New Family of Stream Ciphers as Physically Clone-Resistant VLSI-Structures
Ayoub Mars, Wael Adi

TL;DR
This paper introduces a large class of physically clone-resistant stream ciphers based on randomly selected NLFSRs, enabling secure, self-reconfigurable FPGA-based identities with scalable security, suitable for future smart VLSI systems.
Contribution
It proposes a novel large class of physically clone-resistant stream ciphers using NLFSRs and introduces a method for creating self-created, physically unclonable identities within FPGA devices.
Findings
Security levels are scalable even against post-quantum threats.
The design achieves high linear complexity and long periods.
A lightweight identification protocol for FPGA-based SUC is presented.
Abstract
A new large class of possible stream ciphers as keystream generators KSGs, is presented. The sample cipher-structure-concept is based on randomly selecting a set of 16 maximum-period Nonlinear Feedback Shift Registers (NLFSRs). A non-linear combining function is merging the 16 selected sequences. All resulting stream ciphers with a total state-size of 223 bits are designed to result with the same security level and have a linear complexity exceeding and a period exceeding . A Secret Unknown Cipher (SUC) is created randomly by selecting one cipher from that class of ciphers. SUC concept was presented recently as a physical security anchor to overcome the drawbacks of the traditional analog Physically Unclonable Functions (PUFs). Such unknown ciphers may be permanently self-created within System-on-Chip SoC non-volatile FPGA devices to serve as a…
Click any figure to enlarge with its caption.
Figure 1
Figure 2
Figure 3
Figure 4
Figure 5
Figure 6
Figure 7
Figure 8
Figure 9Peer Reviews
No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.
Videos
No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.
11institutetext: IDA, Institute of Computer and Network Engineering
Technical University of Braunschweig, Germany
11email: [email protected], [email protected]
New Family of Stream Ciphers as Physically Clone-Resistant VLSI-Structures111This paper is under submission, and uploaded here only for comments and suggestions, and not for any commercial use.
Ayoub Mars and Wael Adi
Abstract
A new large class of possible stream ciphers as key stream generators KSGs, is presented. The sample cipher-structure-concept is based on randomly selecting a set of 16 maximum-period Nonlinear Feedback Shift Registers (NLFSRs). A non-linear combining function is merging the 16 selected sequences. All resulting stream ciphers with a total state-size of 223 bits are designed to result with the same security level and have a linear complexity exceeding and a period exceeding . A Secret Unknown Cipher (SUC) is created randomly by selecting one cipher from that class of ciphers. SUC concept was presented recently as a physical security anchor to overcome the drawbacks of the traditional analog Physically Unclonable Functions (PUFs). Such unknown ciphers may be permanently self-created within System-on-Chip SoC non-volatile FPGA devices to serve as a digital clone-resistant structure. Moreover, a lightweight identification protocol is presented in open networks for physically identifying such SUC structures in FPGA-devices. The proposed new family may serve for lightweight realization of clone-resistant identities in future self-reconfiguring SoC non-volatile FPGAs. Such self-reconfiguring FPGAs are expected to be emerging in the near future smart VLSI systems. The security analysis and hardware complexities of the resulting clone-resistant structures are evaluated and shown to exhibit scalable security levels even for post-quantum cryptography.
keywords:
Stream Cipherkeystream generatorNLFSRlinear complexitySecret Unknown CipherPhysical Unclonable FunctionsSelf-reconfigurating SoC FPGAs
Introduction
Clone-Resistant Units have been well investigated during the last two decades. The aim is to provide electronic systems with unique and secure identities making them resistant to cloning attacks. Physical Unclonable Functions (PUFs) [Pappu2001][Adi2017][maes2010physically] were introduced to fabricate electronic unclonable units for secure identification/authentication [tuyls2006rfid][Sadeghi2010], memoryless key storage [Lim2004a][vskoric2005robust] and intellectual property protection [IntrinsicID]. Due to the analog nature of all proposed PUF technologies, all techniques proposed so far had limited use in real world applications due to economic cost factors and failing long term stability. To overcome the PUFs issues, digital clone-resistant functions were introduced in [Adi2008a]. In [Adi2017e], digital clone-resistant functions were coined as Secret Unknown Ciphers. By definition, a Secret Unknown Cipher is a randomly, internally generated cipher inside the chip where the user has no access or influence on its creation process, even the producer is not able to backtrace the personalization process and deduce the made random cipher [Mars2019a][Mars_V2X].
