The Simeck Family of Lightweight Block Ciphers

Similar documents
BASED ON ITERATIVE ERROR-CORRECTION

Optimized Hardware Implementations of Lightweight Cryptography

Lecture 2. RTL Design Methodology. Transition from Pseudocode & Interface to a Corresponding Block Diagram

Lecture 3. RTL Design Methodology. Transition from Pseudocode & Interface to a Corresponding Block Diagram

CSC 220: Computer Organization Unit 11 Basic Computer Organization and Design

Reversible Realization of Quaternary Decoder, Multiplexer, and Demultiplexer Circuits

Behavioral Modeling in Verilog

Design Space Exploration of the Lightweight Stream Cipher WG-8 for FPGAs and ASICs

A New Morphological 3D Shape Decomposition: Grayscale Interframe Interpolation Method

Appendix D. Controller Implementation

What are we going to learn? CSC Data Structures Analysis of Algorithms. Overview. Algorithm, and Inputs

Module Instantiation. Finite State Machines. Two Types of FSMs. Finite State Machines. Given submodule mux32two: Instantiation of mux32two

Message Integrity and Hash Functions. TELE3119: Week4

Chapter 10. Defining Classes. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

Task scenarios Outline. Scenarios in Knowledge Extraction. Proposed Framework for Scenario to Design Diagram Transformation

Announcements. Reading. Project #4 is on the web. Homework #1. Midterm #2. Chapter 4 ( ) Note policy about project #3 missing components

Cubic Polynomial Curves with a Shape Parameter

Politecnico di Milano Advanced Network Technologies Laboratory. Internet of Things. Projects

Bezier curves. Figure 2 shows cubic Bezier curves for various control points. In a Bezier curve, only

SPIRAL DSP Transform Compiler:

Random Graphs and Complex Networks T

Performance Analysis of Multiclass FIFO: Motivation, Difficulty and a Network Calculus Approach

Automatic Generation of Polynomial-Basis Multipliers in GF (2 n ) using Recursive VHDL

CTx / CTx-II. Ultra Compact SD COFDM Concealment Transmitters. Features: Options: Accessories: Applications:

Algorithm Design Techniques. Divide and conquer Problem

Private Key Cryptography. TELE3119: Week2

Security of Bluetooth: An overview of Bluetooth Security

CMSC Computer Architecture Lecture 5: Pipelining. Prof. Yanjing Li University of Chicago

Pseudocode ( 1.1) Analysis of Algorithms. Primitive Operations. Pseudocode Details. Running Time ( 1.1) Estimating performance

CMSC Computer Architecture Lecture 3: ISA and Introduction to Microarchitecture. Prof. Yanjing Li University of Chicago

. Written in factored form it is easy to see that the roots are 2, 2, i,

Effect of control points distribution on the orthorectification accuracy of an Ikonos II image through rational polynomial functions

CMSC Computer Architecture Lecture 12: Virtual Memory. Prof. Yanjing Li University of Chicago

Extending The Sleuth Kit and its Underlying Model for Pooled Storage File System Forensic Analysis

MOTIF XF Extension Owner s Manual

Lightweight Cryptography: Designing Crypto for Low Energy and Low Power

CSE 417: Algorithms and Computational Complexity

Outline and Reading. Analysis of Algorithms. Running Time. Experimental Studies. Limitations of Experiments. Theoretical Analysis

The Idea. Leader Election. Outline. Why Rings? Network. We study leader election in rings. Specification of Leader Election YAIR. Historical reasons

World Scientific Research Journal (WSRJ) ISSN: Research on Fresnel Lens Optical Receiving Antenna in Indoor Visible

Improving Template Based Spike Detection

Structuring Redundancy for Fault Tolerance. CSE 598D: Fault Tolerant Software

Creating Exact Bezier Representations of CST Shapes. David D. Marshall. California Polytechnic State University, San Luis Obispo, CA , USA

Math Section 2.2 Polynomial Functions

ANALYSIS OF RATIONAL FUNCTION DEPENDENCY TO THE HEIGHT DISTRIBUTION OF GROUND CONTROL POINTS IN GEOMETRIC CORRECTION OF AERIAL AND SATELLITE IMAGES

( n+1 2 ) , position=(7+1)/2 =4,(median is observation #4) Median=10lb

EE260: Digital Design, Spring /16/18. n Example: m 0 (=x 1 x 2 ) is adjacent to m 1 (=x 1 x 2 ) and m 2 (=x 1 x 2 ) but NOT m 3 (=x 1 x 2 )

The Magma Database file formats

Elementary Educational Computer

Project 2.5 Improved Euler Implementation

Differential Analysis on Simeck and SIMON with Dynamic Key-guessing Techniques

Goals of the Lecture Object Constraint Language

Optimal Mapped Mesh on the Circle

condition w i B i S maximum u i

The Closest Line to a Data Set in the Plane. David Gurney Southeastern Louisiana University Hammond, Louisiana

Chapter 5. Functions for All Subtasks. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

Generation of Distributed Arithmetic Designs for Reconfigurable Applications

Big-O Analysis. Asymptotics

ANN WHICH COVERS MLP AND RBF

Hash Tables. Presentation for use with the textbook Algorithm Design and Applications, by M. T. Goodrich and R. Tamassia, Wiley, 2015.

Using the Keyboard. Using the Wireless Keyboard. > Using the Keyboard

How do we evaluate algorithms?

Analysis of Algorithms

ELEG 5173L Digital Signal Processing Introduction to TMS320C6713 DSK

The identification of key quality characteristics based on FAHP

Ones Assignment Method for Solving Traveling Salesman Problem

A NOTE ON COARSE GRAINED PARALLEL INTEGER SORTING

Improvement of the Orthogonal Code Convolution Capabilities Using FPGA Implementation

New HSL Distance Based Colour Clustering Algorithm

Computer Systems - HS

Markov Chain Model of HomePlug CSMA MAC for Determining Optimal Fixed Contention Window Size

Optimization for framework design of new product introduction management system Ma Ying, Wu Hongcui

EE 459/500 HDL Based Digital Design with Programmable Logic. Lecture 13 Control and Sequencing: Hardwired and Microprogrammed Control

Analysis Metrics. Intro to Algorithm Analysis. Slides. 12. Alg Analysis. 12. Alg Analysis

A Key Distribution method for Reducing Storage and Supporting High Level Security in the Large-scale WSN

Chapter 4. Procedural Abstraction and Functions That Return a Value. Copyright 2015 Pearson Education, Ltd.. All rights reserved.

CS200: Hash Tables. Prichard Ch CS200 - Hash Tables 1

An Efficient Algorithm for Graph Bisection of Triangularizations

Designing a learning system

FPGA IMPLEMENTATION OF BASE-N LOGARITHM. Salvador E. Tropea

IMP: Superposer Integrated Morphometrics Package Superposition Tool

Improved triangular subdivision schemes 1

Efficient Synthesis of Networks On Chip

CIS 121 Data Structures and Algorithms with Java Spring Stacks, Queues, and Heaps Monday, February 18 / Tuesday, February 19

Filter design. 1 Design considerations: a framework. 2 Finite impulse response (FIR) filter design

Outline. Research Definition. Motivation. Foundation of Reverse Engineering. Dynamic Analysis and Design Pattern Detection in Java Programs

Computers and Scientific Thinking

quality/quantity peak time/ratio

Primitive polynomials selection method for pseudo-random number generator

Model Enhancement in Data Mining: Calibration, ROC Analysis, Model Combination and Mimetic Models

EVALUATION OF TRIGONOMETRIC FUNCTIONS

K-NET bus. When several turrets are connected to the K-Bus, the structure of the system is as showns

What Is Object-Orientation?

NON-LINEAR MODELLING OF A GEOTHERMAL STEAM PIPE

ENGR Spring Exam 1

Big-O Analysis. Asymptotics

A Note on Least-norm Solution of Global WireWarping

The following algorithms have been tested as a method of converting an I.F. from 16 to 512 MHz to 31 real 16 MHz USB channels:

Designing a learning system

FURTHER INTEGRATION TECHNIQUES (TRIG, LOG, EXP FUNCTIONS)

Transcription:

The Simeck Family of Lightweight Block Ciphers Gagqiag Yag, Bo Zhu, Valeti Suder, Mark D. Aagaard, ad Guag Gog Electrical ad Computer Egieerig, Uiversity of Waterloo Sept 5, 205 Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 / 25

Outlie Simeck s Desig Goals 2 Desig Specificatios ad Ratioales 3 Hardware Implemetatios Results 4 Results Compariso betwee Simeck ad SIMON 5 Security Aalysis 6 Coclusios Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 2 / 25

Simeck s Desig Goals Outlie Simeck s Desig Goals 2 Desig Specificatios ad Ratioales 3 Hardware Implemetatios Results 4 Results Compariso betwee Simeck ad SIMON 5 Security Aalysis 6 Coclusios Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 3 / 25

Lightweight Cryptography Simeck s Desig Goals Lightweight cryptography is devised to provide suitable, secure, ad compact ciphers (less tha 2000 GEs) that fit ito the resource costraied devices, such as passive RFID tags ad wireless sesor etwork odes. RFID tags Wireless sesor etwork odes Block ciphers: TEA, XTEA, PRESENT, KATAN, LED, EPCBC, KLEIN, LBlock, Piccolo, Twie, SIMON, ad SPECK. Stream ciphers: Trivium, Grai, WG (WG-5, WG-7, WG-8). Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 4 / 25

Simeck s Desig Goals A Smaller Block Cipher tha SIMON SIMON is optimized for hardware ad SPECK is optimized for software [Beaulieu et al., 203]. message key roud fu key sched key cost How to desig a smaller cipher family tha SIMON? The registers caot be chaged. We ca reduce the areas of oly the roud fuctio, key schedule, ad key costat. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 5 / 25

Simeck s Desig Goals A Smaller Block Cipher tha SIMON SIMON is optimized for hardware ad SPECK is optimized for software [Beaulieu et al., 203]. message key roud fu key sched key cost How to desig a smaller cipher family tha SIMON? The registers caot be chaged. We ca reduce the areas of oly the roud fuctio, key schedule, ad key costat. Simeck Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 5 / 25

Simeck s Desig Goals Simeck: A Family of Lightweight Block Ciphers Simeck is desiged to have similar security levels as SIMON but with smaller area. Simeck is desiged by combiig the best features of SIMON ad SPECK. Roud fuctio. Use a modified versio of SIMON s roud fuctio. Key schedule. Use roud fuctio for key schedule, similar to SPECK. Key costat. Use LFSR-based costat for key schedule, similar to SIMON, but simpler. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 6 / 25

Simeck s Desig Goals Simeck: A Family of Lightweight Block Ciphers Simeck is desiged to have similar security levels as SIMON but with smaller area. Simeck is desiged by combiig the best features of SIMON ad SPECK. Roud fuctio. Use a modified versio of SIMON s roud fuctio. Key schedule. Use roud fuctio for key schedule, similar to SPECK. Key costat. Use LFSR-based costat for key schedule, similar to SIMON, but simpler. Simeck has three istaces. Simeck32/64, Simeck48/96, Simeck64/28. The umber of rouds for Simeck are idetical with the correspodig SIMON. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 6 / 25

Desig Specificatios ad Ratioales Outlie Simeck s Desig Goals 2 Desig Specificatios ad Ratioales 3 Hardware Implemetatios Results 4 Results Compariso betwee Simeck ad SIMON 5 Security Aalysis 6 Coclusios Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 7 / 25

Desig Specificatios ad Ratioales Roud Fuctio msg i+ msg i msg i+ msg i 8 5 2 key i key i SIMON msg i+2 Simeck msg i+2 is the word size (6, 24, 32). Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 8 / 25

Desig Specificatios ad Ratioales Roud Fuctio i the Parallel Architecture i mode msg b d i msg a i mode msg b d i msg a b b 0 a a 0 b b 0 a a 0 d out d out 8 2 k i 5 k i SIMON Simeck The parallel architecture processes roud per clock cycle ad the datapath is -bit width. Differet shift umbers do ot affect the area i parallel architecture. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 9 / 25

Desig Specificatios ad Ratioales Roud Fuctio i the Fully Serialized Architecture i mode d i d out msg b msg a b b 2 b 8 a a 2 a 8 a0 i mode d i b msg b d out msg a b 5 b0 a a 5 a0 ce ce 2 MUX MUX2 ce 8 MUX8 ce ce 5 MUX MUX5 SIMON (ki)l Simeck (ki)l The fully serialized architecture processes bit per clock cycle ad the datapath is -bit width. Differet shift umbers affect the area i the partially serialized architecture i hardware. Reduce MUX (multiplexer) for the fully serialized architecure. Simplify logic to select the MUXes. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 0 / 25

Desig Specificatios ad Ratioales Key Schedule i the Parallel Architecture key i i mode keyd keyc keyb keya d d0 c c0 b b0 a a0 ki 3 C (zj)i SIMON key i i mode keyd keyc keyb keya d d0 c c0 b b0 a a0 ki Simeck 5 C (zj)i Similar as the roud fuctio, the parallel architecture processes roud per clock cycle ad the datapath is -bit width. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 / 25

i mode b b 0 a d a 0 d 0 Simplified Key Schedule c 0 Desig Specificatios ad Ratioales c c 0 k i b b 0 a a 0 k i 3 C (z j ) i 5 C (z j ) i SIMON Simeck The combiatioal circuit (dashed box i above) i the key schedule of SIMON ad Simeck i the parallel architecture are show as follows: SIMON Simeck (2 + ) XOR + ( ) XNOR ( + ) XOR + ( ) XNOR + AND I geeral, oe XOR gate is larger tha oe AND gate. Thus, Simeck s key schedule is smaller tha SIMON. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 2 / 25

Simplified Key Costat Desig Specificatios ad Ratioales The primitive polyomials for the LFSRs to geerate the key costats for Simeck ad SIMON. Simeck SIMON 32/64 X 5 + X 2 + X 5 + X 4 + X 2 + X + 48/96 X 5 + X 2 + X 5 + X 3 + X 2 + X + 64/28 X 6 + X + X 5 + X 3 + X 2 + X + Simeck s are all 2 XOR gates (4 GEs) less tha the oes used i SIMON. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 3 / 25

Desig Specificatios ad Ratioales Key Schedule i the Fully Serialized Architecture i mode key i key d key c key b key a b b 5 b 0 a (k d a 5 a i) l d 5 d 0 c c 5 c 0 0 ce ce 5 MUX MUX5 [C (z j) i] l Simeck Similar as the roud fuctio, the fully serialized architecture processes bit per clock cycle ad the datapath is -bit width. Differet shift umbers affect the area i the fully serialized architecture, as roud fuctio does. Reduce MUX. Simplify logic to select the MUXes. The combiatioal circuit (dashed box) is also decreased. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 4 / 25

Hardware Implemetatios Results Outlie Simeck s Desig Goals 2 Desig Specificatios ad Ratioales 3 Hardware Implemetatios Results 4 Results Compariso betwee Simeck ad SIMON 5 Security Aalysis 6 Coclusios Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 5 / 25

Hardware Implemetatios Results Our Implemetatio Results of Simeck32/64, 48/96, 64/28 i 30m Simeck Simeck32/64 Simeck48/96 CMOS 30m Partial Area (GEs) Max Throughput Total Power Total Power Frequecy @00 KHz @00 KHz @2 MHz serial Before P&R After P&R (MHz) (Kbps) (µw) (µw) -bit 505 549 292 5.6 0.47 8.3 2-bit 50 555 288. 0.43 8.5 4-bit 533 579 32 22.2 0.463 9.2 8-bit 59 642 289 44.4 0.523 0.4 6-bit 695 756 526 88.9 0.606.9 -bit 75 778 299 5.0 0.576.4 2-bit 722 785 294 0.0 0.593.8 3-bit 73 794 268 5.0 0.6 2. 4-bit 748 83 284 20.0 0.628 2.5 6-bit 770 837 287 30.0 0.65 2.9 8-bit 80 87 284 40.0 0.688 3.6 2-bit 858 933 283 60.0 0.742 4.7 24-bit 027 7 52 20.0 0.875 7.3 -bit 924 005 288 4.2 0.754 4.9 2-bit 933 05 303 8.3 0.778 5.4 Simeck64/28 4-bit 958 04 27 6.7 0.803 5.9 8-bit 03 0 280 33.3 0.834 6.6 6-bit 32 23 30 66.7 0.977 9.4 32-bit 365 484 52 33.3.62 23.0 * Area obtaied by usig sythesis optio compile ultra oly. Area obtaied by usig sythesis optio compile ultra ad clock gatig. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 6 / 25

Hardware Implemetatios Results Our Implemetatio Results of SIMON32/64, 48/96, 64/28 i 30m SIMON SIMON32/64 SIMON48/96 CMOS 30m Partial Area (GEs) Max Throughput Total Power Total Power NSA Frequecy @00 KHz @00 KHz @2 MHz serial Before P&R After P&R Before P&R (MHz) (Kbps) (µw) (µw) -bit 57 562 523 33 5.6 0.42 8.3 2-bit 532 578 535 306. 0.439 8.7 4-bit 563 62 566 283 22.2 0.479 9.5 8-bit 623 677 627 367 44.4 0.540 0.7 6-bit 75 778 722 456 88.9 0.645 2.8 -bit 733 796 739 258 5.0 0.579.5 2-bit 745 80 750 289 0.0 0.60.9 3-bit 756 822 763 29 5.0 0.65 2.2 4-bit 778 846 78 287 20.0 0.642 2.7 6-bit 800 869 804 289 30.0 0.670 3.3 8-bit 833 905 839 238 40.0 0.706 3.9 2-bit 895 973 898 307 60.0 0.777 5.4 24-bit 055 47 062 467 20.0 0.929 8.4 -bit 944 026 958 225 4.2 0.762 5. 2-bit 955 038 968 244 8.3 0.780 5.4 SIMON64/28 4-bit 988 074 000 290 6.7 0.88 6.2 8-bit 043 34 057 296 33.3 0.866 7.2 6-bit 74 276 85 293 66.7.024 20.3 32-bit 403 524 47 465 33.3.239 24.6 * Area obtaied by usig sythesis optio compile ultra oly. Area obtaied by usig sythesis optio compile ultra ad clock gatig. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 7 / 25

Results Compariso betwee Simeck ad SIMON Outlie Simeck s Desig Goals 2 Desig Specificatios ad Ratioales 3 Hardware Implemetatios Results 4 Results Compariso betwee Simeck ad SIMON 5 Security Aalysis 6 Coclusios Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 8 / 25

Results Compariso betwee Simeck ad SIMON Area (before the Place ad Route) Comparisos i CMOS 30m 500 400 300 200 64/28 Areas (GEs) 00 000 900 48/96 800 700 600 32/64 NSA_SIMON Our_SIMON Our_Simeck 500 2 3 4 6 8 2 6 24 32 Partial Serialized Size (par_sz) Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 9 / 25

Results Compariso betwee Simeck ad SIMON Area Comparisos betwee Simeck32/64 ad SIMON32/64 Breakdow of the Results (before the Place ad Route) i CMOS 30m Compoets Parallel (GEs) Fully Serialized (GEs) Simeck SIMON Differece Simeck SIMON Differece Cotrol 3 35 4 7 75 4 Roud (comb) 2 2 0 7 7 0 Datapath Key (comb) 80 96 6 5 8 3 Regs + MUXes 474 474 0 434 443 9 Totals Compile simple 697 77 20 57 533 6 Compile ultra 695 77-505 520 - Compile ultra + clock gatig 695 75-506 57 - * Our ow SIMON results. Sythesis optios. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 20 / 25

Results Summary Results Compariso betwee Simeck ad SIMON Fully serialized architecture. The roud fuctio, key schedule ad key costat modules of SIMON32/64 accout for oly 6.4% of the total area. Simeck32/64 reduces this by 46%, which leads to 2.3% smaller total area i compariso to our implemetatios of SIMON32/64 ad 3.4% smaller tha the origial results i 30m. Similarly, Simeck48/96, Simeck64/28 are 3.3%, 3.5% smaller tha the origial results i 30m. Parallel architecture. Simeck32/64, 48/96, 64/28 are 3.7%, 3.3%, 3.7% respectively smaller tha the origial results i 30m. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 2 / 25

Security Aalysis Outlie Simeck s Desig Goals 2 Desig Specificatios ad Ratioales 3 Hardware Implemetatios Results 4 Results Compariso betwee Simeck ad SIMON 5 Security Aalysis 6 Coclusios Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 22 / 25

Security Aalysis Security Aalysis Chagig the shift umbers of the roud fuctio iflueces the security [Kölbl et al., CRYPTO 5]. Liear ad differetial diffusio. We made a trade-off betwee security ad area for Simeck. Simeck beefits from SIMON/SPECK s security aalysis due to the similarity betwee SIMON/SPECK ad Simeck [Kölbl ad Roy, eprit 205/706], [Bagheri, eprit 205/76]. Security aalysis summary. Cipher SIMON attacked rouds/total rouds Simeck attacked rouds/total rouds 32/64 23/32 72% (liear hull) 20/32 62.5% (impossible differetial) 48/96 25/36 69% (liear hull) 26/36 72% (differetial) 64/28 3/44 70% (liear hull) 33/44 75% (differetial) * [Beaulieu et al., eprit 205/585]. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 23 / 25

Coclusios Outlie Simeck s Desig Goals 2 Desig Specificatios ad Ratioales 3 Hardware Implemetatios Results 4 Results Compariso betwee Simeck ad SIMON 5 Security Aalysis 6 Coclusios Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 24 / 25

Coclusios Coclusios We have preseted Simeck: a ew family of lightweight block ciphers. We have provided a extesive exploratio for differet hardware architectures i order to make a balace betwee area, throughput, ad power cosumptio for SIMON ad Simeck i both CMOS 30m ad 65m ASICs. We have show that it is possible to desig a smaller cipher tha SIMON i terms of area ad power cosumptio. Simeck is slightly more vulerable tha SIMON to reduced roud attacks, but still has sufficiet margi for real-world applicatios. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 25 / 25

Appedix I: Our Implemetatio Results of Simeck32/64, 48/96, 64/28 i 65m Simeck Simeck32/64 Simeck48/96 CMOS 65m Partial Area (GEs) Max Throughput Total Power Total Power Frequecy @00 KHz @00 KHz @2 MHz Serial Before P&R After P&R (MHz) (Kbps) (µw) (µw) -bit 454 488 754 5.6.292 5.5 2-bit 465 500 428..3 5.6 4-bit 494 53 388 22.2.376 5.9 8-bit 550 592 250 44.4.52 6.4 6-bit 644 692 428 88.9.76 6.8 -bit 645 693 562 5.0.805 7.8 2-bit 656 706 538 0.0.825 8.0 3-bit 663 72 282 5.0.857 8.4 4-bit 686 738 333 20.0.886 8.2 6-bit 70 753 282 30.0.99 8.4 8-bit 732 787 388 40.0 2.009 8.8 2-bit 794 854 29 60.0 2.22 9.3 24-bit 95 022 2325 20.0 2.44 9.6 -bit 828 89 369 4.2 2.304 0.2 2-bit 838 90 408 8.3 2.325 0.3 Simeck64/28 4-bit 869 935 098 6.7 2.372 0.5 8-bit 98 987 90 33.3 2.492 0.9 6-bit 042 2 086 66.7 2.869 2.3 32-bit 263 358 282 33.3 3.36 3. * Area obtaied by usig sythesis optio compile ultra oly. Area obtaied by usig sythesis optio compile ultra ad clock gatig. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 25 / 25

Appedix II: Our Implemetatio Results of SIMON32/64, 48/96, 64/28 i 65m SIMON SIMON32/64 SIMON48/96 CMOS 65m Partial Area (GEs) Max Throughput Total Power Total Power Frequecy @00 KHz @00 KHz @2 MHz Serial Before P&R After P&R (MHz) (Kbps) (µw) (µw) -bit 466 50 428 5.6.3 5.6 2-bit 476 52 562..33 5.7 4-bit 506 544 408 22.2.38 5.9 8-bit 570 63 075 44.4.585 6.8 6-bit 666 76 2222 88.9.75 6.8 -bit 66 7 204 5.0.82 7.9 2-bit 670 720 36 0.0.889 9.5 3-bit 682 733 086 5.0.86 8. 4-bit 699 752 04 20.0.95 8.3 6-bit 724 779 369 30.0.962 8.5 8-bit 757 84 282 40.0 2.22 9.0 2-bit 89 88 76 60.0 2.305 9.7 24-bit 982 056 2222 20.0 2.542 9.9 -bit 845 908 282 4.2 2.336 0.2 2-bit 858 922 265 8.3 2.366 0.4 SIMON64/28 4-bit 887 954 250 6.7 2.423 0.6 8-bit 944 05 265 33.3 2.577.2 6-bit 076 56 76 66.7 3.068 2.8 32-bit 305 403 694 33.3 3.398 3.4 * Area obtaied by usig sythesis optio compile ultra oly. Area obtaied by usig sythesis optio compile ultra ad clock gatig. Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 25 / 25

Area (before the Place ad Route) Comparisos i CMOS 65m 400 300 200 00 64/28 Areas (GEs) 000 900 800 48/96 700 600 500 400 32/64 Our_SIMON Our_Simeck 5 0 5 20 25 30 Partial Serialized Size (par_sz) Yag, Zhu, Suder, Aagaard, Gog Simeck Family (CHES 205) Sept 5, 205 25 / 25

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback