represents the value of bit i of S t with s t (0) being the rightmost bit of the LFSR, s t (L − 1) being the leftmost bit, and ⊕ representing XOR.
According to the Hamming distance power model used in the analysis [12] , the dynamic power consumption of the cipher at clock cycle t is proportional to HD t .
Between two successive clock cycles, the difference between the Hamming distances must be one of three values: HD t+1 − HD t ∈ {−1, 0, +1}, as is proven in Theorem 1 of [12] . Defining the theoretical power difference to be P D t given by
it can be seen that P D t is proportional to the difference of the measured dynamic power consumption at two consecutive clock cycles at times t and t + 1, which is an analog variable in watts and referred to as M P D t . Simply, P D t ∝ M P D t .
Substituting equation (1) into (2) results in
where the new bit value for state t + 1, s t+1 (L − 1), will be the new value of bit L − 1 based on the values of S t . If we now let the absolute value of P D t be represented as |P D t |, since |P D t | ∈ {0, 1}, we can develop equations over GF (2) and write
where we now denote s t+1 (L − 1) as s t (L) and s t (L − 1) as s t−1 (L). 1 Note that (4) is a representation of Corollary 1 in [12] . If the measured dynamic power consumption of the LFSR at clock cycle t is equal to the measured dynamic power consumption at clock cycle t + 1 (that is, M P D t ≈ 0), then we can conclude P D t = 0 and write s t (L)⊕s t−1 (L)⊕s t (0)⊕s t−1 (0) = 0 and, if the measured dynamic power consumption at time t and t + 1 are not equal (that is, M P D t = 0), we can conclude P D t = 0 and write
It is known that, for any t, the bit values of S t can be written as a linear function of the initial register state S 0 bits, that is, bits {s 0 (i)}, where 0 ≤ i < L. Hence, for a stream cipher constructed as a nonlinear filter generator using one LFSR and a nonlinear filtering function [14] , analyzing L power difference values, it is straightforward to find the initial L bit values of the LFSR and thereby determine the complete keystream sequence [12] . For this purpose, we can collect enough power samples to derive L power difference values and write L equations similar to equation (4), relating S t through the linear expressions of the LFSR to the bits of S 0 . Then we have a linear system of equations with L unknown variables and L equations, which is easily solved to determine the initial state of the LFSR, S 0 , effectively finding the cipher key which is used to initialize S 0 in a typical stream cipher. Equivalently, finding the L bit values of the LFSR at any time t is sufficient to have broken the cipher, as all subsequent keystream bits are easily determined.
It is important to note that the described SPA method of [12] assumes that the analysis is capable of exactly determining theoretical power difference values (such that P D ∈ {+1, 0, −1}) from real power consumption measurements (which are analog values in units of watts). The theoretical P D values are then used directly to determine the register bit values. In practice, this is somewhat challenging and methods to overcome this challenge are discussed later in the paper.
Idealized SPA Applied to NLFSRs
An NLFSR has a similar structure to an LFSR as shown in Fig. 1 , except the feedback function is nonlinear. In order to make stream ciphers more secure, particularly against algebraic attack, NLFSRs are widely used in stream ciphers. For example, the Grain stream cipher [15] combines the outputs of an LFSR and NLFSR to produce the keystream. Since in an NLFSR, the feedback is nonlinear, using the abovementioned method results a system of nonlinear equations which are difficult to solve. In a secure NLFSR, the order of equations relating output bits to the initial state bits increases very quickly and makes it difficult to solve the system.
We now present a new simple power analysis method applicable to NLFSRs.
Since, in a typical stream cipher, the key bits are used to initialize the NLFSR state, finding the state of the NLFSR (i.e., the L bits of the register) at any time is sufficient to break the system and determine the subsequent keystream bits. As in the previous section, we assume that the measured power consumption resulting in the measured power difference at time t, M P D t , can be accurately converted to the 
Then, when P D t = +1, we conclude
and, when P D t = −1, we can write
When P D t = 0, the two bracketed XOR results of equation (5) are both equal to either 0 or 1 and we can write
As long as P D t = 0, we can find a relation between two consecutive values of the NLFSR bits, using equation (6) or (7).
