CN101114904A - Method and device for implementing S-BOX initialization in RC4 algorithm - Google Patents
Method and device for implementing S-BOX initialization in RC4 algorithm Download PDFInfo
- Publication number
- CN101114904A CN101114904A CNA2006100889228A CN200610088922A CN101114904A CN 101114904 A CN101114904 A CN 101114904A CN A2006100889228 A CNA2006100889228 A CN A2006100889228A CN 200610088922 A CN200610088922 A CN 200610088922A CN 101114904 A CN101114904 A CN 101114904A
- Authority
- CN
- China
- Prior art keywords
- box
- memory
- address
- seed
- designated
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention provides an S-BOX initialization method and S-BOX initialization device for carrying out a RC4 algorithm with efficiency in a communication hardware. At present, the RC4 algorithm is widely applied to data encryption in data communication. Before encryption and decryption for per frame data, a seed which is formed by connecting a key and an initialization vector is used for initializing the S-BOX of RC4. As regards a receiving process, the KEY and the IV must be obtained at the moment of frame arrival and then the initialization process of the S-BOX can be started. As the reception of a frame body is followed by the reception of IV, when the S-BOX is initialized, a corresponding cache must be set to save a received keystream byte. And the size of the cache is proportional to the initialized time length of the S-BOX. The method provides an efficient initialized method of the S-BOX which can effectively speed the S-BOX initialization process under the condition of with no need of increasing hardware sequence so that the hardware cache size is reduced and the hardware cost is reduced.
Description
Technical field
The present invention relates to network communication field, relate in particular to a kind of solution RC4 and encrypt the efficient initialized method and apparatus of S-BOX.
Background technology
The RC4 algorithm is a kind of grouping symmetric encipherment algorithm, and algorithm generally considers to support the key of 64bit and 128bit.
The RC4 algorithm can be divided into two steps:
The first step: S-BOX initialization
1) S-BOX of 256 byte-sized linearly the value of being initialized to be 0-255.
2) be ready to the seed (SEED) that generates the pseudorandom words joint, in communication system, seed can be made up of key (Key) and initialization vector IV (Initialization Vector), if RC4 supports the 64bit key, then the composition of seed is as the formula (1):
Seed={Key[39:0],IV[23:0]} (1)
If support the 128bit key, then the composition of seed is as the formula (2):
Seed={Key[103:0],IV[23:0]} (2)
3) j=0 adjusts the linear value of the internal storage location of S-Box according to following false code
for?i=0?to?255
begin
j=(j+SD[i]+S[i])mod?256;
swap(S[i],S[j])
end
Second step: the pseudorandom byte generates, and at first makes i=0, j=0, the false code below carrying out then
i=i+1 (mod?256)
j=j+S[i] (mod?256)
swap(S[i],S[j])
t=S[j]+S[i](mod?256)
K=S(t)
In superincumbent two steps: SD (i) is meant i byte of seed, and for the seed of 64bit, then i should be that mould carries out value with 8, if support the seed of 128bit, then i should be that mould carries out value with 16; I, j, the value of t is therewith roughly the same.
S (i) is meant the value of i unit among the S-Box;
S (j) is meant the value of j unit among the S-Box;
S (t) is meant the value of t unit among the S-Box;
K is meant that need be used for is the pseudorandom byte that i plaintext byte carried out enciphering/deciphering.
During the hardware of this algorithm is realized, for process of transmitting, IV and Key can be the known quantities that software sets in advance, that is to say, before expressly being ready to, control logic just can be carried out the initialization procedure of S-BOX, can send while encrypting after treating expressly to be ready to, but for receiving course, other byte of IV and frame is the same all to be to send from the other side who participates in communication, and before being received in complete IV, the initialization procedure of S-BOX and frame (ciphertext) decrypting process can't begin, and the reception of frame follows closely after the IV reception, and both inbound pacings are identical.Therefore, corresponding buffer memory must be set store the frame ciphertext byte that receives in the S-BOX initialization procedure, the size of this buffer memory is directly proportional with S-BOX initialization time length, and initialization time is long more, then need data in buffer many more, the demand of buffer memory is big more.
This shows, improve the size that S-BOX initialization efficient can effectively reduce buffer memory, accelerate encryption and decryption simultaneously.
Referring to Fig. 1, this Figure illustrates a kind of comparatively common hard-wired sequential at present, during this is realized, each operation all is the value S[i that at first obtains i memory cell pointed], be worth according to this and calculate j,, obtain the value S[j of j memory cell pointed again] if i and j are unequal, subsequently by two ports by dual port RAM respectively simultaneously with S[i] and S[j] write the internal storage location that j and i point to respectively, realize exchange.
Hollow arrow lines presentation address transmittance process among Fig. 1, the solid arrow line is represented data transfer.With the first time data be adjusted into example, S[0] content of expression S-BOX memory the 0th memory cell, according to RC4 algorithm, j=j+S[i]+SEED[i], SEED[0] known, j is initialized to 0, can generate j[0 thus]; By the j[0 that calculates] can read the value S[j[0 of this unit]].Obtaining S[j[i]] in carry out two operations, the B port of this value by dual port RAM is updated to Unit 0, with S[0] be updated to j[0 by the A port] position pointed.
By said process as seen, the each adjustment needs 3 clock cycle of cost, and two cycles are carried out read operation, and one-period carries out write operation.Because S-BOX amounts to 256 unit, finishing S-BOX initialization procedure preface needs 768 clock cycle.
The more basic reason of this method spended time is, obtains S[i] after, can be in time according to its j[i that calculates] visit this value memory cell pointed, so that when the next rising edge clock arrival that follows closely, carry out exchanges data.
The method of a feasible solution is that the B port is adopted another one and the opposite clock of A port clock phase, like this, obtain S[i from the A port] after, at the rising edge of B port clock, just can be with S[i] j[i that derives from] as the address, to j[i] unit carries out read operation.Another speed that Here it is is implementation method faster, and operating process as shown in Figure 2.
Fig. 2 hollow core arrow lines are represented by A mouth data S[i] derive from B port address j[i] transmittance process, the solid arrow lines are represented by S[i] replace j[i] data transfer of unit, the strokes and dots arrow line is represented B mouth data j[i] be delivered to the A mouth as the process of upgrading the i cell data.This method requirement before B mouth rising edge arrives, must obtain address j[i from the data fork of A mouth output]; Before A mouth rising edge arrives, must obtain upgrading the i cell data from the B mouth.
Summary of the invention
As above in two kinds of S-BOX initial methods, first method can't realize that streamlined handles, and needs more buffer memory; Second method can be well at A mouth and the existing water operation of B cause for gossip, approximate per 2 clock cycle of assurance can be carried out a secondary data adjustment, at i unit and j[i] unit is not under the situation of same unit, all S-BOX upgrade to finish needs 512 clock cycle.Compare with first method, initialization speed has improved 1/3.But, when logic synthesis, will require the logic that two different clocks act on is respectively applied different constraints because this implementation method needs two different clocks; Simultaneously, because this implementation method has comparatively strict requirement to the phase place of two clocks,, will cause upgrading and lose efficacy if deviation appears in clock.
For as above problem, the invention provides a kind of method and apparatus, can realize the efficient initialization of S-BOX not increasing under the situation that sequential requires.The present invention can effectively realize the streamlined processing, thereby reduces buffer memory, reduces and realizes difficulty and cost.
Comprise as Fig. 3 parts of the present invention: a SEED memory that is used to deposit SEED, the S-BOX memory of 256 byte longs of a RC4 algorithm requirement, an address register ADDRI, an address register ADDRJ, this device comprise that also is used to realize the initialized controller of S-BOX.
Described SEED is connected and composed by KEY and IV, and is stored in the SEED memory; Described S-BOX memory is the dual port RAM that the RC4 algorithm is used to deposit pseudo random number, and length is 256 bytes; Described S-BOX initialization controller is used for the reset values according to SEED and S-BOX memory, generates the random number of 256 bytes through a series of computings, and is stored in the S-BOX memory.Described address register ADDRI, ADDRJ is used to deposit the address of visit SEED and S-BOX memory, below i, j all represents reference address.
S-BOX initialization controller of the present invention comprises that step is as follows when realizing the efficient initialization of S-BOX:
(1) during hardware reset, linearity is set to 0-255 in the S-BOX memory;
(2) when transmission or receiving data frames, be connected the generation seed with IV according to KEY, and be stored in the SEED memory, initialization address register ADDRI and ADDRJ are 0;
Provide the reference address of SEED memory and S-BOX memory in (3) the 0th bats, be designated as 0, prepare from SEED memory and S-BOX memory, respectively to get a byte data according to this address;
In (4) the 1st bats, read a byte data, be designated as SD[0 from the SEED memory], read a byte data from S-BOX memory A port, be designated as S[0], calculate j[0]=(0+S[0]+SD[0]) mod 256;
(5) the 2nd clap, the address j[0 in clapping according to the 1st], read a byte data from S-BOX memory A port and be designated as S[j[0]], and with S[j[0]] to be written to the address be in 0 the byte for B port by the S-BOX memory; Do as above handle in, the reference address of SEED memory and S-BOX is added 1, be designated as 1;
(6) the 3rd clap, with S[0] to be written to the address be j[0 for B port by the S-BOX memory] byte in, simultaneously, a byte data is read from the SEED memory in the address 1 that provides in clapping according to the 2nd, is designated as SD[1]; Read a byte data from S-BOX memory A port, be designated as S[1]; Calculate j[1]=(j[0]+S[1]+SD[1]) mod 256;
In (7) the 4th bats, according to the address j[1 in the 3rd bat], read a byte data from S-BOX memory A port and be designated as S[j[1]], and with S[j[1]] to be written to the address be in 1 the byte for B port by the S-BOX memory, when doing as above processing, the reference address of SEED memory and S-BOX is added 1, be designated as 2.
(8) the 5th clap, with S[1] to be written to the address be j[1 for B port by the S-BOX memory] byte in, a byte data is read from the SEED memory in the address 2 that provides in clapping according to the 4th simultaneously, be designated as SD[2]; Read a byte data from S-BOX memory A port, be designated as S[2]; Calculate j[2]=(j[1]+S[2]+SD[2]) mod 256;
(9) repeat as above process, up to operating i255.
Like this by in same timeticks to the reading while write of dual port RAM different port, just can make the processing procedure streamlined, thereby realize the initialization of S-BOX efficiently.Simultaneously owing to not introducing new sequential requirement, so can not increase the complexity of sequential processing yet.
Description of drawings
The sequential schematic diagram of the S-BOX initial method that Fig. 1 uses always
The sequential schematic diagram of the improved S-BOX initial method of Fig. 2
Fig. 3 is for realizing the apparatus structure schematic diagram of the method for the invention
Fig. 4 is based on the S-BOX initialization sequential schematic diagram of Fig. 3 device
Fig. 5 is the schematic diagram of a realization of the present invention
Embodiment
See also Fig. 5, this figure describes an implement device of the present invention, and this device is composed as follows: a SEED memory that is used to deposit SEED; The S-BOX memory of 256 byte longs of a RC4 algorithm requirement, one is used to realize the initialized controller of S-BOX, an address register ADDRI, an address register ADDRJ, one is used for data cached register DATASWAP.
Described SEED is connected and composed by KEY and IV, and is stored in the SEED memory, if this encryption is 64, this kind quantum memory is 64 bytes so; If encrypting is 128, this kind quantum memory is 128 bytes so.
Described S-BOX memory is the dual port RAM that the RC4 algorithm is used to deposit pseudo random number, and length is 256 bytes, is set to 0-255 by linearity during hardware reset.
Described address register ADDRI, ADDRJ is used to deposit the address of visit SEED and S-BOX memory, below i, j all represents reference address.
Described S-BOX initialization controller is used for the reset values according to SEED and S-BOX memory, generates the random number of 256 bytes through a series of computings, and is stored in the S-BOX memory.
See also Fig. 4, this Figure illustrates and adopt initialized program process when basic of S-BOX of the present invention.
(1) during hardware reset, linearity is set to 0-255 in the S-BOX memory;
(2) when transmission or receiving data frames, be connected the generation seed with IV according to KEY, and be stored in the SEED memory, initialization address register ADDRI and ADDRJ are 0;
Provide the reference address of SEED memory and S-BOX memory in (3) the 0th bats, be designated as 0, prepare from SEED memory and S-BOX memory, respectively to get a byte data according to this address;
In (4) the 1st bats, read a byte data, be designated as SD[0] from the SEED memory; Read a byte data from S-BOX memory A port, be designated as S[0], be stored among the register DATASWAP; Calculate
J[0]=(0+S[0]+SD[0]) mod 256, be stored among the ADDRJ;
(5) the 2nd clap, the address j[0 in clapping according to the 1st], read a byte data from S-BOX memory A port and be designated as S[j[0]], and with S[j[0]] to be written to the address be in 0 the byte for B port by the S-BOX memory; Do as above handle in, 0+1 provides the next reference address of SEED memory and S-BOX, is designated as 1;
(6) the 3rd clap, with the S[0 that deposits among the register DATASWAP] to be written to the address be j[0 for B port by the S-BOX memory] byte in; Simultaneously,, read a byte data, be designated as SD[1] from the SEED memory according to the address 1 that provides in the 2nd bat; Read a byte data from S-BOX memory A port, be designated as S[1], be stored among the register DATASWAP; Calculate j[1]=(j[0]+S[1]+SD[1]) mod 256, be stored among the ADDRJ;
(7) the 4th clap, the address j[1 in clapping according to the 3rd], read a byte data from S-BOX memory A port and be designated as S[j[1]], and with S[j[1]] to be written to the address be in 1 the byte for B port by the S-BOX memory.Do as above handle in, 1+1 provides the next reference address of SEED memory and S-BOX, is designated as 2;
(8) the 5th clap, with the data S[1 that leaves among the register DATASWAP] to be written to the address be j[1 for B port by the S-BOX memory] byte in; Simultaneously,, read a byte data, be designated as SD[2 from the SEED memory according to the address 2 that provides in the 4th bat]; Read a byte data from S-BOX memory A port, be designated as S[2], be stored among the register DATASWAP; Calculate j[2]=(j[1]+S[2]+SD[2]) mod256, be stored among the ADDRJ.
(9) repeat as above process, up to operating i255.
Fig. 4 hollow core lines presentation address transmittance process, the solid line lines are represented data transfer.As seen from the figure, worst condition, i and j[i when promptly exchanging at every turn] point to different memory cell, the renewal of 256 unit of S-BOX needs 514 clock cycle.Compare with second method, the benefit of this method is to have avoided to adopt different clocks on two ports, and the initialization speed that obtains with it much at one; Compare with first method, initialization speed has improved nearly 1/3.
Improving one's methods needs to consider three kinds of special circumstances: j[i]=i, j[i]=i+1, and j[i]=j[i-1], these three kinds of situations are represented following three kinds of situations respectively:
(1) [i]=i represents that the position of two unit in S-BOX of the i time action need visit is identical;
(2) [i]=i+1 represents that in fact the i unit of the i time operation needs to carry out exchanges data with its next-door neighbour's next unit;
(3) j[i]=j[i-1], need in the i time operation to represent the j[i with i elements exchange data] and the unit, be actually the last unit that upgrades.That is to say, when hardware need read j[i from the A mouth] during cell data, because B mouth water operation lagging reasons is also writing j[i-1] data of unit, and these two unit are in same position, will cause the result who reads or writes uncertain like this.
Above-mentioned three kinds of situations are still followed program process when basic, but need handle especially on some details, do not repeat them here.
As mentioned above, the present invention utilizes the dual-port characteristic of S-BOX, by timing Design, can constantly fetch data from the A port reads, upgrades the unit of visiting previously successively at the B port, thereby realizes the streamlined operation.The present invention has effectively shortened the overall adjustment time of S-BOX, and the adjustment time of S-BOX can be less than 514 clock cycle under the situation mostly.Only there is 1 clock zone in the hardware module of this realization simultaneously, becomes more flexible with other module is integrated.
Claims (2)
1. realize the initialized method and apparatus of S-BOX in the RC4 algorithm for one kind, the parts that relate to comprise: a SEED memory that is used to deposit SEED, the S-BOX memory of 256 byte longs of a RC4 algorithm requirement, an address register ADDRI, an address register ADDRJ is characterized in that: also comprise a S-BOX initialization controller in this device.
2. according to right 1 described method and apparatus, it is characterized in that may further comprise the steps:
(1) carries out the initialization of above-mentioned each parts during hardware reset;
Provide the reference address of SEED memory and S-BOX memory in (2) the 0th bats, be designated as 0, prepare from SEED memory and S-BOX memory, respectively to get a byte data according to this address;
In (3) the 1st bats, read a byte data, be designated as SD[0] from the SEED memory; Read a byte data from S-BOX memory A port, be designated as S[0]; Calculate j[0]=(0+S[0]+SD[0]) mod 256;
(4) the 2nd clap, the address j[0 in clapping according to the 1st], read a byte data from S-BOX memory A port and be designated as S[j[0]], and with S[j[0]] to be written to the address be in 0 the byte for B port by the S-BOX memory.Do as above handle in, 0+1 provides the next reference address of SEED memory and S-BOX, is designated as 1;
(5) the 3rd clap, with S[0] to be written to the address be j[0 for B port by the S-BOX memory] byte in.Simultaneously,, read a byte data, be designated as SD[1] from the SEED memory according to the address 1 that provides in the 2nd bat; Read a byte data from S-BOX memory A port, be designated as S[1]; Calculate
j[1]=(j[0]+S[1]+SD[1])mod?256;
(6) the 4th clap, the address j[1 in clapping according to the 3rd], read a byte data from S-BOX memory A port and be designated as S[j[1]], and with S[j[1]] to be written to the address be in 1 the byte for B port by the S-BOX memory.Do as above handle in, 1+1 provides the next reference address of SEED memory and S-BOX, is designated as 2;
(7) the 5th clap, with S[1] to be written to the address be j[1 for B port by the S-BOX memory] byte in.Simultaneously,, read a byte data, be designated as SD[2] from the SEED memory according to the address 2 that provides in the 4th bat; Read a byte data from S-BOX memory A port, be designated as S[2]; Calculate