Creating SUC requires designing families of secure ciphers with random components [Mars2019a]. In [rspnsuc][Mars2019a], an SUC based on random block cipher was proposed, it is deploying random optimal S-Boxes as source of randomness of the SUC design. It was shown that deploying a fixed SUC design with small random components increases tremendously the cardinality of the resulting SUC class. Also, this ensures that each element of the SUC class has the same security level [Mars2019a]. In [Mars2017], Random Stream Cipher (RSC) based on single cycle T-Functions (Triangular Functions) has been proposed to construct a class of SUCs. The proposed RSC-SUC makes use of DSP blocks embedded in modern SoC FPGAs to implement single cycle T-Functions as part of the keystream generators. Both proposed designs in [rspnsuc][Mars2019a] and [Mars2017] share the property of requiring a small area that should be located inside the FPGA. Distributing the SUC design in both cases would results with more area overhead and latency. In this paper, the SUC design template is based on combining a set of NLFSRs. Distributing NLFSRs overall the FPGA area is practically attainable since each NLFSR can be implemented in a free area of the FPGA. This would ensure additionally a zero-cost implementation of the SUC and lower its vulnerability to some side channel attacks.
In 2005, the European project ECRYPT launches a competition to design new stream ciphers that might be suitable for widespread adoption. This project is called eSTREAM (ECRYPT Stream Cipher Project) [ECRYPT] and it received 35 submissions. When it came to its end in 2008 [Canniere2008], four of the proposals in the final portfolio [Babbage2008] were suited to fast encryption in software: HC-128, Rabbit, Salsa20/12 and Sosemanuk, while other four stream ciphers offered particularly efficient hardware implementation: Grain v1, MICKEY 2.0, Trivium and F-FCSR-H which has been excluded later because of the cryptanalytic results presented in [M.HellandT.Johansson2008]. The last eStream portfolio includes seven algorithms [Technologies2009]. A number of NLFSR-based stream ciphers have been proposed to the eStream project such as Achterbahn [Gammel2005] and Grain [Hell2007]. Achterbahn was one of the challenging new designs based on combining several NLFSRs with a non-linear combining function, which performs nonlinear operations on sequences with distinct minimal polynomials [Rueppel1986]. In [T.Johansson2006], authors highlight some problems in the design principle of Achterbahn summarized in the small length of the NLFSRs and the weakness of the combining function. The complexity of the attack presented in [T.Johansson2006] depends exponentially to the number of shift registers and their size, and to the number of shift registers outputs that would cancel the nonlinear part of the combining function if they are equal to zero. After selecting the positions in the output sequence that cancel the nonlinear terms in the combining function, the attack builds parity checks. We outline that a high number of shift registers in the linear part of the combining function makes the attack complexity very high.
Contribution.
The contributions of this paper are summarized as follows: firstly, a new large-class of low-complexity stream ciphers with the same designed-security level is created. Each resulting cipher, even when randomly selected, exhibits the same security level. The cardinality of the cipher-class exceeds without considering the NLFSRs initial states as a key of 223 bits. Secondly, the resulting ciphers are adapted to convert future VLSI-devices to clone-resistant physical entities in future VLSI technologies. Finally, a new generic-lightweight identification/authentication protocol is shown for VLSI-devices when using such SUC-based structure.
The remainder of this paper is organized as follows, section 1 describes the state of the art of clone-resistan units, also it discusses Kerckhoffs’ principles in relation to SUC. Section 2 presents a detailed description of the key stream generator. In section LABEL:sec:sec3, security analysis of the proposed family of new stream ciphers is investigated. Section LABEL:sec:sec4 describes a concept for deploying this family to create SUCs and provide unique and robust identity to SoC units. Section LABEL:sec:sec5 presents the hardware complexity results and Section LABEL:sec:sec6 concludes.
1 Clone-Resistant Units
1.1 Physical Unclonable Functions
Physical Unclonable Functions (PUFs) [Adi2017][maes2010physically][Pappu2001] are increasingly proposed as central building block in cryptographic protocols and security architectures. They are proposed to be used for secure devices identification/authentication, memoryless key storage and intellectual property protection. Most PUFs responses are noisy and only contain a limited amount of entropy. Hence, they cannot be used as keys directly. To remedy this problem, fuzzy extractors [Bosch2008] [Dodis2004] [vskoric2005robust] were proposed to be used beside each PUF. They are working on two steps: in the enrollment phase, a helper data is extracted by deploying a helper data algorithm. During the reconstruction phase, fuzzy extractor algorithm uses the helper data and the PUF response to reproduce the key. These error correction mechanisms are expensive and require high number of logic gates [Bosch2008] [Dodis2004].
Furthermore, many attacks on PUFs have been proposed recently, they are targeting both weak PUFs and strong PUFs [guajardo2007fpga] [ruhrmair2012security]; weak PUFs have few challenges, commonly only one challenge per PUF instance, hence it is assumed that the access to the weak PUF response is restricted. However, semi-invasive means have been used to reveal the state of memory-based PUF [Nedospasov2013]. The second major PUFs types are Strong PUFs, they have large number of challenge-response pairs and they are unpredictable. Hence, protecting the challenge-response interface is not required. Strong PUFs are less susceptible to cloning and invasive attacks as weak PUFs. However, modeling attack constitutes a strong technique to clone strong PUFs, it has been introduced firstly by D. Lim to model an Arbiter-Based PUF [Lim2004a] and later on by Matzoobi et al. to evaluate linear and feed-forward PUF structures [Majzoobi2008]. Recently, Rührmair et al. demonstrate PUF modeling attacks on many PUFs by using machine learning techniques [ruhrmair2013puf][ruhrmair2012security][ruhrmair2010modeling]. The attack succeeds if the adversary constructs an algorithm which behaves indistinguishably from the original PUF on almost all Challenge Response Pairs (CRPs). In [Merli2011b], side channel attack was used to analyze PUFs architecture and fuzzy extractor implementations by deploying power analysis. Recent trends combine both side channel and modeling attacks [Delvaux2013] [Mahmoud2013] to facilitate machine learning which is deployed in modeling attack.
1.2 Secret Unknown Cipher
Digital physical clone-resistant units based on pseudo-random functions have been proposed in [Adi2007c][Adi2008a] to overcome some of the PUFs drawbacks especially their inconsistency. Those Physical Clone-Resistant Functions were nominated later on as Secret Unknown Ciphers (SUCs) [rspnsuc][Mars2017].
Definition 1.1**.**
Secret Unknown Cipher is a randomly internally generated cipher/hash inside the chip, where the user has no access or influence on its creation process, even the producer should not be able to back trace the creation process and deduce the made random cipher. Each generated SUC can be defined as an invertible Pseudo Random Function (PRF), as follows:
[TABLE]
and
[TABLE]
For an SUC based on block cipher design, i.e. . The optimum case is to design an involutive SUC, such as and hence we define it as follows:
[TABLE]
Figure 1 describes the concept for embedding SUC in System on Chip (SoC) FPGA devices. The personalization process proceeds as follows, the Trusted Authority (TA) disposes of a software package called “GENIE” that contains an algorithm for creating internally random secure ciphers in addition to a package of cryptographically strong functions that will be used to design each SUC. The TA injects for a short time into each SoC FPGA unit the GENIE which runs only one time (step 1). After being loaded into the chip, the GENIE creates a permanent (non-volatile) and unpredictable random cipher by deploying random bits from the True Random Number Generator (TRNG) (step 2). When the GENIE completes the creation of the SUC, it will be fully deleted (step 3). After that, the SoC FPGA will contain its unique and unpredictable SUC. The TA challenges the SUC by a set of challenges and gets the corresponding responses and stores them on the corresponding area in its Units Individual Records (UIR) defined by the Serial Number of the device . The X/Y pairs are to be used later by a TA to identify and authenticate devices. The concept is comparable to a PUF with the advantage that with an SUC based on random block cipher design, recovering Y from X is possible by using the inverse function of the SUC () or the same involution SUC. This property was deployed in [Mars_V2X] to build a chain of trust used for a secured vehicular over the air software update, also for securing in-vehicle and vehicle-to-vehicle communication. SUC invertability is also used in the generic identification and authentications protocols in [Adi2017e] and other applications protocols such as in [newecoin]. In [Adi2017e], two generic identification/authentication protocols have been proposed, they show a very efficient identification protocol which eliminates storage of big number of challenge/response pairs, also the device should embed a small memory of about -bit to detect -consumed pairs, even without the need of deleting the used pairs during communication with the unit.
In [rspnsuc][Mars2019a], template based SUC was presented, where a block cipher with random components was designed as an SUC template. Optimal 4-bit S-Boxes were used as a source of randomness, such as the GENIE selects few S-Boxes from some sets of all optimal 4-bit S-Boxes. Each resulting SUC from this class has the same security level. Furthermore, in [Mars2017], Mars et al. proposed the first digital clone-resistant function prototype based on Random Stream Cipher (RSC) deploying a class of T-Functions (Triangular Functions) as key stream generator. We note that, identification and authentication protocols designed for SUC based on random block ciphers would not be applicable directly for an SUC based on random one-way function or on RSC.
