CN108933652B - Ordinary round of transform arithmetic element, ordinary round of transform circuit and AES decryption circuit - Google Patents

Ordinary round of transform arithmetic element, ordinary round of transform circuit and AES decryption circuit Download PDF

Info

Publication number
CN108933652B
CN108933652B CN201810597060.4A CN201810597060A CN108933652B CN 108933652 B CN108933652 B CN 108933652B CN 201810597060 A CN201810597060 A CN 201810597060A CN 108933652 B CN108933652 B CN 108933652B
Authority
CN
China
Prior art keywords
matrix
constant
register
circuit
output end
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201810597060.4A
Other languages
Chinese (zh)
Other versions
CN108933652A (en
Inventor
张肖强
王新航
郑辛星
梁广俊
王磊
孙忠先
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Polytechnic University
Original Assignee
Anhui Polytechnic University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Polytechnic University filed Critical Anhui Polytechnic University
Priority to CN201810597060.4A priority Critical patent/CN108933652B/en
Publication of CN108933652A publication Critical patent/CN108933652A/en
Application granted granted Critical
Publication of CN108933652B publication Critical patent/CN108933652B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • H04L2209/122Hardware reduction or efficient architectures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • H04L2209/125Parallelization or pipelining, e.g. for accelerating processing of cryptographic operations

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Complex Calculations (AREA)

Abstract

The invention relates to the technical field of cryptographic circuits, in particular to a common round conversion operation unit, a common round conversion circuit and an AES decryption circuit
Figure DDA0001692035370000011
And the synthesis matrix
Figure DDA0001692035370000012
The critical path of the circuit can be shortened, and the circuit realization area can be reduced.