j[2]=(j[1]+S[2]+SD[2])mod?256;
(8) repeat as above process, up to operating i255.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100889228A CN101114904A (en) | 2006-07-26 | 2006-07-26 | Method and device for implementing S-BOX initialization in RC4 algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNA2006100889228A CN101114904A (en) | 2006-07-26 | 2006-07-26 | Method and device for implementing S-BOX initialization in RC4 algorithm |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN101114904A true CN101114904A (en) | 2008-01-30 |
Family
ID=39023045
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNA2006100889228A Pending CN101114904A (en) | 2006-07-26 | 2006-07-26 | Method and device for implementing S-BOX initialization in RC4 algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101114904A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101783726B (en) * | 2009-01-20 | 2012-01-11 | 武汉大学 | S box evolution generator and generation method |
| CN102752107A (en) * | 2011-04-19 | 2012-10-24 | 中国科学院微电子研究所 | Device and method for encrypting/decrypting RC4 |
| US8533456B2 (en) | 2010-10-07 | 2013-09-10 | King Saud University | Accelerating stream cipher operations using single and grid systems |
-
2006
- 2006-07-26 CN CNA2006100889228A patent/CN101114904A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101783726B (en) * | 2009-01-20 | 2012-01-11 | 武汉大学 | S box evolution generator and generation method |
| US8533456B2 (en) | 2010-10-07 | 2013-09-10 | King Saud University | Accelerating stream cipher operations using single and grid systems |
| CN102752107A (en) * | 2011-04-19 | 2012-10-24 | 中国科学院微电子研究所 | Device and method for encrypting/decrypting RC4 |
| CN102752107B (en) * | 2011-04-19 | 2015-04-29 | 中国科学院微电子研究所 | Device and method for encrypting/decrypting RC4 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US20110255689A1 (en) | Multiple-mode cryptographic module usable with memory controllers | |
| JP4684550B2 (en) | Cryptographic device that supports multiple modes of operation | |
| US7043017B2 (en) | Key stream cipher device | |
| US5452358A (en) | Method and apparatus for improving the security of an electronic codebook encryption scheme utilizing a data dependent encryption function | |
| CN1973481B (en) | Apparatus, network system and method for performing RC4 ciphering | |
| EP3582134B1 (en) | A cryptography method and circuit, corresponding device | |
| US7532727B2 (en) | Hardware-based encryption/decryption employing dual ported key storage | |
| TW200830327A (en) | System and method for encrypting data | |
| CN110880967B (en) | Method for parallel encryption and decryption of multiple messages by adopting packet symmetric key algorithm | |
| EP3803672B1 (en) | Memory-efficient hardware cryptographic engine | |
| CN103632104A (en) | Parallel encryption and decryption method for dynamic data under large data environment | |
| WO2007098687A1 (en) | Encryption and decryption processing method of achieving sms4 cryptographic algorithm and system thereof | |
| CN112134703B (en) | Electronic device using improved key entropy bus protection | |
| CN103346878B (en) | A kind of secret communication method based on FPGA high-speed serial I/O | |
| CN108933653A (en) | A kind of AES encrypting and deciphering system and method based on large-scale data | |
| WO2023109235A1 (en) | Encryption and decryption initialization configuration method, edge end, encryption and decryption platform and security system | |
| CN102752107B (en) | Device and method for encrypting/decrypting RC4 | |
| US20120260103A1 (en) | Security circuit using at least two finite state machine units and methods using the same | |
| CN101114904A (en) | Method and device for implementing S-BOX initialization in RC4 algorithm | |
| US6873707B1 (en) | Hardware-based encryption/decryption employing cycle stealing | |
| CN102739393A (en) | Hardware encrypting UART (Universal Asynchronous Receiver Transmitter) device based on APB (Advanced Peripheral Bus) bus | |
| CN101515853A (en) | Information terminal and information safety device thereof | |
| US20210081572A1 (en) | Secure Low-latency Chip-to-Chip Communication | |
| CN108763982B (en) | DES encryption and decryption device suitable for RFID reader | |
| CN111566987B (en) | Data processing method, circuit, terminal device and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Open date: 20080130 |