Linear feed-forward/feedback shift registers are used as an effective tool of testing circuits in various fields including built-in self-test and secure scan design. In this paper, we consider the issue of testing linear feed-forward/feedback shift registers themselves. To test linear feed-forward/feedback shift registers, it is necessary to generate a test sequence for each register. We first present an experimental result such that a commercial ATPG (automatic test pattern generator) cannot always generate a test sequence with high fault coverage even for 64-stage linear feed-forward/feedback shift registers. We then show that there exists a universal test sequence with 100% of fault coverage for the class of linear feed-forward/feedback shift registers so that no test generation is required, i.e., the cost of test generation is zero. We prove the existence theorem of universal test sequences for the class of linear feed-forward/feedback shift registers.

RFID enable applications are ubiquitous in our society, especially become more and more important as IoT management rises. Meanwhile, the concern of security and privacy of RFID is also increasing. The pseudorandom number generator is one of the core primitives to implement RFID security. Therefore, it is necessary to design and implement a secure and robust pseudo-random number generator (PRNG) for current RFID tag. In this paper, we study the security of light-weight PRNGs for EPC Gen2 RFID tag which is an EPC Global standard. For this reason, we have analyzed and improved the existing research at IEEE TrustCom 2017 and proposed a model using external random numbers. However, because the previous model uses external random numbers, the speed has a problem depending on the generation speed of external random numbers. In order to solve this problem, we developed a pseudorandom number generator that does not use external random numbers. This model consists of LFSR, NLFSR and SLFSR. Safety is achieved by using nonlinear processing such as multiplication and logical multiplication on the Galois field. The cycle achieves a cycle longer than the key length by effectively combining a plurality of LFSR and the like. We show that our proposal PRNG has good randomness and passed the NIST randomness test. We also shows that it is resistant to identification attacks and GD attacks.

Dynamic linear feedback shift registers (DLFSRs) are a scheme to transfer from one LFSR to another. In cryptography each LFSR included in a DLFSR should generate maximal-length sequences, and the number of switches transferring LFSRs should be small for efficient performance. This corresponding addresses on searching such conditioned DLFSRs. An efficient probabilistic algorithm is given to find such DLFSRs with two or four switches, and it is proved to succeed with nonnegligible probability.

In our previous work, we introduced new concepts of secure scan design; shift register equivalent circuits (SR-equivalents, for short) and strongly secure circuits, and also introduced generalized shift registers (GSRs, for short) to apply them to secure scan design. In this paper, we combine both concepts of SR-equivalents and strongly secure circuits and apply them to GSRs, and consider the synthesis problem of strongly secure SR-equivalents using GSRs. We also consider the enumeration problem of GSRs that are strongly secure and SR-equivalent, i.e., the cardinality of the class of strongly secure SR-equivalent GSRs to clarify the security level of the secure scan architecture.

We regard a De Bruijn sequence of order n as a bijection on $mathbb{F}_2^n$ and consider the transition mappings between them. It is shown that there are only two conjugate transformations that always transfer De Bruijn sequences to De Bruijn sequences.

We reported a secure scan design approach using shift register equivalents (SR-equivalents, for short) that are functionally equivalent but not structurally equivalent to shift registers [10 and also introduced generalized shift registers (GSRs, for short) to apply them to secure scan design [11]-[13]. In this paper, we combine both concepts of SR-equivalents and GSRs and consider the synthesis problem of SR-equivalent GSRs, i.e., how to modify a given GSR to an SR-equivalent GSR. We also consider the enumeration problem of SR-equivalent GFSRs, i.e., the cardinality of the class of SR-equivalent GSRs to clarify the security level of the secure scan architecture.

In our previous work [12], [13], we introduced generalized feed-forward shift registers (GF2SR, for short) to apply them to secure and testable scan design. In this paper, we introduce another class of generalized shift registers called generalized feedback shift registers (GFSR, for short), and consider the properties of GFSR that are useful for secure scan design. We present how to control/observe GFSR to guarantee scan-in and scan-out operations that can be overlapped in the same way as the conventional scan testing. Testability and security of scan design using GFSR are considered. The cardinality of each class is clarified. We also present how to design strongly secure GFSR as well as GF2SR considered in [13].