Description

Ordinary round of transform arithmetic element, ordinary round of transform circuit and AES decryption circuit
Technical Field
The invention relates to the technical field of cryptographic circuits, in particular to a common round conversion operation unit, a common round conversion circuit and an AES decryption circuit.
Background
AES (Advanced Encryption Standard) is a new generation of block symmetric cipher algorithm established by the national institute of standards and technology 2001, and is used to replace the original DES (Data Encryption Standard). Currently, the AES cryptographic algorithm has been adopted by several international standards organizations, and is the most widely used block cipher algorithm at present.
The data packet length of the AES cipher algorithm is 128 bits, the key length is 128 bits, 192 bits and 256 bits, and the key length is respectively called AES-128, AES-192 and AES-256. The AES algorithm is an iterative algorithm, each iteration can be called as round conversion, the key length is different, the number of round conversion is different, and the number N of round conversion of AES-128, AES-192 and AES-256r10, 12 and 14 respectively. AES encryptionThe process is shown in figure 1, and the first round conversion and the N round conversion are sequentially carried outr1 round of ordinary round transformation and last round transformation, the first round of transformation carries on the operation of adding the cipher key and the byte substitution operation sequentially; the ordinary round conversion carries out four operations of row shift, column mixing, key addition and byte replacement in sequence; the first round of transformation carries out the operations of shifting and adding the key in sequence. The AES decryption process is a reverse process of the encryption process, and as shown in FIG. 2, the first round of transformation and N are also performed in sequence r1 round of common round conversion and last round conversion, wherein the first round conversion is the inverse operation of the last round conversion in the encryption process, and key addition and reverse shift operation are sequentially performed, the common round conversion is the inverse operation of the common round conversion in the encryption process and comprises inverse byte replacement, key addition, inverse column mixing and reverse shift operation, the last round conversion is the inverse operation of the first round conversion in the encryption process and sequentially performs inverse byte replacement and key addition operation, and the inverse column mixing, reverse shift and inverse byte replacement are respectively the inverse operation of column mixing, row shift and byte replacement in the encryption process.
The common round conversion is the main operation of the AES decryption operation, so the realization of the common round conversion circuit is the key for realizing the AES decryption operation circuit. The T box realizes that the operation results of operations such as S box, row shift, column mixing and the like are prestored in a storage operation unit in a precalculation mode, and the functions of S box, row shift, column mixing and merging operations are realized in a look-up table mode. The T box implementation reduces the critical path of the whole common round conversion circuit, so the T box implementation mode is mainly applied to the high-speed AES circuit design, although the T box implementation mode can accelerate the data processing speed, the circuit area is greatly increased, for example, Rach et al will be based on the last GF (2) in the composite domain S box/inverse S box4) The multiplier, the mapping matrix/inverse mapping operation, the affine/inverse affine operation, the column mixing/inverse column mixing operation, the key addition operation and the like are combined into an operation unit, the key path is shortened by the combination operation unit, but the circuit area is greatly increased at the same time, and the conventional common round conversion circuit based on the combination operation is used for solving the problem that the circuit area is increased for the key pathThe length is optimized.
Disclosure of Invention
The embodiment of the invention provides a common round conversion circuit, aiming at solving the problem that the length of a key path is optimized at the cost of increasing the circuit area in the conventional common round conversion circuit based on merging operation.
The invention is realized in this way, a normal round transform operation unit, used for AES decryption, the normal round transform operation unit includes:
the input end of the synthesis matrix multiplication unit 1 is connected with the data input port, the output end of the synthesis matrix multiplication unit 1 is connected with the input end of the constant addition unit, the output end of the constant addition unit is connected with the input end of the complex domain multiplication inverse unit, the output end of the complex domain multiplication inverse unit and the key input port are connected with the input end of the synthesis matrix multiplication inverse unit 2, and the output end of the synthesis matrix multiplication unit 2 is connected with the data output port;
a composite matrix multiplication unit 1 for multiplying the composite matrix
Figure GDA0002775963250000031
And data vector input from data input port
Figure GDA0002775963250000032
Performing multiplication operation to obtain operation result
Figure GDA0002775963250000033
Output to a constant addition unit, wherein the matrix is synthesized
Figure GDA0002775963250000034
The expression of (a) is specifically as follows:
Figure GDA0002775963250000035
constant addition operationUnit for converting the vector
Figure GDA0002775963250000036
And constant vector omegaλ=[ωλλλλ]TPerforming an addition operation to obtain an operation result
Figure GDA0002775963250000037
Outputting the data to a composite domain multiplication inverse operation unit;
a complex domain inverse multiplication unit for multiplying the vector
Figure GDA0002775963250000038
Each byte in the data processing system is subjected to complex domain inverse multiplication, and the operation result is obtained
Figure GDA0002775963250000039
Output to the synthesis matrix multiplication unit 2;
a synthesis matrix multiplication unit 2 for multiplying the data vectors
Figure GDA00027759632500000310
And a key vector
Figure GDA00027759632500000311
Figure GDA00027759632500000312
Combined into a column vector
Figure GDA00027759632500000313
And synthesizing the matrix
Figure GDA00027759632500000314
And the column vector
Figure GDA00027759632500000315
Performing multiplication operations, i.e.
Figure GDA00027759632500000316
The operation result is processed
Figure GDA00027759632500000317
Output to data output ports, synthesizing the matrix
Figure GDA00027759632500000318
The expression of (a) is as follows:
Figure GDA00027759632500000319
the data bit width of the input end and the output end of the synthesis matrix multiplication unit 1, the constant addition unit, the composite domain multiplication inverse unit and the synthesis matrix multiplication unit 2 is 4 bytes.
The present invention is achieved as described above, in a general wheel conversion circuit including:
4×(Nr-1) normal round conversion operation units according to claim 1, wherein every 4 normal round conversion operation units are connected in parallel to form a normal round conversion module, (N)r-1) a common wheel conversion module is connected in series to form a common wheel conversion circuit.
The present invention is achieved as described above, in a general wheel conversion circuit including:
a unit for performing a normal round conversion operation as claimed in claim 1, and for cycling through 4 × (N)r-1) a loop feedback circuit of said ordinary round transform arithmetic unit;
the circular feedback circuit is composed of an alternative selector, a register 1 and a register 2, data bit widths of the register 1 and the register 2 are both 16 bytes, an input end of the register 1 is connected with an output end of the selector, an output end of the register 1 is connected with an input end of the register 2, an output end of the register 2 is connected with a data input end of a common round conversion operation unit, a data output end of the common round conversion operation unit is connected with one input end of the selector, the other input end of the selector is connected with an output end of a first round conversion circuit, and an output end of the common round conversion operation unit is connected with an input end of a last round conversion circuit.
