Theory of current-driven motion of Skyrmions and spirals in helical magnets

We study theoretically the dynamics of the spin textures, i.e., Skyrmion crystal (SkX) and spiral structure (SS), in two-dimensional helical magnets under external current. By numerically solving the Landau-Lifshitz-Gilbert equation, it is found that (i) the critical current density of the motion is much lower for SkX compared with SS in agreement with the recent experiment, (ii) there is no intrinsic pinning effect for SkX and the deformation of the internal structure of Skyrmion reduces the pinning effect dramatically, (iii) the Bragg intensity of SkX shows strong time-dependence as can be observed by neutron scattering experiment.Comment: 4 pages, 3 figure

Room temperature chiral magnetic skyrmion in ultrathin magnetic nanostructures

Magnetic skyrmions are chiral spin structures with a whirling configuration. Their topological properties, nanometer size and the fact that they can be moved by small current densities have opened a new paradigm for the manipulation of magnetisation at the nanoscale. To date, chiral skyrmion structures have been experimentally demonstrated only in bulk materials and in epitaxial ultrathin films and under external magnetic field or at low temperature. Here, we report on the observation of stable skyrmions in sputtered ultrathin Pt/Co/MgO nanostructures, at room temperature and zero applied magnetic field. We use high lateral resolution X-ray magnetic circular dichroism microscopy to image their chiral N\'eel internal structure which we explain as due to the large strength of the Dzyaloshinskii-Moriya interaction as revealed by spin wave spectroscopy measurements. Our results are substantiated by micromagnetic simulations and numerical models, which allow the identification of the physical mechanisms governing the size and stability of the skyrmions.Comment: Submitted version. Extended version to appear in Nature Nanotechnolog

Implementing Lightweight Block Ciphers on x86 Architectures

Abstract. Lightweight block ciphers are designed so as to fit into very constrained environments, but usually not really with software performance in mind. For classical lightweight applications where many constrained devices communicate with a server, it is also crucial that the cipher has good software performance on the server side. Recent work has shown that bitslice implementations applied to Piccolo and PRESENT led to very good software speeds, thus making lightweight ciphers interesting for cloud applications. However, we remark that bitslice implementations might not be interesting for some situations, where the amount of data to be enciphered at a time is usually small, and very little work has been done on non-bitslice implementations. In this article, we explore general software implementations of lightweight ciphers on x86 architectures, with a special focus on LED, Piccolo and PRESENT. First, we analyze table-based implementations, and we provide a theoretical model to predict the behavior of various possible trade-offs depending on the processor cache latency profile. We obtain the fastest table-based implementations for our lightweight ciphers, which is of interest for legacy processors. Secondly, we apply to our portfolio of primitives the vperm implementation trick for 4-bit Sboxes, which gives good performance, extra side-channels protection, and is quite fit for many lightweight primitives. Finally, we investigate bitslice implementations, analyzing various costs which are usually neglected (bitsliced form (un)packing, key schedule, etc.), but that must be taken in account for many lightweight applications. We finally discuss which type of implementation seems to be the best suited depending on the applications profile

Differential Analysis of Block Ciphers SIMON and SPECK

In this paper we continue the previous line of research on the analysis of the differential properties of the lightweight block ciphers Simon and Speck. We apply a recently proposed technique for automatic search for differential trails in ARX ciphers and improve the trails in Simon32 and Simon48 previously reported as best. We further extend the search technique for the case of differen- tials and improve the best previously reported differentials on Simon32, Simon48 and Simon64 by exploiting more effectively the strong differential effect of the cipher. We also present improved trails and differentials on Speck32, Speck48 and Speck64. Using these new results we improve the currently best known attacks on several versions of Simon and Speck. A second major contribution of the paper is a graph based algorithm (linear time) for the computation of the exact differential probability of the main building block of Simon: an AND operation preceded by two bitwise shift operations. This gives us a better insight into the differential property of the Simon round function and differential effect in the cipher. Our algorithm is general and works for any rotation constants. The presented techniques are generic and are therefore applicable to a broader class of ARX designs

Design and Reliability Performance Evaluation of Network Coding Schemes for Lossy Wireless Networks

This thesis investigates lossy wireless networks, which are wireless communication networks consisting of lossy wireless links, where the packet transmission via a lossy wireless link is successful with a certain value of probability. In particular, this thesis analyses all-to-all broadcast in lossy wireless networks, where every node has a native packet to transmit to all other nodes in the network. A challenge of all-to-all broadcast in lossy wireless networks is the reliability, which is defined as the probability that every node in the network successfully obtains a copy of the native packets of all other nodes. In this thesis, two novel network coding schemes are proposed, which are the neighbour network coding scheme and the random neighbour network coding scheme. In the two proposed network coding schemes, a node may perform a bit-wise exclusive or (XOR) operation to combine the native packet of itself and the native packet of its neighbour, called the coding neighbour, into an XOR coded packet. The reliability of all-to-all broadcast under both the proposed network coding schemes is investigated analytically using Markov chains. It is shown that the reliability of all-to-all broadcast can be improved considerably by employing the proposed network coding schemes, compared with non-coded networks with the same link conditions, i.e. same probabilities of successful packet transmission via wireless channels. Further, the proposed schemes take the link conditions of each node into account to maximise the reliability of a given network. To be more precise, the first scheme proposes the optimal coding neighbour selection method while the second scheme introduces a tuning parameter to control the probability that a node performs network coding at each transmission. The observation that channel condition can have a significant impact on the performance of network coding schemes is expected to be applicable to other network coding schemes for lossy wireless networks

A General Framework for the Related-key Linear Attack against Block Ciphers with Linear Key Schedules

We present a general framework for the related-key linear attack that can be applied to iterative block ciphers with linear key schedules. The attack utilizes a newly introduced related-key linear approximation that is obtained directly from a linear trail. The attack makes use of a known related-key data consisting of triplets of a plaintext, a ciphertext, and a key difference such that the ciphertext is the encrypted value of the plaintext under the key that is the xor of the key to be recovered and the specified key difference. If such a block cipher has a linear trail with linear correlation \epsilon, it admits attacks with related-key data of size \epsilon^{-2} just as in the case of classical Matsui\u27s Algorithms. But since the attack makes use of a related-key data, the attacker can use a linear trail with the squared correlation less than 2^{-n}, n being the block size, in case the key size is larger than n. Moreover, the standard key hypotheses seem to be appropriate even when the trail is not dominant as validated by experiments. The attack can be applied in two ways. First, using a linear trail with squared correlation smaller than 2^{-n}, one can get an effective attack covering more rounds than existing attacks against some ciphers, such as Simon48/96, Simon64/128 and Simon128/256. Secondly, using a trail with large squared correlation, one can use related-key data for key recovery even when the data is not suitable for existing linear attacks

Known-key Distinguisher on Full PRESENT

In this article, we analyse the known-key security of the standardized PRESENT lightweight block cipher. Namely, we propose a known-key distinguisher on the full PRESENT, both 80- and 128-bit key versions. We first leverage the very latest advances in differential cryptanalysis on PRESENT, which are as strong as the best linear cryptanalysis in terms of number of attacked rounds. Differential properties are much easier to handle for a known-key distinguisher than linear properties, and we use a bias on the number of collisions on some predetermined input/output bits as distinguishing property. In order to reach the full PRESENT, we eventually introduce a new meet-in-the-middle layer to propagate the differential properties as far as possible. Our techniques have been implemented and verified on the small scale variant of PRESENT. While the known-key security model is very generous with the attacker, it makes sense in practice since PRESENT has been proposed as basic building block to design lightweight hash functions, where no secret is manipulated. Our distinguisher can for example apply to the compression function obtained by placing PRESENT in a Davies-Meyer mode. We emphasize that this is the very first attack that can reach the full number of rounds of the PRESENT block cipher

Constructing TI-Friendly Substitution Boxes Using Shift-Invariant Permutations

The threat posed by side channels requires ciphers that can be efficiently protected in both software and hardware against such attacks. In this paper, we proposed a novel Sbox construction based on iterations of shift-invariant quadratic permutations and linear diffusions. Owing to the selected quadratic permutations, all of our Sboxes enable uniform 3-share threshold implementations, which provide first order SCA protections without any fresh randomness. More importantly, because of the shift-invariant property, there are ample implementation trade-offs available, in software as well as hardware. We provide implementation results (software and hardware) for a four-bit and an eight-bit Sbox, which confirm that our constructions are competitive and can be easily adapted to various platforms as claimed. We have successfully verified their resistance to first order attacks based on real acquisitions. Because there are very few studies focusing on software-based threshold implementations, our software implementations might be of independent interest in this regard

A MAC Mode for Lightweight Block Ciphers

status: accepte