scholarly journals Melting SNOW-V: improved lightweight architectures

2020 ◽  
Author(s):  
Andrea Caforio ◽  
Fatih Balli ◽  
Subhadeep Banik
Keyword(s):  
Theoretical Analysis ◽  
Stream Cipher ◽  
Software Performance ◽  
Square Root ◽  
Standard Cell ◽  
Instruction Set ◽  
Silicon Area ◽  
Throughput Rate ◽  
5G Systems ◽  
Hardware Efficiency

Abstract is a stream cipher proposed by Ekdahl et al. at IACR ToSC 2019(3) with an objective to be deployed as the encryption primitive in 5G systems. The stream cipher offers 256-bit security and is ready for deployment in the post-quantum era, in which as a rule of thumb (due to Grover’s algorithm), quantum security will vary as the square root of the classical security parameters. The authors further report good software performance figures in systems supporting the instruction set. However, they only provide a theoretical analysis of the cipher’s hardware efficiency. In this paper, we aim to fill this gap. We look at the three most important metrics of hardware efficiency: area, speed and power/energy, and propose circuits that optimize each of these metrics and validate our results using three different standard cell libraries. The smallest circuit we propose occupies only around 4776 gate equivalents of silicon area. Furthermore, we also report implementations which consume as little as 12.7 pJ per 128 bits of keystream and operate at a throughput rate of more than 1 Tbps.

Reconfigurable Instruction-Set Application-Tuning for DSP

2003 ◽  
Vol 12 (03) ◽  
pp. 333-351 ◽  
Author(s):  
B. Mesman ◽  
Q. Zhao ◽  
N. Busa ◽  
K. Leijten-Nowak
Keyword(s):  
Current System ◽  
High Volume ◽  
Tool Support ◽  
Instruction Set ◽  
Instruction Sets ◽  
Application Characteristics ◽  
On Chip ◽  
Application Tuning ◽  
Primary Contribution ◽  
Hardware Efficiency

In current System-on-Chip (SoC) design, the main engineering trade-off concerns hardware efficiency and design effort. Hardware efficiency traditionally regards cost versus performance (in high-volume electronics), but recently energy consumption emerged as a dominant criterion, even in products without batteries. "The" most effective way to increase HW efficiency is to exploit application characteristics in the HW. The traditional way of looking at HW design tends to consider it a time-consuming and tedious task, however. Given the current lack of HW designers, and the pressure of time-to-market, clearly a desire exists to fine-balance the merits and effort of tuning your HW to your application. This paper discusses methods and tool support for HW application-tuning at different levels of granularity. Furthermore we treat several ways of applying reconfigurable HW to allow both silicon reuse and the ability to tune the HW to the application after fabrication. Our main focus is on a methodology for application-tuning the architecture of DSP datapaths. Our primary contribution is on reusing and generalizing this methodology to application-tuning DSP instruction sets, and providing tool support for efficient compilation for these instruction sets. Furthermore, we propose an architecure for a reconfigurable instruction-decoder, enabling application-tuning of the instruction-set after fabrication.

scholarly journals Concurrent Calculations on Reconfigurable Logic Devices Applied to the Analysis of Video Images

2010 ◽  
Vol 2010 ◽  
pp. 1-8
Author(s):  
Sergio R. Geninatti ◽  
José Ignacio Benavides Benítez ◽  
Manuel Hernández Calviño ◽  
Nicolás Guil Mata
Keyword(s):  
Hardware Implementation ◽  
Video Sequence ◽  
Video Segmentation ◽  
General Purpose ◽  
Instruction Set ◽  
Reconfigurable Logic ◽  
Silicon Area ◽  
Logic Devices ◽  
Video Images ◽  
Functional Blocks

This paper presents the design and implementation on FPGA devices of an algorithm for computing similarities between neighboring frames in a video sequence using luminance information. By taking advantage of the well-known flexibility of Reconfigurable Logic Devices, we have designed a hardware implementation of the algorithm used in video segmentation and indexing. The experimental results show the tradeoff between concurrent sequential resources and the functional blocks needed to achieve maximum operational speed while achieving minimum silicon area usage. To evaluate system efficiency, we compare the performance of the hardware solution to that of calculations done via software using general-purpose processors with and without an SIMD instruction set.

scholarly journals Law of spreading of the crest of a breaking wave

2008 ◽  
Vol 464 (2095) ◽  
pp. 1851-1866 ◽  
Author(s):  
Y Pomeau ◽  
T Jamin ◽  
M Le Bars ◽  
P Le Gal ◽  
B Audoly
Keyword(s):  
Theoretical Analysis ◽  
Fluid Motion ◽  
Ocean Waves ◽  
Wave Crest ◽  
Spanwise Direction ◽  
Breaking Wave ◽  
Square Root ◽  
Fluid Surface ◽  
Wide Range ◽  
Experimental Findings

In a wide range of conditions, ocean waves break. This can be seen as the manifestation of a singularity in the dynamics of the fluid surface, moving under the effect of the fluid motion underneath. We show that, at the onset of breaking, the wave crest expands in the spanwise direction as the square root of time. This is first derived from a theoretical analysis and then compared with experimental findings. The agreement is excellent.

HARDWARE-EFFICIENT MULTI-STANDARD VIDEO TRANSFORM CORE

2014 ◽  
Vol 23 (08) ◽  
pp. 1450119
Author(s):  
YUAN-HO CHEN ◽  
HSIAO-TZU LIU
Keyword(s):  
Resource Sharing ◽  
High Efficiency ◽  
Cmos Process ◽  
Hybrid Architecture ◽  
High Efficiency Video Coding ◽  
Maximum Throughput ◽  
Hardware Cost ◽  
Throughput Rate ◽  
Hardware Sharing ◽  
Hardware Efficiency

This study presents a unified hybrid architecture to compute the inverse discrete cosine transform (IDCT) of multiple modern video decoders such as moving picture experts group (MPEG-4), H.264, VC-1 and high efficiency video coding (HEVC). The proposed hardware sharing architecture requires a lower hardware cost than that for individual implementations, and maximizes the proportion of the circuit that is reused during the computation. The proposed architecture design needs only adders and shifters to significantly reduce the hardware cost. Thus, the resource sharing method can increase the circuit sharing capability and achieve high hardware efficiency. For verification, a TSMC 0.18-μm CMOS process is applied to implement the IDCT chip, and the maximum throughput rate of the proposed design is 1000 MP/s with a hardware cost of 16.5 k gates.

A proposed high-current nanosecond source of energetic ions

1975 ◽  
Vol 13 (2) ◽  
pp. 361-366 ◽  
Author(s):  
John A. Nation
Keyword(s):  
Energy Transfer ◽  
Theoretical Analysis ◽  
Negative Energy ◽  
Ion Source ◽  
Square Root ◽  
High Current ◽  
Mass Ratio ◽  
Electron Current ◽  
Energetic Ions ◽  
Ion Accelerator

Experiments by Friedman (1972), and theoretical analysis by Sudan & Lovelace (1973), Rostoker (1972), Rostoker & Poukey (1971) and Wheeler (1974), considered ion emissionin a vacuum diode. The ions emitted (e.g. in the Friedman experiment) were generated by laser irradiation of the anode. Using this technique, multiply-ionized species could be obtained. The ion currentwas limited non-relativistically to the square root of the mass ratio times the electron current, so that energy transfer to the ions was relatively inefficient. Some improvement was obtained at relativistic electron energies.Sloan & Drummond (1973) proposed a high-current ion accelerator, where the transfer of energy to the ions is achieved by a negative energy cyclotron wave on an intense E beam. Such an accelerator requires an ion source capable of providing several hundred Amperes of protons at energies in the range of a few hundred keV to several MeV. In this article, we propose a suitable ion source for an accelerator.