The present invention is achieved as described above, in a general wheel conversion circuit including:
a normal round conversion module comprising two normal round conversion operation units according to claim 1 connected in parallel, and a loop feedback circuit for performing 2 (N) operation on the normal round conversion moduler-1) a cycle;
the circular feedback circuit is composed of a selector, a register 1 and a register 2, data bit widths of the register 1 and the register 2 are both 16 bytes, wherein an input end of the register 1 is connected with an output end of the selector, an output end of the register 1 is connected with an input end of the register 2, an output end of the register 2 is connected with a data input end of the common wheel conversion module, one input end of the selector is connected with an output end of the first wheel conversion circuit, the other input end of the selector is connected with an output end of the common wheel conversion module, and an output end of the common wheel conversion module is further connected with an input end of the last wheel conversion circuit.
The present invention is achieved as described above, in a general wheel conversion circuit including:
a normal round conversion module comprising four normal round conversion operation units according to claim 1 connected in parallel, and a loop feedback circuit for performing (N) on the normal round conversion moduler-1) a cycle;
the circular feedback circuit is composed of a selector and a register, the data bit width of the register is 16 bytes, the output end of the register is connected with the input end of the common round conversion module, the input end of the register is connected with the output end of the selector, one input end of the selector is connected with the output end of the first round conversion circuit, the other input end of the selector is connected with the output end of the common round conversion module, and the output end of the common round conversion operation module is further connected with the input end of the last round conversion circuit.
The invention is realized in this way, an AES decryption circuit, the AES decryption circuit includes:
the first wheel conversion circuit, the common wheel conversion circuit and the final wheel conversion circuit are connected in sequence.
The invention provides a method for AES solutionThe secret common round transformation unit combines all linear transformation operations in the common round transformation in the AES decryption algorithm into two synthetic matrixes through the combination and synthesis operation of constant matrixes, and the synthetic matrixes
Figure GDA0002775963250000051
And the synthesis matrix
Figure GDA0002775963250000052
The critical path of the circuit can be shortened, and the realization area of the circuit can be reduced.
Drawings
Fig. 1 is a flowchart of a standard AES encryption provided by an embodiment of the present invention;
FIG. 2 is a flowchart of a standard AES decryption process provided by an embodiment of the invention;
FIG. 3 is a schematic structural diagram of a general round conversion unit according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a general wheel conversion circuit according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of a general wheel conversion circuit according to a second embodiment of the present invention;
fig. 6 is a schematic structural diagram of a general wheel conversion circuit according to a third embodiment of the present invention;
fig. 7 is a schematic structural diagram of a general wheel conversion circuit according to a fourth embodiment of the present invention.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
The AES decryption circuit is composed of the following operation units: the device comprises an inverse byte replacement operation unit, a key addition operation unit, an inverse column mixing operation unit and an inverse row shift operation unit.
The AES round transform is a transform operation performed in matrix form, and the decryption algorithm treats the incoming 128-bit packet data as 4 × 4 byte matrices, each matrix having 1 byte of elements. The intermediate result of the round-robin transformation is referred to as a state matrix that is a 4 x 4 byte matrix. Assume that the state matrix of the normal round shift input is:
Figure GDA0002775963250000061
the operation in the AES decryption process is described in detail as follows:
1. inverse byte substitution arithmetic unit
The inverse byte replacement operation unit performs an inverse byte replacement operation, which is an inverse operation of byte replacement, also called an inverse S-box operation. The inverse S-box operation is also to perform inverse replacement operation on each byte in the state matrix according to the byte replacement table. Assume that the state matrix after the inverse S-box operation is:
Figure GDA0002775963250000062
the inverse S-box operation can be expressed as:
Figure GDA0002775963250000071
wherein
Figure GDA0002775963250000072
Is an inverse S-box operation function. The inverse S-box operation is the only nonlinear operation in four operations of ordinary round conversion, and is also the operation with the highest operation complexity, so that the inverse S-box operation circuit occupies most of the circuit area and the power consumption of the whole AES decryption circuit.
In inverse S-box operation, the input byte is first subjected to an inverse affine operation, which is the inverse of the encrypted S-box affine operation, and then to a finite field GF (2)8) The inverse multiplication operation on the domain has the expression:
Figure GDA0002775963250000073
wherein x is input byte, omega is byte constant, tau ' is constant matrix of 8 x 8bit, and is inverse matrix of constant matrix tau in encryption S box, tau ' and omega are used for completing inverse affine operation ' ()A -1Is GF (2)8) The inverse of the multiplication over the field. GF (2) according to the present invention8) The field is GF (2) specified in AES cipher algorithm8) A field of irreducible polynomial
f(x)=x8+x4+x3+x+1
Among many S-box implementations, the composite domain based S-box implementation has the smallest circuit area. Composite domain S-box transforms the principal arithmetic unit-GF (2) in the S-box by mathematical transformation8) The inverse domain multiplication unit maps to the complex domain implementation. The computational complexity of the complex domain multiplicative inverse is much less than GF (2)8) The computational complexity of the inverse of the domain multiplication can be reduced significantly, thus the hardware complexity of the S-box circuit implementation can be reduced significantly.
The inverse S-box operation expression based on the composite domain is as follows:
Figure GDA0002775963250000074
wherein ()C -1For multiplicative inverse operations on complex fields, the complex field being an arbitrary and GF (2)8) Composite domain of domain isomorphism, delta is 8 x 8bit mapping matrix, whose function is to convert input byte x from GF (2)8) The field is mapped to the complex field, δ' is the δ inverse matrix, which acts to map the complex field multiplicative inverse result from the complex field back to GF (2)8) A domain.
In the finite field, the addition operation is a bit exclusive or logic operation. According to x ≦ y ≦ 0 ≦ x ≦ y,
Figure GDA0002775963250000081
Figure GDA0002775963250000085
thus, the constant addition + ω is in hardwareIn implementation, the operation of adding 0 can be directly omitted, and the operation of adding 1 can replace the operation of exclusive-or logic by two methods: 1. the exclusive or logic of any two variables is replaced by the exclusive or logic; 2. the two variables are realized by using exclusive-OR logic and inverting logic. Because the circuit areas and the time delays of the exclusive-OR gate and the exclusive-OR gate are almost the same, and compared with the exclusive-OR gate, the circuit area and the time delay of the reverse logic gate can be ignored, and therefore, when the inverse S-box hardware is implemented, the area and the time delay of the constant addition operation + omega circuit can be ignored.
2. Key addition unit
The key addition operation unit performs key addition operation, and the key addition operation is the same as the key addition operation in the encryption flow. Assume that the state matrix after the key addition operation is:
Figure GDA0002775963250000082
the key addition operation expression is:
Figure GDA0002775963250000083
wherein the matrix
Figure GDA0002775963250000084
The sub-key matrix is generated by a key expansion algorithm, and the use sequence of the sub-key matrix is opposite to that of the sub-key matrix in the encryption process.
3. Inverse column hybrid arithmetic unit
The inverse column mixing operation unit performs inverse column mixing operation, the inverse column mixing operation is inverse operation of column mixing, and can be regarded as that each column in the state matrix is in a ring with a constant polynomial
Figure GDA0002775963250000098
The product of (a) and (b). The state matrix after the inverse column mixing operation is assumed to be:
Figure GDA0002775963250000091
the expression of the inverse column mix operation is:
Figure GDA0002775963250000092
wherein the matrix
Figure GDA0002775963250000093
Is a column mixed constant matrix, a constant matrix
Figure GDA0002775963250000094
In (1)
Figure GDA0002775963250000095
Are each GF (2)8) Domain multiplication by the constant x {09}16、×{0b}16、×{0d}16、×{0e}16In matrix form, in the present invention { }16Representing a hexadecimal form of the constant.
4. Reverse shift operation unit
The reverse shift operation unit performs reverse shift operation, and the reverse shift operation is the reverse operation of the line shift, namely the first line of the state matrix is not transformed, and the second, third and fourth lines are respectively shifted to the right by one byte, two bytes and three bytes. The state matrix after the reverse shift operation is assumed to be:
Figure GDA0002775963250000096
the state matrix after the retrograde shift can be expressed as:
Figure GDA0002775963250000097
the reverse shift operation does not need to consume any logic circuit resource in the hardware realization, and only needs to adjust the bus position.
5. General wheel transformation formula
Four arithmetic units in the common round transformation can be realized independently, and several adjacent arithmetic units can be combined into one arithmetic unit for realization. The round conversion circuit realized by the arithmetic unit independently wastes circuit resources and has a long critical path. The invention combines the linear operation in the decryption common round transformation by the combination and synthesis operation of the constant matrix according to the decryption common round transformation formula. According to each sub-operation formula in the middle-round transformation, a decryption common round transformation formula can be obtained as follows:
Figure GDA0002775963250000101
wherein
Figure GDA0002775963250000102
Is a constant matrix
Figure GDA0002775963250000103
The number of the row vectors in (1),
Figure GDA0002775963250000104
and
Figure GDA0002775963250000105
respectively input data matrix
Figure GDA0002775963250000106
And a key matrix
Figure GDA0002775963250000107
The column vector of (1), i.e.:
Figure GDA0002775963250000108
Figure GDA0002775963250000109
output variable r having the same input in the above formulax,yThe grouping is divided into four groups. These four groups have the same arithmetic operation and have the same circuit arithmetic unit when implemented in hardware. Each packet output variable can be expressed in the form of a linear equation:
Figure GDA0002775963250000111
the corresponding variables in each group of input variables and output variables in the above equation are:
group I:
Figure GDA0002775963250000112
group II:
Figure GDA0002775963250000113
group III:
Figure GDA0002775963250000114
group IV:
Figure GDA0002775963250000115
in order to reduce the circuit implementation area, the invention further converts GF (2) in the inverse S box8) The multiplication is inversely mapped to a composite domain, and the general round transformation grouping formula after mapping is as follows:
Figure GDA0002775963250000116
6. first-round transformation formula
According to the above sub-operation formulas, the first-round transformation formula can be obtained as follows:
Figure GDA0002775963250000117
according to the grouping of the common round transformation, the first round transformation formula can also be divided into four groups, and the first round transformation grouping formula is as follows:
Figure GDA0002775963250000121
the corresponding variables of the input variables and the output variables in the first-round transformation grouping formula in each group are the same as those in the common round transformation.
7. Last wheel transformation formula
According to the above sub-operation formulas, the final round transformation formula can be obtained as follows:
Figure GDA0002775963250000122
similarly, the last round transformation formula can also be divided into four groups, and the last round transformation group formula is:
Figure GDA0002775963250000123
the corresponding variables in each group of input variables and output variables in the above equation are:
group I:
Figure GDA0002775963250000124
group II:
Figure GDA0002775963250000125
group III:
Figure GDA0002775963250000126
group IV:
Figure GDA0002775963250000127
in the above grouping, the variable is output
Figure GDA0002775963250000128
The corresponding variables in each group are different from the ordinary round conversion, and the variables are input
Figure GDA0002775963250000129
And
Figure GDA00027759632500001210
the corresponding variables in each grouping are the same as the normal round of transformation. Mapping the inverse S-box operation in the last round transformation to the composite domain, and then the last round transformation grouping formula is as follows:
Figure GDA0002775963250000131
the common round transform unit for AES decryption combines all linear transform operations in common round transform in AES decryption algorithm into two synthetic matrixes through combination and synthesis operation of constant matrixes, and the synthetic matrixes
Figure GDA0002775963250000132
And the synthesis matrix
Figure GDA0002775963250000133
The critical path of the circuit can be shortened, and the circuit realization area can be reduced.
Fig. 3 is a schematic structural diagram of a general round conversion operation unit according to an embodiment of the present invention, and for convenience of description, only relevant portions of the embodiment of the present invention are shown.
The common round transform arithmetic unit is used for realizing common round transform in AES decryption and comprises the following steps:
the input end of the synthesis matrix multiplication unit 1 is connected with the data input port, the output end of the synthesis matrix multiplication unit 1 is connected with the input end of the constant addition unit, the output end of the constant addition unit is connected with the input end of the complex domain multiplication inverse unit, the output end of the complex domain multiplication inverse unit and the key input port are connected with the input end of the synthesis matrix multiplication inverse unit 2, and the output end of the synthesis matrix multiplication unit 2 is connected with the data output port;
a synthetic matrix multiplication unit 1 having 4-byte data bit width at its input and output ends for synthesizing the matrix
Figure GDA0002775963250000134
And a data vector
Figure GDA0002775963250000135
The multiplication operation is carried out and the operation is carried out,
Figure GDA0002775963250000136
data vectors input for data input ports, wherein matrices are synthesized
Figure GDA0002775963250000137
The expression of (a) is specifically as follows:
Figure GDA0002775963250000138
wherein the matrix is synthesized
Figure GDA0002775963250000139
By a matrix of four constants
Figure GDA00027759632500001310
Combined to form a constant matrix
Figure GDA00027759632500001311
Is the product of a constant matrix delta and a constant matrix tau', i.e.
Figure GDA0002775963250000141
The constant matrix delta is a mapping matrix whose function is to map GF (2)8) Elements on the domain are mapped onto the composite domain. The constant matrix τ' is a constant matrix specified by the inverse affine operation in the inverse S-box operation. The synthesis matrix multiplication unit 1 can be expressed as a concrete formula:
Figure GDA0002775963250000142
The operation result is processed
Figure GDA0002775963250000143
And further output to a constant addition unit.
The data bit width of the input end and the output end of the constant addition operation unit is 4 bytes, and the vector is added
Figure GDA0002775963250000144
And constant vector omegaλ=[ωλλλλ]TPerforming addition operation to obtain constant vector omegaλBy four constants ωλCombined constant ωλIs the product of a constant matrix delta, a constant matrix tau' and a constant omega, i.e. omegaλThe constant ω is a byte constant specified by the inverse affine operation in the inverse S-box operation. The specific expression form of the constant addition operation unit is as follows:
Figure GDA0002775963250000145
the operation result is processed
Figure GDA0002775963250000146
And further outputting the result to a complex domain multiplication inverse operation unit.
The data bit width of the input end and the output end of the composite field multiplication inverse operation unit is 4 bytes, and the vector is processed
Figure GDA0002775963250000147
Is inverse operation of complex field multiplication, where the complex field is arbitrary and GF (2)8) A composite domain with homogeneous domains. The specific expression form of the composite domain multiplication inverse operation unit is as follows:
Figure GDA0002775963250000148
the operation result is processed
Figure GDA0002775963250000149
Further output to the synthesis matrix multiplication unit 2.
A synthetic matrix multiplication unit 2 with 4-byte data bit width at its input and output ends for generating data vector
Figure GDA0002775963250000151
And a key vector
Figure GDA0002775963250000152
Combined into a column vector
Figure GDA0002775963250000153
Key vector
Figure GDA0002775963250000154
And a key vector K in an encryption operationvAre identical, and a matrix is synthesized
Figure GDA0002775963250000155
And the column vector
Figure GDA0002775963250000156
Performing multiplication operations, i.e.
Figure GDA0002775963250000157
The operation result is processed
Figure GDA0002775963250000158
Output to data output ports, synthesizing the matrix
Figure GDA0002775963250000159
The expression of (a) is as follows:
Figure GDA00027759632500001510
wherein the matrix is synthesized
Figure GDA00027759632500001511
From a matrix of constants
Figure GDA00027759632500001512
Combined to form a constant matrix
Figure GDA00027759632500001513
Is a constant matrix
Figure GDA00027759632500001514
And the constant matrix delta', i.e.
Figure GDA00027759632500001515
Constant matrix
Figure GDA00027759632500001516
Is a constant matrix
Figure GDA00027759632500001517
And the constant matrix delta', i.e.
Figure GDA00027759632500001518
Constant matrix
Figure GDA00027759632500001519
Is a constant matrix
Figure GDA00027759632500001520
And the constant matrix delta', i.e.
Figure GDA00027759632500001521
Constant matrix
Figure GDA00027759632500001522
Is a constant matrix
Figure GDA00027759632500001523
And the constant matrix delta', i.e.
Figure GDA00027759632500001524
Constant matrix
Figure GDA00027759632500001525
Are each GF (2)8) Domain multiplication by the constant x {09}16、×{0b}16、×{0d}16、×{0e}16In the form of a matrix; the constant matrix delta' is a mapping matrix whose role is to map elements on the complex field to GF (2)8) On the domain, the synthesis matrix multiplication unit 2 can be expressed by a specific formula as:
Figure GDA00027759632500001526
the common round transform unit for AES decryption combines all linear transform operations in common round transform in AES decryption algorithm into two synthetic matrixes through combination and synthesis operation of constant matrixes, and the synthetic matrixes
Figure GDA00027759632500001527
And the synthesis matrix
Figure GDA00027759632500001528
The critical path of the circuit can be shortened, and the circuit realization area can be reduced.
The serial structure and the cycle structure are two basic structures realized by a common round conversion circuit, the common round conversion circuit with the serial structure is formed by adopting a parallel processing mode based on the common round conversion operation unit, and the common round conversion circuit with the cycle structure is formed by adopting a time-sharing multiplexing processing mode or a mode of combining time-sharing multiplexing and parallel processing.
Fig. 4 is a schematic structural diagram of a general wheel conversion circuit according to a first embodiment of the present invention, and for convenience of description, only the parts related to the first embodiment of the present invention are shown.
The ordinary round conversion circuit is used for realizing the ordinary round conversion of AES decryption and comprises the following components:
4×(Nr-1) ordinary round conversion arithmetic units, wherein every 4 ordinary round conversion arithmetic units are connected in parallel to form an ordinary round conversion module, (N)r-1) the ordinary round conversion modules are connected in series to form an ordinary round conversion circuit, and each ordinary round conversion module is used for completing ordinary round conversion operation of 16 bytes of data once.
Fig. 5 is a schematic structural diagram of a general wheel conversion circuit according to a second embodiment of the present invention, and only the parts related to the second embodiment of the present invention are shown for convenience of description.
The ordinary round conversion circuit is used for realizing the ordinary round conversion of AES decryption and comprises the following components:
an ordinary round conversion operation unit, and a method for circulating 4 × (N)r-1) a loop feedback circuit of said ordinary round transform arithmetic unit;
the circular feedback circuit consists of an alternative selector, a register 1 and a register 2, the data bit widths of the register 1 and the register 2 are both 16 bytes, the input end of the register 1 is connected with the output end of the selector, the output end of the register 1 is connected with the input end of the register 2, the output end of the register 2 is connected with the data input end of a common round conversion operation unit, the data output end of the common round conversion operation unit is connected with one input end of the selector, the other input end of the selector is connected with the output end of a first round conversion circuit, and the output end of the common round conversion operation unit is connected with the input end of a last round conversion circuit;
the data output end of the common round conversion arithmetic unit respectively outputs the operation result after each cycle to a selector and a last round conversion circuit, and the selector outputs the first 4 (N)r-2) feeding back the operation result to the register 1, the normal round conversion unit completes 4 bytes of normal round conversion operation each time, the normal round conversion unit completes one round of complete (16 bytes) AES normal round conversion operation through four cycles of the cycle feedback circuit, the data of the register 1 after one round of AES normal round conversion operation is input to the register 2, the register 2 outputs four bytes each time as the input data of the normal round conversion operation unit for carrying out the next round of AES normal round conversion operationA second common round of transformation operation, for a total of 4 (N)r-1) the second ordinary round of transformation operation, the last round of transformation circuit will be the (4N) th roundr-7)~(4Nr-4) operation result, i.e. (N) thrAnd-1) performing last round conversion by using the result of the round ordinary round conversion operation as input data of a last round conversion circuit.
Fig. 6 is a schematic structural diagram of a general wheel conversion circuit according to a third embodiment of the present invention, and for convenience of description, only relevant portions of the third embodiment of the present invention are shown.
The ordinary round conversion circuit is used for realizing the ordinary round conversion of AES decryption and comprises the following components:
a common wheel conversion module formed by two common wheel conversion operation units connected in parallel, and a circulation feedback circuit for carrying out 2 (N) on the common wheel conversion moduler-1) a cycle;