To analyze the NLFSR, we must obtain L consecutive bits of the NLFSR. Equations (6) and (7) could determine the relation between two bits of the NLFSR when
However, when P D t = 0, we cannot use equations (6) and (7) directly. Replacing t with t + L in (4), results in
Now, XORing both sides of (4) and (9) leads to
where we have made use of s t+j (i) = s t (i + j). Also, it can be shown that
The value of P D t+i must be +1, 0 or −1 implying |P D t+i | ∈ {0, 1}. Since |P D t | ⊕ |P D t+L | will be either 1 or 0, if P D t = 0, then we can write equation (6) or (7) for P D t+L if |P D t+L | is 1 and using equation (10) find the relation between s t (0) and s t−1 (0). For example, let us assume
are known from either equation (6) or (7) (with t replaced with t + L) and since the left side of equation (10) is known from power measurements then s t (0) ⊕ s t−1 (0) can be inferred. If P D t+L = 0, then power differences from cycle t + 2L must be considered. Now using equations (6) or (7) and (10), if necessary, the relationships between L pairs of consecutive bits are known. Although the actual values of the bits are not known, there are only two possibilities and both can be tested to determine which results in the correct state of the NLFSR. Since for this method, the feedback relation is not used, we can use the approach for both an NLFSR and LFSR. This method has the advantage that there is no need to solve a system of equations.
From equation (5), it is easy to see that the probability of P D t equal to zero is 1 2 . Hence, we need to obtain P D t+L for, on average, Hence, the analysis initially collects a number of consecutive power samples and then
analyzes the values. In order to estimate the probability of a successful analysis, we assume n × L consecutive power difference values have been collected. The probability of all P D t+iL values being zero for 0 ≤ i < n and a fixed value of t (and therefore not being usable to determine bits in the register) is 2 −n . If we assume the occurrence of P D t = 0 for different values of t are independent, then, given n × L power difference values, the probability that this is enough samples to analyze the
for example, for L = 80, 800 consecutive power samples (i.e., n = 10) will allow successful analysis with a probability of about 92%.
Power Consumption of D Flip-flops
The analysis outlined in the previous section and the previous work such as [12] is idealized in that it assumes a perfect determination of P D t values from measured power differences, M P D t . In this and the following sections, we consider the practical issues associated with applying simple power analysis to a simulated CMOS circuit realization of an NLFSR when the measured power difference may not lead to the correct determination of P D t . For the principal focus of our analysis, 
Power Consumption at the Rising Edge of the Clock
Previously proposed attacks assume the power consumption of the circuit at the rising (i.e., triggering) edge of the clock. Since, at the rising edge of the clock, the value of the register can change, we can conclude some gates and transistor states are changed. As can be seen from power model used in our proposed analysis and the approach of others.
In Considering the consumed power at the falling edge of the clock to analyze the cryptographic circuits has not been discussed in the previous literature. We refer to this approach as falling edge SPA or FESPA. In the subsequent sections, we use the power consumption of the circuit at the falling edge of the clock, in addition to the rising edge, to analyze cryptographic circuits. Obviously, this technique is not only applicable to stream ciphers and it could be applied to block ciphers and public key cryptographic circuits, as well.
Falling Edge SPA of LFSR/NLFSR
SPA can be applied using the power consumption information from the falling clock edge similarly to the analysis applied to the rising edge. Assuming that the new input values to the flip-flops are settled prior to the falling clock edge, the difference between the D input and Q output of a flip-flop represents the state change on the upcoming rising edge. The sum of these changes represents the Hamming distance between the register states and is therefore proportional to the power consumption on the rising edge. In other words, the power consumption on the falling edge, which is proportional to the sum of the differences of D and Q values of the flip-flops, can be used to determine an idealized power difference at time t, P D t , which can be used in (5)- (11) to determine the values of bits within the register.
Since on the falling edge, there is no state change of the register, power consumption of combinational logic for feedback or output does not contribute to the measurements on the falling edge. However, we have found in our experiments that the correlation between power consumption and register data is worse for the falling edge than the rising edge. Consider that, as shown in Fig. 4 , the power consumption curve of a D flip-flop at the falling edge has sharp tips in comparison to the power consumption graph for the rising edge. Hence, in circuits with multiple D flip-flops, when the clock signal has small differences in delay to the flip-flops, the tips may not align. As a result, the power consumption at the falling edge for the overall circuit will not necessarily correlate exactly to the sum of the individual D flip-flops' power consumption. Therefore, we expect that, due to variation in clock propagation delays in large CMOS circuits, challenges will exist in applying FESPA.
However, as we shall see, the extra information derived from the falling edge is useful in combination with information from the rising edge for a practical application of SPA.
