CN101330497A - Hashing unit and method for implementing hashing operation - Google Patents
Hashing unit and method for implementing hashing operation Download PDFInfo
- Publication number
- CN101330497A CN101330497A CNA2007101067761A CN200710106776A CN101330497A CN 101330497 A CN101330497 A CN 101330497A CN A2007101067761 A CNA2007101067761 A CN A2007101067761A CN 200710106776 A CN200710106776 A CN 200710106776A CN 101330497 A CN101330497 A CN 101330497A
- Authority
- CN
- China
- Prior art keywords
- group
- mentioned
- modular
- parameter
- adder
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
The invention provides a hashing unit, which comprises a group of storage units, a first group of summing units and a second group of summing units. The group of the storage units are used for receiving a group of parameters and outputting a group of products according to the group of the parameters and the products of a group of temporary modular constants; the first group of the summing units are used for receiving the group of products, and enables the group of products to be added to the protocol parameters and outputs an addition result, and the addition result is divided into a plurality of partial results to be output; the second group of the summing units are used for receiving the partial results of the addition result, all the partial results are summarized to obtain a hashed value, the hashed value is equal to the result obtained through the addition result which takes a modular constant as the module to perform modular arithmetic, each partial result of the addition result is not larger than the modular constant, and the hashed value is equal to the sum of all the partial results of the addition result.
Description
Technical field
The present invention relates to the computational logic unit, relate in particular to the hash arithmetic element.
Background technology
Use is controlled with retrieving information based on the network of telecommunications and information processing system and is increased rapidly and widely popular in the modern commerce environmental applications.At diverse network for example Local Area Network, wide area network (WAN) and on the internet, transmit various information by packet switch between the user.So-called packet switch is meant the little data unit that data is divided into some, i.e. packet, and the node by some transmits these packets in communication network.
Digital communication network is all most important for company, government and individual, and malicious attack may cause huge economic loss or cause embarrassing situation.Therefore, the company, government and the individual that use a computer as communication tool pay much attention to network security, and widely-used SOCKS server is dealt with this problem.The network firewall server is held a tabulation, is used to store the packet label, in transmission course, for example uses in the process that transmission control protocol (TCP) transmits, and the packet label is the part of data packet stream.
Hash (Hash) function can be used for distinguishing the header values of a packet.The hashing unit input wherein can comprise flow information, for example source Internet Protocol (IP) address, target ip address, source port, target port and protocol type from a succession of orderly byte in one or more packet header.Hash function usually output can be used as the byte of the less figure place of the label of session list (session table) or index.According to above-mentioned one or more variablees, can allow or stop the exchange of packet by the filter of configuration packet filtering rule or fire compartment wall.
Hash function can be numerous can letter.For example, above-mentioned flow information can use the function shown in the following equation (1) to carry out the hash computing.
Result=(0x42541AFB*IP_SA+0x5B72939D*IP_DA+
0x2FC81E2D*S_Port+0xE1B5973E*D_Port+
Protocol)mod?0xFFFFF............................(1)
Wherein Result is less number, is the result of the function gained shown in the equation (1), also is the hash value.IP_SA is a source IP address, and IP_DA is a target ip address, and S_Port is a source port, and D_Port is a target port, and the constant of " 0x " expression back is a hexadecimal.
Hash function shown in the equation (1) obtains the result by multiplying each other with addition and inserts in the session list.In other words, one group of parameter (for example IP_SA, IP_DA, S_Port, D_Port and the agreement in the equation (1)) obtains the another one parameter through the hash computing, hash value just, and latter's figure place is less.
A kind of method that is used for the computing of above-mentioned parameter hash in the prior art is to use a kind of combinational logic of complexity to realize that multidigit multiplies each other (when agreement is 32 during for TCP) and uses a general adder to realize multidigit addition (during the TCP of agreement position also is 32).Yet 32 multiplier logic need a bigger memory space, thereby cost is higher.When this logic was designed to carry out high-speed computation or hash value and need calculates in very short several clock cycle, 32 multiplier logic were a problem especially.
So existing hash logic is in-problem in traditional hash interpretative version, and is difficult to compress effectively and is used for less memory space.Use the multiplier logic commonly used and the hash logic of adder to be difficult to the computing of input variable hash is obtained less result in the prior art.And the hash logic of prior art may need several clock cycle to realize hash function, makes that high-speed hardware is difficult to realize.
