CN100583757C - ECC/RSA encryption/decryption coprocessor - Google Patents
ECC/RSA encryption/decryption coprocessor Download PDFInfo
- Publication number
- CN100583757C CN100583757C CN200610167380A CN200610167380A CN100583757C CN 100583757 C CN100583757 C CN 100583757C CN 200610167380 A CN200610167380 A CN 200610167380A CN 200610167380 A CN200610167380 A CN 200610167380A CN 100583757 C CN100583757 C CN 100583757C
- Authority
- CN
- China
- Prior art keywords
- ecc
- rsa
- controller
- control unit
- arithmetic
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Abstract
The invention relates to an ECC\RSA encryption and decryption coprocessor which includes a command input device, an ECC\RSA master controller, an ECC slave controller, an operation controller and a basic operation controller, wherein, the command input device converts external commands and is respectively connected with the ECC\RSA master controller, the ECC slave controller and the operation controller; after switching the corresponding ECC\RSA operation, the ECC\RSA master controller are respectively connected with the ECC slave controller and the operation controller so as to control the ECC slave controller to complete the calculation of modular exponentiation, modular multiplication and point multiplication as well as control the operation controller to complete the modular multiplication; the operation controller is connected with basic operation controller and the basic operation controller completes the modular multiplication calculation and plus-minus calculation; therefore, ECC\RSA encryption and decryption calculation can be realized by using a shift register, a multiplier and an adder at the same time, thus reducing the register and a combinational logic circuit as well as effectively reducing chip area.
Description
Technical field
What the present invention relates to is a kind of encryption processor, particularly be a kind of realized simultaneously ECC the processor of RSA encryption and decryption computing.
Background technology
The RSA public key cryptography is present widely used public key data enciphering and deciphering algorithm, and it can resist all up to the present known cryptographic attacks.The difficulty that the fail safe of RSA Algorithm is decomposed based on big prime number in the number theory.Along with developing rapidly of computer process ability and network, the weakness of the PKI figure place of RSA public-key cryptosystem big (being generally more than 1024 bits) comes out gradually.Elliptic curve cipher system (ECC), its fail safe are based on the difficulty that the discrete logarithm problem ECDLP of the module on the elliptic curve finds the solution, and the relative RSA of ECC system compares the advantage of having more.Because its every has higher fail safe, causes its fast operation, saves power consumption simultaneously, bandwidth, memory space and certificate length.Smart card IC requires less memory space and low cost.In the design of the operating system COS of intellective IC card, various security protocol has all been taked in card and data communication aspect.Various security algorithms, data encryption measures such as high RSA of intensity and ECC have often all been adopted in these agreements.
Its main operational is exactly mould power/multiplication in the rsa encryption, and its main operational was a point multiplication operation during ECC encrypted, because the complexity of their calculation procedures, and present most of chip a kind in can only realization, and the another kind of mode of soft nuclear that adopts realizes.For the lower equipment of intellective IC card isochronon frequency, software and hardware is many alternately, causes the speed of computing slow.And in the design of some realization of High Speed, area of chip is bigger than normal, and cost is higher.
Summary of the invention
The objective of the invention is to, propose a kind of ECC the RSA encryption-decryption coprocessor, its interface mode is simple, shared register of RSA and ECC and counting circuit adopt modularization control, and arithmetic speed is accelerated greatly.With dot product, mould idempotent complex calculation is decomposed into regular multiplication and adds and subtracts basic calculating entirely, and regular calculating operation reduces intermediate steps, has reduced the number of registers.Based on the difference of upper-layer protocol, can call this coprocessor and finish 256 inverting separately, point adds, dot product, and 1024 mould takes advantage of, multiplication and precomputation computing make application more flexible.
