Cryptology ePrint Archive: Report 2021/275

Design Space Exploration of Galois and Fibonacci Configuration based on Espresso Stream Cipher

Zhengyuan Shi and Gangqiang Yang and Hailiang Xiong and Fudong Li and Honggang Hu

Abstract: Galois and Fibonacci are two different configurations of stream ciphers. Because the Fibonacci configuration is more convenient for cryptanalysis, most ciphers are designed as Fibonacci-configured. So far, although many transformations between Fibonacci and Galois configurations have been proposed, there is no sufficient analysis of their respective hardware performance. The 128-bit secret key stream cipher Espresso, its Fibonacciconfigured variant and linear Fibonacci variant have a similar security level. We take them as examples to design the optimization strategies in terms of both area and throughput, investigate which configuration is more efficient in a certain aspect. The Fibonacci-configured Espresso occupies 52 slices on Spartan-3 and 22 slices on Virtex-7, which are the minimum solutions among those three Espresso schemes or even smaller than 80-bit secret key ciphers. Based on our throughput improvement strategy, parallel Espresso design can perform 4.1 Gbps on Virtex-7 FPGA and 1.9 Gbps on Spartan-3 FPGA at most. In brief, the Fibonacci cipher is more suitable for extremely resource-constrained or extremely high-throughput applications, while the Galois cipher seems like a compromise between area and speed. Besides, the transformation from nonlinear feedback to linear feedback is not recommended for any hardware implementations.

Category / Keywords: implementation / lightweight cryptography; Espresso; FPGA Optimization; stream cipher; Galois NFSR; Fibonacci NFSR

Date: received 4 Mar 2021

Contact author: g37yang at sdu edu cn

Available format(s): PDF | BibTeX Citation

Version: 20210304:133043 (All versions of this report)

Short URL: ia.cr/2021/275


[ Cryptology ePrint archive ]