Categorization of Power Measurements
Previously It should be noted that if measured power differences are randomly mapped to a category of {−1, 0, +1}, the probability that the categorization would be correct, P corr , is given by
where P {P D = i} represents the probability that a power difference equals i and the conditional probability is calculated as P {P D c = i|P D = i} = P {P D c = i} = P {P D = i} since the categorization is random relative to the actual P D value. Since it is reasonable to assume in an LFSR or NLFSR that the probability of generating 0 and 1 are equal, the probability of P D = +1, P D = 0, and P D = −1 are .25, .5 and .25, respectively. This results in the probability of correct categorization being 37.5% and the probability of an incorrect categorization being 62.5%. These numbers are useful as a frame of reference for the following discussion.
Categorizing M P D
In one simple approach to categorize the measured power difference ( In our analysis, we use this method to categorize M P D. However, this method is not perfect and some M P D values may be categorized incorrectly. We have applied this method to an 80-bit NLFSR. The NLFSR used is equivalent to the NLFSR used in the Grain stream cipher [15] and is defined in Appendix A. After collecting 20000 power samples through simulation (using the structure of Fig. 2 with a 500 ps transition time) and applying our categorization method, we found Because of the abovementioned categorization errors we must modify the proposed SPA in Section 3 for real applications. In doing so, we must ensure that we can identify correctly categorized power differences with high probability and must reject power differences for which we are not confident in their correct categorization.
Basic Methods to Determine Correctly Categorized P D
Here we offer some techniques which help us to find, with high probability, correct P D c , i.e., correctly categorized M P D values such that the measurement determined power difference, P D c , equals the power difference that should result from the actual data, P D. For each of the proposed methods, we have determined experimentally (through simulation of the 80-bit NLFSR) the probability of correct categorization, as well as the probability that the condition has occurred to allow us to categorize an M P D value with confidence.
Rising Edge/Falling Edge Equivalence
When we measure the power consumption of the circuit in simple power analysis, we can assume we have access to power consumption at both rising and falling edges. Based on experiments for our system, the probability of an incorrect P D c in RESPA and FESPA are .160 and .320, respectively. Then, for any clock cycle, if the categorized values are the same for both edges and we assume that the probability of correctness for the rising edge and the falling edge are independent, the probability that the categorized P D is incorrect is determined as the probability that both values are wrong and is therefore given by .160 × .320 = .051. In other words, if categorization using falling edge and rising edge show the same value, this value is correct with a theoretical probability of .949, which is similar to the experimentally measured probability of .950. This represents a much higher level of confidence then taking, on their own, either the rising edge or falling edge categorization (which have probabilities of .840 and .680, respectively). Our experiments show that we can use this technique to ensure correct categorization for about 60% of the measurements from different clock cycles, with this high probability.
Robust Threshold
Another technique to help categorize M P D values accurately is using a more robust threshold value. In this technique, we change the threshold and, instead of 25%, we categorize the smallest and largest 12.5% as P D c = −1 and P D c = +1, respectively, and the middle 25% as P D c = 0. In this approach, categorizations are correct with higher probability. Obviously, this technique can be applied to 50% of the M P D (for both rising edge and falling edge). Our experiments show that, using this approach, categorization for the rising edge is correct with a probability of .955, while for the falling edge categorization, the probability of correctness is .750.
Sequence Consistency
Another technique, which we call the sequence consistency method, can be used to improve categorization success by distinguishing correct categorizations from incorrect ones. To find the incorrect categorizations, we can use equation (11) . In (11), the right side of the equation cannot be larger than +1 or smaller than −1;
hence, at the left side P D t+L cannot be equal to P D t , unless both are equal to zero.
Extrapolating equation (11), if we add j consecutive P D terms separated by L clock cycles, we get
The right side must be from the set {−1, 0, +1} and, hence, the summation of any j consecutive P D values L bits apart can never be larger than one or smaller than minus one. Hence, if P D t = +1, then P D t+L and P D t−L must be either 0 or −1. the first four sequences is the actual sequence, our categorization of P D c t = −1 is correct and if any of the last three cases is the actual sequence, our categorization is incorrect. The probability of occurrence for each sequence is equal to 1 16 , except {0, 0, 0} which is 1 8 . If we let the probability of any individual P D t being correctly categorized be represented by P cr , then the probability of an individual P D t = 0 incorrectly categorized as +1 is equal to 1 2 (1 − P cr ). (A similar probability occurs for incorrectly categorizing 0 to −1). Hence, the probability of actual sequence {0, −1, +1} categorized as {+1, −1, +1} is equal to 1 2 (1 − P cr )P cr P cr . The probability of observing a sequence as {+1, −1, +1} is equal to summation of the probabilities of occurrence of each sequence (either 1 16 or 1 8 ) times the probability of categorizing that sequence as {+1, −1, +1}. From all possible sequences, we have selected 8 sequences with high probability for our purpose and list them in Table 1 .