For achieving the above object, the technical solution used in the present invention is, proposed a kind of ECC the RSA encryption-decryption coprocessor, it comprises: instruction inputting device, ECC RSA master controller, ECC assist controller, arithmetic and control unit and basic operation device, wherein,
Described instruction inputting device is changed external command, its respectively with described ECC RSA master controller, ECC association's controller and arithmetic and control unit be connected;
Described ECC the RSA master controller, switch finish corresponding ECC the RSA computing, it links to each other with described ECC association controller, arithmetic and control unit respectively, control described ECC association controller and finish that mould is taken advantage of, power is taken advantage of and dot product calculating, and described arithmetic and control unit is finished mould and is taken advantage of calculating;
Described arithmetic and control unit links to each other with the basic operation device, and described basic operation device is finished mould and taken advantage of, and adds, and subtracts calculating;
Also comprise a buffer memory, described buffer memory links to each other with the basic operation device with described instruction inputting device respectively;
Described instruction inputting device is a decoder;
Preferable, described decoder control ECC the RSA master controller finish RSA, the ECC computing; The control arithmetic and control unit is finished mould and is taken advantage of, adds, subtracts the initialization of calculating and controlling buffer memory, displacement and storage;
Preferable, described ECC RSA master controller control ECC association controller finish mould power and take advantage of with dot product and calculate; And the control arithmetic and control unit is finished mould and is taken advantage of calculating;
Preferable, described ECC assists controller control arithmetic and control unit to finish the calculating of ECC single step;
Preferable, decoder has in order to enabling signal to be provided: receive write signal, read signal, the reset signal of outside microprogram control unit, 8 the input of address signal; And receive from ECC the input of the state value that returns of RSA master controller;
Preferable, described enabling signal for to ECC the RSA master controller send the enabling signal that produces through decoding; Controller sends the enabling signal that produces through decoding to ECC association; Send the enabling signal that produces through decoding to arithmetic and control unit; To the signal of buffer memory output through the read/write data of decoding generation.
Description of drawings
Fig. 1 be ECC of the present invention the allocation plan of coprocessor preferred embodiment of RSA cryptographic algorithms;
Fig. 2 is the circuit block diagram of the basic operation device among Fig. 1.
Embodiment
Below in conjunction with accompanying drawing, be described in more detail with other technical characterictic and advantage the present invention is above-mentioned.
See also Fig. 1 for ECC of the present invention the allocation plan of coprocessor preferred embodiment of RSA cryptographic algorithms, it comprises: decoder 1; ECC RSA master controller 2; ECC assists controller 3; Arithmetic and control unit 4; FIFO (buffer memory) 5; Basic operation device 6.
Wherein, described decoder 1 respectively with ECC RSA master controller 2, ECC assists controller 3, arithmetic and control unit 4 links to each other with FIFO5; Decoder 1 and FIFO5 are by bidirectional data line, external address data bus and outside swap data; After external data writes FIFO5, send in the relevant register by decoder 1 control.It can directly control ECC RSA master controller 3 finish RSA, the ECC computing; Also can directly control ECC association controller 3 and finish ECC single step calculating; Can directly control arithmetic and control unit 4 and finish mould and take advantage of, add, subtract calculating; And the initialization of control FIFO5, displacement and storage.
This part is mainly deciphered outside addr address wire, realizes easily with general 2 systems decoding.
Described ECC RSA master controller 2 also link to each other respectively with arithmetic and control unit 4 with ECC association controller 3; By decoder enable, directly control ECC association controller 3 and finish mould power and take advantage of with dot product and calculate; Directly control arithmetic and control unit 4 is finished mould and is taken advantage of calculating; And return the completion status signal to decoder 1.According to the number of " 1 " in the parameter or power exponent of dot product, start corresponding ECC single step or mould and take advantage of signal calculated, this part upstate machine produces control signal and realizes;
Described ECC assists controller 3 also to link to each other with described arithmetic and control unit 4; By decoder or ECC the RSA master controller start, ECC association controller 3 control arithmetic and control units 4 are finished the calculating of ECC single step, and to ECC RSA master controller 2 return the completion status signal; Add or doubly signal calculated according to the ECC point, produce that mould is taken advantage of or mould adds, mould subtracts signal calculated, and this part upstate machine produces control signal and realizes;
Described arithmetic and control unit 4, decoder 1, ECC association controller 3 all links to each other with basic operation device 6; By decoder, ECC RSA master controller or ECC association controller start, described arithmetic and control unit 4 control basic operation devices 6 are finished mould and are taken advantage of, add and subtract; According to the signal that mould is taken advantage of or mould adds, mould subtracts, produce and to take advantage of, to take advantage of and add, add signal calculated, this part upstate machine produces control signal and realizes;
Described FIFO5 links to each other with basic operation device 6 with decoder 1; Push-up storage is used for the input and output buffering, splicing data, storage compute mode value.
The data of the 6 couples of FIFO5 of described basic operation device input are handled, by do multiplication and addition and subtraction finish whole ECC the computing of RSA encryption and decryption, and result of calculation is kept among the FIFO5.
See also shown in Figure 2ly, it is the circuit block diagram of the basic operation device among Fig. 1, and described basic operation device 6 comprises: circulating register group 61, multiplier 62, gate 63, temporary register 64, adder 65, temporary register 66, gate 67, gate 68, carry storage register 69, adder 6a, subtract logic unit 6b, gate 6c.
Wherein, described circulating register group 61 is made up of 4 circulating registers.Be respectively applied for the storage modulus, operand 1, operand 2 and interim result of calculation.Receive the input data of adder 6a or FIFO5, be multiplier 62, adder 65, adder 6a provides the associative operation number, finishes jointly to take advantage of to add function.Receive the result that adder 6a returns simultaneously;
Described multiplier 62 receives the operand of circulating register group 61 outputs, and next stage gate 63 or the gate 6c of bearing results multiplies each other; The result of calculation in this step can directly be exported under multiplying signal control.
Described gate 63 is selected as the input of temporary register 64.Receive the result of multiplier 62 outputs and the data of circulating register group 61 outputs, select one of them to output in the temporary register 64;
Described temporary register 64 receives the data of gate 63 outputs, outputs to adder 65 as an operand or to gate 67.
Described adder 65 multiplies each other the result of temporary register 64 outputs and the result of adder 26a output, bears results and send temporary register 66 or gate 6c; The result of calculation in this step is taken advantage of under the signal controlling and can directly be exported at mould.
Described temporary register 66 receives the result of adder 65 outputs or the data of circulating register group 61 outputs, outputs to gate 68.
Described gate 67 is selected as the operand input of adder 6a.Receive the data of temporary register 64 and 61 outputs of circulating register group, select one of them operand as adder 6a;
Described gate 68 is selected as the operand input of adder 6a.Receive the data of temporary register 66 and subtract logic unit 6b output, select one of them operand as adder 6a;
Described carry storage register 69 receives the carry that adder 6a produces, and preserves wherein, and the following cycle will participate in calculating as adder 6a operand;
Described adder 6a receives gate 67, and the data of reception gate 68 and carry storage register 69 adduction mutually produce carry.With send gate 6c and adder 65, circulating register group 61; The result of calculation in this step can directly be exported under mould adds deduct signal controlling.
Described subtract logic unit 6b is as the intermediate logic circuit, receives the data of circulating register group 61, and is the subtraction number with data conversion, outputs in the gate 68, mainly finishes the operation of delivery;
Described gate 6c receives multiplier 62, and the result of adder 65 and adder 6a output selects one of them output as basic operation device 6.
To sum up, the present invention is at the regularity of data processing, concurrency, and the durability of device has certain innovation in the reconstruct.By utilizing shift register, multiplier and adder realized simultaneously ECC the computing of RSA encryption and decryption, based on RSA that separates and the structure of ECC, reduced register and combinational logic circuit with respect to former, effectively reduce area of chip.With complex calculations among RSA and the ECC, resolve into simple computation simultaneously, and can be by outside microprogram control unit control output.Upper layer software (applications) can call this coprocessor finish 256 invert separately, put add, dot product and 1024 s' mould is taken advantage of, multiplication and precomputation computing, makes application more flexible.