As discussed before, many PUFs are susceptible to mathematical cloning hence they are recently nominated as Physically Unclonable Functions. SUC designs ensure that it is secure against known mathematical cryptanalysis as in [Mars2019a][Mars2017], and each SUC have the same security level. Since each device embeds a unique SUC, the adversary should break each unit alone with the same attack complexity. Moreover, SUC can be implemented with zero cost; the hardware overhead of an SUC should be low such as in [Mars2019a]. Most industrial customer designs do not make full usage of the FPGA resources. Hence with low overhead, SUC can make use of the free FPGA resources and can be incrementally added to the customer design with zero cost.
1.3 Kerckhoffs’ principles and SUC
In [Kerckhoffs1883], Kerckhoffs stated the principles that should apply to a cryptosystem. The most concerning one, in relation to SUC, is the one stating that the method used to encipher data is known to the opponent, and that security must lie in the choice of key. However, ”This does not necessarily implies that the method should be public, but only considered as public during its creation” [Kerckhoffsonline][petitcolas1883cryptographie]. Thus, SUC validates this Kerckhoffs’s principle if and only if the SUC design is secure when considering that all the components are publicly known. In this paper, a family of stream cipher is proposed such that the NLFSRs feedback functions are selected randomly together with the initial NLFSRs states to generate SUCs. The security analysis of the proposed family of stream ciphers is investigated by considering that the cipher design is publicly known. i.e. the NLFSRs’s feedback functions are known.
Cryptanalyzing SUCs in the field would require two steps:
- •
Reversing the secret components: an adversary is forced to reverse the random selected functions that are used by the SUC.
- •
Breaking the resulting stream cipher: After reversing the secret parameters of an SUC, this SUC could be considered as a publicly known cipher and an adversary would apply known cryptanalytical attack to break this SUC.
Since each SUC is assumed to be generated randomly, attacking each SUC requires to repeat the same attack with the same complexity. This constitutes an advantage over using any secure stream cipher with publicly known specifications and with a randomly generated secret key. For this latest solution, the attack complexity is only based on breaking the publicly known stream cipher. Another advantage by design, is that for the proposed SUC, the secrets are distributed and not located in the same area such that when deploying a random secret key, this makes it hard to physically break the SUC.
2 Description of the Keystream Generator
The basic components of the KSG are 16 Non-Linear Feedback Shift Registers (NLFSRs) of lengths 6 to 17 and 19, 21, 22 and 23, combined by a balanced Boolean function F with algebraic degree 4, correlation immunity 8 and algebraic immunity 4. The NLFSRs are such that they can produce binary sequences of maximum period , where is the length of the shift register. Each shift register has a corresponding set of non-linear feedback function updating the internal state of the shift register. The outputs of the 16 NLFSRs deliver the 16 inputs of the combining function which outputs the running key . The 5 4-bits Look Up Tables (4-LUTs) implement the Boolean combining function . The total number of all the NLFSRs bits is 223 bits. This design is hardware oriented to FPGA environment where the basic logic computing unit in FPGA is 4-LUT.
The key-loading algorithm that determines the initial internal states of the NLFSRs from a key ( bits) and an initial vector (IV) will not be investigated in this paper since it is not required for SUC usage, i.e. the key (K) can be the initial NLFSRs states. Generally, two requirements are important for the key loading algorithm: for all possible keys (K), the key loading algorithm should generate non-zero initial states for the NLSRs, also it should be resistant to side channel attacks.
Figure 2 describes the proposed stream cipher design.
2.1 Non-Linear Feedback Shift Registers
The principal components of KSG are the 16 NLFSRs with lengths from 6 to 17 and 19, 21, 23 and 24. Each -bit NLFSR has a set of feedback functions ensuring all a maximum period of . This section will describe in details the NLFSRs design methodology.
Definition 2.1**.**
A feedback Shift Register consists of pure cycles if and only if its feedback function has the form:
[TABLE]
where g is a Boolean function that does not depend on .
Definition 2.2**.**
*A (binary) de Bruijn sequence is a sequence of period in which each -bit pattern occurs exactly once in one period of the sequence.
The linear complexities of order de Bruijn sequences are bounded by and [chan1982complexities].*
There are different -bit Fibonacci NLFSRs with the period [fredricksen1982survey].