the circular feedback circuit consists of a selector, a register 1 and a register 2, the data bit widths of the register 1 and the register 2 are both 16 bytes, wherein the input end of the register 1 is connected with the output end of the selector, the output end of the register 1 is connected with the input end of the register 2, the output end of the register 2 is connected with the data input end of the common wheel conversion module, one input end of the selector is connected with the output end of the first wheel conversion circuit, the other input end of the selector is connected with the output end of the common wheel conversion module, and the output end of the common wheel conversion module is also connected with the input end of the last wheel conversion circuit;
the output end of the common round conversion operation module respectively outputs the operation results of the two common round conversion operation units to a selector and a last round conversion circuit, and the selector outputs the first 2 (N)r-2) the result of the sub-operation is fed back to the register 1. The common round conversion operation module finishes 8-byte common round conversion operation each time, the common round conversion operation module finishes one round of complete AES common round conversion operation through two cycles of the cycle feedback circuit, after one round of AES common round conversion operation is finished, the data of the register 1 is input into the register 2, the register 2 outputs two groups of four-byte data each time, the two groups of four-byte data serve as input data of the common round conversion operation module and are respectively input into the two common round conversion operation units for carrying out next common round conversion operationPerforming 2 (N) in total through round conversion operationr-1) the second ordinary round of transformation operation, the last round of transformation circuit will be the (2N) th roundr-3)~(2Nr-2) operation result as input data, namely (N) th operation resultrAnd-1) performing last round conversion by using the result of the round ordinary round conversion operation as input data of a last round conversion circuit.
Fig. 7 is a schematic structural diagram of a general wheel conversion circuit according to a fourth embodiment of the present invention, and for convenience of description, only relevant portions of the fourth embodiment of the present invention are shown.
The ordinary round conversion circuit is used for realizing the ordinary round conversion of AES decryption and comprises the following components:
a common wheel conversion module formed by four common wheel conversion operation units connected in parallel, and a circulation feedback circuit for carrying out (N) on the common wheel conversion moduler-1) a cycle;
the circular feedback circuit is composed of a selector and a register, the data bit width of the register is 16 bytes, the output end of the register is connected with the input end of the common round conversion module, the input end of the register is connected with the output end of the selector, one input end of the selector is connected with the output end of the first round conversion circuit, the other input end of the selector is connected with the output end of the common round conversion module, and the output end of the common round conversion operation module is further connected with the input end of the last round conversion circuit.
The common round conversion module completes 16 bytes of common round conversion operation each time, and completes one round of complete common round conversion operation through one cycle of the cycle feedback circuit;
the output end of the common wheel conversion module respectively outputs the operation results of the four common wheel conversion operation units to a selector and a last wheel conversion circuit, and the selector outputs the result of the previous (N) wheel conversion operation unitr-2) result of sub-operation RvThe four groups of 4-byte data are respectively input into the data input ends of the four ordinary round conversion operation units by the register through being fed back to the input end of the ordinary round conversion module, and the next round of ordinary round conversion is carried out (N)r-1) change of ordinary wheel of the (N) th wheelr-1) result of sub-operation RvInput to the final wheel conversion circuit to performAnd performing last round transformation operation.
Compared with the common wheel conversion circuit with the serial structure, the common wheel conversion circuit with the circulating structure has the advantages that the circuit area is greatly reduced, so that the common wheel conversion circuit is suitable for a data processing circuit with limited area; however, the common wheel conversion circuit with the serial structure adopts the pipeline technology, so that the circuit processing speed can be greatly improved, and the circuit is suitable for a high-speed data processing circuit, so that the structure of the common wheel conversion circuit can be designed according to actual requirements;
the ordinary round transform circuit provided in the first, second, third, and fourth embodiments is configured based on an ordinary round transform operation unit, and the ordinary round transform operation unit combines the complex domain mapping operation, the affine operation, the column mixing operation, and the key addition operation in the AES cryptographic algorithm into two synthetic matrices through the matrix combining and synthesizing operation, and the matrices are combined
Figure GDA0002775963250000191
And matrix
Figure GDA0002775963250000192
The common round conversion circuit formed based on the common round conversion arithmetic unit greatly reduces the length of a critical path of the circuit. The public item eliminating algorithm is the most effective circuit optimization method of the linear operation unit, and researches show that the larger the circuit scale is, the higher the circuit efficiency is, so that the invention combines a plurality of small-scale linear operation units into large-scale linear operation through matrix combination and synthesis, thereby being beneficial to improving the circuit optimization efficiency and reducing the circuit realization area.
In an embodiment of the present invention, an AES decrypting circuit is further provided, where the AES decrypting circuit includes: the first round conversion circuit, the common round encryption circuit and the last round conversion circuit are sequentially connected in series, the common round conversion circuit adopts the common round conversion circuits provided by the first embodiment, the second embodiment, the third embodiment and the fourth embodiment, and the first round conversion circuit and the last round conversion circuit both adopt the existing structures.
The AES decryption circuit provided by the embodiment of the invention is formed based on the common round conversion circuit, and the common round conversion circuit is based onThe common round conversion operation unit is formed by a matrix
Figure GDA0002775963250000193
And matrix
Figure GDA0002775963250000194
The AES decryption circuit greatly reduces the length of a key path of the circuit in terms of hardware implementation by combining composite domain mapping operation, affine operation, column mixing operation and key addition operation in the AES decryption algorithm. The public item eliminating algorithm is the most effective circuit optimization method of the linear operation unit, and researches show that the larger the circuit scale is, the higher the circuit efficiency is, so that the invention combines a plurality of small-scale linear operation units into large-scale linear operation through matrix combination and synthesis, thereby being beneficial to improving the circuit optimization efficiency and reducing the realization area of an AES decryption circuit.
The foregoing is only a preferred embodiment of the present invention, and it should be noted that, for those skilled in the art, various modifications and decorations can be made without departing from the principle of the present invention, and these modifications and decorations should also be regarded as the protection scope of the present invention.

Claims (6)

1. A normal round transform operation unit for AES decryption, the normal round transform operation unit comprising:
the input end of the synthesis matrix multiplication unit 1 is connected with the data input port, the output end of the synthesis matrix multiplication unit 1 is connected with the input end of the constant addition unit, the output end of the constant addition unit is connected with the input end of the complex domain multiplication inverse unit, the output end of the complex domain multiplication inverse unit and the key input port are connected with the input end of the synthesis matrix multiplication inverse unit 2, and the output end of the synthesis matrix multiplication unit 2 is connected with the data output port;
a composite matrix multiplication unit 1 for multiplying the composite matrix
Figure FDA0002795136240000011
And data vector input from data input port
Figure FDA0002795136240000012
Performing multiplication operation to obtain operation result
Figure FDA0002795136240000013
Output to a constant addition unit, wherein the matrix is synthesized
Figure FDA0002795136240000014
The expression of (a) is specifically as follows:
Figure FDA0002795136240000015
a constant addition unit for adding the vector
Figure FDA0002795136240000016
And constant vector omegaλ=[ωλλλλ]TPerforming an addition operation to obtain an operation result
Figure FDA0002795136240000017
And outputs to the complex domain inverse multiplication unit, wherein,
Figure FDA0002795136240000018
respectively represent vectors
Figure FDA0002795136240000019
The first, second, third and fourth elements of (a),
Figure FDA00027951362400000110
Figure FDA00027951362400000111
respectively represent vectors
Figure FDA00027951362400000112
The first, second, third and fourth elements of (a), T represents a transpose of the matrix,
Figure FDA00027951362400000113
representing a matrix of constants, the matrix of constants
Figure FDA00027951362400000114
Is the product of a constant matrix delta and a constant matrix tau', i.e.
Figure FDA00027951362400000115
The constant matrix delta is a mapping matrix whose function is to map GF (2)8) The elements in the domain are mapped onto the complex domain, the constant matrix τ' being the constant matrix specified by the inverse affine operation in the inverse S-box operation, ωλIs the product of a constant matrix delta, a constant matrix tau' and a constant omega, i.e. omegaλδ × τ' × ω, the constant ω being a byte constant specified by the inverse affine operation in the inverse S-box operation;
a complex domain inverse multiplication unit for multiplying the vector
Figure FDA0002795136240000021
Each byte in the data processing system is subjected to complex domain inverse multiplication, and the operation result is obtained
Figure FDA0002795136240000022
Outputs to the synthesis matrix multiplication unit 2, where,
Figure FDA0002795136240000023
respectively represent vectors
Figure FDA0002795136240000024
The first, second, third and fourth elements of (a);
a synthesis matrix multiplication unit 2 for multiplying the data vectors
Figure FDA0002795136240000025
And a key vector
Figure FDA0002795136240000026
Figure FDA0002795136240000027
Combined into a column vector
Figure FDA0002795136240000028
And will be combined into a matrix
Figure FDA0002795136240000029
And the column vector
Figure FDA00027951362400000210
Performing multiplication operations, i.e.
Figure FDA00027951362400000211
The operation result is processed
Figure FDA00027951362400000212
Output to data output ports, synthesizing the matrix
Figure FDA00027951362400000213
The expression of (a) is as follows:
Figure FDA00027951362400000214
the data bit width of the input end and the output end of the synthesis matrix multiplication unit 1, the constant addition unit, the complex field multiplication inverse unit and the synthesis matrix multiplication unit 2 is 4 bytes,
Figure FDA00027951362400000215
respectively represent vectors
Figure FDA00027951362400000216
The first, second, third and fourth elements of (a),
Figure FDA00027951362400000217
respectively representing key vectors
Figure FDA00027951362400000218
First, second, third and fourth elements of (1), a constant matrix
Figure FDA00027951362400000219
Is a constant matrix
Figure FDA00027951362400000220
And the constant matrix delta', i.e.
Figure FDA00027951362400000221
Constant matrix
Figure FDA00027951362400000222
Is a constant matrix
Figure FDA00027951362400000223
And the constant matrix delta', i.e.
Figure FDA00027951362400000224
Constant matrix
Figure FDA00027951362400000225
Is a constant matrix
Figure FDA00027951362400000226
And the constant matrix delta', i.e.
Figure FDA00027951362400000227
Constant matrix
Figure FDA00027951362400000228
Is a constant matrix
Figure FDA00027951362400000229
And the constant matrix delta', i.e.
Figure FDA00027951362400000230
Constant matrix
Figure FDA00027951362400000231
Are each GF (2)8) Domain multiplication by the constant x {09}16、×{0b}16、×{0d}16、×{0e}16The constant matrix δ' is a mapping matrix.
2. A common wheel conversion circuit, comprising:
4×(Nr-1) normal round conversion operation units according to claim 1, wherein every 4 normal round conversion operation units are connected in parallel to form a normal round conversion module, (N)r-1) a common wheel conversion circuit comprising a series connection of common wheel conversion modules, wherein NrThe number is changed for the wheel.
3. A common wheel conversion circuit, comprising:
a normal round conversion operation unit as claimed in claim 1, and for cycling through 4 × (N)r-1) a loop feedback circuit of said ordinary round conversion arithmetic unit, NrChanging the number for the wheel;
the circular feedback circuit is composed of an alternative selector, a register 1 and a register 2, data bit widths of the register 1 and the register 2 are both 16 bytes, an input end of the register 1 is connected with an output end of the selector, an output end of the register 1 is connected with an input end of the register 2, an output end of the register 2 is connected with a data input end of a common round conversion operation unit, a data output end of the common round conversion operation unit is connected with one input end of the selector, the other input end of the selector is connected with an output end of a first round conversion circuit, and an output end of the common round conversion operation unit is connected with an input end of a last round conversion circuit.
4. A common wheel conversion circuit, comprising:
a normal round conversion module composed of two normal round conversion operation units in parallel as claimed in claim 1, and a circulation feedback circuit for performing 2 (N) operation on the normal round conversion moduler-1) cycles, NrChanging the number for the wheel;
the circular feedback circuit is composed of a selector, a register 1 and a register 2, data bit widths of the register 1 and the register 2 are both 16 bytes, wherein an input end of the register 1 is connected with an output end of the selector, an output end of the register 1 is connected with an input end of the register 2, an output end of the register 2 is connected with a data input end of the common wheel conversion module, one input end of the selector is connected with an output end of the first wheel conversion circuit, the other input end of the selector is connected with an output end of the common wheel conversion module, and an output end of the common wheel conversion module is further connected with an input end of the last wheel conversion circuit.
5. A common wheel conversion circuit, comprising:
a normal round conversion module composed of four normal round conversion operation units in parallel as claimed in claim 1, and a cyclic feedback circuit for performing (N) on the normal round conversion moduler-1) a cycle;
the circular feedback circuit is composed of a selector and a register, the data bit width of the register is 16 bytes, the output end of the register is connected with the input end of the common wheel conversion module, the input end of the register is connected with the output end of the selector, one input end of the selector is connected with the output end of the first wheel conversion circuit, the other input end of the selector is connected with the output end of the common wheel conversion module, and the output end of the common wheel conversion module is further connected with the input end of the last wheel conversion circuit.
6. An AES decryption circuit, the circuit comprising:
the first-wheel conversion circuit, the ordinary-wheel conversion circuit and the last-wheel conversion circuit are connected in sequence, wherein the ordinary-wheel conversion circuit adopts the ordinary-wheel conversion circuit as claimed in any one of claims 2 to 5.
CN201810597060.4A 2018-06-11 2018-06-11 Ordinary round of transform arithmetic element, ordinary round of transform circuit and AES decryption circuit Active CN108933652B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810597060.4A CN108933652B (en) 2018-06-11 2018-06-11 Ordinary round of transform arithmetic element, ordinary round of transform circuit and AES decryption circuit

