Hardware Optimizations and Analysis for the WG-16 Cipher with Tower Field Arithmetic

This paper explores tower field constructions and hardware optimizations for the WG-16 stream cipher. The constructions <inline-formula><tex-math notation="LaTeX">${\mathbb {F}}_{(((2^2)^2)^2)^2}$</tex-math><alternatives> <inline-graphic xlink:href="zidaric-ieq1-2854757.gif"/></alternatives></inline-formula> and <inline-formula> <tex-math notation="LaTeX">${\mathbb {F}}_{(2^{4})^4}$</tex-math><alternatives> <inline-graphic xlink:href="zidaric-ieq2-2854757.gif"/></alternatives></inline-formula> were chosen because their small subfields enable high speed arithmetic implementations and their regularity provides flexibility in pipeline granularity. A design methodology is presented where the tower field constructions guide how to proceed systematically from algebraic optimizations, through initial hardware implementation, selection of submodules, pipelining, and finally detailed hardware optimizations to increase clock speed. The highest frequency WG(16, 32) keystream generator, obtained for the 65 nm ASIC library, reached a clock speed of 2.44 GHz at 26.3 kGE, and the smallest area keystream generator achieved a clock speed of 0.33 GHz at 9.9 kGE. The highest frequency FPGA implementation on a Xilinx Spartan 6 reached a clock speed of 256 MHz using 631 slices. In addition, the paper demonstrates that LFSR feedback polynomials can be optimized to increase security without hurting performance, and retiming optimizations can be used to increase clock speed without increasing area.

[1]  Guang Gong,et al.  Efficient hardware implementation of the stream cipher WG-16 with composite field arithmetic , 2013, TrustED '13.

[2]  Guang Gong,et al.  Specification of the Stream Cipher WG-16 Based Confidentiality and Integrity Algorithms , 2013 .

[3]  Harald Niederreiter,et al.  Finite fields: Linear Recurring Sequences , 1996 .

[4]  Guang Gong,et al.  Hardware implementations of the WG-5 cipher for passive RFID tags , 2013, 2013 IEEE International Symposium on Hardware-Oriented Security and Trust (HOST).

[5]  Zongbin Liu,et al.  HPAZ: A high-throughput pipeline architecture of ZUC in hardware , 2016, 2016 Design, Automation & Test in Europe Conference & Exhibition (DATE).

[6]  Guang Gong,et al.  The WG Stream Cipher , 2005 .

[7]  Daniel W. Engels,et al.  A Do-It-All-Cipher for RFID: Design Requirements (Extended Abstract) , 2012, IACR Cryptol. ePrint Arch..

[8]  Matthew J. B. Robshaw,et al.  The eSTREAM Project , 2008, The eSTREAM Finalists.

[9]  Guang Gong,et al.  New Hardware Implementations of WG(29, 11) and WG-16 Stream Ciphers Using Polynomial Basis , 2015, IEEE Trans. Computers.

[10]  Akashi Satoh,et al.  A Compact Rijndael Hardware Architecture with S-Box Optimization , 2001, ASIACRYPT.

[11]  Vijay Kumar,et al.  Efficient Rijndael Encryption Implementation with Composite Field Arithmetic , 2001, CHES.

[12]  Nusa Zidaric,et al.  Hardware Implementations of the WG-16 Stream Cipher with Composite Field Arithmetic , 2014 .

[13]  Christof Paar,et al.  A New Architecture for a Parallel Finite Field Multiplier with Low Complexity Based on Composite Fields , 1996, IEEE Trans. Computers.

[14]  Anatolij A. Karatsuba,et al.  Multiplication of Multidigit Numbers on Automata , 1963 .

[15]  Guang Gong,et al.  Design space exploration of the lightweight stream cipher WG-8 for FPGAs and ASICs , 2013, WESS '13.

[16]  Yuan Ma,et al.  Evaluating the Optimized Implementations of SNOW3G and ZUC on FPGA , 2012, 2012 IEEE 11th International Conference on Trust, Security and Privacy in Computing and Communications.

[17]  Christof Paar,et al.  Pushing the Limits: A Very Compact and a Threshold Implementation of AES , 2011, EUROCRYPT.

[18]  Guang Gong,et al.  Optimal parameters for the WG stream cipher family , 2013, 2013 13th Canadian Workshop on Information Theory.

[19]  Guang Gong,et al.  Resilience to distinguishing attacks on WG-7 cipher and their generalizations , 2013, Cryptography and Communications.

[20]  Guang Gong,et al.  New Implementations of the WG Stream Cipher , 2014, IEEE Transactions on Very Large Scale Integration (VLSI) Systems.

[21]  T. Itoh,et al.  A Fast Algorithm for Computing Multiplicative Inverses in GF(2^m) Using Normal Bases , 1988, Inf. Comput..

[22]  Guang Gong,et al.  WG: A family of stream ciphers with designed randomness properties , 2008, Inf. Sci..

[23]  David Canright,et al.  A Very Compact S-Box for AES , 2005, CHES.

[24]  Joachim von zur Gathen,et al.  Efficient FPGA-Based Karatsuba Multipliers for Polynomials over F2 , 2005, Selected Areas in Cryptography.

[25]  Dmitry Dmitriev,et al.  Pseudorandom Sequence Generator Using CORDIC Processor , 2019, 2019 Ural Symposium on Biomedical Engineering, Radioelectronics and Information Technology (USBEREIT).