CN102801519A - Method and device for implementing AES (Advanced Encryption Standard) enciphering and deciphering - Google Patents
Method and device for implementing AES (Advanced Encryption Standard) enciphering and deciphering Download PDFInfo
- Publication number
- CN102801519A CN102801519A CN2012102369632A CN201210236963A CN102801519A CN 102801519 A CN102801519 A CN 102801519A CN 2012102369632 A CN2012102369632 A CN 2012102369632A CN 201210236963 A CN201210236963 A CN 201210236963A CN 102801519 A CN102801519 A CN 102801519A
- Authority
- CN
- China
- Prior art keywords
- deciphering
- enciphering
- box
- round
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a method and a device for implementing AES (Advanced Encryption Standard) enciphering and deciphering. The method comprises the following steps: loading data to be enciphered/deciphered to a register; outputting the data to be enciphered/deciphered to an S box multiplex unit for Nr round operation, wherein Nr is determined by the key length; performing enciphering/deciphering S box operation by the S box multiplex unit on data sent by the register according to an enciphering/deciphering control signal; performing enciphering/deciphering column mixing operation and round key addition operation on the data output by the S box multiplex unit, and caching an operation result to the register; and in the Nrth round operation, performing round key addition operation on output of the S box multiplex unit and then outputting an result to complete enciphering/deciphering. Thus, the method and the device for implementing AES enciphering and deciphering can cache the results of enciphering and deciphering round operations by using the same register, and realize S box and inverse S box operations by using the same logic, and thereby achieving the aim of reducing chip area and power consumption.
Description
Technical field
The present invention relates to the data communications security technical field, relate in particular to a kind of method and device of the AES of realization encryption and decryption.
Background technology
AES (Advanced Encryption Standard, Advanced Encryption Standard) is the main AES of current field of storage.The AES encryption and decryption are made up of a plurality of identical wheel computings, and each takes turns the computing that computing comprises the computing of S box, shift operation, row hybrid operation and encrypting key.The S box computing of encryption and decryption, shift operation, row hybrid operation are all inequality.Existing AES scheme uses independent structures to realize the encryption and decryption computing, perhaps uses independent structures to realize the computing of S box and contrary S box.
Fig. 1 is the structure chart of existing cryptographic calculation; The S box computing of SBX (Sbox) expression cryptographic calculation, the row hybrid operation of MC (Mix Columns) expression cryptographic calculation, ARK (add round key) expression round key adds computing; The every intermediate data of taking turns computing of Register (register) buffer memory; Selector is used for the dateout of selective loading input data or wheel computing, and round-key representes encryption round key, and initial-data representes to import data; Data-out representes encrypted result, and initial-round representes to take turns the wheel number of computing.The encryption of every group of data has the computing of Nr wheel, loads the input data when first round, computing began, the output of first round computing as second take turns computing input, and the like, up to accomplishing the computing of Nr wheel, output decrypted result.Fig. 2 is a structure chart of encrypting the computing of S box, and INV representes to calculate in the finite field logical operation of inverse element, and MT representes in the SBX computing after the inverse element computing the computing of an inverse element and a fixing matrix multiple.
Fig. 3 is the structure chart of existing decrypt operation, and the S box computing of ISBX (Inv Sbox) expression decrypt operation also is encrypt the computing of S box contrary; The row hybrid operation of IMC (Inv Mix Columns) expression decrypt operation; ARK (add round key) expression round key adds computing, and the every intermediate data of taking turns computing of Register (register) buffer memory, selector are used for the dateout of selective loading input data or wheel computing; Round-key representes encryption round key; Initial-data representes to import data, and data-out representes encrypted result, and initial-round representes the wheel number when the front-wheel computing.The deciphering of every group of data has the computing of Nr wheel, loads the input data when first round, computing began, the output of first round computing as second take turns computing input, and the like, up to accomplishing the computing of Nr wheel, output and Ei result.Fig. 4 is the calculating process of decrypt operation S box, and MTI imports data and the computing that fixed matrix multiplies each other before representing to calculate inverse element in the ISBX computing, and INV representes to calculate in the finite field logical operation of inverse element.
Existing aes algorithm adopts absolute construction to realize the encryption and decryption computing respectively, and the area of S box arithmetic logic is very big, and absolute construction realizes that respectively encryption and decryption computing meeting increases area of chip and power consumption.
Can know that to sum up prior art obviously exists inconvenience and defective on reality is used, so be necessary to improve.
Summary of the invention
To above-mentioned defective; The object of the present invention is to provide a kind of method and device of the AES of realization encryption and decryption; It can be through using the result of identical register buffer memory encryption and decryption wheel computing; And use the computing of identical logic realization S box and contrary S box, thereby realized reducing the purpose of chip area and power consumption.
To achieve these goals, the present invention provides a kind of method of the AES of realization encryption and decryption, comprising:
To treat that the enciphering/deciphering data load is to register;
Treat that with said the enciphering/deciphering data export S box Multiplexing Unit to and carry out the computing of Nr wheel, Nr is confirmed by key length;
Said S box Multiplexing Unit carries out enciphering/deciphering S box arithmetic operation according to the enciphering/deciphering control signal to said register data sent;
The row hybrid operation, the round key that the dateout of said S box Multiplexing Unit are carried out enciphering/deciphering add arithmetic operation, and with operation result buffer memory to said register;
When the computing of Nr wheel, with the output of said S box Multiplexing Unit carry out round key add arithmetic operation after the output result accomplish enciphering/deciphering.
