CN103260156A - Key stream generating device and method and confidentiality protective device and method - Google Patents

Abstract

The invention discloses a key stream generating device and method and a confidentiality protective device and method. The key stream generating device comprises a control unit, an initialization unit, a cyclic shift unit, a replacing unit, an updating unit and a key stream generating unit. The control unit is used for transmitting algorithm selection signals corresponding to algorithms for generating key streams to the initialization unit, the updating unit, the replacing unit and the key stream generating unit. The initialization unit is used for generating an initial value on the basis of the algorithms corresponding to the algorithm selection signals. The cyclic shift unit is used for carrying out initial assignment and updating on a cyclic shift register. The replacing unit is used for generating output parameters on the basis of the algorithms corresponding to the algorithm selection signals. The updating unit is used for generating an updating value on the basis of the algorithms corresponding to the algorithm selection signals. The key stream generating unit is used for generating the key streams on the basis of the algorithms corresponding to the algorithm selection signals. Through adoption of the technical schemes, the key stream generating device is capable of solving the problems in the prior art that two sets of key stream generating devices need to be arranged for a terminal device and a network node device and occupy more processing resources of the terminal device and the network node device.

Description

Key stream generating apparatus and method, Confidentiality protection device and method

Technical field

The present invention relates to communication technical field, relate in particular to a kind of key stream generating apparatus and method, Confidentiality protection device and method.

Background technology

Along with the development of mobile communication technology, the open network architedure of agreement Network Based (IP, Internet Protocol) and the characteristic of radio transmission, safety problem becomes one of key problem of mobile communications device.At present Long Term Evolution (LTE; Long Term Evolution) in the system; fail safe relates generally to two aspects of confidentiality and integrity; generally speaking, the data of the user plane of LTE (UP, User Plane) need be carried out Confidentiality protection; control plane (CP; Control Plane) Radio Resource control (RRC, Radio Resource Control) signaling and Non-Access Stratum (NAS, Non Access Stratum) signaling need be carried out Confidentiality protection and integrity protection.

Realize the evolved packet system (EPS of LTE fail safe protection mechanism; Evolved Packet System) confidentiality algorithm (EEA; EPS Encryption Algorithm) and EPS protection algorithm integrallty (EIA; EPS Integrity Algorithm) comprising: based on the 128-EEA1/128-EIA1 of SNOW 3G algorithm, based on the 128-EEA2/128-EIA2 of Advanced Encryption Standard (AES, Advanced Encryption Standard) algorithm and based on the 128-EEA3/128-EIA3 of ZUC algorithm.Wherein, SNOW3G algorithm and ZUC algorithm are the key stream generating algorithms towards 32, and input parameter is 128 initial key (KEY) and 128 initial vector (IV, Initial Vector), and output parameter is 32 key stream.

If realize that the algorithm of LTE Confidentiality protection is 128-EEA1/128-EEA3; then will carry out XOR by key stream and data that SNOW 3G algorithm/ZUC algorithm generates; be that data sending terminal will carry out XOR generation encrypt data by the SNOW 3G algorithm/key stream of ZUC algorithm generation and clear data to be sent; after data receiver receives encrypt data; to carry out XOR with the encrypt data that receives by the key stream that SNOW 3G algorithm/ZUC algorithm generates and be reduced to clear data, thereby realize the data to UP; the RRC signaling; the Confidentiality protection of NAS signaling.If realize that the algorithm of LTE integrity protection is 128-EIA1/128-EIA3; then basis is by the message authentication code (MAC of the key stream calculated data of SNOW 3G algorithm/ZUC algorithm generation; Message Authentication Code); be to send after data sending terminal will be attached to data to be sent by the MAC that SNOW 3G algorithm/ZUC algorithm generates; after data receiver receives data; calculate the expectation MAC (XMAC of the data that receive according to the key stream that generates by SNOW 3G algorithm/ZUC algorithm; eXpected MAC); compare with the MAC that receives then, thereby realize the RRC signaling; the integrity protection of NAS signaling.Wherein, when data sending terminal was apparatus for network node, data receiver was terminal equipment, and when data sending terminal was terminal equipment, data receiver was apparatus for network node.

Introduce the process that generates key stream by SNOW 3G algorithm and ZUC algorithm below respectively.

One, generates key stream by SNOW 3G algorithm

Basic module in the device of realization SNOW 3G algorithm comprises one 16 * 32 linear feedback shift register (LFSR, Linear Feedback Shift Register), uses s respectively ₀, s ₁..., s ₁₅Expression; One 3 * 32 finite state machine (FSM, Finite State Machine) is used R respectively ₁, R ₂, R ₃Expression.Realize the process of SNOW 3G algorithm as shown in Figure 1, mainly comprise initialization procedure and key stream generative process.

Initialization procedure comprises 32 clock cycle, in initialization procedure, at first by initial KEY and the LFSR of IV initial value is set, in each clock cycle in 32 clock cycle, through type (1) upgrades FSM then, and through type (2) upgrades LFSR, wherein, f represents the output parameter of FSM, and r represents the updating value of FSM

The expression XOR,

The expression mould adds computing, and S1 and S2 represent replacement operation, R ₁Be the input parameter of S1, S1 (R ₁) be the output parameter of S1, R ₂Be the input parameter of S2, S2 (R ₂) be the output parameter of S2, v represents the updating value of LFSR, a α representative function mul _α(a), a α ^-1Representative function div _α(a).

R ₃＝S2(R ₂)，R ₂＝S1(R ₁)，R ₁＝r (1)

$v=(s_0\·a)\⊕s_2\⊕(s_{11}\·a^{-1})\⊕f$

s ₀＝s ₁，s ₁＝s ₂，s ₂＝s ₃，s ₃＝s ₄，s ₄＝s ₅，s ₅＝s ₆，s ₆＝s ₇，s ₇＝s ₈，

s ₈＝s ₉，s ₉＝s ₁₀，s ₁₀＝s ₁₁，s ₁₁＝s ₁₂，s ₁₂＝s ₁₃，s ₁₃＝s ₁₄，s ₁₄＝s ₁₅，s ₁₅＝v (2)

In the key stream generative process, at first first clock cycle through type (1) in the key stream generative process upgrades FSM, through type (3) upgrades LFSR, then in each follow-up clock cycle, through type (1) upgrades FSM, through type (4) generates key stream kss, and through type (3) upgrades LFSR.

$v=(s_0\·\mathrm{\α})\⊕s_2\⊕(s_{11}\·{\mathrm{\α}}^{-1})$

s ₀＝s ₁，s ₁＝s ₂，s ₂＝s ₃，s ₃＝s ₄，s ₄＝s ₅，s ₅＝s ₆，s ₆＝s ₇，s ₇＝s ₈，

s ₈＝s ₉，s ₉＝s ₁₀，s ₁₀＝s ₁₁，s ₁₁＝s ₁₂，s ₁₂＝s ₁₃，s ₁₃＝s ₁₄，s ₁₄＝s ₁₅，s ₁₅＝v (3)

$\mathrm{kss}=f\⊕s_0---\left(4\right)$

Two, generate key stream by the ZUC algorithm

Basic module in the device of realization ZUC algorithm comprises one 16 * 31 LFSR, uses z respectively ₀, z ₁..., z ₁₅Expression; One 4 * 32 bit recombination (BR, Bit Reorganization) is used x respectively ₀, x ₁, x ₂, x ₃Expression; One 2 * 32 nonlinear function (NLF, Non Linear Function) is used F respectively ₁, F ₂Expression.Realize the process of ZUC algorithm as shown in Figure 2, mainly comprise initialization procedure and key stream generative process.

