Cipher Block Chaining – an overview | ScienceDirect Topics

3.7.6 Pipeline interleaving, not quite an equivalence transform

It has repeatedly been noted in this section that any undertake to insert an supernumerary register into a feedback coil with the idea of pipelining the datapath destroys the equivalence between original and pipelined computations unless its impression is somehow compensated. After all, circuits c and b of fig.3.41 behave differently. Although this may appear a futile wonder, let us ask “ What happens if we do just that to a first-order recursion ? ” Adding an extra reaction time register to ( 3.69 ) results in the DDG of fig.3.42a and yields

figure 3.42. Pipeline interleaving. DDG of nonlinear time-variant first-order feedback loop with one extra register inserted ( a ) and isomorphous architecture ( bacillus ). Interpretation as two interleave data streams each of which gets processed precisely as specified by the master nonlinear first-order recursion of fig. 3.39a ( vitamin c, five hundred ) .

(3.73)

y(k)=f(y(k-2),x(k))

observe that all indices are even in this equality. As thousand increments with prison term k = 0, 1, 2, 3, … indices do in fact alternate between even and curious values. It therefore becomes potential to restate the ensuing input-to-output map as two separate recursions with no interaction between “ even ” data items x ( k = 0, 2, 4, …, 2n, … ) and “ odd ” items x ( k = 1, 3, 5, …, 2n + 1, … ).

(3.74)

y(2n)=f(y(2n-2),x(2n))

(3.75)

y(2n+1)=f(y(2n-1),x(2n+1))

This pair of equations says that the original data processing recursion of ( 3.69 ) nowadays gets applied to two distinguish data streams as depicted in fig.3.42c. From a more general perspective, it is indeed potential to cut the combinable stay in any first-order feedback loop down to 1p by inserting phosphorus − 1 pipelining registers, however the calculation then falls apart into the process of phosphorus interleaved but otherwise mugwump data streams. More frequently than not this is undesirable. however, hardheaded applications exist where it is possible to take advantage of this effect. Examples Cipher block chain ( CBC ) implements the recursion yttrium ( thousand ) = carbon ( x ( kelvin ) ⊕ ) yttrium ( k − 1 ), u ( k ) ) What counts from a cryptanalytic sharpen of scene is that patterns from the plaintext do not show up in the ciphertext. Whether this is obtained from feeding back the immediately preceding block of ciphertext yttrium ( k − 1 ) ( CBC-1 mode ) or some prior stop y ( k − phosphorus ) where 2 ≤ p ∈ ℕ ( CBC-p mode ) is of minor importance. Some cryptochips, consequently, provide a fast but nonstandard CBC-8 modality in accession to the even CBC-1 mode, see fig.3.41c. In the happening of the IDEA nick described in [ 79 ], maximum throughout is 176 Mbit/s both in pipelined ECB mode and in pipeline-interleaved CBC-8 manner as compared to fair 22 Mbit/s in nonpipelined CBC-1. Fig.3.43 shows a high-level block diagram of a celestial sphere decoder, a key subfunction in a MIMO OFDM ( orthogonal frequency division multiplex ) receiver. Sphere decoding is basically a advanced tree-traversal algorithm that achieves close-to-minimum error rate operation at a lower average search complexity than an exhaustive search. Pipelining the calculation in search of throughput is not an choice because of the ( nonlinear ) first-order recursion. alternatively, the facts that ( a ) OFDM operates on many subcarriers at a time ( typically 48 to 108 ) and that ( b-complex vitamin ) each such subcarrier poses an mugwump tree-search problem, make celestial sphere decoding an ideal candidate for grapevine interleave. This and many other refinements to sphere decoding have been reported in [ 80 ] from which fig.3.44 has been taken . figure 3.43. sphere decoder. The dash arrows indicate to the extra circuitry required to handle three individual subcarriers in an interleave fashion ( simplified ) . visualize 3.44. The beneficial impact of pipeline interleaving on area and throughput of a sphere decoder circuit.

( diagram courtesy of Dr. Markus Wenk ) For a a lot simple model, consider some effigy serve algorithm where rows of pixels are share with independently from each early. Rather than scanning the image rowing by rowing, pixels from phosphorus consecutive rows are entered one by one in a cyclic manner before the march is repeated with the future column, and then on. All process can so be carried out using a unmarried pipelined datapath of p stages [ 81 ]. grapevine interleave does obviously not qualify as an equality translate. still, it yields utilitarian architectures for any recursive calculation — including nonlinear ones — provided that data items arrive as discriminate time-multiplexed streams that are to be processed independently from each other, or can be arranged to do indeed. From this perspective, pipeline interleave is easily recognized as a apt and effective combination of time sharing with pipelining .