According to the method for the invention, " according to the enciphering/deciphering control signal said register data sent being carried out the computing of enciphering/deciphering S box " is specially:
Said register data sent is deciphered the affine transformation operation;
Select to carry out the inversion operation operation through selecting signal controlling with said register data sent or through the data after the operation of deciphering affine transformation;
If selecting signal is Encryption Control Signal, then said register data sent is carried out the inversion operation operation, and the data after the inversion operation operation are encrypted affine transformation operation back output result as encrypting S box operation result;
If select signal, then the data after the said deciphering affine transformation operation are carried out inversion operation operation back and directly export as deciphering S box operation result for deciphering control signal.
According to the method for the invention, " the row hybrid operation, the round key that the dateout of said S box Multiplexing Unit are carried out enciphering/deciphering add arithmetic operation " be specially:
Said encryption S box operation result is carried out exporting as the encryption round operation result after encrypted column hybrid operation operation and round key add arithmetic operation successively;
Said deciphering S box operation result is carried out exporting as the decryption round operation result after round key adds arithmetic operation and deciphering row hybrid operation operation successively;
Select said encryption round operation result of output or said decryption round operation result through the control of enciphering/deciphering control signal.
According to the method for the invention, said method also comprises:
Select to take turns operation result or treat that the enciphering/deciphering data export said register to through the wheel numerical control system of wheel computing;
If the first round then selects to treat enciphering/deciphering data load to said register, otherwise with said operation result buffer memory to the said register of taking turns.
According to the method for the invention, said method also comprises: initial key is carried out conversion obtain said round key and add arithmetic operation and take turns the key that computing is used at each.
The present invention also provides a kind of device of the AES of realization encryption and decryption, comprising:
Register is used for buffer memory and treats enciphering/deciphering data or the result that takes turns computing, and will treat that the output of enciphering/deciphering data carries out the computing of Nr wheel, and Nr is confirmed by key length;
Said S box Multiplexing Unit is used for according to the enciphering/deciphering control signal said register data sent being carried out the computing of enciphering/deciphering S box;
Row mix and round key adds the unit, and the row hybrid operation, the round key that are used for the dateout of said S box Multiplexing Unit is carried out enciphering/deciphering add arithmetic operation, and with operation result buffer memory to said register;
The enciphering/deciphering output unit is used for when the computing of Nr wheel, the output of said S box Multiplexing Unit being carried out exporting the result after round key adds arithmetic operation and accomplishes enciphering/deciphering.
According to device of the present invention, said S box Multiplexing Unit comprises:
Deciphering affine transformation module is used for said register data sent is deciphered the affine transformation operation;
First selector; Be used for through selecting signal controlling to select to be sent to the module of inverting with said register data sent or through the data after the operation of deciphering affine transformation; When selecting signal to be coded signal; Then said register data sent is sent to the module of inverting, when selecting signal to be decrypted signal, then is sent to the module of inverting through the data after the operation of deciphering affine transformation said;
The module of inverting; Be used for said first selector data sent is carried out the inversion operation operation; When selecting signal to be decrypted signal; Directly the data after the output inversion operation operation are as deciphering S box operation result, when selecting signal to be coded signal, the data after the said inversion operation operation are exported to encrypt the affine transformation module;
Encrypt the affine transformation module, be used for the data after the inversion operation operation are encrypted affine transformation operation back output result as encrypting S box operation result.
According to device of the present invention, said row mixing and round key add the unit and comprise:
The encrypted column mixing module is used for said encryption S box operation result is carried out encrypted column hybrid operation operation;
First round key adds module, be used for that operation result to said encrypted column mixing module carries out that round key adds arithmetic operation and with result's output as the encryption round operation result;
Second round key adds module, is used for that said deciphering S box operation result is carried out round key and adds arithmetic operation;
Deciphering row mixing module, be used for to the operation result that said second round key adds module decipher the row hybrid operation and with result's output as the decryption round operation result;
Second selector is used for selecting said encryption round operation result of output or said decryption round operation result through the control of enciphering/deciphering control signal.
According to device of the present invention; Said device also comprises third selector; Be used for selecting to take turns operation result or treat that the enciphering/deciphering data export said register to through the wheel numerical control system of wheel computing; If the first round then selects to treat enciphering/deciphering data load to said register, otherwise with said operation result buffer memory to the said register of taking turns.
According to device of the present invention, said device also comprises key expansion unit, is used for that initial key is carried out conversion and obtains said round key and add arithmetic operation and take turns the key that computing is used at each.
The present invention treats enciphering/deciphering data or the result who takes turns computing through the identical register buffer memory; S box Multiplexing Unit is realized the S box arithmetic operation to encrypting or deciphering; Row hybrid operation and round key that row mixing and round key add unit realization encryption or deciphering add arithmetic operation, distinguish the encryption and decryption operation through the enciphering/deciphering control signal, carry out exporting encryption or decrypted result after the computing of Nr next round; Thereby make same module technical ability realize cryptographic operation, can realize decryption oprerations again.Whereby; The present invention realizes the AES encryption and decryption through same module; Take turns the result of calculating process through identical register buffer memory encryption and decryption, and use the computing of identical logic realization S box and contrary S box, thereby realized reducing the purpose of chip area and power consumption.
Description of drawings
Fig. 1 is the structural representation of existing cryptographic calculation;
Fig. 2 is the structural representation of the existing S of encryption box computing;
Fig. 3 is the structural representation of existing decrypt operation;
Fig. 4 is the structural representation of existing deciphering S box computing;
Fig. 5 is the structural representation of the device of a kind of AES of realization encryption and decryption of the present invention;
Fig. 6 is the flow chart of the method for a kind of AES of realization encryption and decryption of the present invention;
Fig. 7 is the flow chart that carries out enciphering/deciphering S box arithmetic operation among the present invention;
Fig. 8 is the row hybrid operation of carrying out enciphering/deciphering among the present invention, the flow chart that round key adds arithmetic operation;
Fig. 9 is a flow chart of selecting wheel computing input data among the present invention.
Embodiment
In order to make the object of the invention, technical scheme and advantage clearer,, the present invention is further elaborated below in conjunction with accompanying drawing and embodiment.Should be appreciated that specific embodiment described herein only in order to explanation the present invention, and be not used in qualification the present invention.
Fig. 5 shows the device 100 of a kind of AES of realization encryption and decryption of the present invention, and device 100 comprises: register 10, S box Multiplexing Unit 20, row mix and round key adds unit 30 and enciphering/deciphering output unit 40.
Table 1
S box Multiplexing Unit 20 is used for according to enciphering/deciphering control signal (Encrypt) register 10 data sent being carried out the computing of enciphering/deciphering S box.S box Multiplexing Unit 20 comprises deciphering affine transformation module 21, first selector 22, the module of inverting 23 and encrypts affine transformation module 24.Deciphering affine transformation module 21 is used for register 10 data sent are deciphered the affine transformation operation; First selector 22; Be used for through selecting signal controlling to select to be sent to the module 23 of inverting with register 10 data sent or through the data after the operation of deciphering affine transformation; When selecting signal to be coded signal; Then register 10 data sent are sent to the module 23 of inverting, the data that when selecting signal to be decrypted signal, then will pass through after the deciphering affine transformation is operated are sent to the module 23 of inverting; The module 23 of inverting; Be used for first selector 22 data sent are carried out the inversion operation operation; When selecting signal to be decrypted signal; Directly the data after the output inversion operation operation are as deciphering S box operation result, when selecting signal to be coded signal, the data after the inversion operation operation are exported to encrypt affine transformation module 24; Encrypt affine transformation module 24, be used for the data after the inversion operation operation are encrypted affine transformation operation back output result as encrypting S box operation result.In S box Multiplexing Unit 20, the module 23 of inverting of encryption and decryption to be carried out multiplexing, the module of inverting 23 is used for encrypting the n ary operation of inverting of S box computing, also can be used for deciphering the n ary operation of inverting in the computing of S box.Thereby realized the multiplexing of S box, reduced chip area and power consumption.
Row mix and round key adds unit 30, and the row hybrid operation, the round key that are used for the dateout of S box Multiplexing Unit 20 is carried out enciphering/deciphering add arithmetic operation, and with operation result buffer memory to register 10.Row mixing and round key add unit 30 and comprise that encrypted column mixing module 31, first round key add module 32, second round key adds module 33, deciphering row mixing module 34 and second selector 35.Encrypted column mixing module 31 is used for the encryption S box operation result of S box Multiplexing Unit 20 is carried out encrypted column hybrid operation operation; First round key adds module 32; Be used for that operation result to encrypted column mixing module 31 carries out that round key adds arithmetic operation and with result's output as the encryption round operation result; Round key (Round-key) its by the most initial key conversion, initial key is from user's input.Round key is used for round key and adds arithmetic operation; Second round key adds module 33, is used for deciphering S box operation result to S box Multiplexing Unit 20 and carries out round key and add arithmetic operation; Deciphering row mixing module 34, be used for to the operation result that second round key adds module 33 decipher the row hybrid operation and with result's output as the decryption round operation result; Second selector 35 is used for selecting defeated encryption round operation result or the said decryption round operation result stated through the control of enciphering/deciphering control signal.
Enciphering/deciphering output unit 40 is used for when the computing of Nr wheel, the output of S box Multiplexing Unit 20 being carried out exporting the result after round key adds arithmetic operation and accomplishes enciphering/deciphering.In Fig. 5, encrypting the output result is Data-out-enc; Deciphering output result is Data-out-dec.Wherein, enciphering/deciphering output unit 40 comprises that the third round key adds module 41 and second round key adds module 33.When the computing of the Nr of ciphering process wheel, the third round key add module 41 with the encryption S box operation result of S box Multiplexing Unit 20 outputs carry out round key add arithmetic operation after output as encrypted result; When the computing of the Nr of decrypting process wheel, second round key add module 33 with the deciphering S box operation result of S box Multiplexing Unit 20 outputs carry out round key add arithmetic operation after output as decrypted result.Wherein because in the wheel calculating process of deciphering; Row mix and round key adds unit 30 and the deciphering S box operation result of S box Multiplexing Unit 20 outputs is at first carried out round key adds computing; Decipher the row hybrid operation again; The round key that therefore can the round key in the decryption round computing be added computing and deciphering output adds computing and carries out multiplexingly, adds module through a round key and realizes getting final product.In the wheel calculating process of encrypting, row mixing and round key add the encryption S box operation result of unit 30 being exported by S box Multiplexing Unit 20 and at first carry out the encrypted column hybrid operation, carry out round key again and add computing, carry out multiplexing so can't add computing to round key.
Preferably; Device 100 also comprises third selector 50; Be used for selecting to take turns operation result or treat that enciphering/deciphering data (Initial-data) export register 10 to through wheel number (Initial-round) control of wheel computing; If the first round is then selected to treat enciphering/deciphering data load to register 10, otherwise will take turns operation result buffer memory to register 10.
Preferably, device 100 also comprises key expansion unit, is used for that initial key is carried out conversion and obtains round key and add arithmetic operation and take turns the key that computing is used at each.All inequality at each employed key of wheel computing of taking turns, be called round key, it is by the most initial key conversion, and initial key is from user's input.Round key is used for round key and adds arithmetic operation.
The present invention treats enciphering/deciphering data or the result who takes turns computing through identical register 10 buffer memorys; The S box arithmetic operation that S box Multiplexing Unit 20 is realized encrypting or deciphering; Row hybrid operation and round key that row mixing and round key add unit 30 realization encryptions or deciphering add arithmetic operation, distinguish the encryption and decryption operation through the enciphering/deciphering control signal, carry out exporting encryption or decrypted result after the computing of Nr next round; Thereby make same module technical ability realize cryptographic operation, can realize decryption oprerations again.Whereby; The present invention realizes the AES encryption and decryption through same module; Take turns the result of calculating process through identical register buffer memory encryption and decryption, and use the computing of identical logic realization S box and contrary S box, thereby realized reducing the purpose of chip area and power consumption.
According to one embodiment of present invention; In ciphering process; Be-encrypted data is from the input input of third selector 50, and the wheel number (Initial-round) of wheel computing is 1, and third selector 50 is selected be-encrypted data is loaded into register 10 according to the wheel number (Initial-round) of wheel computing; Register 10 sends to deciphering affine transformation module 21 and first selector 22 respectively with data; 21 pairs of register 10 data sent of deciphering affine transformation module are carried out multiplication mutually with a fixed matrix; Enciphering/deciphering control signal (Encrypt) is an Encryption Control Signal, and first selector 22 sends to the module 23 of inverting according to Encryption Control Signal with register 10 data sent; 23 pairs of first selector 22 data sent of the module of inverting are carried out the inversion operation operation, and the module of inverting 23 sends to the inversion operation operating result and encrypts affine transformation module 24; Encrypt affine transformation module 24 inverse element is carried out multiplication mutually with a fixed matrix, this fixed matrix is different with the fixed matrix in the deciphering affine transformation, encrypts affine transformation module 24 output transform results as encrypting S box operation result; 31 pairs of encrypted column mixing modules are encrypted S box operation result and are encrypted mixed rank transformation, and will mix the rank transformation result and output to first round key and add module 32 and round key matrix (Round-key) addition as the result when the encryption round computing of previous round; Second selector 35 is selected the result of encryption round computing is sent to third selector according to enciphering/deciphering control signal (Encrypt); The wheel number (Initial-round) of this hour wheel computing is 2, and encryption round operation result buffer memory to the register 10 that third selector 50 is selected second selector 35 is sent begins the wheel computing of next rounds, and the like, up to accomplishing the computing of Nr wheel.When the computing of Nr wheel, the third round key adds module 41 and will encrypt the Nr wheel of affine transformation module 24 outputs and encrypt S box operation result and carry out exporting as encrypted result (Data-out-enc) after round key adds arithmetic operation.
In the above-described embodiments, the length of every set of encrypted data is 128 bits, and the encryption of every group of data has the computing of Nr wheel, and Nr is by the length decision of key.Each input and output of taking turns computing all is 128 Bit datas, and each 128 Bit data of taking turns the input of computing is divided into the data of 16 8 bits and puts into one 4 * 4 matrix M from a high position to the low level, carry out computing of S box and shift operation then.The computing of S box is the input data map to of 8 bits 8 a new Bit data; Therefore, the input of S box computing is the element of 4 * 4 matrix S, and the output of SBX is put into accomplishes after the shift operation corresponding position in 4 * 4 matrixes; After S box computing computing, obtain 4 * 4 new matrix M '.If be that last takes turns computing at this moment; After M ' and the addition of round key matrix; As 4 * 4 data matrixes output after encrypting; No matter initial key is 128 bits, 192 bits or 256 bits, the length of round key all is 128 bits, and round key is the same with data to be constituted 4 * 4 identical matrixes and take turns the operational data addition; Take turns computing if not last, the output M ' of S box computing is listed as the computing of mixing, so-called row hybrid operation be M ' again with a fixing matrix multiple (row hybrid operation), this fixed matrix is unique for the AES AES.Output after the row hybrid operation is accomplished and the addition of round key matrix also are the inputs of next round computing as the output when the previous round computing.
According to another embodiment of the present invention; In decrypting process; Treat the input input of data decryption from third selector 50, the wheel number (Initial-round) of wheel computing is 1, and third selector 50 is selected to treat that data decryption is loaded into register 10 according to the wheel number (Initial-round) of wheel computing; Register 10 sends to deciphering affine transformation module 21 and first selector 22 respectively with data; 21 pairs of register 10 data sent of deciphering affine transformation module are carried out multiplication mutually with a fixed matrix; Enciphering/deciphering control signal (Encrypt) is the deciphering control signal, and the data that first selector 22 will be deciphered after affine transformation module 21 is handled according to the deciphering control signal send to the module 23 of inverting; 23 pairs of first selector 22 data sent of the module of inverting are carried out the inversion operation operation, and the module of inverting 23 sends to second round key with the inversion operation operating result as deciphering S box operation result and adds module 33; Second round key adds and sends to deciphering row mixing module 34 after 33 pairs of modules deciphering S box operation result and round key matrix (Round-key) addition and decipher mixed rank transformation, and deciphering row mixing module 34 will be deciphered the data output that mixes behind the rank transformation as the result who works as the computing of previous round decryption round; Second selector 35 is selected the result of decryption round computing is sent to third selector according to enciphering/deciphering control signal (Encrypt); The wheel number (Initial-round) of this hour wheel computing is 2, and decryption round operation result buffer memory to the register 10 that third selector 50 is selected second selector 35 is sent begins the wheel computing of next rounds, and the like, up to accomplishing the computing of Nr wheel.When the computing of Nr wheel, second round key add module 33 will invert the Nr wheel deciphering S box operation result of module 23 outputs carry out round key add arithmetic operation after output as encrypted result (Data-out-enc).
In the above-described embodiments, the length of every group of data decryption is 128 bits, and the deciphering of every group of data has the computing of Nr wheel, and Nr is by the length decision of key.Each input and output of taking turns computing all is 128 Bit datas, and the matrix M that each 128 Bit data of taking turns the input of computing is divided into 16 8 bits from a high position to the low level data are put into a 4X4 carries out contrary S box computing and contrary shift operation then.The computing of S box is to be mapped to 8 new Bit datas to the input of 8 bits; Therefore, the input of S box computing is the element of 4X4 matrix S, and the output of S box computing is put into accomplishes after the shift operation corresponding position in the 4X4 matrix; Therefore through after the computing of S box, obtain a new 4X4 matrix M '.If be that last takes turns computing at this moment; After M ' and the addition of round key matrix; As the output of 4 * 4 data matrixes after the deciphering; No matter initial key is 128 bits, 192 bits or 256 bits, the length of round key all is 128 bits, and round key is the same with data to be constituted 4 * 4 identical matrixes and take turns the operational data addition; Take turns computing if not last; After the output M ' of S box computing and the addition of round key matrix; Carry out contrary row hybrid operation again; Contrary row hybrid operation be add behind the round key matrix again with a fixing matrix multiple, this fixed matrix is unique for the AES decipherment algorithm, the output of contrary row hybrid operation also is the input of next round computing as the result when the front-wheel computing.
Fig. 6 is the flow chart of the method for a kind of AES of realization encryption and decryption of the present invention, and it realizes that through device as shown in Figure 5 this flow process comprises:
Step S601 will treat that the enciphering/deciphering data load is to register.
Step S602 will treat that the enciphering/deciphering data export S box Multiplexing Unit to and carry out the computing of Nr wheel, and Nr is confirmed by key length.
Step S603, S box Multiplexing Unit carries out enciphering/deciphering S box arithmetic operation according to the enciphering/deciphering control signal to the register data sent.
Step S604, the row hybrid operation, the round key that the dateout of S box Multiplexing Unit are carried out enciphering/deciphering add arithmetic operation, and with the operation result buffer memory to register.
Step S605, when the computing of Nr wheel, with the output of S box Multiplexing Unit carry out round key add arithmetic operation after the output result accomplish enciphering/deciphering.
Preferably, this method also comprises: initial key is carried out conversion obtain said round key and add arithmetic operation and take turns the key that computing is used at each.This step realizes through key expansion unit.
Fig. 7 is the flow chart that carries out enciphering/deciphering S box arithmetic operation among the present invention, and it realizes that through S box Multiplexing Unit 20 this flow process comprises:
Step S701 deciphers the affine transformation operation with the register data sent;
Step S702 selects to carry out the inversion operation operation with the register data sent or through the data after the operation of deciphering affine transformation through selecting signal controlling;
Step S703 is an Encryption Control Signal if select signal, then the register data sent is carried out the inversion operation operation, and the data after the inversion operation operation are encrypted affine transformation operation back output result as encrypting S box operation result;
Step S704, if select signal to be the deciphering control signal, the data that then will decipher after affine transformation is operated are carried out directly output conduct deciphering S box operation result of inversion operation operation back.
Fig. 8 is the row hybrid operation of carrying out enciphering/deciphering among the present invention, the flow chart that round key adds arithmetic operation, and it mixes through row and round key adds unit 30 realizations, and this flow process comprises:
Step S801 will encrypt S box operation result and carry out successively exporting as the encryption round operation result after encrypted column hybrid operation operation and round key add arithmetic operation;
Step S802 will decipher S box operation result and carry out successively exporting as the decryption round operation result after round key adds arithmetic operation and deciphering row hybrid operation operation;
Step S803 selects output encryption round operation result or decryption round operation result through the control of enciphering/deciphering control signal.
Fig. 9 is a flow chart of selecting wheel computing input data among the present invention, and it realizes that through third selector 50 this flow process comprises:
Step S901 selects will take turns operation result or treat that the enciphering/deciphering data export said register to through the wheel numerical control system of wheel computing;
Step S902 if the first round then selects to treat the enciphering/deciphering data load to register, otherwise will take turns the operation result buffer memory to register.
In sum; The present invention treats the result that the enciphering/deciphering data are perhaps taken turns computing through the identical register buffer memory, and S box Multiplexing Unit realizes that to the S box arithmetic operation of encrypting or deciphering row mixing and round key add the unit and realize that row hybrid operation and the round key encrypting or decipher add arithmetic operation; Distinguish the encryption and decryption operation through the enciphering/deciphering control signal; Output is encrypted or decrypted result after carrying out the computing of Nr next round, thereby makes same module technical ability realize cryptographic operation, can realize decryption oprerations again.Whereby; The present invention realizes the AES encryption and decryption through same module; Take turns the result of calculating process through identical register buffer memory encryption and decryption, and use the computing of identical logic realization S box and contrary S box, thereby realized reducing the purpose of chip area and power consumption.
Certainly; The present invention also can have other various embodiments; Under the situation that does not deviate from spirit of the present invention and essence thereof; Those of ordinary skill in the art work as can make various corresponding changes and distortion according to the present invention, but these corresponding changes and distortion all should belong to the protection range of the appended claim of the present invention.
Claims (10)
1. a method that realizes the AES encryption and decryption is characterized in that, comprising:
To treat that the enciphering/deciphering data load is to register;
Treat that with said the enciphering/deciphering data export S box Multiplexing Unit to and carry out the computing of Nr wheel, Nr is confirmed by key length;
Said S box Multiplexing Unit carries out enciphering/deciphering S box arithmetic operation according to the enciphering/deciphering control signal to said register data sent;
The row hybrid operation, the round key that the dateout of said S box Multiplexing Unit are carried out enciphering/deciphering add arithmetic operation, and with operation result buffer memory to said register;
When the computing of Nr wheel, with the output of said S box Multiplexing Unit carry out round key add arithmetic operation after the output result accomplish enciphering/deciphering.
2. method according to claim 1 is characterized in that, " said register data sent being carried out the computing of enciphering/deciphering S box according to the enciphering/deciphering control signal " is specially:
Said register data sent is deciphered the affine transformation operation;
Select to carry out the inversion operation operation through selecting signal controlling with said register data sent or through the data after the operation of deciphering affine transformation;
If selecting signal is Encryption Control Signal, then said register data sent is carried out the inversion operation operation, and the data after the inversion operation operation are encrypted affine transformation operation back output result as encrypting S box operation result;
If select signal, then the data after the said deciphering affine transformation operation are carried out inversion operation operation back and directly export as deciphering S box operation result for deciphering control signal.
3. method according to claim 2 is characterized in that, " the row hybrid operation, the round key that the dateout of said S box Multiplexing Unit are carried out enciphering/deciphering add arithmetic operation " is specially:
Said encryption S box operation result is carried out exporting as the encryption round operation result after encrypted column hybrid operation operation and round key add arithmetic operation successively;
Said deciphering S box operation result is carried out exporting as the decryption round operation result after round key adds arithmetic operation and deciphering row hybrid operation operation successively;
Select said encryption round operation result of output or said decryption round operation result through the control of enciphering/deciphering control signal.
4. according to each described method of claim 1~3, it is characterized in that said method also comprises:
Select to take turns operation result or treat that the enciphering/deciphering data export said register to through the wheel numerical control system of wheel computing;
If the first round then selects to treat enciphering/deciphering data load to said register, otherwise with said operation result buffer memory to the said register of taking turns.
5. method according to claim 1 is characterized in that, said method also comprises: initial key is carried out conversion obtain said round key and add arithmetic operation and take turns the key that computing is used at each.
6. a device of realizing the AES encryption and decryption is characterized in that, comprising:
Register is used for buffer memory and treats enciphering/deciphering data or the result that takes turns computing, and will treat that the output of enciphering/deciphering data carries out the computing of Nr wheel, and Nr is confirmed by key length;
Said S box Multiplexing Unit is used for according to the enciphering/deciphering control signal said register data sent being carried out the computing of enciphering/deciphering S box;
Row mix and round key adds the unit, and the row hybrid operation, the round key that are used for the dateout of said S box Multiplexing Unit is carried out enciphering/deciphering add arithmetic operation, and with operation result buffer memory to said register;
The enciphering/deciphering output unit is used for when the computing of Nr wheel, the output of said S box Multiplexing Unit being carried out exporting the result after round key adds arithmetic operation and accomplishes enciphering/deciphering.
7. device according to claim 6 is characterized in that, said S box Multiplexing Unit comprises:
Deciphering affine transformation module is used for said register data sent is deciphered the affine transformation operation;
First selector; Be used for through selecting signal controlling to select to be sent to the module of inverting with said register data sent or through the data after the operation of deciphering affine transformation; When selecting signal to be coded signal; Then said register data sent is sent to the module of inverting, when selecting signal to be decrypted signal, then is sent to the module of inverting through the data after the operation of deciphering affine transformation said;
The module of inverting; Be used for said first selector data sent is carried out the inversion operation operation; When selecting signal to be decrypted signal; Directly the data after the output inversion operation operation are as deciphering S box operation result, when selecting signal to be coded signal, the data after the said inversion operation operation are exported to encrypt the affine transformation module;
Encrypt the affine transformation module, be used for the data after the inversion operation operation are encrypted affine transformation operation back output result as encrypting S box operation result.
8. device according to claim 6 is characterized in that, said row mixing and round key add the unit and comprise:
The encrypted column mixing module is used for said encryption S box operation result is carried out encrypted column hybrid operation operation;
First round key adds module, be used for that operation result to said encrypted column mixing module carries out that round key adds arithmetic operation and with result's output as the encryption round operation result;
Second round key adds module, is used for that said deciphering S box operation result is carried out round key and adds arithmetic operation;
Deciphering row mixing module, be used for to the operation result that said second round key adds module decipher the row hybrid operation and with result's output as the decryption round operation result;
Second selector is used for selecting said encryption round operation result of output or said decryption round operation result through the control of enciphering/deciphering control signal.
9. according to each described device of claim 6~8; It is characterized in that; Said device also comprises third selector; Be used for selecting take turns operation result or treating that the enciphering/deciphering data export said register to through the wheel numerical control system of wheel computing, if the first round then select to treat enciphering/deciphering data load to said register, otherwise with the said extremely said register of operation result buffer memory of taking turns.
10. device according to claim 6 is characterized in that said device also comprises key expansion unit, is used for that initial key is carried out conversion and obtains said round key and add arithmetic operation and take turns the key that computing is used at each.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012102369632A CN102801519A (en) | 2012-07-10 | 2012-07-10 | Method and device for implementing AES (Advanced Encryption Standard) enciphering and deciphering |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2012102369632A CN102801519A (en) | 2012-07-10 | 2012-07-10 | Method and device for implementing AES (Advanced Encryption Standard) enciphering and deciphering |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102801519A true CN102801519A (en) | 2012-11-28 |
Family
ID=47200493
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2012102369632A Pending CN102801519A (en) | 2012-07-10 | 2012-07-10 | Method and device for implementing AES (Advanced Encryption Standard) enciphering and deciphering |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102801519A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103209071A (en) * | 2012-12-05 | 2013-07-17 | 无锡华大国奇科技有限公司 | Advanced Encryption Standard (AES) encryption device |
| CN105356996A (en) * | 2015-12-14 | 2016-02-24 | 联想(北京)有限公司 | Ciphertext processing method, electronic equipment and ciphertext processing device |
| CN106034021A (en) * | 2015-03-12 | 2016-10-19 | 中国科学院上海高等研究院 | Light-weight dual-mode-compatible AES encryption and decryption module and method thereof |
| CN106034022A (en) * | 2015-03-12 | 2016-10-19 | 中国科学院上海高等研究院 | AEC encryption and decryption apparatus and methods in CBC mode |
| CN106921487A (en) * | 2017-03-01 | 2017-07-04 | 芜湖职业技术学院 | Reconfigurable S-box circuit structure |
| CN106998249A (en) * | 2017-05-08 | 2017-08-01 | 芜湖职业技术学院 | Applied to SM4 and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms |
| CN107181586A (en) * | 2017-05-22 | 2017-09-19 | 芜湖职业技术学院 | reconfigurable S-box circuit structure |
| CN108933653A (en) * | 2018-06-28 | 2018-12-04 | 郑州云海信息技术有限公司 | A kind of AES encrypting and deciphering system and method based on large-scale data |
| CN111865560A (en) * | 2020-06-23 | 2020-10-30 | 华中科技大学 | AES password coprocessor and terminal equipment |
| CN112910628A (en) * | 2021-01-29 | 2021-06-04 | 苏州浪潮智能科技有限公司 | AES operation method and equipment |
| CN114172632A (en) * | 2021-08-18 | 2022-03-11 | 北京中电华大电子设计有限责任公司 | Method and device for improving AES encryption and decryption efficiency |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1688121A (en) * | 2005-06-16 | 2005-10-26 | 北京中星微电子有限公司 | AES add decipher circuit optimization method and multiplex sbox module |
| CN1921382A (en) * | 2006-09-06 | 2007-02-28 | 华为技术有限公司 | Encrypting-decrypting method based on AES algorithm and encrypting-decrypting device |
| CN101409616A (en) * | 2007-10-10 | 2009-04-15 | 佳能株式会社 | AES encryption/decryption circuit |
| CN101626289A (en) * | 2009-07-14 | 2010-01-13 | 青岛科技大学 | Design method of AES encryption chip and computer encryptor |
| CN102025484A (en) * | 2010-12-17 | 2011-04-20 | 北京航空航天大学 | Block cipher encryption and decryption method |
-
2012
- 2012-07-10 CN CN2012102369632A patent/CN102801519A/en active Pending
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1688121A (en) * | 2005-06-16 | 2005-10-26 | 北京中星微电子有限公司 | AES add decipher circuit optimization method and multiplex sbox module |
| CN1921382A (en) * | 2006-09-06 | 2007-02-28 | 华为技术有限公司 | Encrypting-decrypting method based on AES algorithm and encrypting-decrypting device |
| CN101409616A (en) * | 2007-10-10 | 2009-04-15 | 佳能株式会社 | AES encryption/decryption circuit |
| CN101626289A (en) * | 2009-07-14 | 2010-01-13 | 青岛科技大学 | Design method of AES encryption chip and computer encryptor |
| CN102025484A (en) * | 2010-12-17 | 2011-04-20 | 北京航空航天大学 | Block cipher encryption and decryption method |
Cited By (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103209071A (en) * | 2012-12-05 | 2013-07-17 | 无锡华大国奇科技有限公司 | Advanced Encryption Standard (AES) encryption device |
| CN106034022B (en) * | 2015-03-12 | 2019-11-26 | 中国科学院上海高等研究院 | AES ciphering and deciphering device and method under CBC mode |
| CN106034021A (en) * | 2015-03-12 | 2016-10-19 | 中国科学院上海高等研究院 | Light-weight dual-mode-compatible AES encryption and decryption module and method thereof |
| CN106034022A (en) * | 2015-03-12 | 2016-10-19 | 中国科学院上海高等研究院 | AEC encryption and decryption apparatus and methods in CBC mode |
| CN106034021B (en) * | 2015-03-12 | 2020-04-10 | 中国科学院上海高等研究院 | Lightweight dual-mode compatible AES encryption and decryption module and method thereof |
| CN105356996B (en) * | 2015-12-14 | 2018-11-09 | 联想(北京)有限公司 | A kind of ciphertext processing method, electronic equipment and ciphertext processing unit |
| CN105356996A (en) * | 2015-12-14 | 2016-02-24 | 联想(北京)有限公司 | Ciphertext processing method, electronic equipment and ciphertext processing device |
| CN106921487A (en) * | 2017-03-01 | 2017-07-04 | 芜湖职业技术学院 | Reconfigurable S-box circuit structure |
| CN106921487B (en) * | 2017-03-01 | 2023-09-15 | 芜湖职业技术学院 | Reconfigurable S-box circuit structure |
| CN106998249A (en) * | 2017-05-08 | 2017-08-01 | 芜湖职业技术学院 | Applied to SM4 and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms |
| CN106998249B (en) * | 2017-05-08 | 2023-09-15 | 芜湖职业技术学院 | Reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithm |
| CN107181586A (en) * | 2017-05-22 | 2017-09-19 | 芜湖职业技术学院 | reconfigurable S-box circuit structure |
| CN107181586B (en) * | 2017-05-22 | 2023-09-15 | 芜湖职业技术学院 | Reconfigurable S-box circuit structure |
| CN108933653A (en) * | 2018-06-28 | 2018-12-04 | 郑州云海信息技术有限公司 | A kind of AES encrypting and deciphering system and method based on large-scale data |
| CN111865560A (en) * | 2020-06-23 | 2020-10-30 | 华中科技大学 | AES password coprocessor and terminal equipment |
| CN112910628A (en) * | 2021-01-29 | 2021-06-04 | 苏州浪潮智能科技有限公司 | AES operation method and equipment |
| CN114172632B (en) * | 2021-08-18 | 2023-09-08 | 北京中电华大电子设计有限责任公司 | Method and device for improving AES encryption and decryption efficiency |
| CN114172632A (en) * | 2021-08-18 | 2022-03-11 | 北京中电华大电子设计有限责任公司 | Method and device for improving AES encryption and decryption efficiency |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102801519A (en) | Method and device for implementing AES (Advanced Encryption Standard) enciphering and deciphering | |
| CN1921382B (en) | Encrypting-decrypting method based on AES algorithm and encrypting-decrypting device | |
| CN101622816B (en) | Flexible architecture and instruction for advanced encryption standard (AES) | |
| CN102710415B (en) | Method and table look-up device for encrypting and decrypting data by using symmetric cryptographic algorithm | |
| CN101779412B (en) | Cryptographic methods and devices for the pseudo-random generation of data encryption and cryptographic hashing of a message | |
| CN104639314A (en) | Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method | |
| CN105959107B (en) | A kind of lightweight SFN block cipher implementation method of new high safety | |
| KR20160024965A (en) | Method and apparatus to encrypt plaintext data | |
| CN102035641A (en) | Device and method for implementing AES encryption and decryption | |
| CN106921487A (en) | Reconfigurable S-box circuit structure | |
| US20150195089A1 (en) | Data scramble device, security device, security system, and data scramble method | |
| CN108123794A (en) | The generation method and encryption method of whitepack key, apparatus and system | |
| CN106034021B (en) | Lightweight dual-mode compatible AES encryption and decryption module and method thereof | |
| KR20180081559A (en) | Generate key sequence for encryption operation | |
| CN104852798B (en) | A kind of data encrypting and deciphering system and method | |
| CN102377563B (en) | The method and apparatus of encrypting traffic | |
| Li et al. | Cryptanalyzing a chaotic encryption algorithm for highly autocorrelated data | |
| CN102857334B (en) | Method and device for realizing AES (advanced encryption standard) encryption and decryption | |
| CN102780557B (en) | Method and device for AES (advanced encryption standard) encryption/decryption with selection gate optimization | |
| EP1625693A2 (en) | A hardware implementation of the mixcolumn / invmixcolumn functions | |
| US20120321079A1 (en) | System and method for generating round keys | |
| RU2503135C1 (en) | Method for cryptographic transformation of information and apparatus for realising said method | |
| CN114978475A (en) | Automobile instrument encryption and decryption processing method and system based on AES-128 algorithm | |
| Deore et al. | Hybrid encryption for database security | |
| CN108133450A (en) | A kind of New chaotic image encryption method based on hybrid feedback |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20121128 |