Initialization procedure comprises 32 clock cycle, in initialization procedure, at first by initial KEY, IV and 240 bit constants LFSR is arranged initial value, in each clock cycle in 32 clock cycle, through type (5) calculates BR then, and through type (6) upgrades NLF, through type (7) upgrades LFSR, wherein, w represents the output parameter of NLF, w ₁And w ₂The updating value of expression NLF, a ₀|| a ₁{ a ₀, a ₁All represent a ₀And a ₁The series connection computing, a _HAnd a _LRepresent high 16 and a low 16 of a respectively, S represents replacement operation, and L1 and L2 represent linear transformation, and u represents the updating value of LFSR, 2 ^xA and a＜＜＜x all represents a ring shift left x position, a＞＞x represents a x position that moves to right.Among Fig. 2, u ≠ 0? u:! U represents to judge whether u equals 0, in u ≠ 0 o'clock, u is set to u, when u=0, u is set to! U,! Expression step-by-step negate computing.

x ₀＝z _15H||z _14L，x ₁＝z _11L||z _9H，x ₂＝z _7L||z _5H，x ₃＝z _2L||z _0H (5)

${\mathrm{<figure-callout\; id="2"\; label="w"\; filenames="HDA0000135951190000011.png"\; state="\{\{state\}\}">w</figure-callout>}}_2={\mathrm{<figure-callout\; id="2"\; label="F"\; filenames="HDA0000135951190000011.png"\; state="\{\{state\}\}">F</figure-callout>}}_2\&CirclePlus;x_2$

F ₁＝S(L1(w _1L||w _2H))，F ₂＝S(L2(w _2L||w _1H)) (6)

u＝(2 ¹⁵·z ₁₅+2 ¹⁷·z ₁₃+2 ²¹·z ₁₀+2 ²⁰·z ₄+2 ⁸·z ₀+z ₀+(w＞＞1))mod(2 ³¹-1)

(7)

z ₀＝z ₁，z ₁＝z ₂，z ₂＝z ₃，z ₃＝z ₄，z ₄＝z ₅，z ₅＝z ₆，z ₆＝z ₇，z ₇＝z ₈，

z ₈＝z ₉，z ₉＝z ₁₀，z ₁₀＝z ₁₁，z ₁₁＝z ₁₂，z ₁₂＝z ₁₃，z ₁₃＝z ₁₄，z ₁₄＝z ₁₅，z ₁₅＝u

In the key stream generative process, at first through type (5) calculates BR in first clock cycle of key stream generative process, through type (6) upgrades NLF, through type (8) upgrades LFSR, in each follow-up clock cycle, through type (5) calculates BR then, and through type (6) upgrades NLF, through type (9) generates key stream ksz, and through type (8) upgrades LFSR.Wherein, if formula (5) and formula (8) calculate u=0, then u is set to 2 ³¹-1.

u＝(2 ¹⁵·z ₁₅+2 ¹⁷·z ₁₃+2 ²¹·z ₁₀+2 ²⁰·z ₄+2 ⁸·z ₀+z ₀)mod(2 ³¹-1)

(8)

z ₀＝z ₁，z ₁＝z ₂，z ₂＝z ₃，z ₃＝z ₄，z ₄＝z ₅，z ₅＝z ₆，z ₆＝z ₇，z ₇＝z ₈，

z ₈＝z ₉，z ₉＝z ₁₀，z ₁₀＝z ₁₁，z ₁₁＝z ₁₂，z ₁₂＝z ₁₃，z ₁₃＝z ₁₄，z ₁₄＝z ₁₅，z ₁₅＝u

$\mathrm{ksx}=w\&CirclePlus;x_3---\left(9\right)$

In the prior art, realize that the algorithm of LTE Confidentiality protection may be 128-EEA1 or 128-EEA3, realize that the algorithm of LTE integrity protection may be 128-EIA1 or 128-EIA3.Terminal equipment and apparatus for network node are according to the Authentication and Key Agreement process; determine to realize the algorithm of LTE Confidentiality protection and the algorithm of integrity protection; thereby select to use SNOW 3G algorithm also to be to use the ZUC algorithm to generate key stream; and according to the algorithm generation key stream of selecting; then according to the key stream that generates to the UP data; the RRC signaling; the NAS signaling is carried out Confidentiality protection; and to the RRC signaling; the NAS signaling is carried out integrity protection; owing to realize that the process of SNOW 3G algorithm and ZUC algorithm is relatively independent; therefore terminal equipment and apparatus for network node just need deployment two cover key stream generating apparatus to realize SNOW 3G algorithm and ZUC algorithm respectively; thereby taken the more processing resource of terminal equipment and apparatus for network node, particularly especially serious for the relatively more responsive terminal equipment of area and power consumption.

Summary of the invention

The embodiment of the invention provides a kind of key stream generating apparatus and method, need dispose two cover key stream generating apparatus and has taken terminal equipment and the more processing problem of resource of apparatus for network node in order to solve in the prior art terminal equipment and apparatus for network node.

The embodiment of the invention also provides a kind of Confidentiality protection device and method.

Embodiment of the invention technical scheme is as follows:

A kind of key stream generating apparatus comprises: control unit is used for sending the algorithm corresponding algorithm that generates key stream respectively to initialization unit, updating block, replacement unit and key stream generation unit and selects signal; Initialization unit is used for according to the initial key and the initial vector that set in advance, selects the signal corresponding algorithm to generate initial value based on the algorithm that receives; Cycle shift unit is used for the initial value according to the initialization unit generation, and each circulating register is carried out initial assignment, and according to the updating value that updating block generates, each circulating register is upgraded; Replace the unit, be used for the value according to circulating register, select the signal corresponding algorithm to generate output parameter based on the algorithm that receives; Updating block is used for selecting the signal corresponding algorithm to generate updating value according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives; The key stream generation unit is used for selecting the signal corresponding algorithm to generate key stream according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives.

A kind of key stream generating method, the method comprising the steps of: control unit sends the algorithm corresponding algorithm that generates key stream respectively to initialization unit, updating block, replacement unit and key stream generation unit and selects signal; Initialization unit selects the signal corresponding algorithm to generate initial value according to the initial key and the initial vector that set in advance based on the algorithm that receives; Cycle shift unit is carried out initial assignment according to the initial value that initialization unit generates to each circulating register, and according to the updating value that updating block generates, each circulating register is upgraded; Replace the unit according to the value of circulating register, select the signal corresponding algorithm to generate output parameter based on the algorithm that receives; Updating block selects the signal corresponding algorithm to generate updating value according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives; The key stream generation unit selects the signal corresponding algorithm to generate key stream according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives.

A kind of Confidentiality protection device comprises initial vector generation unit, above-mentioned key stream generating apparatus, encryption/decryption element, and wherein: the initial vector generation unit is used for generating the key stream generating apparatus and generates the required initial vector of key stream; Encryption/decryption element is used for the key stream that generates according to the key stream generating apparatus, is encrypted operation to sent clear data and obtains encrypt data, and the encrypt data that receives is decrypted operation obtains clear data.

A kind of Confidentiality protection method, the method comprising the steps of: the initial vector generation unit generates the key stream generating apparatus and generates the required initial vector of key stream; The key stream generating apparatus generates key stream based on above-mentioned key stream generating method; The key stream that encryption/decryption element generates according to the key stream generating apparatus is encrypted operation to sent clear data and obtains encrypt data, and the encrypt data that receives is decrypted operation obtains clear data.

