Feedback Polynomial Research Articles

Filter generators with increased resistance against algebraic attacks

Filter generators form one of the best known and most studied classes of key stream generators used in synchronous stream ciphers. Each such generator consists of a binary linear shift register with a primitive feedback polynomial and a nonlinear Boolean function, which has a number of requirements related to the condition of generator security against known attacks. One such requirement is the high algebraic immunity of the generator's filter function; this parameter characterises security filter generator against modern algebraic attacks. In certain cases, this requirement is too restrictive in sense of practicality, as it increases the computational or circuit complexity of the key stream generation algorithm. This makes the actuality of increasing the resistance of filter generators with fixed filter functions, that have limited (low) algebraic immunity. The paper proposes to solve this problem by modifying the feedback function of the linear shift register. the security of the proposed generators against algebraic attacks is investigated and is shown that (under certain natural conditions) such generators are more secure at the same initial state length as compared to traditional filter generators. The proposed solution seems to be useful for practical application in advanced hardware-oriented stream ciphers design.

Joint Blind Reconstruction of the Cyclic Codes and Self-Synchronous Scramblers in a Noisy Environment

Reverse analysis of the intercepted signal to reconstruct the communication scheme used by the transmitter is a key problem in the non-cooperative context. In this paper, we propose a new algorithm for the joint blind reconstruction of the cyclic codes and self-synchronous scramblers directly using soft-decision sequences. First, we derive the conclusion that if the parity polynomial of the factor of the generator polynomial of the cyclic code and the feedback polynomial of the self-synchronous scrambler are multiplied, then the vector corresponding to the inverse polynomial of this product forms a parity-check relation with the row vector of the self-synchronously scrambled cyclic code bit matrix, which is constructed by the sequence of self-synchronously scrambled cyclic codes. To detect this parity-check relation, the concept of average parity-check probability (APCP) is defined, which uses the intercepted soft-decision sequence to measure the reliability of the parity-check relation. An optimal threshold based on the minimum error criterion is then derived. When the APCP is greater than this optimal threshold, the parity-check relation is considered to be detected, i.e., the corresponding irreducible polynomial is a factor of the generator polynomial of the cyclic code and the corresponding candidate feedback polynomial is the feedback polynomial of the self-synchronous scrambler. Therefore, the blind reconstruction problem in this paper is exactly equivalent to the hypothesis-testing problem. Simulation results show that the algorithm is more fault-tolerant than existing algorithms in noisy environments.

Joint blind reconstruction of cyclic codes and self‐synchronous scramblers

AbstractThe inverse analysis of the intercepted signals to reconstruct the communication scheme used by the transmitter is a key problem in the non‐cooperative context. In this paper, the problem of blind reconstruction of cyclic codes and self‐synchronous scramblers is considered. There is no existing solution to this problem. To solve this problem, a joint blind reconstruction method for cyclic codes and self‐synchronous scramblers is proposed in this paper. A lemma is proposed and proved theoretically that the maximum common factor of the inverse polynomial of the polynomial form of the dual vectors of the self‐synchronous scrambled bit matrix is the product of the parity polynomial of the cyclic code and the feedback polynomial of the self‐synchronous scrambler. Using this lemma, the joint blind reconstruction of the cyclic code and the self‐synchronous scrambler is completed. Finally, a Gaussian elimination based on random column exchange and soft information (GERCESI) method is proposed, which can apply the proposed method to a noisy environment. Simulations prove that the fault‐tolerance performance of the GERCESI method proposed in this paper is at least 0.5 dB higher than that of the GJETP method.