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810597060.4A CN108933652B (en) 2018-06-11 2018-06-11 Ordinary round of transform arithmetic element, ordinary round of transform circuit and AES decryption circuit

Publications (2)

Publication Number Publication Date
CN108933652A CN108933652A (en) 2018-12-04
CN108933652B true CN108933652B (en) 2021-03-05

Family

ID=64449586

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810597060.4A Active CN108933652B (en) 2018-06-11 2018-06-11 Ordinary round of transform arithmetic element, ordinary round of transform circuit and AES decryption circuit

Country Status (1)

Country Link
CN (1) CN108933652B (en)

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109936439A (en) * 2019-01-25 2019-06-25 芜湖职业技术学院 AES decrypts ordinary wheel translation circuit structure and round transformation construction method
CN109660333A (en) * 2019-01-25 2019-04-19 芜湖职业技术学院 AES decryption multiplexing round transformation arithmetic element structure
CN116633677B (en) * 2023-07-06 2023-09-19 深圳迅策科技有限公司 Associated encryption method and system for batch transaction data

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101162557A (en) * 2006-09-01 2008-04-16 索尼株式会社 Encryption processing apparatus, encryption processing method and computer program
CN101764686A (en) * 2010-01-11 2010-06-30 石家庄开发区冀科双实科技有限公司 Encryption method for network and information security
RU2591015C1 (en) * 2015-12-28 2016-07-10 федеральное государственное автономное образовательное учреждение высшего профессионального образования "Национальный исследовательский ядерный университет МИФИ" (НИЯУ МИФИ) Method for nonlinear three-dimensional multi-round rdozen data conversion
CN106921487A (en) * 2017-03-01 2017-07-04 芜湖职业技术学院 Reconfigurable S-box circuit structure

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103516512A (en) * 2013-10-21 2014-01-15 深圳市芯通信息科技有限公司 Encryption and decryption method and encryption and decryption device based on AES (advanced encryption standard) algorithm
CN104639314A (en) * 2014-12-31 2015-05-20 深圳先进技术研究院 Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101162557A (en) * 2006-09-01 2008-04-16 索尼株式会社 Encryption processing apparatus, encryption processing method and computer program
CN101764686A (en) * 2010-01-11 2010-06-30 石家庄开发区冀科双实科技有限公司 Encryption method for network and information security
RU2591015C1 (en) * 2015-12-28 2016-07-10 федеральное государственное автономное образовательное учреждение высшего профессионального образования "Национальный исследовательский ядерный университет МИФИ" (НИЯУ МИФИ) Method for nonlinear three-dimensional multi-round rdozen data conversion
CN106921487A (en) * 2017-03-01 2017-07-04 芜湖职业技术学院 Reconfigurable S-box circuit structure

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
A Low-Delay Common Subexpression Elimination Algorithm for Constant Matrix Multiplications over GF(2m);Xiaoqiang ZHANG 等;《2015 IEEE 10th Conference on Industrial Electronics and Applications (ICIEA)》;20150617;第416-421页 *

Also Published As

Publication number Publication date
CN108933652A (en) 2018-12-04

Similar Documents

Publication Publication Date Title
Zhang et al. Implementation approaches for the advanced encryption standard algorithm
CN106921487B (en) Reconfigurable S-box circuit structure
CN109033892B (en) Round conversion multiplexing circuit based on synthetic matrix and AES decryption circuit
CN108933652B (en) Ordinary round of transform arithmetic element, ordinary round of transform circuit and AES decryption circuit
CN109150495B (en) Round conversion multiplexing circuit and AES decryption circuit thereof
CN109039583B (en) Multiplexing round conversion circuit, AES encryption circuit and encryption method
Sornalatha et al. FPGA Implementation of Protected Compact AES S–Box Using CQCG for Embedded Applications
KR20050078271A (en) Hardware cryptographic engine and method improving power consumption and operation speed
CN108809627B (en) Round conversion multiplexing circuit and AES decryption circuit
CN108566271B (en) Multiplexing round conversion circuit, AES encryption circuit and encryption method thereof
CN109033893B (en) AES encryption unit based on synthetic matrix, AES encryption circuit and encryption method thereof
Fu et al. Low-cost hardware implementation of SM4 based on composite field
CN109033847B (en) AES encryption operation unit, AES encryption circuit and encryption method thereof
Deshpande et al. AES encryption engines of many core processor arrays on FPGA by using parallel, pipeline and sequential technique
CN108964875B (en) Ordinary round conversion arithmetic unit, ordinary round conversion circuit and AES decryption circuit
CN109033023B (en) Ordinary round conversion operation unit, ordinary round conversion circuit and AES encryption circuit
CN108989018B (en) AES encryption unit, AES encryption circuit and encryption method
CN108964876B (en) Ordinary round conversion arithmetic unit, ordinary round conversion circuit and AES encryption circuit
CN109033894B (en) Ordinary round conversion arithmetic unit, ordinary round conversion circuit and AES encryption circuit thereof
CN109936440B (en) Multiplexing round conversion operation unit in AES decryption circuit and construction method
CN109150496B (en) AES encryption operation unit, AES encryption circuit and encryption method
CN109639408A (en) A kind of AES decryption multiplexing round transformation circuit structure
Thirer A pipelined FPGA implementation of an encryption algorithm based on genetic algorithm
Guo et al. A pipelined implementation of the Grøstl hash algorithm and the advanced encryption standard
Lanjewar et al. Implementation of AES-256 Bit: A Review

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant