On Hardware Implementation of Tang-Maitra Boolean Functions

In this paper, we investigate the hardware circuit complexity of the class of Boolean functions recently introduced by Tang and Maitra (IEEE-TIT 64(1): 393 402, 2018). While this class of functions has very good cryptographic properties, the exact hardware requirement is an immediate concern as noted in the paper itself. In this direction, we consider different circuit architectures based on finite field arithmetic and Boolean optimization. An estimation of the circuit complexity is provided for such functions given any input size n. We study different candidate architectures for implementing these functions, all based on the finite field arithmetic. We also show different implementations for both ASIC and FPGA, providing further analysis on the practical aspects of the functions in question and the relation between these implementations and the theoretical bound. The practical results show that the Tang-Maitra functions are quite competitive in terms of area, while still maintaining an acceptable level of throughput performance for both ASIC and FPGA implementations

Efficient Hardware Implementation for Maiorana-McFarland type Functions

Maiorana--McFarland type constructions are basically concatenating the truth tables of linear functions on a smaller number of variables to obtain highly nonlinear ones on larger inputs. Such functions and their different variants have significant applications in cryptology and coding theory. Straightforward hardware implementation of such functions may require exponential resources on the number of inputs. In this paper, we study such constructions in detail and provide implementation strategies for a selected subset of this class with polynomial many gates over the number of inputs. We demonstrate that such implementations cover the requirement of cryptographic primitives to a great extent. Several existing constructions are revisited in this direction and exact implementations are provided with specific depth and gate counts in the hardware implementation. Related combinatorial as well as circuit complexity-related results of theoretical nature are also analyzed in this regard. Finally we present a novel construction of a new class of balanced Boolean functions having very low absolute indicator and very high nonlinearity that can be implemented in polynomial circuit size over the number of inputs. In conclusion, we present that these constructions have immediate applications to resist the signature generation in Differential Fault Attack (DFA) and to implement functions on large number of variables in designing ciphers for the paradigm of Fully Homomorphic Encryption (FHE)

1-Resilient Boolean Functions on Even Variables with Almost Perfect Algebraic Immunity

Several factors (e.g., balancedness, good correlation immunity) are considered as important properties of Boolean functions for using in cryptographic primitives. A Boolean function is perfect algebraic immune if it is with perfect immunity against algebraic and fast algebraic attacks. There is an increasing interest in construction of Boolean function that is perfect algebraic immune combined with other characteristics, like resiliency. A resilient function is a balanced correlation-immune function. This paper uses bivariate representation of Boolean function and theory of finite field to construct a generalized and new class of Boolean functions on even variables by extending the Carlet-Feng functions. We show that the functions generated by this construction support cryptographic properties of 1-resiliency and (sub)optimal algebraic immunity and further propose the sufficient condition of achieving optimal algebraic immunity. Compared experimentally with Carlet-Feng functions and the functions constructed by the method of first-order concatenation existing in the literature on even (from 6 to 16) variables, these functions have better immunity against fast algebraic attacks. Implementation results also show that they are almost perfect algebraic immune functions

TOFU - Toggle Count Analysis made simple

Protection against physical attacks is a major requirement for cryptographic implementations running on devices which are accessible to an attacker. Side-channel attacks are the most common types of physical attacks, the most frequent side-channel is the device\u27s power consumption. In this work we propose a novel open-source tool called TOFU which synthesizes VCD simulation traces into power traces, with adjustable leakage models. Additionally, we propose a workflow which is only based on open-source tools. The functionality of TOFU and the proposed workflow was verified by a CPA of a AES hardware implementation. We also provide numbers for the required running time of TOFU for a trace synthesis with respect to the according VCD file size. Furthermore, we provide TOFU\u27s source code

Mathematical aspects of the design and security of block ciphers

Block ciphers constitute a major part of modern symmetric cryptography. A mathematical analysis is necessary to ensure the security of the cipher. In this thesis, I develop several new contributions for the analysis of block ciphers. I determine cryptographic properties of several special cryptographically interesting mappings like almost perfect nonlinear functions. I also give some new results both on the resistance of functions against differential-linear attacks as well as on the efficiency of implementation of certain block ciphers