Using the occurrence of these sequences on either the rising or falling edge as indicators of correct categorizations could increase the probability of categorizing M P D values correctly to a probability of .913 (as determined by experiment) and could be applied to 78% of all measured power differences.
Advanced Categorization Methods
In our analysis, we require P D c with high probability of correctness. In the previous section, we have introduced some methods to distinguish P D c which are likely to be correct. In this section, we derive P D c with even higher probability of correctness by selecting P D c values for which at least two of the above techniques are applicable. We list them as follows: 
(II) RE/FE Equivalence and Robust Threshold on FE
A similar approach could be taken based on consistency with the categorization based on the falling edge robust threshold. The experimental results show the probability of correctness for this case is .974, while the probability of occurrence of this case is .326.
(III) RE/FE Equivalence and Sequence Consistency
In this case, the two categorized values of rising edge and falling edge are the same and the sequence consistency method confirms their correctness. Our experiments show the correctness of P D c values in this case are .987, while the probability of such an occurrence is .326.
(IV) Robust Threshold on RE/FE and Sequence Consistency
In this case, the P D c value is determined by the robust threshold of RESPA Table 2 : Cases used to determine s t (0) ⊕ s t−1 (0).
or FESPA and the sequence method confirms it. Experiments show the probabilities of correctness and occurrence are .998 and .219, respectively.
During the determination for any P D c , if at least one of cases I, II, III or IV occurs, we assume that the categorization is correct. Based on the experimental results, the probability of at least one of the mentioned cases occurring for a P D c is .467 and the probability of correctness is .975.
Analyzing the NLFSR
We now consider the application of simple power analysis to the 80-bit NLFSR, using the probabilities derived from experimental results for the categorization methodologies previously described. On average, upon categorization of power measurement values, we expect that at least one of cases I, II, III, and IV occurs for
.467 × 80 ≈ 37 P D c values of the 80 bits and the resulting P D c values are correct with high probability of about .975. However, half of these P D c values will be equal to 0 and, as indicated in the Section 3, we cannot use them to obtain information on the NLFSR state bits.
Based on equations (6), (7) and (8), if we know P D t−L = +1 or −1, we can find s t (0) ⊕ s t−1 (0). Similarly, there are many scenarios for which knowing P D t−2L , P D t+L , or P D t+2L are equal to +1 or −1 will allow us to determine s t (0) ⊕ s t−1 (0).
In Table 2 , we have listed possible scenarios for P D , we show it with "X" (i.e., the value is a "don't care").
The probability of occurrence for each scenario in the table is given in the right column. To calculate the listed probabilities, we assume the probability of P D c t = +1 or −1 is equal to the probability of P D The probability of P D c t =Ĉ is 1 − .467 = .533. Hence, the probability of scenario A is equal to the probability of P D c t = +1 or −1 and is therefore .233. The probability of scenario B is the probability of P D c t−L = +1 or −1 and P D c t =Ĉ, which is .233 × .533 = .124, where we have made the reasonable assumption that the power differences at times separated by L clock cycles are independent. For scenario C, the probability is calculated as .233 × .233 = .054, which is equal to the probability of P D Table 2 are calculated similarly.
All cases in the table are mutually exclusive; hence, the sum of the right column, which equals about .49, is the probability that one of the scenarios occurs. Therefore, we have about 80 × .49 ≈ 39 relationships of pairs of consecutive bits with high probability of correctness and we can guess the remaining 80−39 = 41 relationships.
Considering the scenarios of Table 2 , on average we would need about 55 P D c values with high probability in order to determine the 39 XOR relationships with high probability. This is explained as follows. If either scenario A or B occurs, (which will happen with a probability of .233+.124=.357), we need only one P D c with high Although, the first approach has higher complexity (2 45 operations), it requires fewer number of power samples (i.e., 16 × (5 × 80) = 6400 clock cycles of power samples for the 80-bit NLFSR). However, the second approach, with lower computational complexity (2 24 operations) needs more power samples (i.e., 200×(5×80) = 80000 samples).