A Closer Look at the Chaotic Ring Oscillators based TRNG Design

TRNG is an essential component for security applications. A vulnerable TRNG could be exploited to facilitate potential attacks or be related to a reduced key space, and eventually results in a compromised cryptographic system. A digital FIRO-/GARO-based TRNG with high throughput and high entropy rate was introduced by Jovan Dj. Golic (TC’06). However, the fact that periodic oscillation is a main failure of FIRO-/GARO-based TRNGs is noticed in the paper (Markus Dichtl, ePrint’15). We verify this problem and estimate the consequential entropy loss using Lyapunov exponents and the test suite of the NIST SP 800-90B standard. To address the problem of periodic oscillations, we propose several implementation guidelines based on a gate-level model, a design methodology to build a reliable GARO-based TRNG, and an online test to improve the robustness of FIRO-/GARO-based TRNGs. The gate-level implementation guidelines illustrate the causes of periodic oscillations, which are verified by actual implementation and bifurcation diagram. Based on the design methodology, a suitable feedback polynomial can be selected by evaluating the feedback polynomials. The analysis and understanding of periodic oscillation and FIRO-/GARO-based TRNGs are deepened by delay adjustment. A TRNG with the selected feedback polynomial may occasionally enter periodic oscillations, due to active attacks and the delay inconstancy of implementations. This inconstancy might be caused by self-heating, temperature and voltage fluctuation, and the process variation among different silicon chips. Thus, an online test module, as one indispensable component of TRNGs, is proposed to detect periodic oscillations. The detected periodic oscillation can be eliminated by adjusting feedback polynomial or delays to improve the robustness. The online test module is composed of a lightweight and responsive detector with a high detection rate, outperforming the existing detector design and statistical tests. The areas, power consumptions and frequencies are evaluated based on the ASIC implementations of a GARO, the sampling circuit and the online test module. The gate-level implementation guidelines promote the future establishment of the stochastic model of FIRO-/GARO-based TRNGs with a deeper understanding.

Novel Algorithm for Blind Estimation of Scramblers in DSSS Systems

In this paper, we propose a novel algorithm for blind estimation of a linear scrambler, which is a synchronous scrambler or a self-synchronous scrambler, in direct sequence spread spectrum systems and analyze its estimation performance. We first examine the statistics considering the linearity of the scrambled data and the repetition property of the spreading code. Based on this, we then propose an improved estimation algorithm for the feedback polynomial of the linear scrambler constituting a search process and a verification process of feedback polynomial candidates to determine the correct feedback polynomial of the scrambler. To validate the proposed algorithm, we show through computer simulations that the proposed algorithm outperforms the conventional algorithm in terms of estimation performance.

Blind identification of feedback polynomials for synchronous scramblers in a noisy environment

Blind identification of feedback polynomials for synchronous scramblers in a noisy environment

FLAM-PUF: A Response–Feedback-Based Lightweight Anti-Machine-Learning-Attack PUF

Physical unclonable functions (PUFs) have been adopted in many resource-constrained Internet of Things (IoT) applications to provide effective and lightweight solutions for device authentication. However, an attacker can collect challenge–response pairs (CRPs) of a strong PUF, to build a machine learning (ML) model and mimic its behavior, i.e., predicting the responses of unseen challenges with high accuracy. Although several PUFs have been proposed to resist such modeling attacks, they incur high hardware overhead. Developing a PUF primitive with low hardware cost and high resistance to ML attacks is thus a crucial task. In this article, we propose the first response–feedback-based lightweight anti-ML-attack PUF (FLAM-PUF). It is only composed of one arbiter PUF (APUF) and one Galois linear-feedback shift register (LFSR), with some basic logic gates, reducing more than 62% hardware cost compared with the state-of-the-art robust strong PUFs. Specifically, FLAM-PUF leverages a cost-effective feedback loop structure to dynamically control and update the LFSR configuration. FLAM-PUF has two main characteristics: 1) it feeds back a 1-bit response in every cycle to intentionally poison the data of the CRP set for training. To resist ML-based modeling attacks, the 1-bit response can randomly update one coefficient of the feedback polynomial to implant more complex correlations into the model built by attackers and 2) it takes advantage of an <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"> <tex-math notation="LaTeX">$n-$ </tex-math></inline-formula> bit response feedback-controlled reconfigurable Galois LFSR to enlarge the original challenge space of the APUF. Extensive experimental results show that the proposed FLAM-PUF achieves near-optimal uniformity, uniqueness, and reliability. Our scheme works well under standard attack models with public crucial initial information. In particular, the prediction accuracy of modeling attacks against FLAM-PUF is nearly 50% under the four widely used ML algorithms, i.e., support vector machines (SVMs), logistic regression (LR), covariance matrix adaptation evolution strategy (CMA-ES), and deep neural networks (DNNs), indicating excellent resistance against these ML attacks.