Routing, Driven Placement for ATMEL 6000 Architecture FPGAs

Based on the concept of Cell Binary Tree (CBT), a new technique for mapping combination circuits into ATMEL 6000 Architecture FPGAs is presented in this thesis. Cell Binary Tree (CBT) is a net-list representation of combinational circuits. For each node of CBT there is a distinguished variable associated with it, the node itself represents a certain logic function, which is selected according to target FPGA architecture. The proposed CBT placement algorithms preserve local connectivity and allow better mapping into ATMEL FPGA. Experiments reveal that the new mapping technique achieved reduction in a number buses used for routing comparing with previously proposed Modified Squashed Binary Tree (MSBT) approach and possibly reduction of area as well. In general, the new technique is realized through following four major steps: 1. Grouping and generating CBT: This is a step to read blifformat file, which is the result of logic synthesis, into a CBT data structure through grouping algorithm, which is a process of gathering logic functions into nodes for mapping based on a targeted FPGA architecture. The main objective of creating CBT is to generate a minimum number of nodes (or cells) to be mapped. 2. CBT placement: Upon getting the minimum number of nodes in CBT to be mapped, the next step is to map those nodes into cells in FPGA. The significance of the placement method in this thesis is to lineup the cells with the same variable into the same row in the FPGA. 3. Bus Assignment: The process of assigning variables to local buses, which run in two possible directions; horizontal and vertical. ATMEL 6000 has two horizontal buses and two vertical buses for each cell. The assignment is based on the number of times a variable appears in a row or column. 4. Routing: The last stage of the process is the connecting cells which have the same input variable. One of the important steps in the routing process is to choose connection bridge cells with the minimum impact on the area

Software development of reconfigurable real-time systems : from specification to implementation

This thesis deals with reconfigurable real-time systems solving real-time tasks scheduling problems in a mono-core and multi-core architectures. The main focus in this thesis is on providing guidelines, methods, and tools for the synthesis of feasible reconfigurable real-time systems in a mono-processor and multi-processor architectures. The development of these systems faces various challenges particularly in terms of stability, energy consumption, response and blocking time. To address this problem, we propose in this work a new strategy of i) placement and scheduling of tasks to execute real-time applications on mono-core and multi-core architectures, ii) optimization step based on Mixed integer linear programming (MILP), and iii) guidance tool that assists designers to implement a feasible multi-core reconfigurable real-time from specification level to implementation level. We apply and simulate the contribution to a case study, and compare the proposed results with related works in order to show the originality of this methodology.Echtzeitsysteme laufen unter harten Bedingungen an ihre Ausführungszeit. Die Einhaltung der Echtzeit-Bedingungen bestimmt die Zuverlässigkeit und Genauigkeit dieser Systeme. Neben den Echtzeit-Bedingungen müssen rekonfigurierbare Echtzeitsysteme zusätzliche Rekonfigurations-Bedingungen erfüllen. Diese Arbeit beschäftigt sich mit rekonfigurierbaren Echtzeitsystemen in Mono- und Multicore-Architekturen. An die Entwicklung dieser Systeme sind verschiedene Anforderungen gestellt. Insbesondere muss die Rekonfigurierbarkeit beachtet werden. Dabei sind aber Echtzeit-Bedingungen und Ressourcenbeschränkungen weiterhin zu beachten. Darüber hinaus werden die Kosten für die Entwicklung dieser Systeme insbesondere durch falsche Designentscheidungen in den frühen Phasen der Entwicklung stark beeinträchtigt. Das Hauptziel in dieser Arbeit liegt deshalb auf der Bereitstellung von Handlungsempfehlungen, Methoden und Werkzeugen für die zielgerichtete Entwicklung von realisierbaren rekonfigurierbaren Echtzeitsystemen in Mono- und Multicore-Architekturen. Um diese Herausforderungen zu adressieren wird eine neue Strategie vorgeschlagen, die 1) die Funktionsallokation, 2) die Platzierung und das Scheduling von Tasks, 3) einen Optimierungsschritt auf der Basis von Mixed Integer Linear Programming (MILP) und 4) eine entscheidungsunterstützende Lösung umfasst, die den Designern hilft, eine realisierbare rekonfigurierbare Echtzeitlösung von der Spezifikationsebene bis zur Implementierungsebene zu entwickeln. Die vorgeschlagene Methodik wird auf eine Fallstudie angewendet und mit verwandten Arbeiten vergliche

Density functionals and Kohn-Sham potentials with minimal wavefunction preparations on a quantum computer

One of the potential applications of a quantum computer is solving quantum chemical systems. It is known that one of the fastest ways to obtain somewhat accurate solutions classically is to use approximations of density functional theory. We demonstrate a general method for obtaining the exact functional as a machine learned model from a sufficiently powerful quantum computer. Only existing assumptions for the current feasibility of solutions on the quantum computer are used. Several known algorithms including quantum phase estimation, quantum amplitude estimation, and quantum gradient methods are used to train a machine learned model. One advantage of this combination of algorithms is that the quantum wavefunction does not need to be completely re-prepared at each step, lowering a sizable pre-factor. Using the assumptions for solutions of the ground-state algorithms on a quantum computer, we demonstrate that finding the Kohn-Sham potential is not necessarily more difficult than the ground state density. Once constructed, a classical user can use the resulting machine learned functional to solve for the ground state of a system self-consistently, provided the machine learned approximation is accurate enough for the input system. It is also demonstrated how the classical user can access commonly used time- and temperature-dependent approximations from the ground state model. Minor modifications to the algorithm can learn other types of functional theories including exact time- and temperature-dependence. Several other algorithms--including quantum machine learning--are demonstrated to be impractical in the general case for this problem.Comment: 27 pages, 4 figure

C-DIFFERENTIALS AND GENERALIZED CRYPTOGRAPHIC PROPERTIES OF VECTORIAL BOOLEAN AND P-ARY FUNCTIONS

This dissertation investigates a newly defined cryptographic differential, called a c-differential, and its relevance to the nonlinear substitution boxes of modern symmetric block ciphers. We generalize the notions of perfect nonlinearity, bentness, and avalanche characteristics of vectorial Boolean and p-ary functions using the c-derivative and a new autocorrelation function, while capturing the original definitions as special cases (i.e., when c=1). We investigate the c-differential uniformity property of the inverse function over finite fields under several extended affine transformations. We demonstrate that c-differential properties do not hold in general across equivalence classes typically used in Boolean function analysis, and in some cases change significantly under slight perturbations. Thus, choosing certain affine equivalent functions that are easy to implement in hardware or software without checking their c-differential properties could potentially expose an encryption scheme to risk if a c-differential attack method is ever realized. We also extend the c-derivative and c-differential uniformity into higher order, investigate some of their properties, and analyze the behavior of the inverse function's second order c-differential uniformity. Finally, we analyze the substitution boxes of some recognizable ciphers along with certain extended affine equivalent variations and document their performance under c-differential uniformity.Commander, United States NavyApproved for public release. Distribution is unlimited

Dynamic S-Box and PWLCM-Based Robust Watermarking Scheme

Due to the increased number of cyberattacks, numerous researchers are motivated towards the design of such schemes that can hide digital information in a signal. Watermarking is one of the promising technologies that can protect digital information. However, traditional watermarking schemes are either slow or less secure. In this paper, a dynamic S-Box based efficient watermarking scheme is presented. The original image was extracted at the receiver’s end without any loss of sensitive information. Firstly, the Secure Hash Algorithm is applied to the original image for the generation of the initial condition. Piece Wise Linear Chaotic Map is then used to generate 16 × 16 dynamic Substitution Box (S-Box). As an additional security feature, the watermark is substituted through dynamic S-Box. Hence, it is hard for the eavesdroppers to attack the proposed scheme due to the dynamic nature of S-Box. Lastly, lifting wavelet transform is applied to the host image and the High Low and High High blocks of host image are replaced with least significant bits and most significant bits of the substituted watermark, respectively. Robustness, efficiency and security of the proposed scheme is verified using Structure Similarity Index, Structure Dissimilarity Index, Structure Content, Mutual Information, energy, entropy, correlation tests and classical attacks analysis