scholarly journals The Definition and Software Performance of Hashstream, a Fast Length-Flexible PRF

Cryptography ◽  
2018 ◽  
Vol 2 (4) ◽  
pp. 31 ◽  
Author(s):  
Ted Krovetz
Keyword(s):  
Hash Function ◽  
Provable Security ◽  
Stream Cipher ◽  
Software Performance ◽  
Authenticated Encryption ◽  
Random Generation ◽  
Process Data ◽  
Straightforward Manner ◽  
Caesar Competition ◽  
Universal Hash Function

Two of the fastest types of cryptographic algorithms are the stream cipher and the almost-universal hash function. There are secure examples of each that process data in software using less than one CPU cycle per byte. Hashstream combines the two types of algorithms in a straightforward manner yielding a PRF that can both consume inputs of and produce pseudorandom outputs of any desired length. The result is an object useful in many contexts: authentication, encryption, authenticated encryption, random generation, mask generation, etc. The HS1-SIV authenticated-encryption algorithm—a CAESAR competition second round selection—was based on Hashstream and showed the promise of such an approach by having provable security and topping the speed charts in several test configurations.

Theoretical analysis of optimal P50

1982 ◽  
Vol 52 (4) ◽  
pp. 1043-1048 ◽  
Author(s):  
D. C. Willford ◽  
E. P. Hill ◽  
W. Y. Moores
Keyword(s):  
Oxygen Consumption ◽  
Theoretical Analysis ◽  
Partial Pressure ◽  
Oxygen Tension ◽  
Simple Expression ◽  
Square Root ◽  
Moderate Hypoxia ◽  
Hemoglobin Saturation ◽  
Arterial Po2 ◽  
Saturation Difference

A simple expression is derived to describe the partial pressure at 50% hemoglobin saturation with oxygen (P50) that maximizes venous oxygen tension (PO2) for a given arterial PO2 and oxygen consumption. That “optimal P50” also maximizes arteriovenous saturation differences for given arterial and venous PO2 values. The optimal P50 can be expressed as the square root of the product of arterial and venous PO2 values. Alternatively, it can be expressed as a simple function of the arterial PO2 and the arteriovenous saturation difference. Nomograms summarize the relationships between the variables, and published observations that suggest an observational basis for our theoretical analysis are reviewed. We conclude that for normoxia or moderate hypoxia a high P50 is advantageous, whereas for more severe hypoxia or increased metabolic demands, a low P50 is advantageous.

scholarly journals LIZARD – A Lightweight Stream Cipher for Power-constrained Devices

2017 ◽  
pp. 45-79 ◽  
Author(s):  
Matthias Hamann ◽  
Matthias Krause ◽  
Willi Meier
Keyword(s):  
Stream Cipher ◽  
Stream Ciphers ◽  
Rfid Tags ◽  
Security Level ◽  
Key Recovery ◽  
Passive Rfid ◽  
Key Recovery Attacks ◽  
Mode A ◽  
Hardware Efficiency ◽  
Constrained Devices

Time-memory-data (TMD) tradeoff attacks limit the security level of many classical stream ciphers (like E0, A5/1, Trivium, Grain) to 1/2n, where n denotes the inner state length of the underlying keystream generator. In this paper, we present Lizard, a lightweight stream cipher for power-constrained devices like passive RFID tags. Its hardware efficiency results from combining a Grain-like design with the FP(1)-mode, a recently suggested construction principle for the state initialization of stream ciphers, which offers provable 2/3n-security against TMD tradeoff attacks aiming at key recovery. Lizard uses 120-bit keys, 64-bit IVs and has an inner state length of 121 bit. It is supposed to provide 80-bit security against key recovery attacks. Lizard allows to generate up to 218 keystream bits per key/IV pair, which would be sufficient for many existing communication scenarios like Bluetooth, WLAN or HTTPS.

Sign in / Sign up

Export Citation Format

Share Document