The above only is preferred embodiment of the present invention, only is illustrative for the purpose of the present invention, and nonrestrictive.Those skilled in the art is understood, and can carry out many changes to it in the spirit and scope that claim of the present invention limited, revise, even equivalence, but all will fall within the scope of protection of the present invention.
Claims (5)
1, a kind of ECC the RSA encryption-decryption coprocessor, it is characterized in that: it comprises: instruction inputting device, ECC RSA master controller, ECC assist controller, arithmetic and control unit and basic operation device, wherein,
Described instruction inputting device is changed external command, its respectively with described ECC RSA master controller, ECC association's controller and arithmetic and control unit be connected, wherein, described instruction inputting device is a decoder;
Described ECC the RSA master controller, switch finish corresponding ECC the RSA computing, it links to each other with described ECC association controller, arithmetic and control unit respectively, control described ECC association controller and finish that mould is taken advantage of, power is taken advantage of and dot product calculating, and described arithmetic and control unit is finished mould and is taken advantage of calculating;
Described arithmetic and control unit links to each other with the basic operation device, described basic operation device is finished mould and is taken advantage of, adds, subtracts calculating, described basic operation device comprises: shift register, multiplier and adder, wherein said shift register is connected respectively at described multiplier, adder, and described multiplier links to each other with described adder; Also comprise a buffer memory, described buffer memory links to each other with the basic operation device with described decoder respectively.
2, a kind of ECC according to claim 1 the RSA encryption-decryption coprocessor, it is characterized in that: described decoder control ECC the RSA master controller finish RSA, the ECC computing; The control arithmetic and control unit is finished mould and is taken advantage of, adds, subtracts the initialization of calculating and controlling buffer memory, displacement and storage.
3, a kind of ECC according to claim 1 the RSA encryption-decryption coprocessor, it is characterized in that: described ECC assists controller control arithmetic and control unit to finish the calculating of the single step of ECC, and described arithmetic and control unit control basic operation device is finished mould and is taken advantage of, and adds, and subtracts.
4, a kind of ECC according to claim 1 the RSA encryption-decryption coprocessor, it is characterized in that: described decoder is in order to provide enabling signal, and it has: receive write signal, read signal, the reset signal of outside microprogram control unit, 8 the input of address signal; And receive from ECC the input of the state value that returns of RSA master controller.
5, a kind of ECC according to claim 7 the RSA encryption-decryption coprocessor, it is characterized in that: described enabling signal comprises: to ECC the RSA master controller send the enabling signal that produces through decoding; Controller sends the enabling signal that produces through decoding to ECC association; Send the enabling signal that produces through decoding to arithmetic and control unit; To the signal of buffer memory output through the read/write data of decoding generation.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200610167380A CN100583757C (en) | 2006-12-31 | 2006-12-31 | ECC/RSA encryption/decryption coprocessor |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN200610167380A CN100583757C (en) | 2006-12-31 | 2006-12-31 | ECC/RSA encryption/decryption coprocessor |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101212292A CN101212292A (en) | 2008-07-02 |
| CN100583757C true CN100583757C (en) | 2010-01-20 |
Family
ID=39612002
