Non-crypto Hardware Hash Functions for High Performance Networking ASICs

Recently, many efficient cryptographic hash function design strategies have been explored, not least because of the SHA-3 competition. These designs are, almost exclusively, geared towards high performance on long inputs. However, various applications exist where the performance on short (fixed length) inputs matters more. Such hash functions are the bottleneck in hash-based signature schemes like SPHINCS or XMSS, which is currently under standardization. Secure functions specifically designed for such applications are scarce. We attend to this gap by proposing two short-input hash functions (or rather simply compression functions). By utilizing AES instructions on modern CPUs, our proposals are the fastest on such platforms, reaching throughputs below one cycle per hashed byte even for short inputs, while still having a very low latency of less than 60 cycles. Under the hood, this results comes with several innovations. First, we study whether the number of rounds for our hash functions can be reduced, if only second-preimage resistance (and not collision resistance) is required. The conclusion is: only a little. Second, since their inception, AES-like designs allow for supportive security arguments by means of counting and bounding the number of active S-boxes. However, this ignores powerful attack vectors using truncated differentials, including the powerful rebound attacks. We develop a general tool-based method to include arguments against attack vectors using truncated differentials.

Download Full-text

A Method to Bound the Number of Active S-Boxes for a Kind of AES-Like Structure

The Computer Journal ◽

10.1093/comjnl/bxz006 ◽

2019 ◽

Vol 62 (8) ◽

pp. 1121-1131

Author(s):

Qian Wang ◽

Chenhui Jin

Keyword(s):

Lower Bound ◽

Lower Bounds ◽

Hash Function ◽

High Performance ◽

Block Cipher ◽

Hash Functions ◽

Theoretical Method ◽

Building Blocks ◽

Branch Number ◽

Diffusion Layers

AbstractDue to the strong security and high performance of the AES block cipher, many hash functions take AES-like structures as building blocks. To evaluate the security of these AES-like structures against differential cryptanalysis, giving the lower bounds on the number of active S-boxes in a differential trail, is an important perspective. However, the original ‘wide-trail strategy’ for AES becomes less effective to get tight bounds for these AES-like structures, because of the different state dimensions (M×M2, instead of M×M) and different round functions from AES. In this paper, we focus on a kind of AES-like structure with state dimensions M×M2, diffusion-optimal permutations and MixColumns transformations using MDS matrices. Inspired by the ‘wide-trail strategy’, we propose a theoretical method to count active S-boxes, by which we prove that there are at least rBd(Bd−1) active S-boxes in any 2r(r≥3) rounds of such an AES-like structure, where Bd is the differential branch number of the MixColumns transformation and equals to M+1. What’s more, this lower bound can be achieved by some diffusion layers. As examples, we apply our method to the LANE hash function and 3D block cipher, optimal lower bounds are both got.

Download Full-text

A High Performance Energy Analyzer for Use in Electron Scanning Microscopy

Proceedings, annual meeting, Electron Microscopy Society of America ◽

10.1017/s0424820100061975 ◽

1969 ◽

Vol 27 ◽

pp. 14-15

Author(s):

A. V. Crewe ◽

M. Isaacson ◽

D. Johnson

Keyword(s):

High Performance ◽

Vertical Plane ◽

Median Plane ◽

Electron Gun ◽

Uniform Field ◽

Loss Mechanism ◽

Electron Scanning Microscopy ◽

Sector Type ◽

Double Focusing ◽

Electron Energy Loss

A double focusing magnetic spectrometer has been constructed for use with a field emission electron gun scanning microscope in order to study the electron energy loss mechanism in thin specimens. It is of the uniform field sector type with curved pole pieces. The shape of the pole pieces is determined by requiring that all particles be focused to a point at the image slit (point 1). The resultant shape gives perfect focusing in the median plane (Fig. 1) and first order focusing in the vertical plane (Fig. 2).

Download Full-text

Vacuum System to Minimize the Specimen Contamination of High-Performance EM

Proceedings, annual meeting, Electron Microscopy Society of America ◽

10.1017/s0424820100077967 ◽

1977 ◽

Vol 35 ◽

pp. 68-69

Author(s):

N. Yoshimura ◽

K. Shirota ◽

T. Etoh

Keyword(s):

Electron Microscope ◽

High Speed ◽

High Performance ◽

High Vacuum ◽

Vacuum System ◽

Pump System ◽

Pumping System ◽

Diffusion Pump ◽

Almost All ◽

Cascade Type

One of the most important requirements for a high-performance EM, especially an analytical EM using a fine beam probe, is to prevent specimen contamination by providing a clean high vacuum in the vicinity of the specimen. However, in almost all commercial EMs, the pressure in the vicinity of the specimen under observation is usually more than ten times higher than the pressure measured at the punping line. The EM column inevitably requires the use of greased Viton O-rings for fine movement, and specimens and films need to be exchanged frequently and several attachments may also be exchanged. For these reasons, a high speed pumping system, as well as a clean vacuum system, is now required. A newly developed electron microscope, the JEM-100CX features clean high vacuum in the vicinity of the specimen, realized by the use of a CASCADE type diffusion pump system which has been essentially improved over its predeces- sorD employed on the JEM-100C.

Download Full-text

Use of the Magnetostatic Analogue In Electromagnetic Lens Engineering

Proceedings, annual meeting, Electron Microscopy Society of America ◽

10.1017/s0424820100068795 ◽

1970 ◽

Vol 28 ◽

pp. 360-361

Author(s):

John W. Coleman

Keyword(s):

Boundary Conditions ◽

High Performance ◽

Force Fields ◽

Optical Design ◽

Direct Conversion ◽

Design Engineering ◽

Design Data ◽

Scalar Potentials ◽

Geometric Elements ◽

At Will

In the design engineering of high performance electromagnetic lenses, the direct conversion of electron optical design data into drawings for reliable hardware is oftentimes difficult, especially in terms of how to mount parts to each other, how to tolerance dimensions, and how to specify finishes. An answer to this is in the use of magnetostatic analytics, corresponding to boundary conditions for the optical design. With such models, the magnetostatic force on a test pole along the axis may be examined, and in this way one may obtain priority listings for holding dimensions, relieving stresses, etc..The development of magnetostatic models most easily proceeds from the derivation of scalar potentials of separate geometric elements. These potentials can then be conbined at will because of the superposition characteristic of conservative force fields.

Download Full-text

Prospects for convergent beam electron diffraction with a 200kV cold field-emission transmission electron microscope

Proceedings, annual meeting, Electron Microscopy Society of America ◽

10.1017/s0424820100086635 ◽

1991 ◽

Vol 49 ◽

pp. 466-467

Author(s):

J W Steeds ◽

R Vincent

Keyword(s):

Field Emission ◽

High Performance ◽

Small Diameter ◽

Convergent Beam Electron Diffraction ◽

Zone Axis ◽

Medium Voltage ◽

Transmission Electron ◽

Good Crystallinity ◽

Special Modification ◽

Convergent Beam

We review the analytical powers which will become more widely available as medium voltage (200-300kV) TEMs with facilities for CBED on a nanometre scale come onto the market. Of course, high performance cold field emission STEMs have now been in operation for about twenty years, but it is only in relatively few laboratories that special modification has permitted the performance of CBED experiments. Most notable amongst these pioneering projects is the work in Arizona by Cowley and Spence and, more recently, that in Cambridge by Rodenburg and McMullan.There are a large number of potential advantages of a high intensity, small diameter, focussed probe. We discuss first the advantages for probes larger than the projected unit cell of the crystal under investigation. In this situation we are able to perform CBED on local regions of good crystallinity. Zone axis patterns often contain information which is very sensitive to thickness changes as small as 5nm. In conventional CBED, with a lOnm source, it is very likely that the information will be degraded by thickness averaging within the illuminated area.

Download Full-text

Current State of Biological High-Resolution Scanning Electron Microscopy

Proceedings, annual meeting, Electron Microscopy Society of America ◽

10.1017/s0424820100102985 ◽

1988 ◽

Vol 46 ◽

pp. 180-181 ◽

Cited By ~ 1

Author(s):

Klaus-Ruediger Peters

Keyword(s):

High Performance ◽

Low Voltage ◽

Backscattered Electrons ◽

Lens Position ◽

Low Voltage Operation ◽

Signal Collection ◽

Probe Size ◽

Electron Microscopes ◽

Scanning Electron Microscopes ◽

Scanning Electron

A new generation of high performance field emission scanning electron microscopes (FSEM) is now commercially available (JEOL 890, Hitachi S 900, ISI OS 130-F) characterized by an "in lens" position of the specimen where probe diameters are reduced and signal collection improved. Additionally, low voltage operation is extended to 1 kV. Compared to the first generation of FSEM (JE0L JSM 30, Hitachi S 800), which utilized a specimen position below the final lens, specimen size had to be reduced but useful magnification could be impressively increased in both low (1-4 kV) and high (5-40 kV) voltage operation, i.e. from 50,000 to 200,000 and 250,000 to 1,000,000 x respectively.At high accelerating voltage and magnification, contrasts on biological specimens are well characterized1 and are produced by the entering probe electrons in the outmost surface layer within -vl nm depth. Backscattered electrons produce only a background signal. Under these conditions (FIG. 1) image quality is similar to conventional TEM (FIG. 2) and only limited at magnifications >1,000,000 x by probe size (0.5 nm) or non-localization effects (%0.5 nm).

Download Full-text

A high-performance oil-free backing pump for electron microscopes

Proceedings, annual meeting, Electron Microscopy Society of America ◽

10.1017/s0424820100107691 ◽

1978 ◽

Vol 36 (1) ◽

pp. 110-111

Author(s):

G.K.W. Balkau ◽

E. Bez ◽

J.L. Farrant

Keyword(s):

Molecular Weight ◽

Electron Microscope ◽

Hot Spots ◽

High Performance ◽

Carbonaceous Material ◽

Contamination Rate ◽

Low Molecular Weight ◽

Principal Source ◽

Rotary Pumps ◽

Electron Microscopes

The earliest account of the contamination of electron microscope specimens by the deposition of carbonaceous material during electron irradiation was published in 1947 by Watson who was then working in Canada. It was soon established that this carbonaceous material is formed from organic vapours, and it is now recognized that the principal source is the oil-sealed rotary pumps which provide the backing vacuum. It has been shown that the organic vapours consist of low molecular weight fragments of oil molecules which have been degraded at hot spots produced by friction between the vanes and the surfaces on which they slide. As satisfactory oil-free pumps are unavailable, it is standard electron microscope practice to reduce the partial pressure of organic vapours in the microscope in the vicinity of the specimen by using liquid-nitrogen cooled anti-contamination devices. Traps of this type are sufficient to reduce the contamination rate to about 0.1 Å per min, which is tolerable for many investigations.

Download Full-text