Further Practical Issues
In this section, we discuss further practical issues, including the brief consideration of a typical D flip-flop construction for CMOS circuits.
Power Consumption of Another D Flip-flop Construction
In Fig. 5 , another D flip-flop construction targeted to CMOS is illustrated [16] .
This structure is often a preferred structure in CMOS circuits because of its low power consumption and fewer number of transistors. Using our simulation tools, we have obtained and plotted simulation results for power consumption for both rising (triggering) and falling (non-triggering) edges of this alternate D flip-flop structure.
These are presented in Fig. 6 and Fig. 7 , using a 20 ns transition time.
It can be seen that, as can be expected by examining the circuit operation, again there is dynamic power consumption on both the rising and falling clock edges. Utilizing the power difference categorization techniques of Section 5.1 resulted in measured power differences being correctly categorized 62% of the time for the rising edge and 50% of the time for the falling edge. Such probabilities are clearly better than the 37.5% probability of correctly categorizing if the power differences were randomly categorized and may therefore form the basis of a power analysis attack.
However, compared to probabilities of 84% and 68% (for rising and falling edges, respectively) for the D flip-flop of Fig. 2 , the correct categorization probability is substantially worse and the attack will not have as much success as the results discussed in Section 7. We conjecture that these poorer results occur because, as can be seen in Fig. 6 , the spikes of power consumption are narrow and occur at different points in time for the 0 to 1 and 1 to 0 changes. As a result, for this flipflop, the overall power consumption on a rising clock edge does not correlate well to the Hamming distance in the NLFSR data compared to the classical D flip-flop of Fig. 2 . In this paper, we have used the power consumption data generated from simulation of an NLFSR based constructed using the D flip-flop structure of Fig. 2 to illustrate the potential applicability of the attack.
Limitations of Simulated Power Values
In this section, we identify some of the further challenges that will occur in a practical realization of an attack on a CMOS circuit. For example, the instantaneous power consumption of a CMOS circuit will also be influenced by many factors other than the dynamic power consumption of the basic NLFSR circuit. Capacitances from circuit wiring, I/O pads, and decoupling capacitors will all contribute to modifying the timing of current drawn from the power supply. Added capacitive effects are likely to make distinguishing between rising and falling edge power consumption more challenging, particularly in high speed circuits.
Further, the CMOS circuit is likely to have other functionality executing at the same time as the NLFSR circuit. This will add further dynamic power consumption to the overall circuit and will obscure the power directly consumed by the NLFSR.
The attacker must understand the context of the circuit under analysis and find mechanisms to isolate the power consumed by only the NLFSR circuit. Finally, implementing an attack that relies on the instantaneous power associated with rising and falling clock edges requires precise timing of the power measurements. This may certainly be a challenge in a high speed circuit with a low clock period. As well, clock skew within the circuit may result in spreading out the contribution of power from individual flip-flops and making categorizations from the measured power differences to the theoretical power differences more inaccurate.
Although there are further practical issues to be considered when implementing an attack on real (rather than simulated) hardware, the results of this work clearly indicate that a simple power analysis attack has the potential to be applicable to practical scenarios where the idealized assumption relating measured power differences to the cipher data with perfect accuracy does not apply.
Conclusion
In this paper, we have proposed a simple power analysis of NLFSR, a component typically found in stream ciphers. Also, we consider power consumption of a typical CMOS D flip-flop and propose use of power samples at the falling (or non-triggering) edge of the clock for the analysis. Furthermore, we applied the analysis to an 80-bit NLFSR using simulated power trace data for a 180 nm CMOS circuit. We have shown that if we use falling edge and rising edge power consumption information and the proposed techniques in this paper, we can successfully analyze with high probability the NLFSR with computational complexity of about 2 45 operations using about 6400 power samples or 2 24 using about 80000 power samples. This is significantly less than the complexity of 2 80 for exhaustive search for the NLFSR state. These techniques apply equally to LFSRs.
These results indicate that practical implementation of stream ciphers based on either LFSRs and/or NLFSRs may be vulnerable to side channel attacks and that it is not a prerequisite of the attack that the assumption of idealized perfect mapping from power difference measurements to cipher data holds true. Hence, care must be taken to design implementations which do not leak power consumption information.
In future work, we intend to apply the analysis directly to the application of practical 
Appendix A. NLFSR Feedback Function
The feedback used for the 80-bit NLFSR in this paper is identical to the feedback used in the NLFSR of the stream cipher Grain v0 [15] and is given by: 