Weak-keys and key-recovery attack for text{ TinyJAMBU }

In this paper, we study NIST lightweight 3rd round candidate text{ TinyJAMBU }. The core component of text{ TinyJAMBU } is the keyed permutation mathcal {P}_n, which is based on a non-linear feedback shift register. By analysing this permutation carefully, we are able to find good cubes that are used to build distinguishers in the weak-key setting. In particular, we show that there are at least 2^{108} keys for which TinyJAMBU can be distinguished from a random source for up to 476 rounds. These distinguishers outperform the best-known distinguishers, which were proposed in ‘Scientific Reports - Nature’ by Teng et al. We are the first to study the exact degree of the feedback polynomial mathcal {P}_n in the nonce variables. This helped us in concluding that text{ TinyJAMBU } with more than 445 rounds is secure against distinguishers using 32 sized cubes in the normal setting. Finally, we give new key-recovery attacks against text{ TinyJAMBU } using the concepts of monomial trail presented by Hu et al. at ASIACRYPT 2020. Our attacks are unlikely to jeopardise the security of the entire 640 rounds text{ TinyJAMBU }, but we strongly anticipate that they will shed new lights on the cipher’s security.

Fast reconstruction of feedback polynomials for synchronous scramblers in a noisy environment

Fast reconstruction of feedback polynomials for synchronous scramblers in a noisy environment

Bent functions in the partial spread class generated by linear recurring sequences

We present a construction of partial spread bent functions using subspaces generated by linear recurring sequences (LRS). We first show that the kernels of the linear mappings defined by two LRS have a trivial intersection if and only if their feedback polynomials are relatively prime. Then, we characterize the appropriate parameters for a family of pairwise coprime polynomials to generate a partial spread required for the support of a bent function, showing that such families exist if and only if the degrees of the underlying polynomials are either 1 or 2. We then count the resulting sets of polynomials and prove that, for degree 1, our LRS construction coincides with the Desarguesian partial spread. Finally, we perform a computer search of all mathcal{PS}mathcal{}^- and mathcal{PS}mathcal{}^+ bent functions of n=8 variables generated by our construction and compute their 2-ranks. The results show that many of these functions defined by polynomials of degree d=2 are not EA-equivalent to any Maiorana–McFarland or Desarguesian partial spread function.

Reconstruction of a Synchronous Scrambler Based on Average Check Conformity

Channel coding technology is indispensable in digital communication systems. In noncooperative contexts, the identification of the channel codes of the synchronous scrambler is essential. In this paper, a new algorithm that directly uses a soft decision sequence for blind reconstruction of the synchronous scrambler is proposed. First, considering imbalanced signal sources and the principle of scrambling and descrambling the synchronous scrambler, the error-containing equation of the synchronous scrambler is established. Second, the average check conformity is introduced to complete the check relationship detection. Then, based on the statistical characteristics of the average check conformity, the corresponding discrimination threshold is established, and the reconstruction of the feedback polynomial of the synchronous scrambler is completed by traversing the possible primitive polynomials. Finally, the verification equation is determined by the method of subsection optimization, which greatly reduces the number of initial states that need to be traversed; this is critical for scramblers with high-order feedback polynomials (i.e., when the order of the feedback polynomial is greater than 15). Simulations show that the algorithm can effectively reconstruct the synchronous scrambler under imbalanced signal sources. Moreover, the proposed algorithm offers improved performance with about 1–2 dB gain at low signal-to-noise ratios compared with existing methods, and its computational complexity is reasonable.

PENERAPAN LOGIKA ALGORITMA PADA PROTOTIPE DATA BINER UNTUK GENERATOR KARTU FPGA

The LFSR-based binary data sequence generator technique is used in various cryptographic applications and to design encoders / decoders in different communication channels. It is more important to test and verify by implementing on any hardware to get better effective results. Since FPGA is used to implement logical functions for faster prototype development, the existing LFSR design in the FPGA needs to be implemented to test and verify simulation and synthesis results between different lengths. The total number of random states generated in the LFSR depends on the feedback polynomial. The binary data generator is implemented using the LFSR shift register. This is a 23-bit shift register. The Random Number Generator allows you to generate random numbers of any length. The maximum length is 223−1

Security and Efficiency of Linear Feedback Shift Registers in GF(2n) Using n-Bit Grouped Operations