In the embodiment of the invention technical scheme, the key stream generating apparatus comprises control unit, initialization unit, cycle shift unit, replace the unit, updating block and key stream generation unit, wherein control unit is to initialization unit, updating block, replace unit and key stream generation unit and send the algorithm corresponding algorithm selection signal that generates key stream respectively, initialization unit is according to the initial KEY and the IV that set in advance, select the signal corresponding algorithm to generate initial value based on the algorithm that receives, the initial value that cycle shift unit generates according to initialization unit, each circulating register is carried out initial assignment, and the updating value that generates according to updating block, each circulating register is upgraded, replace the unit according to the value of circulating register, select the signal corresponding algorithm to generate output parameter based on the algorithm that receives, updating block is according to the value of circulating register and the output parameter of replacing the unit generation, select the signal corresponding algorithm to generate updating value based on the algorithm that receives, the key stream generation unit selects the signal corresponding algorithm to generate key stream according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives.Therefore, the key stream generating apparatus that the embodiment of the invention proposes can be realized the algorithm of a plurality of generation key streams, terminal equipment and apparatus for network node are realized SNOW 3G algorithm and ZUC algorithm respectively with regard to no longer needing to dispose two cover key stream generating apparatus so, thereby have saved terminal equipment and the more processing resource of apparatus for network node effectively; In addition, only comprise a control unit in the key stream generating apparatus that embodiment of the invention technical scheme proposes, no matter the algorithm that this key stream generating apparatus need be realized has several, the algorithm corresponding algorithm that only needs this control unit that current needs are realized selects signal to send to initialization unit, updating block, replacing unit and key stream generation unit gets final product, initialization unit, updating block, replacing unit and key stream generation unit can select signal to handle accordingly according to the algorithm that receives, if need extra other algorithms that increase, also only need be in initialization unit, updating block, replacing the processing rule that increases this algorithm correspondence in unit and the key stream generation unit gets final product, thereby can save the more processing resource of terminal equipment and apparatus for network node effectively, can also shorten the construction cycle of system greatly.

Description of drawings

Fig. 1 is in the prior art, realizes the process schematic diagram of SNOW 3G algorithm;

Fig. 2 is in the prior art, realizes the process schematic diagram of ZUC algorithm;

Fig. 3 is in the embodiment of the invention one, key stream generating apparatus structural representation;

Fig. 4 is in the embodiment of the invention one, the state of main control unit conversion schematic diagram;

Fig. 5 is in the embodiment of the invention two, and key stream generates the method flow schematic diagram;

Fig. 6 is in the embodiment of the invention three, Confidentiality protection apparatus structure schematic diagram;

Fig. 7 is in the embodiment of the invention four, Confidentiality protection method flow schematic diagram.

Embodiment

At length set forth to the main realization principle of embodiment of the invention technical scheme, embodiment and to the beneficial effect that should be able to reach below in conjunction with each accompanying drawing.

Embodiment one

The embodiment of the invention one proposes a kind of key stream generating apparatus, comprise control unit 31, initialization unit 32, cycle shift unit 33, replace unit 34, updating block 35 and key stream generation unit 36, its structure as shown in Figure 3, the input of key stream generating apparatus comprises initial KEY, 128 IV, 1 algorithm selection signal sel and 1 enable signal en of 128, and output comprises 32 key stream ks.

Function to each unit is described in detail below.

Control unit

Control unit 31 is mainly used in sending the algorithm corresponding algorithm that generates key stream respectively to initialization unit 32, updating block 34, replacement unit 35 and key stream generation unit 36 and selects signal, wherein, the algorithm of the generation key stream in the embodiment of the invention one can but be not limited to comprise SNOW 3G algorithm and ZUC algorithm.

Terminal equipment under the key stream generating apparatus or apparatus for network node determine to generate the algorithm of key stream, control unit 31 to the key stream generating apparatus sends the algorithm corresponding algorithm selection signal sel that determines then, and control unit 31 is selected signal sel to initialization unit 32, updating block 34, replacement unit 35 and key stream generation unit 36 difference transmission algorithms.

When the terminal equipment under the key stream generating apparatus or apparatus for network node use key stream at needs; start the key stream generating apparatus by enable signal en and generate key stream; be set to enable signal en effectively this moment; terminal equipment under the key stream generating apparatus or apparatus for network node carry out the length of the data of fail safe protection as required; can determine data are carried out the quantity of the required key stream of fail safe protection; when the quantity of the key stream that generates when the key stream generating apparatus reaches data is carried out the quantity of the required key stream of fail safe protection; it is invalid that enable signal en is set to, and stops the key stream generating apparatus with this and generate key stream.

Control unit 31 comprises 5 kinds of states: idle (idle) state, initial assignment (assign) state, initialization (initial) state, idle running (blank) state, work (work) state.Transformational relation between each state as shown in Figure 4, wherein:

When enable signal en was invalid, control unit 31 was in idle condition, and this moment, the key stream generating apparatus was not worked;

When enable signal en is transferred to when effective by invalid, control unit 31 is the initial assignment state by the idle condition redirect, when control unit 31 is in the initial assignment state, the initial assignment operation is finished in cycle shift unit 33 and replacement unit 34, cycle shift unit 33 is carried out initial assignment according to the initial value that initialization unit 32 generates to 16 circulating registers, and replacing the unit is 0 with the output parameter tax;

After by the idle condition redirect being 1 clock cycle of initial assignment state when control unit 31, control unit 31 is init state by the redirect of initial assignment state, finish the initialization procedure of algorithm at this state, initialization procedure is 32 cycles, can an embedded summary counter cnt, every just summary counter cnt the accumulation through a clock cycle adds 1, is 32 until summary counter cnt;

After control unit 31 was 32 clock cycle of init state by the redirect of initial assignment state, control unit 31 was idling conditions by the init state redirect;

After by the init state redirect being 1 clock cycle of idling conditions when control unit 31, control unit 31 is operating state by the idling conditions redirect, control unit 31 is in running order each clock cycle, key stream generation unit 36 is carried out the process that generates key streams, the key stream that key stream generation unit 36 generates can but be not limited to 32 key stream;

When enable signal en by effectively transferring to when invalid, control unit 31 is idle condition by the operating state redirect, this moment, the key stream generating apparatus was not worked.

Only comprise a control unit in the key stream generating apparatus that the embodiment of the invention one technical scheme proposes, no matter the algorithm that this key stream generating apparatus need be realized has several, the algorithm corresponding algorithm selection signal that only needs this control unit that current needs are realized sends to initialization unit, updating block, replacement unit and key stream generation unit and gets final product, and has saved the more processing resource of terminal equipment and apparatus for network node effectively.

In addition, if need extra other algorithms that increase, the processing rule that only need increase this algorithm correspondence in initialization unit, updating block, replacement unit and key stream generation unit gets final product, thereby can save the more processing resource of terminal equipment and apparatus for network node effectively, can also shorten the construction cycle of system greatly.

Initialization unit

Initialization unit 32 is mainly used in according to the initial KEY and the IV that set in advance, selects the signal corresponding algorithm to generate initial value based on the algorithm that receives, initialization unit 32 be input as 128 initial KEY and 128 IV, wherein initial KEY is with { k ₀, k ₁K ₁₂₇Expression, 128 IV { iv ₀, iv ₁Iv ₁₂₇Expression, initialization unit 32 is output as 16 32 initial value, uses i ₀, i ₁I ₁₅Expression.

