CN111934850A - Encryption and decryption method for class AES - Google Patents
Encryption and decryption method for class AES Download PDFInfo
- Publication number
- CN111934850A CN111934850A CN202010606548.6A CN202010606548A CN111934850A CN 111934850 A CN111934850 A CN 111934850A CN 202010606548 A CN202010606548 A CN 202010606548A CN 111934850 A CN111934850 A CN 111934850A
- Authority
- CN
- China
- Prior art keywords
- encryption
- round
- key
- decryption
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 55
- 239000011159 matrix material Substances 0.000 claims abstract description 24
- 230000009466 transformation Effects 0.000 claims description 17
- 238000004364 calculation method Methods 0.000 claims description 3
- 230000001131 transforming effect Effects 0.000 claims description 3
- 238000006243 chemical reaction Methods 0.000 description 3
- 238000004891 communication Methods 0.000 description 2
- 239000000463 material Substances 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000007547 defect Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 238000004519 manufacturing process Methods 0.000 description 1
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a class AES encryption and decryption method, which comprises the following steps: the method comprises the following steps: arranging input data into a 4 x 4 byte state matrix, and then performing Nr encryption iterative operation according to different key lengths; step two: initial secret key addition, namely, carrying out data and secret key mould base; step three: carrying out Nr-1 round change processing, wherein each round change consists of four parts, carrying out S-box replacement on input data, and carrying out row shift operation on the data subjected to the S-box replacement; and performing row-column mixing operation on the data subjected to the shifting operation, and performing round key addition operation according to the sub-key of the previous round. In the invention, the encryption part and the decryption part are all completed in the same FPGA, the execution of the encryption process and the decryption process are not affected mutually, the parallel completion is realized, the practical use is convenient, the execution speed of the encryption process and the decryption process is high when the practical use is carried out, and the encryption efficiency and the decryption efficiency are obviously improved.
Description
Technical Field
The invention relates to the technical field of cryptography, in particular to a class AES encryption and decryption method.
Background
The cipher is an important secret means for both communication parties to carry out information special transformation according to the agreed rule. According to the rules, the plaintext is changed into the ciphertext, which is called encryption transformation; the ciphertext is transformed into plaintext, referred to as a decryptiontransform. The cipher only carries out encryption and decryption conversion on characters or digital codes in the early stage, along with the development of communication technology, the AES encryption algorithm which can be applied to voice, images, data and the like in real time and is used as the advanced cipher standard in cryptography is one of the most popular algorithms in symmetric key encryption due to the advantages of safety, stability and the like, the AES encryption algorithm is widely applied to various safety fields, the realization of the encryption algorithm can be macroscopically divided into a software direction and a hardware direction, but in consideration of the defects of safety and speed of the software realization of the encryption algorithm, people tend to realize the encryption algorithm by adopting hardware, but in the prior art, the encryption and decryption process of the AES encryption and decryption method is completed asynchronously, and the encryption and decryption execution speed is low.
Disclosure of Invention
In order to achieve the purpose, the invention adopts the following technical scheme: the encryption and decryption method of the AES in the class of the composition comprises the following steps:
the method comprises the following steps: arranging input data into a 4 x 4 byte state matrix, and then performing Nr encryption iterative operation according to different key lengths;
step two: initial secret key addition, namely, carrying out data and secret key mould base;
step three: carrying out Nr-1 round change processing, wherein each round change consists of four parts, carrying out S-box replacement on input data, and carrying out row shift operation on the data subjected to the S-box replacement; performing row-column mixing operation on the data subjected to the shifting operation, and performing round key addition operation according to the previous round of sub-keys;
step four: performing incomplete round transformation on the state matrix subjected to the Nr-l round transformation, thereby completing encryption;
step five: and during decryption, performing an inverse operation process on the fourth step and the third step to finish a decryption process, wherein the decryption process comprises inverse permutation according to an S box, inverse shift operation, inverse column mixing operation and round key addition.
As a further description of the above technical solution:
the encryption and decryption are completed by an encryption module, a decryption module, a key expansion module and a control unit for controlling the whole process, control signals required by the modules are generated through the control unit, the key expansion module completes generation and scheduling of keys required by the modules, data are subjected to round conversion through the encryption module and the decryption module, the encryption and decryption processes of the encryption module and the decryption module are synchronously completed in the FPGA, the encryption and decryption processes are not affected by each other, and parallel completion is realized.
As a further description of the above technical solution:
the S-box permutation operation is an independent operation performed on bytes in packet data, and is a nonlinear transformation, wherein the specific operation steps after S-box permutation are as follows:
s1: performing an inverse fetching operation on each byte over a GF (2^8) finite field, wherein the inverse of '00' is itself;
s2: and transforming the obtained inverse element by using a function ffne under the GF (2^8) finite field.
As a further description of the above technical solution:
and the round key is added and transformed, the main key generates a round key matrix with the same structure as the original matrix through a key generation scheme, then the original matrix and each byte in the round key matrix are subjected to exclusive OR operation, and then the calculation result is stored in a new matrix.
As a further description of the above technical solution:
the key expansion is as follows: the initial key is used as the first Nk bytes of an expanded key K, and the subsequent word w [ i ] is calculated according to the formula w (i) ═ w (i-1) field w (i-N), wherein in the whole encryption process, the generated total round key bit number is equal to the encryption cycle times plus 1 and then multiplied by the packet length bit number, the round keys in each encryption cycle are selected from the expanded keys in sequence, the key in the first round takes the first 4 Nb bytes, and the key in the second round takes the second 4 Nb bytes.
As a further description of the above technical solution:
both the initial key and the round-robin key of each round must be consistent with the data packet length, so the key length of the ith round is equal to the packet length.
As a further description of the above technical solution:
the incomplete round conversion includes: byte replacement operation, line shift operation and round key addition operation.
The invention provides a class AES encryption and decryption method, which has the following beneficial effects:
the encryption part and the decryption part of the class AES encryption and decryption method are all completed in the same FPGA, the execution of the encryption process and the decryption process are not affected mutually, parallel completion is achieved, practical use is facilitated, the execution speed of the encryption process and the decryption process is high when practical use is carried out, and the encryption efficiency and the decryption efficiency are improved remarkably.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments.
The encryption and decryption method of the AES in the class of the composition comprises the following steps:
the method comprises the following steps: arranging input data into a 4 x 4 byte state matrix, and then performing Nr encryption iterative operation according to different key lengths;
step two: initial secret key addition, namely, carrying out data and secret key mould base;
step three: carrying out Nr-1 round change processing, wherein each round change consists of four parts, carrying out S-box replacement on input data, and carrying out row shift operation on the data subjected to the S-box replacement; performing row-column mixing operation on the data subjected to the shifting operation, and performing round key addition operation according to the previous round of sub-keys;
step four: performing incomplete round transformation on the state matrix subjected to the Nr-l round transformation, thereby completing encryption;
step five: and during decryption, performing an inverse operation process on the fourth step and the third step to finish a decryption process, wherein the decryption process comprises inverse permutation according to an S box, inverse shift operation, inverse column mixing operation and round key addition.
Encryption and decryption are accomplished by encryption module, decryption module and key expansion module to and carry out the control unit that controls to whole flow, produce the required control signal of each module through control unit, key expansion module accomplishes the production and the dispatch of each round of required key, through encryption module, decryption module carries out round transform to data, encryption module, decryption module's encryption and decryption process all accomplish the back in the FPGA in step, encryption and decryption process execution does not influence each other, realize accomplishing in parallel.
The S-box permutation operation is an independent operation performed on bytes in packet data, and is a nonlinear transformation, wherein the specific operation steps after S-box permutation are as follows:
s1: performing an inverse fetching operation on each byte over a GF (2^8) finite field, wherein the inverse of '00' is itself;
s2: and transforming the obtained inverse element by using a function ffne under the GF (2^8) finite field.
The line shift transformation is to perform left circular shift operation on the byte state matrix, the minimum unit of the shift is-one byte, the offset of each horizontal line shift operation is related to the grouping situation of the AES algorithm, but the first horizontal line of all the grouping situations is shifted by 0 bytes, namely the first horizontal line is not shifted.
And performing round key addition transformation, namely generating a round key matrix with the same structure as the original matrix by the main key through a key generation scheme, performing exclusive-or operation on each byte in the original matrix and the round key matrix, and storing a calculation result into a new matrix.
The key is expanded into: the initial key is used as the first Nk bytes of an expanded key K, and the subsequent word w [ i ] is calculated according to the formula w (i) ═ w (i-1) field w (i-N), wherein in the whole encryption process, the generated total round key bit number is equal to the encryption cycle times plus 1 and then multiplied by the packet length bit number, the round keys in each encryption cycle are selected from the expanded keys in sequence, the key in the first round takes the first 4 Nb bytes, and the key in the second round takes the second 4 Nb bytes.
Both the initial key and the round-robin key of each round must be consistent with the data packet length, so the key length of the ith round is equal to the packet length.
The incomplete round of transformation includes: byte replacement operation, line shift operation and round key addition operation.
The encryption part and the decryption part of the class AES encryption and decryption method are all completed in the same FPGA, the execution of the encryption process and the decryption process are not affected mutually, parallel completion is achieved, practical use is facilitated, the execution speed of the encryption process and the decryption process is high when practical use is carried out, and the encryption efficiency and the decryption efficiency are improved remarkably.
In the description herein, references to the description of "one embodiment," "an example," "a specific example," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any person skilled in the art should be considered to be within the technical scope of the present invention, and the technical solutions and the inventive concepts thereof according to the present invention should be equivalent or changed within the scope of the present invention.
Claims (8)
1. The encryption and decryption method of the class AES is characterized by comprising the following steps of:
the method comprises the following steps: arranging input data into a 4 x 4 byte state matrix, and then performing Nr encryption iterative operation according to different key lengths;
step two: initial secret key addition, namely, carrying out data and secret key mould base;
step three: carrying out Nr-1 round change processing, wherein each round change consists of four parts, carrying out S-box replacement on input data, and carrying out row shift operation on the data subjected to the S-box replacement; performing row-column mixing operation on the data subjected to the shifting operation, and performing round key addition operation according to the previous round of sub-keys;
step four: performing incomplete round transformation on the state matrix subjected to the Nr-l round transformation, thereby completing encryption;
step five: and during decryption, performing an inverse operation process on the fourth step and the third step to finish a decryption process, wherein the decryption process comprises inverse permutation according to an S box, inverse shift operation, inverse column mixing operation and round key addition.
2. The encryption and decryption method of the class-organized AES according to claim 1, wherein the encryption and decryption are performed by an encryption module, a decryption module, a key expansion module and a control unit for controlling the whole process, the control unit generates control signals required by the modules, the key expansion module performs generation and scheduling of keys required by the modules, the encryption module and the decryption module perform round transformation on data, and after the encryption and decryption processes of the encryption module and the decryption module are synchronously performed in the FPGA, the encryption and decryption processes are performed without mutual influence, and parallel completion is realized.
3. The method for encrypting and decrypting the class-specific AES according to claim 1, wherein the S-box permutation operation is an independent operation performed on bytes in the packet data, and is a non-linear transformation, and wherein the specific operation steps after the S-box permutation are as follows:
s1: performing an inverse fetching operation on each byte over a GF (2^8) finite field, wherein the inverse of '00' is itself;
s2: and transforming the obtained inverse element by using a function ffne under the GF (2^8) finite field.
4. The method of claim 1, wherein the line shift transformation is a left circular shift operation on a byte state matrix, the minimum unit of the shift is-one byte, and the offset of each horizontal line shift operation is related to the grouping situation of the AES algorithm, but the first horizontal line of all the grouping situations is shifted by 0 bytes, i.e. the first horizontal line is not shifted.
5. The encryption and decryption method for the class-organized AES according to claim 1, wherein the round key addition transform is performed, the master key generates a round key matrix with the same structure as the original matrix through a key generation scheme, then the original matrix and each byte in the round key matrix are subjected to an exclusive or operation, and then the calculation result is stored in a new matrix.
6. The method for encrypting and decrypting the class-specific AES according to claim 1, wherein the key is expanded to: the initial key is used as the first Nk bytes of an expanded key K, and the subsequent word w [ i ] is calculated according to the formula w (i) ═ w (i-1) field w (i-N), wherein in the whole encryption process, the generated total round key bit number is equal to the encryption cycle times plus 1 and then multiplied by the packet length bit number, the round keys in each encryption cycle are selected from the expanded keys in sequence, the key in the first round takes the first 4 Nb bytes, and the key in the second round takes the second 4 Nb bytes.
7. The method of claim 1, wherein the initial key and the round key of each round must be consistent with the data packet length, so the key length of the ith round is equal to the packet length.
8. The method of claim 1, wherein the incomplete round transformation comprises: byte replacement operation, line shift operation and round key addition operation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010606548.6A CN111934850A (en) | 2020-06-29 | 2020-06-29 | Encryption and decryption method for class AES |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010606548.6A CN111934850A (en) | 2020-06-29 | 2020-06-29 | Encryption and decryption method for class AES |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111934850A true CN111934850A (en) | 2020-11-13 |
Family
ID=73316279
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010606548.6A Pending CN111934850A (en) | 2020-06-29 | 2020-06-29 | Encryption and decryption method for class AES |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111934850A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113282949A (en) * | 2021-07-26 | 2021-08-20 | 中国电力科学研究院有限公司 | Data encryption method, data decryption device and power data interaction system |
| CN113691364A (en) * | 2021-08-31 | 2021-11-23 | 衡阳师范学院 | Encryption and decryption method of dynamic S-box block cipher based on bit slice technology |
| CN116155620A (en) * | 2023-04-14 | 2023-05-23 | 深圳市聚力得电子股份有限公司 | Transaction data secure transmission method for card reader |
Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111064562A (en) * | 2019-12-12 | 2020-04-24 | 北京计算机技术及应用研究所 | Implementation method of AES algorithm on FPGA |
-
2020
- 2020-06-29 CN CN202010606548.6A patent/CN111934850A/en active Pending
Patent Citations (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111064562A (en) * | 2019-12-12 | 2020-04-24 | 北京计算机技术及应用研究所 | Implementation method of AES algorithm on FPGA |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113282949A (en) * | 2021-07-26 | 2021-08-20 | 中国电力科学研究院有限公司 | Data encryption method, data decryption device and power data interaction system |
| CN113282949B (en) * | 2021-07-26 | 2021-11-02 | 中国电力科学研究院有限公司 | Data encryption method, data decryption device and power data interaction system |
| CN113691364A (en) * | 2021-08-31 | 2021-11-23 | 衡阳师范学院 | Encryption and decryption method of dynamic S-box block cipher based on bit slice technology |
| CN113691364B (en) * | 2021-08-31 | 2024-02-09 | 衡阳师范学院 | Encryption and decryption method of dynamic S-box block cipher based on bit slice technology |
| CN116155620A (en) * | 2023-04-14 | 2023-05-23 | 深圳市聚力得电子股份有限公司 | Transaction data secure transmission method for card reader |
| CN116155620B (en) * | 2023-04-14 | 2023-07-18 | 深圳市聚力得电子股份有限公司 | Transaction data secure transmission method for card reader |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7840003B2 (en) | High-speed GCM-AES block cipher apparatus and method | |
| CN111934850A (en) | Encryption and decryption method for class AES | |
| KR100917073B1 (en) | Method and apparatus for increasing the speed of cryptographic processing | |
| CN110880967B (en) | Method for parallel encryption and decryption of multiple messages by adopting packet symmetric key algorithm | |
| JPH0863097A (en) | Method and system for symmetric encoding for encoding of data | |
| JPH1075240A (en) | Method for protecting data transmission and device for ciphering or deciphering data | |
| US8000471B2 (en) | Robust cipher design | |
| US20030059054A1 (en) | Apparatus for generating encryption or decryption keys | |
| WO2001082524A1 (en) | Cryptographic system for data encryption standard | |
| JP4793268B2 (en) | Common key block encryption apparatus, common key block encryption method, and common key block encryption program | |
| JP2015191106A (en) | Encryption processing device, encryption processing method, and program | |
| US6732271B1 (en) | Method of deciphering ciphered data and apparatus for same | |
| Al-Neaimi et al. | New Approach for Modifying Blowfish Algorithm by Using Multiple Keys | |
| JPH10240500A (en) | Random number generator and method, enciphering device and method, decoder and method and stream cipher system | |
| Gehlot et al. | Implementation of Modified Twofish Algorithm using 128 and 192-bit keys on VHDL | |
| Sivakumar et al. | High speed VLSI design CCMP AES cipher for WLAN (IEEE 802.11 i) | |
| US20240097880A1 (en) | High-speed circuit combining aes and sm4 encryption and decryption | |
| CN114244496B (en) | SM4 encryption and decryption algorithm parallelization realization method based on tower domain optimization S box | |
| JP4857230B2 (en) | Pseudorandom number generator and encryption processing device using the same | |
| Al-Muhammed | Light but Effective Encryption Technique based on Dynamic Substitution and Effective Masking | |
| JP2000075785A (en) | High-speed cipher processing circuit and processing method | |
| JP2002510058A (en) | Method for cryptographic conversion of binary data blocks | |
| RU2738321C1 (en) | Cryptographic transformation method and device for its implementation | |
| El-Ramly et al. | Dynamic generation of S-boxes in block cipher systems | |
| CN113259719A (en) | SM 4-based video encryption method and system |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20201113 |
|
| RJ01 | Rejection of invention patent application after publication |