Maire O'Neill

FPGA Implementations of the Round Two SHA-3 Candidates

The second round of the NIST-run public competition is underway to find a new hash algorithm(s) for inclusion in the NIST Secure Hash Standard (SHA-3). This paper presents the full implementations of all of the second round candidates in hardware with all of their variants. In order to determine their computational efficiency, an important aspect in NISTs round two evaluation criteria, this paper gives an area/speed comparison of each design both with and without a hardware interface, thereby giving an overall impression of their performance in resource constrained and resource abundant environments. The implementation results are provided for a Virtex-5 FPGA device. The efficiency of the architectures for the hash functions are compared in terms of throughput per unit area.

Are QCA cryptographic circuits resistant to power analysis attack

Quantum-dot cellular automata (QCA) technology is expected to offer fast computation performance, high density, and low power consumption. Thus, researchers believe that QCA may be an attractive alternative to CMOS for future digital designs. Side channel attacks, such as power analysis attacks, have become a significant threat to the security of CMOS cryptographic circuits. A power analysis attack can reveal the secret key from measurements of the power consumption during the encryption and decryption process. As there is no electric current flow in QCA technology, the power consumption of QCA circuits is extremely low when compared to their CMOS counterparts. Therefore, in this paper an investigation into both the best and worst case scenarios for attackers is carried out to ascertain if QCA circuits are immune to power analysis attack. A QCA design of a submodule of the Serpent cipher is proposed. In comparison to a previous design, the proposed design is more efficient in terms of complexity, area, and latency. By using an upper bound power model, the first power analysis attack of a QCA cryptographic circuit is presented. The simulation results show that even though the power consumption is low, it can still be correlated with the correct key guess, and all possible subkeys applied to the Serpent submodule can be revealed in the best case scenario. Therefore, in theory QCA cryptographic circuits would be vulnerable to power analysis attack. However, the security of practical QCA devices can be greatly improved by applying a smoother clock. Moreover, in the worst case scenario, the design of logically reversible QCA circuits with Bennett clocking could be used as a natural countermeasure to power analysis attack. Therefore, it is believed that QCA could be a niche technology in the future for the implementation of security architectures resistant to power analysis attack.

A First Step Toward Cost Functions for Quantum-Dot Cellular Automata Designs

Quantum-dot cellular automata (QCA) is potentially a very attractive alternative to CMOS for future digital designs. Circuit designs in QCA have been extensively studied. However, how to properly evaluate the QCA circuits has not been carefully considered. To date, metrics and area-delay cost functions directly mapped from CMOS technology have been used to compare QCA designs, which is inappropriate due to the differences between these two technologies. In this paper, several cost metrics specifically aimed at QCA circuits are studied. It is found that delay, the number of QCA logic gates, and the number and type of crossovers, are important metrics that should be considered when comparing QCA designs. A family of new cost functions for QCA circuits is proposed. As fundamental components in QCA computing arithmetic, QCA adders are reviewed and evaluated with the proposed cost functions. By taking the new cost metrics into account, previous best adders become unattractive and it has been shown that different optimization goals lead to different “best” adders.

QCA Systolic Array Design

Quantum-dot Cellular Automata (QCA) technology is a promising potential alternative to CMOS technology. To explore the characteristics of QCA and suitable design methodologies, digital circuit design approaches have been investigated. Due to the inherent wire delay in QCA, pipelined architectures appear to be a particularly suitable design technique. Also, because of the pipeline nature of QCA technology, it is not suitable for a complicated control system design. Systolic arrays take advantage of pipelining, parallelism, and simple local control. Therefore, an investigation into these architectures in semiconductor QCA technology is provided in this paper. Two case studies, (a matrix multiplier and a Galois Field multiplier) are designed and analyzed based on both multilayer and coplanar crossings. The performance of these two types of interconnections are compared and it is found that even though coplanar crossings are currently more practical, they tend to occupy a larger design area and incur slightly more delay. A general semiconductor QCA systolic array design methodology is also proposed. It is found that by applying a systolic array structure in QCA design, significant benefits can be achieved particularly with large systolic arrays, even more so than when applied in CMOS-based technology.

A Tunable Encryption Scheme and Analysis of Fast Selective Encryption for CAVLC and CABAC in H.264/AVC

Recently, two fast selective encryption methods for context-adaptive variable length coding and context-adaptive binary arithmetic coding in H.264/AVC were proposed by Shahid In this paper, it was demonstrated that these two methods are not as efficient as only encrypting the sign bits of nonzero coefficients. Experimental results showed that without encrypting the sign bits of nonzero coefficients, these two methods can not provide a perceptual scrambling effect. If a much stronger scrambling effect is required, intra prediction modes, and the sign bits of motion vectors can be encrypted together with the sign bits of nonzero coefficients. For practical applications, the required encryption scheme should be customized according to a users specified requirement on the perceptual scrambling effect and the computational cost. Thus, a tunable encryption scheme combining these three methods is proposed for H.264/AVC. To simplify its implementation and reduce the computational cost, a simple control mechanism is proposed to adjust the control factors. Experimental results show that this scheme can provide different scrambling levels by adjusting three control factors with no or very little impact on the compression performance. The proposed scheme can run in real-time and its computational cost is minimal. The security of the proposed scheme is also discussed. It is secure against the replacement attack when all three control factors are set to one.

Low-cost digital signature architecture suitable for radio frequency identification tags

Continuing achievements in hardware technology are bringing ubiquitous computing closer to reality. The notion of a connected, interactive and autonomous environment is common to all sensor networks, bio-systems and radio frequency identification (RFID) devices, and the emergence of significant deployments and sophisticated applications can be expected. However, as more information is collected and transmitted, security issues will become vital for such a fully connected environment. In this study the authors consider adding security features to low-cost devices such as RFID tags. In particular, the authors consider the implementation of a digital signature architecture that can be used for device authentication, to prevent tag cloning, and for data authentication to prevent transmission forgery. The scheme is built around the signature variant of the cryptoGPS identification scheme and the SHA-1 hash function. When implemented on 130 nm CMOS the full design uses 7494 gates and consumes 4.72 ?W of power, making it smaller and more power efficient than previous low-cost digital signature designs. The study also presents a low-cost SHA-1 hardware architecture which is the smallest standardised hash function design to date.

Practical homomorphic encryption: A survey

Cloud computing technology has rapidly evolved over the last decade, offering an alternative way to store and work with large amounts of data. However data security remains an important issue particularly when using a public cloud service provider. The recent area of homomorphic cryptography allows computation on encrypted data, which would allow users to ensure data privacy on the cloud and increase the potential market for cloud computing. A significant amount of research on homomorphic cryptography appeared in the literature over the last few years; yet the performance of existing implementations of encryption schemes remains unsuitable for real time applications. One way this limitation is being addressed is through the use of graphics processing units (GPUs) and field programmable gate arrays (FPGAs) for implementations of homomorphic encryption schemes. This review presents the current state of the art in this promising new area of research and highlights the interesting remaining open problems.

Design of quantum-dot cellular automata circuits using cut-set retiming

As a potential alternative to CMOS technology, QCA provides an interesting paradigm in both communication and computation. However, QCAs unique four-phase clocking scheme and timing constraints present serious timing issues for interconnection and feedback. In this work, a cut-set retiming design procedure is proposed to resolve these QCA timing issues. The proposed design procedure can accommodate QCAs unique characteristics by performing delay-transfer and time-scaling to reallocate the existing delays so as to achieve efficient clocking zone assignment. Cut-set retiming makes it possible to effectively design relatively complex QCA circuits that include feedback. It utilizes the similar characteristics of synchronization, deep pipelines and local interconnections common to both QCA and systolic architectures. As a case study, a systolic Montgomery modular multiplier is designed to illustrate the procedure. Furthermore, a nonsystolic architecture, an S27 benchmark circuit, is designed and compared with previous designs. The comparison shows that the cut-set retiming method achieves a more efficient design, with a reduction of 22%, 44%, and 46% in terms of cell count, area, and latency, respectively.

Random clock against differential power analysis

Cryptographic systems are being compromised by power analysis attacks. In this paper, a novel countermeasure technique against power analysis attacks is proposed which dynamically varies the clock when executing operations (making it difficult to correlate power traces in the time domain) and inserts dummy operations during idling clock cycles (reducing the signal-to-noise ratio of the useful information). Its effectiveness is shown by performing a DPA attack on basic, intermediate (random clock) and advanced (random clock and dummy data) designs for the AES encryption algorithm, implemented on a FPGA-based board. The intermediate design is resistant to classical DPA attacks and the advanced design reduces the SNR by 79% (increasing area by 70% and reducing performance by 5.33%) when compared to the basic design. It is shown that the design is better in both metrics than other countermeasure techniques.

QCA Systolic Matrix Multiplier

Quantum-dot Cellular Automata (QCA) technology is a promising alternative to CMOS technology. It is attractive due to its fast speed, small area and low power consumption. To explore the characteristics of QCA technology, digital circuit design approaches have been investigated. Due to the inherent wire delay in this technology, QCA appears to be suitable for pipelined architectures particularly. Systolic arrays take advantage of pipelining and parallelism. Therefore, an investigation into systolic array design in QCA technology is provided in this paper. A case study of the first systolic matrix multiplier is designed and analyzed. The results show that by applying the systolic array structure to QCA designs, significant benefits can be achieved particular with large systolic array size, even more so than when applied to CMOS-based technology. QCA has significant advantages in terms of speed and area over CMOS technology, for instance, a factor of 12 smaller in terms of the area in this proposed matrix multiplier design when compared with same CMOS 32nm implementation.