When the control of initialization unit 32 controlled unit 31, the algorithm that receives when initialization unit 32 selected signal sel corresponding algorithm to be SNOW 3G algorithm, initialization unit can generate 16 32 initial value by following manner:

{i ₀，i ₁，i ₂，i ₃}＝！{k ₀，k ₁，…，k ₁₂₇}

{i ₄，i ₅，i ₆，i ₇}＝{k ₀，k ₁，…，k ₁₂₇}

i ₈＝i ₀

$i_9=i_1\&CirclePlus;\{{\mathrm{iv}}_{96},{\mathrm{iv}}_{97},\&CenterDot;\&CenterDot;\&CenterDot;,{\mathrm{iv}}_{127}\}$

$i_{10}={\mathrm{<figure-callout\; id="2"\; label="i"\; filenames="HDA0000135951190000011.png"\; state="\{\{state\}\}">i</figure-callout>}}_2\&CirclePlus;\{{\mathrm{iv}}_{64},{\mathrm{iv}}_{65},\&CenterDot;\&CenterDot;\&CenterDot;,{\mathrm{iv}}_{95}\}$

i ₁₁＝i ₃

$i_{12}=i_4\&CirclePlus;\{{\mathrm{<figure-callout\; id="32"\; label="iv"\; filenames="HDA0000135951190000031.png"\; state="\{\{state\}\}">iv</figure-callout>}}_{32},{\mathrm{<figure-callout\; id="33"\; label="iv"\; filenames="HDA0000135951190000031.png"\; state="\{\{state\}\}">iv</figure-callout>}}_{33},\&CenterDot;\&CenterDot;\&CenterDot;,{\mathrm{iv}}_{63}\}$

i ₁₃＝i ₅

i ₁₄＝i ₆

$i_{15}=i_7\&CirclePlus;\{{\mathrm{iv}}_0,{\mathrm{iv}}_1,\&CenterDot;\&CenterDot;\&CenterDot;,{\mathrm{iv}}_{31}\}$

Wherein,! Expression step-by-step negate computing, { } expression series connection computing,

The expression XOR.

When the algorithm that receives when initialization unit 32 selected signal sel corresponding algorithm to be the ZUC algorithm, initialization unit 32 generated initial value by following manner:

i _j＝0||{k _16·j，k _16·j+1，…，k _16·j+15}||d _j||{iv _16·j，iv _16·j+1，…，iv _16·j+15}

Wherein, d _jBe 15 default bit constants, 0≤j≤15, || expression series connection computing.

In addition, if need extra other algorithms that increase, then need increase method this algorithm correspondence, that generate initial value in initialization unit, follow-up initialization unit just can generate initial value based on this newly-increased algorithm according to the indication of control unit.

Cycle shift unit

Cycle shift unit 33 is mainly used in the initial value according to initialization unit 32 generations, and each circulating register is carried out initial assignment, and according to the updating value that updating block 35 generates, each circulating register is upgraded.

The cycle shift unit 33 main LFSR that realize SNOW 3G algorithm and ZUC algorithm comprise 16 32 register (being called circulating register), and the value of each circulating register is used r respectively ₀, r ₁R ₁₅Expression.

The control of cycle shift unit 33 controlled unit 31, the state of cycle shift unit 33 Monitoring and Controlling unit 31 in each clock cycle, be the initial assignment state if monitor control unit 31, then cycle shift unit 33 is according to the initial value of initialization unit 32 generations, each circulating register is carried out initial assignment, at this moment the initial value i that is input as initialization unit 32 generations of cycle shift unit 33 ₀, i ₁I ₁₅, cycle shift unit 33 is carried out initial assignment by following manner to 16 32 circulating register:

r _j＝i _j

0≤j≤15 wherein.

Be init state, idling conditions or operating state if monitor control unit 31, then cycle shift unit 33 is according to the updating value r of updating block 35 generations _Updt, each circulating register is upgraded, at this moment the updating value r that is input as updating block 35 generations of cycle shift unit 33 _Updt, cycle shift unit 33 is upgraded 16 32 the register that comprises by following manner:

r ₀＝r ₁，r ₁＝r ₂，r ₂＝r ₃，r ₃＝r ₄，r ₄＝r ₅，r ₅＝r ₆，r ₆＝r ₇，r ₇＝r ₈

r ₈＝r ₉，r ₉＝r ₁₀，r ₁₀＝r ₁₁，r ₁₁＝r ₁₂，r ₁₂＝r ₁₃，r ₁₃＝r ₁₄，r ₁₄＝r ₁₅，r ₁₅＝r _updt

Replace the unit

Replacement unit 34 is mainly used in the value according to circulating register, selects the signal corresponding algorithm to generate output parameter s based on the algorithm sel that receives.

Replace the register (be called and replace register) that unit 34 comprises 4 32, each value of replacing register is respectively R ₀, R ₁, R ₂, R ₃, be used for realizing the FSM of SNOW 3G algorithm and the NLF function of ZUC algorithm, replace the value r of the circulating register that is input as cycle shift unit 33 of unit 34 ₅, r ₇, r ₉, r ₁₁, r ₁₄, r ₁₅, the output parameter of generation is s.

Define 2 32 adder, the value of 2 adders is respectively add ₀, add ₁, defining 2 32 XOR device, the value of 2 adders is respectively xor ₀, xor ₁, wherein:

${\mathrm{xor}}_o=R_1\&CirclePlus;t_1,$ ${\mathrm{xor}}_1={\mathrm{<figure-callout\; id="2"\; label="t"\; filenames="HDA0000135951190000011.png"\; state="\{\{state\}\}">t</figure-callout>}}_2\&CirclePlus;t_3$

t ₀, t ₁, t ₂, t ₃Be respectively 4 temporary variables, the field represents that mould adds computing.

Replace the control of 34 controlled unit 31, unit, replace unit 34 in each clock cycle, the state of Monitoring and Controlling unit 31 is the initial assignment state if monitor control unit 31, then replace unit 34 output parameter is put 0, be equivalent to output parameter s is carried out initial assignment.

If monitor control unit 31 for init state, idling conditions or operating state, then replace unit 34 according to the value of circulating register, select the signal corresponding algorithm to generate output parameter s based on the algorithm that receives.

Wherein, if to monitor control unit be init state, idling conditions or operating state, and the algorithm that receives to select the signal corresponding algorithm be SNOW 3G algorithm, then replace unit 34 and generate output parameter s by following manner:

s＝xor ₀

t ₀＝r ₁₅，t ₁＝add ₀，t ₂＝R ₂，t ₃＝r ₅

R ₃＝add ₁，R ₂＝S2(R ₁)，R ₁＝S1(R ₀)，R ₀＝R ₃

Wherein, S1 and S2 represent replacement operation.

If to monitor control unit be init state, idling conditions or operating state, and the algorithm that receives to select the signal corresponding algorithm be the ZUC algorithm, then replace unit 34 and generate output parameter by following manner:

s＝add ₁

t ₀＝{r _11L，r′ _9H}，t ₁＝{r _7L，r′ _5H}，t ₂＝R ₀，t ₃＝{r′ _15H，r _14L}

R ₃＝add ₀，R ₂＝xor ₀，R ₁＝S(L2{R _2L，R _3H})，R ₀＝S(L1{R _3L，R _2H})

Wherein, r _11L, r _7L, r _14L, R _2L, R _3LRepresent r respectively ₁₁, r ₇, r ₁₄, R ₂, R ₃Low 16, R _3H, R _2HRepresent R respectively ₃, R ₂High 16, r ' ₉, r ' ₅, r ' ₁₅Represent r respectively ₉, r ₅, r ₁₅Low 31, r ' _9H, r ' _5H, r ' _15HRepresent r ' respectively ₉, r ' ₅, r ' ₁₅ High 16, S represents replacement operation, L1 and L2 represent the linear transformation computing, { } expression series connection computing.