Therefore, need a kind of hashing unit and use less memory space and clock cycle still less to realize hash computing at a high speed, purport of the present invention promptly is to provide this kind hashing unit.
Summary of the invention
The invention provides a kind of hashing unit that carries out the computing of hash function equation, this hashing unit uses one group of 32 bit variable, one group of constant, protocol parameter, modular constant and hashed value to obtain above-mentioned hashed value in order to above-mentioned one group of 32 bit variable and protocol parameter are carried out the hash computing, and this hashing unit comprises an adder unit and a form unit.Adder unit is used for carrying out the multiplying and the add operation of hash function equation, each 32 bit variable of wherein above-mentioned one group of 32 bit variable all are divided into four 8 variable and this 8 bit variable are inputed to adder unit, adder unit in a clock cycle, export one interim and, wherein said one group of 32 bit variable generates an addition results in four clock cycle, this addition results is divided into first group of addition results byte and second group of addition results byte; Described form unit is used for carrying out the modular arithmetic of hash function equation, this form unit comprises first group carry storage adder and a first adder, first group carry storage adder is used for above-mentioned first group of addition results byte and the addition of second group of addition results byte, in a clock cycle, obtain one first result and one second result, first adder is used for above-mentioned first result and second results added, in a clock cycle, obtain an interim hashed value, when the figure place of this interim hashed value during, in two clock cycle, this interim hashed value is exported as above-mentioned hashed value less than the figure place of above-mentioned modular constant.
The present invention also provides a kind of being used for that one group of parameter and a protocol parameter are carried out the hashing unit that the hash computing obtains a hashed value, and this hashing unit comprises one group of memory cell, first group of adder unit and second group of adder unit.Described one group of memory cell is used to receive above-mentioned one group of parameter and exports one group of product according to the product of this group parameter and one group of interim modular constant; Described first group of adder unit is used to receive one group of above-mentioned product, and should organize product and described protocol parameter addition results of adduction output mutually, and this addition results is divided into a plurality of partial results and output; Described second group of adder unit is used to receive a plurality of partial results of above-mentioned addition results, and the various piece results added obtained above-mentioned hashed value, it is that mould carries out the result that modular arithmetic obtains with a modular constant that wherein said hashed value equals addition results, each partial results of described addition results all is not more than above-mentioned modular constant, and described hashed value equals the various piece results added sum of described addition results.
The present invention also provides a kind of being used for that one group of parameter is carried out the method that the hash computing obtains a hashed value, this method may further comprise the steps: with each parameter in above-mentioned one group of parameter respectively with one group of interim modular constant in a modular constant multiply each other, obtain one group of product; Each product addition is obtained an addition results; Is that mould carries out modular arithmetic and obtains a modular arithmetic result with above-mentioned addition results with a modular constant, and the result exports as above-mentioned hashed value with this modular arithmetic.The step that wherein obtains the modular arithmetic result comprises; Addition results is added 1 divided by above-mentioned modular constant, obtain first remainder and first quotient; First quotient is added 1 divided by above-mentioned modular constant, obtain second remainder and second quotient; Repeating the gained quotient is added 1 divided by above-mentioned modular constant, is 0 up to the quotient of gained; With all remainder additions, gained and be the modular arithmetic result.
Description of drawings
Similar portions is used like numerals will in the following drawings, and hereinafter embodiment is carried out in conjunction with the accompanying drawings, will make that the present invention's advantage and characteristic are apparent.
Fig. 1 is a kind of multiplication read-only memory provided by the invention.
Fig. 2 is the hashing unit that use read-only memory provided by the invention and carry storage adder are realized the hash computing.
Fig. 3 is a kind of flow chart that one group of parameter is obtained the method for another group parameter by the hash computing provided by the invention.
Embodiment
Below will make detailed description to embodiments of the invention.It will be appreciated that following embodiment is to carry out in conjunction with the embodiments, the embodiment that the present invention is not limited to provide.On the contrary, in the invention scope and invention spirit that appended claim defined, the present invention can have multiplely substitute, variant and equivalent.
In addition, provided numerous details in the embodiment hereinafter.It will be understood by those skilled in the art that does not have these details, and the present invention can implement equally.In some other examples, scheme, formality, element and the circuit known for everybody are not described in detail, so that show the present invention's purport especially.
Figure 1 shows that a kind of read-only memory (ROM) 100 that is used to carry out the 256*32 position of multiplying provided by the invention.In one embodiment of the invention, ROM 100 comprises one 8 input 102 and one 32 output 104.