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN200610167380A Active CN100583757C (en) | 2006-12-31 | 2006-12-31 | ECC/RSA encryption/decryption coprocessor |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100583757C (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107302431A (en) * | 2016-04-14 | 2017-10-27 | 深圳市中兴微电子技术有限公司 | The device of RSA/ECC enciphering and deciphering algorithms is realized simultaneously |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102307090B (en) * | 2011-06-21 | 2014-04-02 | 西安电子科技大学 | Elliptic curve password coprocessor based on optimal normal basis of II-type |
| CN102412965B (en) * | 2011-08-09 | 2013-11-27 | 深圳市德卡科技有限公司 | Elliptic curve cryptographic coprocessor |
| CN102707924B (en) * | 2012-05-02 | 2015-06-10 | 广州中大微电子有限公司 | RSA coprocessor for RFID (radio frequency identification device) intelligent card chip |
| CN105094746A (en) * | 2014-05-07 | 2015-11-25 | 北京万协通信息技术有限公司 | Method for achieving point addition/point doubling of elliptic curve cryptography |
| CN104503730A (en) * | 2014-10-24 | 2015-04-08 | 山东华芯半导体有限公司 | Instruction-based large-number point addition and point multiplication operation circuit and realization method |
| CN105024804A (en) * | 2015-06-10 | 2015-11-04 | 国网智能电网研究院 | A highly efficient symmetrical secret key apparatus which allows pairing and a pairing method |
| CN112527240B (en) * | 2020-12-22 | 2023-11-14 | 中国电子科技集团公司第四十七研究所 | Floating point operation device matched with 80C186CPU |
| CN116186794B (en) * | 2022-12-30 | 2024-04-16 | 海光信息技术股份有限公司 | Cryptographic coprocessor, cryptographic processing method, chip and computer device |
-
2006
- 2006-12-31 CN CN200610167380A patent/CN100583757C/en active Active
Non-Patent Citations (2)
| Title |
|---|
| 高效椭圆曲线密码芯片的VLSI设计. 何向军,苏斌.计算机工程,第Vol.32卷第No.18期. 2006 |
| 高效椭圆曲线密码芯片的VLSI设计. 何向军,苏斌.计算机工程,第Vol.32卷第No.18期. 2006 * |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107302431A (en) * | 2016-04-14 | 2017-10-27 | 深圳市中兴微电子技术有限公司 | The device of RSA/ECC enciphering and deciphering algorithms is realized simultaneously |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101212292A (en) | 2008-07-02 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100583757C (en) | ECC/RSA encryption/decryption coprocessor | |
| CN100470464C (en) | Multiplier based on improved Montgomey's algorithm | |
| CA2251178A1 (en) | Computationally efficient modular multiplication method and apparatus | |
| KR20050013191A (en) | Stream processor with cryptographic co-processor | |
| JP2002521720A (en) | Circuits and methods for modulo multiplication | |
| CN102707924B (en) | RSA coprocessor for RFID (radio frequency identification device) intelligent card chip | |
| US8386802B2 (en) | Method and apparatus for processing arbitrary key bit length encryption operations with similar efficiencies | |
| US10693625B2 (en) | Security processor, application processor including the same, and operating method of security processor | |
| CN101834723A (en) | RSA (Rivest-Shamirh-Adleman) algorithm and IP core | |
| US20020065574A1 (en) | Data processor, semiconductor integrated circuit and CPU | |
| KR100436814B1 (en) | apparatus for RSA Crypto Processing of IC card | |
| Bosmans et al. | A tiny coprocessor for elliptic curve cryptography over the 256-bit NIST prime field | |
| CN110704109B (en) | Elliptic curve password coprocessor | |
| CN114579078A (en) | Accelerator, acceleration method and electronic equipment | |
| Chen et al. | A high-performance unified-field reconfigurable cryptographic processor | |
| KR100453230B1 (en) | Hyperelliptic curve crtpto processor hardware apparatus | |
| Moreno et al. | SPA-resistant binary exponentiation with optimal execution time | |
| CN116488788A (en) | Hardware accelerator of full homomorphic encryption algorithm, homomorphic encryption method and electronic equipment | |
| Sun et al. | Design of a scalable RSA and ECC crypto-processor | |
| Ghosh et al. | A robust GF (p) parallel arithmetic unit for public key cryptography | |
| KR20020094256A (en) | Apparatus and method of finite-field inversion and multiplication based on elliptic curve cryptography | |
| JP2000207387A (en) | Arithmetic unit and cipher processor | |
| US20080263115A1 (en) | Very long arithmetic logic unit for security processor | |
| JP3904421B2 (en) | Remainder multiplication arithmetic unit | |
| CN102739396A (en) | Co-processor applied in information security |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant |