942 LFSR Driven Cryptography
942 : LFSR Driven Cryptography
- Author: Sai Surya
- Description: A two-channel XOR stream cipher with fully programmable 32/16/8/4-bit Galois LFSRs
- GitHub repository
- Open in 3D viewer
- Clock: 12500 Hz
Background
What is an XOR stream Cipher?
An XOR stream cipher is a type of symmetric-key encryption algorithm that encrypts data one bit or byte at a time, in a continuous stream. In a stream cipher, the encryption key is combined with a stream of pseudo-random bits or bytes to generate a sequence of cipher symbols, which are then combined with the plaintext message using the XOR (exclusive OR) operation to generate the ciphertext.
Unlike block ciphers, which encrypt fixed-size blocks of plaintext at a time, stream ciphers can encrypt data of any size in a continuous stream, making them well-suited for real-time communication applications such as wireless communications or internet telephony. Stream ciphers are also often faster and more efficient than block ciphers, since they require less computation and memory.
However, stream ciphers can be vulnerable to certain types of attacks, such as known-plaintext attacks or stream cipher resynchronization attacks, if the key stream is not properly generated or the same key stream is used multiple times.
Galois LFSR
An LFSR is a shift register whose output bit is a linear function of its previous state. In a Galois LFSR, the linear function is implemented using exclusive-OR (XOR) operations between selected bits of the register. The XOR feedback taps should be chosen in a way that generates a maximal length sequence, which is a pseudo-random sequence of bits that has the longest possible period for a given register length.
The Galois LFSR operates by shifting the bits in the register to the right, with the rightmost bit being discarded and a new bit being added at the leftmost position. The new bit is generated by performing XOR operations between selected bits of the register, as determined by the feedback taps. The sequence of bits generated by the LFSR is periodic, with the period being determined by the size of the register and the feedback taps used.
How it works
The design has two channels, one for encryption and another for decryption, each controlled by a separate enable pin. The plaintext or ciphertext bitstream is XORed with a bit derived from a register variable generated by a Linear Feedback Shift Register (LFSR).
The LFSR is programmable/customizable to operate in 32-bit, 16-bit, 8-bit, or 4-bit modes, depending on the select lines sel0 and sel1. This provides flexibility in choosing the level of security and performance trade-off.
During transmission, the plaintext (tx_p) is encrypted into tx_e. For reception, the encrypted stream (rx_e) is decrypted back into the original plaintext (rx_p) using the same LFSR sequence. Debug outputs (dbg_tx_p, dbg_rx_e) are available for testing but are disabled by default.
The configuration input (cfg_i) and enable (cfg_en) allow dynamic loading of the 130-bit serial shift register, ensuring the LFSR sequence can be customized at runtime. The cfg_o pin provides read-back capability for verification.
How to test
A testbench is provided at ../test/tb_testing.v.
- The primary input is assigned to the variable
custom_input. - The bit-width of this input can be adjusted by modifying the
sizevariable.
Update these variables in the testbench, run the simulation.
IO
| # | Input | Output | Bidirectional |
|---|---|---|---|
| 0 | sel0 (Used for LSFR configuration) | tx_e (Encrypted bitstream for transmission) | |
| 1 | sel1 (Used for LSFR configuration) | rx_p (Decrypted bitstream for reception) | |
| 2 | tx_p (Plaintext bitstream for transmission) | dgb_tx_p (Decrypted transmit bitstream, debug pin disabled by default) | |
| 3 | rx_e (Encrypted bitstream for reception) | dgb_rx_e (Encrypted receive bitstream, debug pin disabled by default) | |
| 4 | cfg_en (Active high configuration enable for the 130-bit serial shift register) | cfg_o (Configuration output from the 130-bit shift register) | |
| 5 | cfg_i (Configuration input to the 130-bit serial shift register) | heartbeat0 (Bit [7] from the heartbeat counter) | |
| 6 | tx_en (Transmit channel enable) | heartbeat1 (Bit [8] from the heartbeat counter) | |
| 7 | rx_en (Receive channel enable) | heartbeat2 (Bit [9] from the heartbeat counter) |