Many stream ciphers employ linear feedback shift registers (LFSRs) to generate pseudorandom sequences. Many recent LFSRs are defined in GF(2n) to take advantage of the n-bit processors, instead of using the classic binary field. In this way, the bit generation rate increases at the expense of a higher complexity in computations. For this reason, only certain primitive polynomials in GF(2n) are used as feedback polynomials in real ciphers. In this article, we present an efficient implementation of the LFSRs defined in GF(2n). The efficiency is achieved by using equivalent binary LFSRs in combination with binary n-bit grouped operations, n being the processor word’s length. This improvement affects the general considerations about the security of cryptographic systems that uses LFSR. The model also allows the development of a faster method to test the primitiveness of polynomials in GF(2n).

Investigating the discrepancy property of de Bruijn sequences

The discrepancy of a binary string refers to the maximum (absolute) difference between the number of ones and the number of zeroes over all possible substrings of the given binary string. We provide an investigation of the discrepancy of over a dozen simple constructions of de Bruijn sequences as well as de Bruijn sequences based on linear feedback shift registers whose feedback polynomials are primitive. Furthermore, we demonstrate constructions that attain the lower bound of Θ(n) and a new construction that attains the previously known upper bound of Θ(2nn). This extends the work of Cooper and Heitsch [Discrete Mathematics, 310 (2010)].

Blind Estimation of Self-Synchronous Scrambler Using Orthogonal Complement Space in DSSS Systems

In a non-cooperative context, a receiver has to estimate the communication parameters without any prior knowledge of the transmitter, which is highly demanding. Estimating a self-synchronous scrambler is even more challenging because the scrambling sequence of the self-synchronous scrambler is affected by the input sequence. This paper proposes an improved algorithm for blind estimation of a self-synchronous scrambler using the orthogonal property without any bias condition of the received signals in direct sequence spread spectrum (DSSS) systems. We first examine the linear relation of a scrambling sequence using the repetitive property of the spreading code used in a DSSS system. Using the obtained linear relation and the basis of the orthogonal complement space, we then acquire the feedback polynomial candidates of the scrambler. Finally, by calculating the greatest common divisor polynomial of the feedback polynomial candidates, we estimate the correct feedback polynomial. Through computer simulations, we verify that the proposed method achieves superior estimation performance compared to the existing method. Furthermore, we show that the proposed method has practically acceptable computational complexity. For these reasons, it is expected that the proposed method can be applied to blind estimation of a self-synchronous scrambler in a practical non-cooperative system.

Area-Efficient Universal Code Generator for Multi-GNSS Receivers

Although conventional global navigation satellite systems (GNSS) receivers were originally designed for single signals, studies on multi-signal receiver design have recently been actively conducted to achieve high accuracy, precision, and reliability. However, in order for a multi-signal receiver to support various codes, the receiver should support the generation of individual codes. Therefore, the resulting problem of increased complexity must be solved. This paper proposes a hardware structure for an area-efficient linear feedback shift register (LFSR)-based multi-frequency universal code generator. Whereas the existing universal code generators were configured so that feedback polynomials, output registers, and initial values can be selected by placing read-only memories (ROMs), multiplexers (MUXs), and exclusive ORs (XORs) by register bit, in the case of the proposed universal code generator; the circuit was implemented by applying the hardwiring technique to those register bits that have fixed values. According to the results of field programmable gate array (FPGA) implementation, the proposed LFSR-based universal code generator can improve look up table (LUT) by up to 37% and register by up to 78% when compared to conventional code generators, and LUT by up to 36% when compared to the previous universal code generator. Therefore, the proposed universal code generator is a good candidate for implementing multi-frequency receivers to achieve high precision and high reliability.

Design of Lightweight and Configurable Strong Physical Unclonable Function

<p indent="0mm">To solve the problem that the physical unclonable function (PUF) structure is simple and vulnerable to modeling attacks, a strong PUF anti-attack obfuscation design based on linear feedback shift register (LFSR) is proposed. First, a fixed structure LFSR is used as a pseudo-random number generator to provide a random selection signal for the obfuscation logic. Then, a dynamic LFSR with multiple feedback polynomials is used as the obfuscation logic to obfuscate origin challenges. Finally, obfuscated challenges are loaded into the embedded PUF circuit so that the attacker cannot obtain real challenges. It improves the resistance of the PUF to modeling attacks. The proposed design is simulated by Python and FPGA. Experiments on the collected dataset show that the proposed PUF has ideal uniformity (49.8%) and uniqueness (49.9%) and keeps the same reliability. It has simple architecture and low hardware overhead and can resist a variety of modeling attacks including machine learning and deep learning.

Design of a 1.9 GHz low-power LFSR Circuit using the Reed-Solomon Algorithm for Pseudo-Random Test Pattern Generation

A linear feedback shift register (LFSR) has been frequently used in the Built-in Self-Test (BIST) designs for the pseudo-random test pattern generation. The higher volume of the test patterns and the lower test power consumption are the key features in the large complex designs. The motivation of this study is to generate efficient pseudo-random test patterns by the proposed LFSR and to be applied in the BIST designs. For the BIST designs, the proposed LFSR satisfied with the main strategies such as re-seeding and lesser test power consumption. However, the reseeding approach was utilized by the maximum-length pseudo-random test patterns. The objective of this paper is to propose a new LFSR circuit based on the proposed Reed-Solomon (RS) algorithm. The RS algorithm is created by considering the factors of the maximum length test patterns with a minimum distance over the time t. Also, it has been achieved an effective generation of test patterns over a stage of complexity order O (m log2 m), where m denotes the total number of message bits. We analysed our RS LFSR mathematically using the feedback polynomial function to decrease the area overhead occupied in the designs. The simulation works of the proposed RS LFSR bit-wise stages are simulated using the TSMC 130 nm on the Mentor Graphics IC design platform. Experimental results showed that the proposed LFSR achieved the effective pseudo-random test patterns with a lower test power consumption of 25.13 µW and 49.9 µs. In addition, proposed LFSR along with existing authors’ LFSR are applied in the BIST design to examine their power consumption. Ultimately, overall simulations operated with the highest operating frequency environment as 1.9 GHz.

Static Output-Feedback Tracking Control for Positive Polynomial Fuzzy Systems

Nonlinear positive control system can be found in many real-world applications but the positivity requirements lead to challenges in system analysis and control design. In this article, we approach the problem by fuzzy-model-based control techniques and overcome some challenges including transforming the nonconvexity conditions when both positive and stability conditions exist into convexity conditions that can be solved by the convex programming techniques. This article focuses on the static output-feedback tracking control issue of positive polynomial fuzzy-model-based systems. The purpose of the tracking control is to design an appropriate static output feedback polynomial fuzzy controller which can drive the system states of the nonlinear plant to follow those of a stable reference model subject to an <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$H_\infty$</tex-math></inline-formula> performance. The concept of imperfectly matched premises is employed to enhance the design and implementation flexibility. To circumvent the problem of nonconvex stability conditions, an approach is employed to transform the nonconvex stability conditions into convex ones by introducing a novel scalar implantation transformation technique. Besides, the partition approximation of membership functions with local information of membership functions is used to promote stability analysis and synthesis of controllers. The positive and relaxed stability conditions for static output-feedback tracking control with <inline-formula xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink"><tex-math notation="LaTeX">$H_\infty$</tex-math></inline-formula> performance being taken into account are obtained in terms of sum-of-squares. Finally, a simulation example is presented to verify the effectiveness of the proposed tracking control approach.

Blind Estimation of Self-Synchronous Scrambler in DSSS Systems

Self-synchronous scramblers are more difficult to blindly estimate than synchronous scramblers because their input sequence affects the state of the scrambler's linear feedback shift register. There has been much research on the estimation of synchronous scramblers and relatively little on the estimation of self-synchronous scramblers. For non-cooperative contexts, this paper proposes a method for the estimation of a self-synchronous scrambler in direct sequence spread spectrum systems. We blindly estimate the self-synchronous scrambling parameter, the feedback polynomial, using the repeated patterns by a spreading code, the linearity between the bits in a scrambling sequence, and the coidentity of the self-synchronous scrambled sequence and the linear feedback shift register states. To validate the proposed method, we show the estimation performance in terms of the computational complexity, required minimum scrambled sequence length, execution time, and detection probability.