In addition, if need extra other algorithms that increase, then need increase method this algorithm correspondence, that generate output parameter s in replacing the unit, follow-up replacement unit just can generate output parameter s based on this newly-increased algorithm according to the indication of control unit.

Updating block

Updating block 35 is mainly used in according to the value of circulating register and replaces the output parameter s that unit 34 generates, and selects signal sel corresponding algorithm to generate updating value r based on the algorithm that receives _Updt

The value r of the circulating register that is input as cycle shift unit 33 of updating block 35 ₀, r ₂, r ₄, r ₁₀, r ₁₁, r ₁₃, r ₁₅, and the output parameter s that replaces the generation of unit 34, be output as updating value r _Updt

The control of updating block 35 controlled unit 31, when the algorithm that receives selected signal sel corresponding algorithm to be SNOW 3G algorithm, updating block 35 generated updating value r by following manner _Updt:

$r_{\mathrm{updt}}=(r_0\&CenterDot;\mathrm{\&alpha;})\&CirclePlus;{\mathrm{<figure-callout\; id="2"\; label="r"\; filenames="HDA0000135951190000011.png"\; state="\{\{state\}\}">r</figure-callout>}}_2\&CirclePlus;(r_{11}\&CenterDot;{\mathrm{\&alpha;}}^{-1})\&CirclePlus;s$

Wherein, r ₀α representative function mul _α(r ₀), r ₁₁α ^-1Representative function div _α(r ₀).

When the algorithm that receives selected signal sel corresponding algorithm to be the ZUC algorithm, updating block 35 generated updating value r by following manner _Updt:

r _updt＝0||(r′ ₀+2 ⁸·r′ ₀+2 ²⁰·r′ ₄+2 ²¹·r′ ₁₀+2 ¹⁷·r′ ₁₃+2 ¹⁵·r′ ₁₅+(s＞＞1))mod(2 ³¹-1)

Wherein, r ' ₀, r ' ₄, r ' ₁₀, r ' ₁₃, r ' ₁₅Represent r respectively ₀, r ₄, r ₁₀, r ₁₃, r ₁₅Low 31, s＞＞1 expression s moves to right 1,2 ⁸R ' ₀, 2 ²⁰R ' ₄, 2 ²¹R ' ₁₀, 2 ¹⁷R ' ₁₃, 2 ¹⁵R ' ₁₅Represent r ' respectively ₀8 of ring shift lefts, 20 of r ' 4 ring shift lefts, r ' ₁₀21 of ring shift lefts, r ' ₁₃17 of ring shift lefts, r ' ₁₅15 of ring shift lefts.

If the updating value r that updating block 35 generates _UpdtBe 0, then updating block 35 is with updating value r _UpdtBe set to 0|| (2 ³¹-1).

In addition, if need extra other algorithms that increase, then need in updating block, increase this algorithm correspondence, generation updating value r _UpdtMethod, follow-up updating block just can be according to the indication of control unit, generates updating value r based on this newly-increased algorithm _Updt

The key stream generation unit

Key stream generation unit 36 is mainly used in according to the value of circulating register and replaces the output parameter s that unit 34 generates, and selects signal sel corresponding algorithm to generate key stream ks based on the algorithm that receives.

The value r of the circulating register that is input as cycle shift unit 33 of key stream generation unit 36 ₀, r ₂, and the output parameter s that replaces the generation of unit 34, be output as key stream ks.

The control of key stream generation unit 36 controlled unit 31, in each clock cycle, the state of key stream generation unit 36 Monitoring and Controlling unit 31, be operating state if monitor control unit 31, then key stream generation unit 36 selects signal sel corresponding algorithm to generate key stream according to the value of circulating register and the output parameter s that replaces unit 34 generations based on the algorithm that receives.

Define 32 temporary variable t, key stream generation unit 36 generates key stream ks by following manner:

$\mathrm{ks}=s\&CirclePlus;t$

Be operating state if monitor control unit 31, and the algorithm that receives to select signal sel corresponding algorithm be SNOW 3G algorithm, t=r then ₀, namely key stream generation unit 36 generates key stream ks by following manner:

$\mathrm{ks}=s\&CirclePlus;r_0$

Be operating state if monitor control unit 31, and the algorithm that receives to select signal sel corresponding algorithm be the ZUC algorithm, t={r then _2L, r ' _0H, namely key stream generation unit 36 generates key stream ks by following manner:

$\mathrm{ks}=s\&CirclePlus;\{r_{2L},r_{0H}^{\&prime;}\}$

Wherein, r _2LExpression r ₂High 16, r ' ₀Expression r ₀Low 31, r ' _0HExpression r ' ₀ High 16.

In addition, if need extra other algorithms that increase, then need increase method this algorithm correspondence, that generate key stream in the key stream generation unit, derive subsequent keys stream generation unit just can generate key stream based on this newly-increased algorithm according to the indication of control unit.

By above-mentioned processing procedure as can be known, in the embodiment of the invention technical scheme, the key stream generating apparatus comprises control unit, initialization unit, cycle shift unit, replace the unit, updating block and key stream generation unit, wherein control unit is to initialization unit, updating block, replace unit and key stream generation unit and send the algorithm corresponding algorithm selection signal that generates key stream respectively, initialization unit is according to the initial KEY and the IV that set in advance, select the signal corresponding algorithm to generate initial value based on the algorithm that receives, the initial value that cycle shift unit generates according to initialization unit, each circulating register is carried out initial assignment, and the updating value that generates according to updating block, each circulating register is upgraded, replace the unit according to the value of circulating register, select the signal corresponding algorithm to generate output parameter based on the algorithm that receives, updating block is according to the value of circulating register and the output parameter of replacing the unit generation, select the signal corresponding algorithm to generate updating value based on the algorithm that receives, the key stream generation unit selects the signal corresponding algorithm to generate key stream according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives.Therefore, the key stream generating apparatus that the embodiment of the invention proposes can be realized the algorithm of a plurality of generation key streams, terminal equipment and apparatus for network node are realized SNOW 3G algorithm and ZUC algorithm respectively with regard to no longer needing to dispose two cover key stream generating apparatus so, thereby have saved terminal equipment and the more processing resource of apparatus for network node effectively; In addition, only comprise a control unit in the key stream generating apparatus that embodiment of the invention technical scheme proposes, no matter the algorithm that this key stream generating apparatus need be realized has several, the algorithm corresponding algorithm that only needs this control unit that current needs are realized selects signal to send to initialization unit, updating block, replacing unit and key stream generation unit gets final product, initialization unit, updating block, replacing unit and key stream generation unit can select signal to handle accordingly according to the algorithm that receives, if need extra other algorithms that increase, also only need be in initialization unit, updating block, replacing the processing rule that increases this algorithm correspondence in unit and the key stream generation unit gets final product, thereby can save the more processing resource of terminal equipment and apparatus for network node effectively, can also shorten the construction cycle of system greatly.

Embodiment two

Based on the key stream generating apparatus that the embodiment of the invention one proposes, the embodiment of the invention two proposes a kind of key stream generating method, and as shown in Figure 5, its concrete handling process is as follows:

Step 51, control unit sends the algorithm corresponding algorithm that generates key stream respectively to initialization unit, updating block, replacement unit and key stream generation unit and selects signal sel;

Step 52, initialization unit select signal sel corresponding algorithm to generate initial value according to the initial KEY and the IV that set in advance based on the algorithm that receives;

Step 53, cycle shift unit is carried out initial assignment according to the initial value that initialization unit generates to each circulating register, and according to the updating value that updating block generates, each circulating register is upgraded;

Step 54 is replaced the unit according to the value of circulating register, selects signal sel corresponding algorithm to generate output parameter based on the algorithm that receives;

Step 55, updating block select signal sel corresponding algorithm to generate updating value according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives;

Step 56, key stream generation unit select signal sel corresponding algorithm to generate key stream according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives.

In the embodiment of the invention two, the state of control unit comprises idle condition, initial assignment state, init state, idling conditions and operating state, wherein:

When enable signal en was invalid, control unit was in idle condition;

When enable signal en is transferred to when effective by invalid, described control unit is the initial assignment state by the idle condition redirect;

After by the idle condition redirect being 1 clock cycle of initial assignment state when control unit, described control unit is init state by the redirect of initial assignment state;

After control unit was 32 clock cycle of init state by the redirect of initial assignment state, described control unit was idling conditions by the init state redirect;

After by the init state redirect being 1 clock cycle of idling conditions when control unit, described control unit is operating state by the idling conditions redirect.

In the embodiment of the invention two, cycle shift unit is carried out initial assignment according to the initial value that initialization unit generates to each circulating register, and according to the updating value that updating block generates, each circulating register is upgraded, and specifically comprises:

Cycle shift unit is monitored the state of described control unit in each clock cycle;

If monitoring described control unit is the initial assignment state, then the initial value that generates according to initialization unit carries out initial assignment to each circulating register;

If monitoring control unit is init state, idling conditions or operating state, then the updating value that generates according to updating block is upgraded each circulating register.

In the embodiment of the invention two, replace the unit according to the value of circulating register, select signal sel corresponding algorithm to generate output parameter based on the algorithm that receives, specifically comprise:

In each clock cycle, monitor the state of described control unit;

If monitoring described control unit is the initial assignment state, then output parameter is put 0;

If monitoring control unit is init state, idling conditions or operating state, then according to the value of circulating register, select signal sel corresponding algorithm to generate output parameter based on the algorithm that receives.

In the embodiment of the invention two, the key stream generation unit selects signal sel corresponding algorithm to generate key stream according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives, and specifically comprises:

In each clock cycle, monitor the state of described control unit;

If monitoring described control unit is operating state, then according to the value of circulating register and the output parameter of replacing the unit generation, select signal sel corresponding algorithm to generate key stream based on the algorithm that receives.

Embodiment three

Key stream generating apparatus based on the embodiment of the invention one proposition; the embodiment of the invention three proposes a kind of Confidentiality protection device; in order to realize 128-EEA1 and 128-EEA3; the Confidentiality protection device comprises initial vector generation unit 61; the key stream generating apparatus 62 that the embodiment of the invention one proposes; encryption/decryption element 63; its structure as shown in Figure 6; initial vector generation unit 61 is by 32 countings (count); 5 carryings (bearer); 1 direction (direction) makes up IV; generate key stream ks by key stream generating apparatus 62 then, according to key stream ks input data (Din) to be protected are carried out encryption and decryption at last and obtain exporting data (Dout).Wherein:

Initial vector generation unit 61, be used for generating key stream generating apparatus 62 and generate 128 required IV of key stream, initial vector generation unit 61 be input as count, bearer, direction, be output as IV, initial vector generation unit 61 will be imported with filling bit 0, generate IV in the following manner:

IV＝{count，bearer，direction，0 ²⁶，count，bearer，direction，0 ²⁶}

Wherein, 0 ²⁶Represent 26 0.

Key stream generation unit 62 is for generation of carrying out the needed key stream ks of Confidentiality protection.

Encryption/decryption element 63; be used for the key stream ks according to 62 generations of key stream generating apparatus; input data (Din) to be protected are carried out encryption and decryption obtain exporting data (Dout); be about to clear data to be sent and be encrypted operation and obtain encrypt data, and the encrypt data that receives is decrypted operation obtains clear data.Concrete: encryption/decryption element 63 will clear data to be sent carries out xor operation with the key stream ks of key stream generating apparatus 62 generations and obtains encrypt data, and the key stream ks of the encrypt data that receives and 62 generations of key stream generating apparatus is carried out xor operation obtains clear data.

Embodiment four

Based on the Confidentiality protection device that the embodiment of the invention three proposes, the embodiment of the invention four proposes a kind of Confidentiality protection method, and as shown in Figure 7, its concrete handling process is as follows:

Step 71, the initial vector generation unit generates the key stream generating apparatus and generates the required IV of key stream;

Step 72, the key stream generating apparatus generates key stream ks based on the key stream generating method that the embodiment of the invention two proposes;

Step 73, the key stream ks that encryption/decryption element generates according to the key stream generating apparatus is encrypted operation to sent clear data and obtains encrypt data, and the encrypt data that receives is decrypted operation obtains clear data.

In the embodiment of the invention four, the key stream ks that encryption/decryption element generates according to the key stream generating apparatus is encrypted operation to sent clear data and obtains encrypt data, specifically comprises:

The key stream ks that encryption/decryption element generates clear data to be sent and key stream generating apparatus carries out xor operation and obtains encrypt data;

The key stream ks that encryption/decryption element generates according to the key stream generating apparatus is decrypted operation to the encrypt data that receives and obtains clear data, specifically comprises:

The key stream ks that encryption/decryption element generates the encrypt data that receives and key stream generating apparatus carries out xor operation and obtains clear data.

Obviously, those skilled in the art can carry out various changes and modification to the present invention and not break away from the spirit and scope of the present invention.Like this, if of the present invention these are revised and modification belongs within the scope of claim of the present invention and equivalent technologies thereof, then the present invention also is intended to comprise these changes and modification interior.

Claims (19)

1. a key stream generating apparatus is characterized in that, comprising:

Control unit is used for sending the algorithm corresponding algorithm that generates key stream respectively to initialization unit, updating block, replacement unit and key stream generation unit and selects signal;

Initialization unit is used for according to the initial key and the initial vector that set in advance, selects the signal corresponding algorithm to generate initial value based on the algorithm that receives;

Cycle shift unit is used for the initial value according to the initialization unit generation, and each circulating register is carried out initial assignment, and according to the updating value that updating block generates, each circulating register is upgraded;

Replace the unit, be used for the value according to circulating register, select the signal corresponding algorithm to generate output parameter based on the algorithm that receives;

Updating block is used for selecting the signal corresponding algorithm to generate updating value according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives;

The key stream generation unit is used for selecting the signal corresponding algorithm to generate key stream according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives.

2. device as claimed in claim 1 is characterized in that, described initialization unit specifically is used for:

When the algorithm that receives selects the signal corresponding algorithm to be SNOW 3G algorithm, generate initial value by following manner:

{i ₀，i ₁，i ₂，i ₃}＝！{k ₀，k ₁，…，k ₁₂₇}

{i ₄，i ₅，i ₆，i ₇}＝{k ₀，k ₁，…，k ₁₂₇}

i ₈＝i ₀

$i_9=i_1\&CirclePlus;\{{\mathrm{iv}}_{96},{\mathrm{iv}}_{97},\&CenterDot;\&CenterDot;\&CenterDot;,{\mathrm{iv}}_{127}\}$

$i_{10}=i_2\&CirclePlus;\{{\mathrm{iv}}_{64},{\mathrm{iv}}_{65},\&CenterDot;\&CenterDot;\&CenterDot;,{\mathrm{iv}}_{95}\}$

i ₁₁＝i ₃

$i_{12}=i_4\&CirclePlus;\{{\mathrm{iv}}_{32},{\mathrm{iv}}_{33},\&CenterDot;\&CenterDot;\&CenterDot;,{\mathrm{iv}}_{63}\}$

i ₁₃＝i ₅

i ₁₄＝i ₆

$i_{15}=i_7\&CirclePlus;\{{\mathrm{iv}}_0,{\mathrm{iv}}_1,\&CenterDot;\&CenterDot;\&CenterDot;,{\mathrm{iv}}_{31}\}$

Wherein, i ₀, 1 _iI ₁₅16 initial values for the initialization unit generation;

Expression step-by-step negate computing;

{ } expression series connection computing;

{ k ₀, k ₁K ₁₂₇It is 128 initial key;

{ iv ₀, iv ₁Iv ₁₂₇It is 128 initial vector;

The expression XOR;

When the algorithm that receives selects the signal corresponding algorithm to be the ZUC algorithm, generate initial value by following manner:

i _j＝0||{k _16·j，k _16·j+1，…，k _16·j+15}||d _j||{iv _16·j，iv _16·j+1，…，iv _16·j+15}

Wherein, i _jBe j initial value in 16 initial values of initialization unit generation, 0≤j≤15;

|| expression series connection computing;

d _jBe 15 default bit constants.

3. device as claimed in claim 1 is characterized in that, the state of described control unit comprises idle condition, initial assignment state, init state, idling conditions and operating state, wherein:

When enable signal was invalid, described control unit was in idle condition;

When enable signal is transferred to when effective by invalid, described control unit is the initial assignment state by the idle condition redirect;

After by the idle condition redirect being 1 clock cycle of initial assignment state when control unit, described control unit is init state by the redirect of initial assignment state;

After control unit was 32 clock cycle of init state by the redirect of initial assignment state, described control unit was idling conditions by the init state redirect;

After by the init state redirect being 1 clock cycle of idling conditions when control unit, described control unit is operating state by the idling conditions redirect.

4. device as claimed in claim 3 is characterized in that, described cycle shift unit specifically is used for:

In each clock cycle, monitor the state of described control unit, if to monitor described control unit be the initial assignment state, the initial value that generates according to initialization unit then, each circulating register is carried out initial assignment, if monitoring control unit is init state, idling conditions or operating state, then the updating value that generates according to updating block is upgraded each circulating register.

5. device as claimed in claim 4 is characterized in that, described cycle shift unit specifically is used for:

If monitoring described control unit is the initial assignment state, then by following manner 16 circulating registers are carried out initial assignment:

r _j＝i _j

Wherein, r _jIt is the value of 16 j registers in the circulating register;

i _jBe j initial value in 16 initial values of initialization unit generation, 0≤j≤15;

If monitoring control unit is init state, idling conditions or operating state, then by following manner 16 registers that comprise are upgraded:

r ₀＝r ₁，r ₁＝r ₂，r ₂＝r ₃，r ₃＝r ₄，r ₄＝r ₅，r ₅＝r ₆，r ₆＝r ₇，r ₇＝r ₈

r ₈＝r ₉，r ₉＝r ₁₀，r ₁₀＝r ₁₁，r ₁₁＝r ₁₂，r ₁₂＝r ₁₃，r ₁₃＝r ₁₄，r ₁₄＝r ₁₅，r ₁₅＝r _updt

Wherein, r ₀, r ₁R ₁₅Be respectively the value of 16 circulating registers;

r _UpdtUpdating value for the updating block generation.

6. device as claimed in claim 3 is characterized in that, described replacement unit specifically is used for:

In each clock cycle, monitor the state of described control unit, if to monitor described control unit be the initial assignment state, then output parameter is put 0, if to monitor control unit be init state, idling conditions or operating state, then according to the value of circulating register, select the signal corresponding algorithm to generate output parameter based on the algorithm that receives.

7. device as claimed in claim 6 is characterized in that, described replacement unit specifically is used for:

If to monitor control unit be init state, idling conditions or operating state, and the algorithm that receives to select the signal corresponding algorithm be SNOW 3G algorithm, then generate output parameter by following manner:

s＝xor ₀

${\mathrm{xor}}_o=R_1{\&CirclePlus;t}_1,$ ${\mathrm{xor}}_1=t_2{\&CirclePlus;t}_3$

t ₀＝r ₁₅，t ₁＝add ₀，t ₂＝R ₂，t ₃＝r ₅

R ₃＝add ₁，R ₂＝S2(R ₁)，R ₁＝S1(R ₀)，R ₀＝R ₃

Wherein, s is for replacing the output parameter that the unit generates;

Xor ₀, xor ₁Be respectively the value of default 2 XOR devices;

R ₀, R ₁, R ₂, R ₃Be respectively the value of default 4 replacement registers;

t ₀, t ₁, t ₂, t ₃Be respectively 4 temporary variables;

Add ₀, add ₁Be respectively the value of default 2 adders;

r ₅, r ₁₅Be respectively the value of the 6th, the 16th circulating register;

S1 and S2 represent replacement operation;

The expression XOR;

The expression mould adds computing;

If to monitor control unit be init state, idling conditions or operating state, and the algorithm that receives to select the signal corresponding algorithm be the ZUC algorithm, then generate output parameter by following manner:

s＝add ₁

t ₀＝{r _11L，r′ _9H}，t ₁＝{r _7L，r′ _5H}，t ₂＝R ₀，t ₃＝{r′ _15H，r _14L}

R ₃＝add ₀，R ₂＝xor ₀，R ₁＝S(L2{R _2L，R _3H})，R ₀＝S(L1{R _3L，R _2H})

Wherein, r ₅, r ₇, r ₉, r ₁₁, r ₁₄, r ₁₅Be respectively the value of the 6th, the 8th, the 10th, the 12nd, the 15th, the 16th circulating register;

r _11L, r _7L, r _14L, r _2L, r _3LRepresent r respectively ₁₁, r ₇, r ₁₄, R ₂, R ₃Low 16;

R _3H, R _2HRepresent R respectively ₃, R ₂High 16;

R ' ₉, r ' ₅, r ' ₁₅Represent r respectively ₉, r ₅, r ₁₅Low 31;

R ' _9H, r ' _5H, r ' _15HRepresent r ' respectively ₉, r ' ₅, r ' ₁₅High 16;

S represents replacement operation;

L1 and L2 represent the linear transformation computing;

{ } expression series connection computing.