In the hash function shown in the above-mentioned equation (1), four constant 0x42541AFB, 0x5B72939D, 0x2FC81E2D and 0xE1B5973E difference quadruplication variable IP_SA, IP_DA, S_Port and D_Port obtain four interim products.Four interim product additions obtain one and, re-use 20 modular constant 0xFFFFF to interim product and carry out modular arithmetic.According to equation (1), be appreciated that above-mentioned four constants also can use modular constant 0xFFFFF to carry out modular arithmetic earlier, distinguish quadruplication variable IP_SA, IP_DA, S_Port and D_Port again.
In one embodiment of the invention, comprise one 8 address, input value multiplied result and among the ROM 100 to a result who carries out modular arithmetic in four constants.The input value that one group four 8 input value is input to 100, four 8 of ROM multiply by respectively carries out the later interim modular constant of modular arithmetic, finally exports 32 output valve.
With source IP (IP_SA) is example, and IP_SA is one 32 bit variable in the Transmission Control Protocol, can be write as four groups 8 variable.In other words, 8 every group variable all is 1/4th of 32 bit variable IP_SA.Like this, IP_SA just can represent with following equation (2):
IP_SA=[8b_3,8b_2,8b_1,8b_0].....................(2)
Wherein 8b_3,8b_2,8b_1 and 8b_0 are four group of 8 bit variables from the highest order to the lowest order.In hash function equation (1), IP_SA and constant 0X42541FB multiply each other, and re-use modular constant 0xFFFFF and carry out modular arithmetic.If use modular constant 0xFFFFF to carry out modular arithmetic (being 0x41AFB+0x425=0x4313C) constant 0X42541FB, distinguish quadruplication group 8 bit variables again, can obtain identical result.Use following equation (3) can obtain The above results:
OUT
R1=(0x42541AB?mod?0xFFFFF)*IP_SA................(3)
OUT wherein
R1Be variable IP_SA and interim modular constant multiplied result (0x42541AB is that mould carries out modular arithmetic, i.e. 0x4313C with 0xFFFFF).0x4313C multiply by 0,1, and the product of 2......255 is stored in the address 0,1 of ROM 100 respectively, among the 2......255.For instance, when 8b_0 for input 102 and when being input among the ROM 100 as the address, output 104 should be the value of address 102 among the ROM 100, just 0x4313C multiply by the product of 8b_0.Therefore, ROM 100 can calculate the OUT in the equation (3) rapidly
R1Value.IP_SA inputs to ROM 100, OUT
R1Be output.
In other words, to equal four constant 0x42541AFB, 0x5B72939D, 0x2FC81E2D and 0xE1B5973E be respectively the result that modular constant is carried out modular arithmetic with 0xFFFFF for interim modular constant.ROM 100 can be suitable for exporting four constants in the equation (1) carry out modular arithmetic respectively with the product of four variable IP_SA, IP_DA, S_Port and D_Port result simply.Following equation (4), (5) and (6) are similar to equation (3):
OUT
R2=(0x5B72939D?mod?0xFFFFF)*IP_DA..................(4)
OUT
R3=(0x2FC81E2D?mod?0xFFFFF)*S_PORT.................(5)
OUT
R4=(0xE1B5973E?mod?0xFFFFF)*D_PORT.................(6)
Wherein (0x5B72939D mod 0xFFFFF), (0x2FC81E2D mod 0xFFFFF) and (0xE1B5973E mod 0xFFFFF) are interim modular constant, OUT
R2, OUT
R3And OUT
R4Multiply by the product of interim modular constant respectively for variable IP_SA, S_PORT and D_PORT.
It will be appreciated by those skilled in the art that ROM provided by the invention can be that any figure place multiply by any figure place, and be not limited to the 256*32 position, get final product so long as input variable and a constant factor multiply each other.Input variable can be as the address of ROM, and the value that is stored in this address is above-mentioned variable and constant factor multiplied result.
Therefore, ROM 100 of the present invention can be used for carrying out multiplying.Compare with the complex combination logic of using in the prior art, ROM 100 of the present invention takies resource and wants much less, thereby simple and fast more, has improved efficient.
