A High Energy-Efficient Reconfigurable VLIW Symmetric Cryptographic Processor with Loop Buffer Structure and Chain Processing Mechanism

By exploring symmetric cryptographic data level and instruction-level parallelism, the reconfigurable processor architecture for symmetric ciphers is presented based on Very-long instruction word (VLIW) structure. The application-specific instruction-set system for symmetric ciphers is proposed. As for the same arithmetic operation of symmetric ciphers, eleven kinds of reconfigurable cryptographic arithmetic units are designed by the reconfigurable technology. As to the requirement of high energy-efficient design, the loop buffer structure for instruction fetching unit is proposed to reduce the power consumption significantly with the same frequency as conventional, meanwhile, the chain processing mechanism is proposed to improve the cryptographic throughput without any area overhead. It has been fabricated with 0.18μm CMOS technology. The result shows that the processor can work up to 200MHz, and the fourteen kinds of cryptographic algorithms were mapped in the processor, the encryption throughput of AES, SNOW2.0 and SHA2 algorithm can achieve 1.19Gbps, 1.05Gbps, and 407Mbps respectively.     

Deterministic Built-in Pattern Generation for Sequential Circuits

We present a new pattern generation approach for deterministic built-in self testing (BIST) of sequential circuits. Our approach is based on precomputed test sequences, and is especially suited to sequential circuits that contain a large number of flip-flops but relatively few controllable primary inputs. Such circuits, often encountered as embedded cores and as filters for digital signal processing, are difficult to test and require long test sequences. We show that statistical encoding of precomputed test sequences can be combined with low-cost pattern decoding to provide deterministic BIST with practical levels of overhead. Optimal Huffman codes and near-optimal Comma codes are especially useful for test set encoding. This approach exploits recent advances in automatic test pattern generation for sequential circuits and, unlike other BIST schemes, does not require access to a gate-level model of the circuit under test. It can be easily automated and integrated with design automation tools. Experimental results for the ISCAS 89 benchmark circuits show that the proposed method provides higher fault coverage than pseudorandom testing with shorter test application time and low to moderate hardware overhead.     

A Low-Cost At-Speed BIST Architecture for Embedded Processor and SRAM Cores

We have introduced a low-cost at-speed BIST architecture that enables conventional microprocessors and DSP cores to test their functional blocks and embedded SRAMs in system-on-a-chip architectures using their existing hardware and software resources. To accommodate our proposed new test methodology, minor modifications should be applied to base processor within its test phase. That is, we modify the controller to interpret some of the instructions differently only within the initial test mode. In this paper, we have proposed a fuctional self-test methodology that is deterministic in nature. In our proposed architecture, a self test program called BIST Program is stored in an embedded ROM as a vehicle for applying tests. We first start with testing processor core using our proposed architedture. Once the testing of the processor core is completed, this core is used to test the embedded SRAMs. A test algorithm which utilizes a mixture of existing memory testing techniques and covers all important memory faults is presented in this paper. The proposed memory test algorithm covers 100% of the faults under the fault model plus a data retention test. The hardware overhead in the proposed architecture is shown to be negligible. This architecture is implemented on UTS-DSP (University of Tehran and Iran Communicaton Industries (SAMA)) IC which has been designed in VLSI Circuits and Systems Laboratory.     

High-Throughput Area-Efficient Processor for Cryptography

Cryptography circuits for portable elec-tronic devices provide user authentication and secure data communication. These circuits should, achieve high per-formance, occupy small chip area, and handle several cryptographic algorithms. This paper proposes a high-performance ASIP (Application specific instruction set processor) for five standard cryptographic algorithms in-cluding both block ciphers (AES, Camellia, and ARIA) and stream ciphers (ZUC and SNOW 3G). The processor reaches ASIC-like performance such as 11.6 Gb/s for AES encryption, 16.0 Gb/s for ZUC, and 32.0 Gb/s for SNOW 3G, etc under the clock frequency of 1.0 GHz with the area consumption of 0.56 mm2 (65 nm). Compared with state-of-the-art VLSI designs, our design achieves high perfor-mance, low silicon cost, low power consumption, and suf-ficient programmability. For its programmability, our de-sign can offer algorithm modification when an algorithm supported is unfortunately cracked and invalid to use. The product lifetime of our design can thus be extended.     

带陷门分组密码算法的设计与分析

带陷门的密码算法包含了陷门信息,知道陷门信息可以较容易地获得密码算法的密钥进而解密密文得到明文,对于不知道陷门信息的攻击者则无法有效获得密钥,并且要找到陷门信息在计算上也是很困难的。基于对称密码算法中带陷门信息的混淆部件设计了一种带陷门的分组密码算法,并对该算法进行了安全性分析,证明了在假设陷门信息保密(不公开)的情况下该类算法能够抵抗线性密码分析等攻击方法。基于这样的分组密码算法,讨论了构造公钥加密算法的思路。     

Efficient test-point selection for scan-based BIST

We propose a test point selection algorithm for scan-based built-in self-test (BIST). Under a pseudorandom BIST scheme, the objectives are (1) achieving a high random pattern fault coverage, (2) reducing the computational complexity, and (3) minimizing the performance as well as the area overheads due to the insertion of test points. The proposed algorithm uses a hybrid approach to accurately estimate the profit of the global random testability of a test point candidate. The timing information is fully integrated into the algorithm to access the performance impact of a test point. In addition, a symbolic procedure is proposed to compute testability measures more efficiently for circuits with feedbacks so that the test point selection algorithm can be applied to partial-scan circuits. The experimental results show the proposed algorithm achieves higher fault coverages than previous approaches,with a significant reduction of computational complexity. By taking timing information into consideration, the performance degradation can he minimized with possibly more test points     

Self-Test Techniques for Crypto-Devices

This paper describes a generic built-in self-test strategy for devices implementing symmetric encryption algorithms. Taking advantage of the inner iterative structures of crypto-cores, test facilities are easily set-up for circular self-test of the crypto-cores, built-in pseudorandom test generation and response analysis for other cores in the host device. Main advantages of the proposed test implementation are an architecture with no visible scan chain, 100% fault coverage on crypto-cores with negligible area overhead, availability of pseudorandom test sources, and very low aliasing response compaction for other cores.      

Transparent random access memory testing for pattern sensitive faults

This paper presents a new methodology for RAM testing based on the PS(n, k) fault model (the k out of n pattern sensitive fault model). According to this model the contents of any memory cell which belongs to an n-bit memory block, or the ability to change the contents, is influenced by the contents of any k -1 cells from this block. The proposed methodology is a transparent BIST technique, which can be efficiently combined with on-line error detection. This approach preserves the initial contents of the memory after the test and provides for a high fault coverage for traditional fault and error models, as well as for pattern sensitive faults. This paper includes the investigation of testing approaches based on transparent pseudoexhaustive testing and its approximations by deterministic and pseudorandom circular tests. The proposed methodology can be used for periodic and manufacturing testing and require lower hardware and time overheads than the standard approaches.This work was supported by the NSF under Grant MIP9208487 and NATO under Grant 910411.     

Programmable built-in self-testing of embedded RAM clusters in system-on-chip architectures

Multiport memories are widely used as embedded cores in all communication system-on-chip devices. Due to their high complexity and very low accessibility, built-in self-test (BIST) is the most common solution implemented to test the different memories embedded in the system. This article presents a programmable BIST architecture based on a single microprogrammable BIST processor and a set of memory wrappers designed to simplify the test of a system containing a large number of distributed multiport memories of different sizes (number of bits, number of words), access protocols (asynchronous, synchronous), and timing.     