8. device as claimed in claim 3 is characterized in that, described updating block specifically is used for:

When the algorithm that receives selects the signal corresponding algorithm to be SNOW 3G algorithm, generate updating value by following manner:

$r_{\mathrm{updt}}=(r_0\&CenterDot;\mathrm{\&alpha;})\&CirclePlus;r_2(r_{11}\&CenterDot;{\mathrm{\&alpha;}}^{-1})\&CirclePlus;s$

Wherein, r _UpdtUpdating value for the updating block generation;

S is for replacing the output parameter that the unit generates;

r ₀, r ₂, r ₁₁Be respectively the value of the 1st, the 3rd, the 12nd circulating register;

The expression XOR;

r ₀α representative function mul _α(r ₀);

r ₁₁α ^-1Representative function div _α(r ₀);

When the algorithm that receives selects the signal corresponding algorithm to be the ZUC algorithm, generate updating value by following manner:

r _updt＝0||(r′ ₀+2 ⁸·r′ ₀+2 ²⁰·r′ ₄+2 ²¹·r′ ₁₀+2 ¹⁷·r′ ₁₃+2 ¹⁵·r′ ₁₅+(s＞＞1))mod(2 ₃₁-1)

Wherein, r ₀, r ₄, r ₁₀, r ₁₃, r ₁₅Be respectively the value of the 1st, the 5th, the 11st, the 14th, the 16th circulating register;

R ' ₀, r ' ₄, r ' ₁₀, r ' ₁₃, r ' ₁₅Represent r respectively ₀, r ₄, r ₁₀, r ₁₃, r ₁₅Low 31;

S＞＞1 expression s moves to right 1;

2 ⁸R ' ₀, 2 ²⁰R ' ₄, 2 ²¹R ' ₁₀, 2 ¹⁷R ' ₁₃, 2 ¹⁵R ' ₁₅Represent r ' respectively ₀8 of ring shift lefts, r ' ₄20 of ring shift lefts, r ' ₁₀21 of ring shift lefts, r ' ₁₃17 of ring shift lefts, r ' ₁₅15 of ring shift lefts;

|| expression series connection computing;

If the updating value r that generates _UpdtBe 0, then with updating value r _UpdtBe set to 0|| (2 ³¹-1).

9. device as claimed in claim 3 is characterized in that, described key stream generation unit specifically is used for:

In each clock cycle, monitor the state of described control unit, if monitoring described control unit is operating state, then according to the value of circulating register and the output parameter of replacing the unit generation, select the signal corresponding algorithm to generate key stream based on the algorithm that receives.

10. device as claimed in claim 9 is characterized in that, described key stream generation unit specifically is used for:

If to monitor described control unit be operating state, and the algorithm that receives to select the signal corresponding algorithm be SNOW 3G algorithm, then generate key stream by following manner:

$\mathrm{ks}=s{\&CirclePlus;r}_0$

Wherein, ks is the key stream of key stream generation unit generation;

S is for replacing the output parameter that the unit generates;

r ₀It is the value of the 1st circulating register;

The expression XOR;

If to monitor described control unit be operating state, and the algorithm that receives to select the signal corresponding algorithm be the ZUC algorithm, then generate key stream by following manner:

$\mathrm{ks}=s\&CirclePlus;\{r_{2L},r_{0H}^{\&prime;}\}$

Wherein, r ₀, r ₂Be respectively the value of the 1st, the 3rd circulating register;

r _2LExpression r ₂High 16;

R ' ₀Expression r ₀Low 31;

R ' _0HExpression r ' ₀High 16;

{ } expression series connection computing.

11. a key stream generating method is characterized in that, comprising:

Control unit sends the algorithm corresponding algorithm that generates key stream respectively to initialization unit, updating block, replacement unit and key stream generation unit and selects signal;

Initialization unit selects the signal corresponding algorithm to generate initial value according to the initial key and the initial vector that set in advance based on the algorithm that receives;

Cycle shift unit is carried out initial assignment according to the initial value that initialization unit generates to each circulating register, and according to the updating value that updating block generates, each circulating register is upgraded;

Replace the unit according to the value of circulating register, select the signal corresponding algorithm to generate output parameter based on the algorithm that receives;

Updating block selects the signal corresponding algorithm to generate updating value according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives;

The key stream generation unit selects the signal corresponding algorithm to generate key stream according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives.

12. method as claimed in claim 11 is characterized in that, the state of described control unit comprises idle condition, initial assignment state, init state, idling conditions and operating state, wherein:

When enable signal was invalid, described control unit was in idle condition;

When enable signal is transferred to when effective by invalid, described control unit is the initial assignment state by the idle condition redirect;

After by the idle condition redirect being 1 clock cycle of initial assignment state when control unit, described control unit is init state by the redirect of initial assignment state;

After control unit was 32 clock cycle of init state by the redirect of initial assignment state, described control unit was idling conditions by the init state redirect;

After by the init state redirect being 1 clock cycle of idling conditions when control unit, described control unit is operating state by the idling conditions redirect.

13. method as claimed in claim 12 is characterized in that, the initial value that cycle shift unit generates according to initialization unit, each circulating register is carried out initial assignment, and according to the updating value that updating block generates, each circulating register is upgraded, specifically comprise:

Cycle shift unit is monitored the state of described control unit in each clock cycle;

If monitoring described control unit is the initial assignment state, then the initial value that generates according to initialization unit carries out initial assignment to each circulating register;

If monitoring control unit is init state, idling conditions or operating state, then the updating value that generates according to updating block is upgraded each circulating register.

14. method as claimed in claim 12 is characterized in that, replaces the unit according to the value of circulating register, selects the signal corresponding algorithm to generate output parameter based on the algorithm that receives, and specifically comprises:

In each clock cycle, monitor the state of described control unit;

If monitoring described control unit is the initial assignment state, then output parameter is put 0;

If monitoring control unit is init state, idling conditions or operating state, then according to the value of circulating register, select the signal corresponding algorithm to generate output parameter based on the algorithm that receives.

15. method as claimed in claim 12 is characterized in that, the key stream generation unit selects the signal corresponding algorithm to generate key stream according to the value of circulating register and the output parameter of replacing the unit generation based on the algorithm that receives, and specifically comprises:

In each clock cycle, monitor the state of described control unit;

If monitoring described control unit is operating state, then according to the value of circulating register and the output parameter of replacing the unit generation, select the signal corresponding algorithm to generate key stream based on the algorithm that receives.

16. a Confidentiality protection device is characterized in that, comprises the initial vector generation unit, as the described key stream generating apparatus of the arbitrary claim of claim 1～10, encryption/decryption element, wherein:

The initial vector generation unit is used for generating the key stream generating apparatus and generates the required initial vector of key stream;

Encryption/decryption element is used for the key stream that generates according to the key stream generating apparatus, is encrypted operation to sent clear data and obtains encrypt data, and the encrypt data that receives is decrypted operation obtains clear data.

17. device as claimed in claim 16 is characterized in that, described encryption/decryption element specifically is used for:

The key stream that clear data to be sent and key stream generating apparatus are generated carries out xor operation and obtains encrypt data, and the key stream of the encrypt data that receives and the generation of key stream generating apparatus is carried out xor operation obtains clear data.

18. a Confidentiality protection method is characterized in that, comprising:

The initial vector generation unit generates the key stream generating apparatus and generates the required initial vector of key stream;

The key stream generating apparatus generates key stream based on the described key stream generating method of arbitrary claim in the claim 11～15;

The key stream that encryption/decryption element generates according to the key stream generating apparatus is encrypted operation to sent clear data and obtains encrypt data, and the encrypt data that receives is decrypted operation obtains clear data.

19. method as claimed in claim 18 is characterized in that, the key stream that encryption/decryption element generates according to the key stream generating apparatus is encrypted operation to sent clear data and obtains encrypt data, specifically comprises:

The key stream that encryption/decryption element generates clear data to be sent and key stream generating apparatus carries out xor operation and obtains encrypt data;

The key stream that encryption/decryption element generates according to the key stream generating apparatus is decrypted operation to the encrypt data that receives and obtains clear data, specifically comprises:

The key stream that encryption/decryption element generates the encrypt data that receives and key stream generating apparatus carries out xor operation and obtains clear data.

Images