In our previous work [12], [13], we introduced generalized feed-forward shift registers (GF2SR, for short) to apply them to secure and testable scan design, where we considered the security problem from the viewpoint of the complexity of identifying the structure of GF2SRs. Although the proposed scan design is secure in the sense that the structure of a GF2SR cannot be identified only from the primary input/output relation, it may not be secure if part of the contents of the circuit leak out. In this paper, we introduce a more secure concept called strong security such that no internal state of strongly secure circuits leaks out, and present how to design such strongly secure GF2SRs.

This work presents a novel counter-based randomization method for use in a flying-adder frequency synthesizer with a cost-effective structure that can replace the fractional accumulator. The proposed technique involves a counter, a comparator and a modified linear feedback shift register. The power consumption and speed bottleneck of the conventional flying-adder are significantly reduced. The modified linear shift feedback register is used as a pseudo random data generator, suppressing the spurious tones arise from the periodic carry sequences that is generated by the fractional accumulator. Furthermore, the proposed counter-based randomization method greatly reduces the large memory size that is required by the conventional approach to carry randomization. A test chip for the proposed counter-based randomization method is fabricated in the TSMC 0.18,$mu $m 1P6M CMOS process, with the core area of 0.093,mm$^{mathrm{2}}$. The output frequency had a range of 43.4,MHz, extasciitilde 225.8,MHz at 1.8,V with peak-to-peak jitter (Pk-Pk) jitter 139.2,ps at 225.8,MHz. Power consumption is 2.8,mW @ 225.8,MHz with 1.8 supply voltage.

We describe the recent progress on a Nb nine-layer fabrication process for large-scale single flux quantum (SFQ) circuits. A device fabricated in this process is composed of an active layer including Josephson junctions (JJ) at the top, passive transmission line (PTL) layers in the middle, and a DC power layer at the bottom. We describe the process conditions and the fabrication equipment. We use both diagnostic chips and shift register (SR) chips to improve the fabrication process. The diagnostic chip was designed to evaluate the characteristics of basic elements such as junctions, contacts, resisters, and wiring, in addition to their defect evaluations. The SR chip was designed to evaluate defects depending on the size of the SFQ circuits. The results of a long-term evaluation of the diagnostic and SR chips showed that there was fairly good correlation between the defects of the diagnostic chips and yields of the SRs. We could obtain a yield of 100% for SRs including 70,000JJs. These results show that considerable progress has been made in reducing the number of defects and improving reliability.

Recently nonlinear feedback shift registers (NFSRs) have frequently been used as basic building blocks for stream ciphers. A major problem concerning NFSRs is to construct NFSRs which generate de Bruijn sequences, namely maximum period sequences. In this paper, we present a new necessary condition for NFSRs to generate de Bruijn sequences. The new condition can not be deduced from the previously proposed necessary conditions. It is shown that the number of NFSRs whose feedback functions satisfy all the previous necessary conditions but not the new one is very large.

In this paper, we introduce generalized feed-forward shift registers (GF2SR) to apply them to secure and testable scan design. Previously, we introduced SR-equivalents and SR-quasi-equivalents which can be used in secure and testable scan design, and showed that inversion-inserted linear feed-forward shift registers (I2LF2SR) are useful circuits for the secure and testable scan design. GF2SR is an extension of I2LF2SR and the class is much wider than that of I2LF2SR. Since the cardinality of the class of GF2SR is much larger than that of I2LF2SR, the security level of scan design with GF2SR is much higher than that of I2LF2SR. We consider how to control/observe GF2SR to guarantee easy scan-in/out operations, i.e., state-justification and state-identification problems are considered. Both scan-in and scan-out operations can be overlapped in the same way as the conventional scan testing, and hence the test sequence for the proposed scan design is of the same length as the conventional scan design. A program called WAGSR (Web Application for Generalized feed-forward Shift Registers) is presented to solve those problems.

We show measurement results of variation-tolerance of an error-hardened dual-modular-redundancy flip-flop fabricated in a 65-nm process. The proposed error-hardened FF called BCDMR is very strong against soft errors and also robust to process variations. We propose a shift-register-based test structure to measure variations. The proposed test structure has features of constant pin count and fast measurement time. A 65 nm chip was fabricated including 40k FFs to measure variations. The variations of the proposed BCDMR FF are 74% and 55% smaller than those of the conventional BISER FF on the twin-well and triple-well structures respectively.

It is important to find an efficient design-for-testability methodology that satisfies both security and testability, although there exists an inherent contradiction between security and testability for digital circuits. In our previous work, we reported a secure and testable scan design approach by using extended shift registers that are functionally equivalent but not structurally equivalent to shift registers, and showed a security level by clarifying the cardinality of those classes of shift register equivalents (SR-equivalents). However, SR-equivalents are not always secure for scan-based side-channel attacks. In this paper, we consider a scan-based differential-behavior attack and propose several classes of SR-equivalent scan circuits using dummy flip-flops in order to protect the scan-based differential-behavior attack. To show the security level of those SR-equivalent scan circuits, we introduce a differential-behavior equivalent relation and clarify the number of SR-equivalent scan circuits, the number of differential-behavior equivalent classes and the cardinality of those equivalent classes.

Feedback shift registers are basic building blocks for many cryptographic primitives. Due to the insecurities of Linear Feedback Shift Register (LFSR) based systems, the use of Nonlinear Feedback Shift Registers (NFSRs) became more popular. In this work, we study the feedback functions of NFSRs with period 2n. First, we provide two new necessary conditions for feedback functions to be maximum length. Then, we consider NFSRs with k-monomial feedback functions and focus on two extreme cases where k=4 and k=2n-1. We study construction methods for these special cases.

Reducing the power dissipation for LDPC code decoder is a major challenging task to apply it to the practical digital communication systems. In this paper, we propose a low power LDPC code decoder architecture based on an intermediate message-compression technique which features as follows: (i) An intermediate message compression technique enables the decoder to reduce the required memory capacity and write power dissipation. (ii) A clock gated shift register based intermediate message memory architecture enables the decoder to decompress the compressed messages in a single clock cycle while reducing the read power dissipation. The combination of the above two techniques enables the decoder to reduce the power dissipation while keeping the decoding throughput. The simulation results show that the proposed architecture improves the power efficiency up to 52% and 18% compared to that of the decoder based on the overlapped schedule and the rapid convergence schedule without the proposed techniques respectively.

We propose feedback-limited NFSRs (nonlinear feedback shift registers) which can generate periodic sequences of period 2k-1, where k is the length of the register. We investigate some characteristics of such periodic sequences. It is also shown that the scale of such NFSRs can be reduced by the feedback limitation. Some simulation and experimental results are shown including comparison with LFSRs (linear feedback shift registers) for conventional M-sequences and Gold sequences.

In this paper, it is proved that there is a transformation between two types of nonlinear feedback shift register which can be regarded as implementation of the Bernoulli and tent maps with finite precision. This transformation can be interpreted as a sort of finite dimension version of topological conjugation between the Bernoulli and tent maps on continuous phase space. Several properties of periodic sequences generated from extended NFSRs are derived from the relation.

In this paper, we examine the computational Diffie-Hellman problem and decisional Diffie-Hellman problem in 3-rd order linear feedback shift register and show that the shift register based Diffie-Hellman problems are equivalent to the Diffie-Hellman problems over prime subgroup of GF(p3e) respectively. This result will be useful in constructing new cryptographic primitives based on the hardness of the shift register based Diffie-Hellman problems.

In generating Frequency-Hopping (FH) sequences for Frequency Hopping Spread Spectrum Multiple Access (FH-SSMA) applications, binary maximal-length sequences (m-sequences) over GF(2m) have been preferred because of their characteristics of good Hamming correlation property, long period capability and high speed generation in association with simple hardware implementation based on Feedback Shift Registers (FSR). In practice, however, one difficulty of applying such sequences into the FH-SSMA communication systems with a wide bandwidth such as Military Satellite Communication (MilSatCom) is that the number of hopping frequency slots available may be far from a power of 2 in proportion to the spreading bandwidth. In that case, we can not make good use of the spreading bandwidth. In this paper, we propose a construction of some favorable FH sequences which deals effectively with the above difficulty using FSR and some nonlinear logic by introducing a re-mapping method. We show that the resulting sequences satisfy the (almost) uniform symbol distribution in one period and preserve a reasonably good Hamming correlation property so that they are appropriate for FH-SSMA applications.