Symmetry Measure for Memory Test and Its Application in BIST Optimization

Programmable Built-in Self-Test (BIST) has been widely used for testing embedded memories. The main disadvantage of having programmability on BIST circuits is the size of Test Algorithm Register (TAR) that becomes very crucial in case of complex test algorithms. To optimize Programmable BIST hardware symmetric March tests are usually used in BIST engines. On the other hand, the used definitions do not reflect completely the existing symmetry in test algorithms and they also do not reflect the fact that the level of symmetry in a given test algorithm can be measured. A new method of symmetry measurement for memory test algorithms and a corresponding metric are introduced. A dependency between symmetry measure and BIST optimization range is analyzed. Optimization experiments that have been done for a number of well-known test algorithms show that the BIST hardware gain could reach 48%. However, the time overhead is negligible in comparison with the hardware gain. The experiments also show that starting from some point a monotone dependency between symmetry measure and BIST hardware area exists.     

A Built-in Self-Test Scheme with Diagnostics Support for Embedded SRAM

In this paper we propose a novel built-in self-test (BIST) design for embedded SRAM cores. Our contribution includes a compact and efficient BIST circuit with diagnosis support and an automatic diagnostic system. The diagnosis module of our BIST circuit can capture the error syndromes as well as fault locations for the purposes of repair and fault/failure analysis. In addition, our design provides programmability for custom March algorithms with lower hardware cost. The combination of the on-line programming mode and diagnostic system dramatically reduces the effort in design debugging and yield enhancement. We have designed and implemented test chips with our BIST design. Experimental results show that the area overhead of the proposed BIST design is only 2.4% for a 128 KB SRAM, and 0.65% for a 2 MB one.     

单片密码数据处理器系统级体系结构的研究

提出了一种单片密码数据处理器系统结构的设计 ,这些系统结构涉及到微处理器的体系结构、数据接口、用户身份识别接口、密码算法的专用部件、密码算法 RSA和 CHES的实现 IP模块 [1,2 ]以及伪随机数发生器 ,这些模块是单片密码数据处理器系统所必须有的 ,单片密码数据处理器的体系结构不同于其它系统 ,在结构上具有一定的保密作用 ,同时具有密码专用部件和密码专用指令用于加速密码数据处理的速度 ,因此具有许多密码特色 ,是信息安全设备设计中有效的 So C芯片实现的系统设计。     

基于流体系结构的高效能分组密码处理器研究

针对现有密码处理器存在的问题,借鉴流处理器架构,提出了高效能的可重构分组密码流处理器架构.该架构采用层次化设计思想,通过分块式本地寄存器组的数据组织方式和共享拼接使用运算单元机制,实现了软件流水和硬件流水的协同工作,能够挖掘分组内和分组间的指令级并行性并提高功能单元的利用率.在65nm CMOS工艺下对架构进行了综合仿真,并经过了大量算法映射.实验结果证明,该架构在CBC和ECB加密模式下均具有良好的加密性能.与其他密码处理器相比,该架构具有小面积、高效能的特点.     

Weighted pseudorandom hybrid BIST

This paper presents a new test data-compression scheme that is a hybrid approach between external testing and built-in self-test (BIST). The proposed approach is based on weighted pseudorandom testing and uses a novel approach for compressing and storing the weight sets. Three levels of compression are used to greatly reduce test costs. Experimental results show that the proposed scheme reduces tester storage requirements and tester bandwidth requirements by orders of magnitude compared to conventional external testing, but requires much less area overhead than a full BIST implementation providing the same fault coverage. No test points or any modifications are made to the function logic. The paper describes the proposed hybrid BIST architecture as well as two different ways of storing the weight sets, which are an integral part of this scheme.     

BIDES: A BIST design expert system

BIDES is an expert system for incorporating BIST into a hardware design that is described in VHDL. Based on the BILBO technique, the BIDES system allocates pseudorandom pattern generators and signature analysis registers to each combinational logic module in a design in such a way that given constraints on testing time and hardware overhead are satisfied. This assignment is performed using the iterative process of regeneration and evaluation of various BIST implementations. In order to effectively perform regeneration, an abstraction hierarchy for a BIST design is introduced and a hierarchical planning technique is employed using this structure. This formulation also leads to an easily modifiable system. Prolog is used for implementing the system.Now with Samsung Electronics, Chase Plaza Bldg. SF, 34–35 Jeong-Dong, Choong-Ku, Seoul, Korea.     

High Acceleration for Video Processing Applications Using Specialized Instruction Set Based on Parallelism and Data Reuse

This paper describes an application-specific instruction set for a configurable processor to accelerate motion-compensated frame rate conversion (MC-FRC) algorithms based on block motion estimation (BME). The paper shows that the key to achieve very high performance when creating new instructions is to leverage, at the same time, parallel computations, data reuse, and efficient cache use. This is supported by concrete examples that demonstrate how it can be done in the case of the two algorithms considered. The new instructions are used to implement two BME algorithms: one implements the full search (FS) block matching algorithm (BMA), while the other implements the One-Dimensional Full Search (ODFS) BMA. The obtained acceleration factors exceed one hundred for the MC-FRC algorithm embedding the FS algorithm and twenty for the ODFS algorithm. The results show that getting such global acceleration is the consequence of combining parallel computations, data reuse, and efficient cache use, not of only one of them.     

现代密码算法研究

密码技术是信息安全的核心技术。密码技术主要包括对称密码算法和非对称密码算法及协议。对称加密算法加密密钥和解密密钥相互推导容易,加/解密速度非常快,适用于大批量数据加密的场合。非对称密钥密码体制从私有密钥推导公开密钥是计算不可行的,虽然公钥加密算法在运行速度方面无法和对称加密算法媲美,但很好地解决了对称密码学面临的密钥的分发与管理问题,同时对于数字签名问题也给出了完美的解答。     

轻量级分组密码PUFFIN的差分故障攻击

基于代换–置换网络结构的轻量级分组密码算法PUFFIN在资源受限的硬件环境中使用较广泛,差分故障攻击是针对硬件密码算法较为有效的攻击手段。该文针对PUFFIN算法,改进多比特故障模型,通过构建输出差分和可能输入值之间的关系,注入5次故障即可确定单个S盒唯一输入值;在最后一轮加密过程中注入10次故障,成功恢复轮密钥的概率为78.64%,进而可恢复初始密钥。     

一种基于频率的多核共享Cache替换算法

LRU替换算法在单核处理器中得到了广泛应用,而多核环境大都采用多核共享最后一级Cache(LLC)的策略,随着LLC容量和相联度的增加以及多核应用的工作集增大,LRU替换算法和理论最优替换算法之间的差距越来越大。该文提出了一种平均划分下基于频率的多核共享Cache替换算法(ALRU-F)。该算法将当前所需要的部分工作集保留在Cache内,逐出无用块,同时还提出了块粒度动态划分下基于频率的替换算法(BLRU-F)。该文提出的ALRU-F算法相比传统的LRU算法缺失率降低了26.59%, CPU每一时钟周期内所执行的指令数IPC(Instruction Per Clock)则提升了13.59%。在此基础上提出的块粒度动态划分下,基于频率的BLUR-F算法相比较传统的LRU算法性能提高更大,缺失率降低了33.72%,而IPC 则提升了16.59%。提出的两种算法在性能提升的同时,并没有明显地增加能耗。     

基于费马商的r元序列的迹表示

基于费马商构造的伪随机序列均具有良好的密码学性质,本文根据有限域上迹函数理论及陪集理论,通过确定基于费马商构造的r元序列的离散傅里叶变换,研究得到该序列的迹函数表示.所给出的迹函数表示不仅对序列的工程实现有重要意义,而且对分析序列的其他伪随机性质提供了新的工具和方法.