Fig. 2 is a kind of hashing unit 200 provided by the invention.Hashing unit 200 comprises an adder unit 280 and a form unit 290.Adder unit 280 comprises a plurality of ROM 202,204,206,208,212,214,216,218, protocol byte unit 210 of a plurality of carry storage adder (CSA), 222,224 and registers 220 of selector (MUX).ROM 202,204,206 and 208 and ROM 100 shown in Figure 1 similar.Form unit 290 comprises a plurality of CSA 232,234,236 and 238, adder 240 and register 242,248,226,228.
Carry storage adder (CSA) is the digital adder that is usually used in calculating 3 or above n bit in a kind of computer.Among the present invention embodiment shown in Figure 2, each CSA among the CSA 212,214,216,218,232,234,236 and 238 has 3 input numbers, and CSA exports two numbers with this 3 number phase adduction.
Those skilled in the art obviously understand the present invention also can use other adder logic in other embodiments, as long as the number of output number is lacked than the input number.For example, if adder logic is imported 4 numbers and exported 2 numbers, just can be used for substituting CSA.
Referring to Fig. 2, in adder unit 280, ROM 202,204,206 and 208 input are respectively variable IP_SA, IP_DA, S_Port and D_Port.ROM 202,204,206 and 208 is output as the product that the interim modular constant in four variablees and the equation (1) multiplies each other.In other words, ROM 202,204,206 and 208 output are respectively the OUT in equation (3), (4), (5), (6)
R1, OUT
R2, OUT
R3And OUT
R4ROM 202,204 and 206 output result input to CSA 212 again.The output result of CSA 212 and ROM 208 inputs to CSA 214 again.The output result of CSA 214 and MUX 222 inputs to CSA 216 again.The output result of CSA 216 and MUX 224 inputs to CSA 218 again, and the output result of CSA 218 inputs to register 220 again.
In addition, when protocol type was TCP or UDP, source IP address IP_SA and target ip address IP_DA were 32 bits, and source port S_Port and target port D_Port are 16 for binary number.It will be understood by a person skilled in the art that when carrying out add operation that it all is that 0 32 figure places are handled that 16 figure places also can be used as the highest 16.
MUX 222 and MUX 224 are selector, and selector is selected one as output according to control signal from a plurality of inputs.The output of register 220 is divided into two parts, i.e. first group of addition results byte 254 and second group of addition results byte 252.MUX 222 has two inputs, and one is the output of protocol byte unit 210, and another is first group of addition results byte 254 from register 220.In one embodiment of the invention, control signal is a clock cycle signal that is provided by the clock counter (not shown).For instance, when the clock counter was 1, MUX 222 selected protocol byte unit 210 as output, and when the clock counter was 2, MUX 222 selected first group of addition results byte 254 as output.Similar with it, MUX 224 selects one as output from second group of addition results byte 252 or " 0 ".
In the embodiment of the invention shown in Figure 2, adder unit 280 only uses 4 clock cycle to export addition results.ROM 202,204,206 and 208 be input as four 8 variable, each variable is 1/4th of IP_SA, IP_DA, S_Port and D_Port.Since ROM 202,204,206 with 208 and CSA 212,214,216 be to be connected with 218 according to combinational logic, can finish add operation in 1 clock cycle and export interim addition results by register 220.Like this, 4 clock cycle have been saved in whole add operation.
In a typical add operation work period, minimum one 8 of variable IP_SA, IP_DA, S_Port and D_Port input to ROM202,204,206 and 208 respectively in first clock cycle.MUX 222 selects the input of protocol byte unit as CSA 216, and MUX 224 selects " 0 " input as CSA 218.The output of register 220 is the addition result of 8 minimum numerical digits in first clock cycle.In second clock cycle, inferior low 8 of variable IP_SA, IP_DA, S_Port and D_Port input to ROM 202,204,206 and 208 respectively.In addition, multiply by interim modular constant and obtain accurate product in order to make inferior low 8 of variable IP_SA, IP_DA, S_Port and D_Port, ROM202,204,206 and 208 multiply each other obtain output all add 8 " 0 " in the end as a result.Similar with it, in the 3rd and the 4th clock cycle, ROM 202,204,206 and 208 output add 16 " 0 " and 24 " 0 " respectively at the end.In second clock cycle, first group of addition results byte 254 of MUX 222 mask registers 220 outputs is as the input of CSA 216, and second group of addition results byte 252 of MUX 224 mask registers 220 outputs is as the input of CSA 218.MUX 222 and 224 working method in the 3rd and the 4th clock cycle is same as described above.Like this, when the work period of four clock cycle formations finished, the output of register 220 was one group of result that comprise the parameter addition of variable and protocol byte.
In other words, four sum of products protocol byte completely additions in four clock cycle that variable IP_SA, IP_DA, S_Port and D_Port multiply by interim modular constant.And each result of product is by in four variablees each all being divided into four groups and multiply each other with interim modular constant respectively, the most at last product addition and getting.220 each clock cycle of register are all exported a nonce of addition results, and in the end of work period (work period is four clock cycle in one embodiment of the present of invention) first group of addition results byte 254 of output and second group of addition byte 252.
Referring to Fig. 2, the output of register 220 is the output of adder unit 280, comprising first group of addition results byte 254 and second group of addition results byte 252 and as the input of form unit 290.Form unit 290 is carried out modular arithmetic between input value and 0xFFFFF, the result of output modular arithmetic.
In the embodiment of the invention shown in Figure 2, the addition results of adder unit 280 comprises first group of addition results byte 254 of 54 and second group of addition results byte 252 of 54.Because the modular constant of modular arithmetic is 0xFFFFF in the hash function, so modular arithmetic can be simplified.Shown in following equation (7), integer and 0xFFFFF carry out the modulus that modular arithmetic obtains and add the quotient of this integer division with (0xFFFFF+1) gained for this integer division with the remainder of (0xFFFFF+1) gained, and then carry out modular arithmetic with 0xFFFFF.With arbitrary constant 0x45441AB7 is example, and equation (7) can be expressed as:
(0x454D38A241AB7)mod?0xFFFFF=(0x41AB7+0x454D38A2)mod?0xFFFFF
=(0x41AB7+0xD38A2+0x454)mod?0xFFFFF.......................(7)
Like this, two groups 54 output of above-mentioned adder unit 280 need be divided into 6 20 partial results.In other words, each its figure place of 20 partial results equals the figure place of modular constant 0xFFFFF at most.Subsequently, CSA 232,234,236 and 238 in a clock cycle with 6 partial results additions.In one embodiment of the invention, first group and second group of addition results byte 254 and 252 are divided into 6 20 partial results and input to CSA 232.By CSA 232,234,236 and 238, all partial results additions.The output of CSA 238 comprises first group of result 256 and second group of result 258, and adder 240 is passed through register 226 and 228 again with the two addition.The result of adder 240 exports to register 242 and is used to export an interim hash value.In one embodiment of the invention, the figure place of interim hash value is not more than 20.In other words, the figure place of interim hash value is not more than the figure place of modular constant 0xFFFFFF.Like this, interim hash value becomes final hash value, and two clock cycle are used in modular arithmetic.
In another embodiment of the present invention, when the interim hash value of adder 240 output during greater than 20, this interim hash value should comprise one except one 20 with carry.As a result adder 244 again with this carry and 20 obtain 20 parameter 246 with addition, this parameter 246 is the hash value of hash function equation (1).Like this, the hash value 246 exportable registers 248 of giving, adder 244 is carried out add operation as a result needs extra the use clock cycle.
Those skilled in the art should understand that the modular constant of modular arithmetic is not limited to 0xFFFFF in the hash function, and modular constant can be and the identical maximum number of hash value figure place.For example, in the equation (1), the hash value is 20 bits, and modular constant 0xFFFFF is 20 maximum bits.Obviously, if the hash value is 28 bits, modular constant just should be 0xFFFFFFF (28 maximum bits), just with the identical maximum number of hash value figure place.
In hashing unit 200 provided by the invention, adder unit 280 uses 4 clock cycle to export addition results, and form unit 290 uses maximum 3 clock cycle to export mould result 246.Like this, whole hashing unit 200 needs 6 or 7 clock cycle to draw hash result.Therefore, whole design can reach the operating frequency of 100Hz easily.
Need to prove that spirit of the present invention is to use ROM to carry out multiplying, use CSA to carry out modular arithmetic, to finish whole calculating of hash function equation (1).Therefore, input and output are not limited to above-mentioned figure place.In addition, the quantity of ROM and CSA also can change according to the figure place of I/O.
Fig. 3 a kind ofly carries out the method 300 that the hash computing obtains second group of parameter according to hash function equation (1) to first group of parameter for provided by the invention.As shown in Figure 3, in step 310, use a plurality of ROM that IP_SA, IP_DA, S_Port and D_Port and interim modular constant are multiplied each other respectively, with the output product.It is respectively the result that mould carries out modular arithmetic with 0xFFFFF that interim modular constant equals hash constant 0x42541AFB, 0x5B72939D, 0x2FC81E2D and 0xE1B5973E.Each possible variable that interim modular constant multiply by first group of parameter is IP_SA, IP_DA, S_Port and D_Port, and product is stored among a plurality of ROM.Variable inputs to a plurality of ROM with the form of address, exports the product that obtains according to the address subsequently again.
In step 312, above-mentioned product and a protocol byte unit addition, export one and.In one embodiment of the invention, the CSA that uses 2 outputs of 3 inputs is with product and the addition of protocol byte unit, and each CSA has 3 input numbers, exports 2 numbers.3 products of first CSA input, two output numbers of output be 3 products and.2 of first CSA output numbers and the 4th product input to second CSA, two numbers of second CSA output be four products and.Two of second CSA output numbers input to the 3rd CSA with the protocol byte unit again, two numbers of the 3rd CSA output be four products and protocol element byte with.
In step 314, gained and be that mould carries out modular arithmetic with a modular constant (for example 0xFFFFF).Modular constant 0xFFFFF is 16 systems, and therefore 20 numerical digits are arranged.As mentioned above, gained and can be divided into 6 no more than partial results of 20.All partial results are respectively that mould carries out modular arithmetic, the result of modular arithmetic addition again with 0xFFFFF.In one embodiment of the invention, use a plurality of CSA 20 above-mentioned bit position results that add up, export one 20 and and carry.Use one as a result adder with above-mentioned 20 and with the carry addition, the output of adder as a result equals second parameter.Output second parameter in step 316.
Disclosed herein only for the present invention's embodiment commonly used, only be illustrative rather than definitive thereof at this.Those skilled in the art obviously are appreciated that can have under the prerequisite that does not substantially deviate from scope of the present invention that the appended claim book defined and invention spirit and variously augment, revise and replace.It will be understood by those skilled in the art that the present invention concrete environment of basis and job requirement in concrete practice, under the prerequisite that does not deviate from invention scope, can change to some extent aspect form, structure, arrangement, ratio, material, element, assembly or the like.Therefore, the foregoing description system is used to illustrate illustration the present invention but not limits the scope of the invention that scope of the present invention is defined by accompanying Claim book and legal equivalents thereof, and is not limited thereto preceding description.
Claims (20)
1. hashing unit that carries out the computing of hash function equation, this hashing unit uses one group of 32 bit variable, one group of constant, protocol parameter, modular constant and hashed value to obtain above-mentioned hashed value in order to above-mentioned one group of 32 bit variable and protocol parameter are carried out the hash computing, it is characterized in that this hashing unit comprises:
An adder unit, be used for carrying out the multiplying and the add operation of hash function equation, each 32 bit variable of wherein above-mentioned one group of 32 bit variable all are divided into four 8 variable and this 8 bit variable are inputed to adder unit, adder unit in a clock cycle, export one interim and, wherein said one group of 32 bit variable generates an addition results in four clock cycle, this addition results is divided into first group of addition results byte and second group of addition results byte;
A form unit, be used for carrying out the modular arithmetic of hash function equation, this form unit comprises first group carry storage adder and a first adder, first group carry storage adder is used for above-mentioned first group of addition results byte and the addition of second group of addition results byte, in a clock cycle, obtain one first result and one second result, first adder is used for above-mentioned first result and second results added, in a clock cycle, obtain an interim hashed value, when the figure place of this interim hashed value during, in two clock cycle, this interim hashed value is exported as above-mentioned hashed value less than the figure place of above-mentioned modular constant.
2. hashing unit according to claim 1 is characterized in that described adder unit comprises:
One group of read-only memory is used to carry out the multiplying of described one group of 8 bit variable and described one group of constant, and exports one group of interim product;
Second group carry storage adder is used for above-mentioned one group of interim product and described protocol parameter addition.
3. hashing unit according to claim 1 is characterized in that described hashing unit can export described hashed value in six clock cycle.
4. hashing unit according to claim 1, it is characterized in that this hashing unit also comprises second adder, when the figure place of described interim hashed value during greater than the figure place of described modular constant, this second adder with described interim hashed value addition, obtains described hashed value in a clock cycle.
5. hashing unit according to claim 4 is characterized in that described hashing unit can export described hashed value in seven clock cycle.
6. hashing unit according to claim 1 is characterized in that described modular constant is the figure place and the identical number of described hashed value figure place of maximum number.
7. hashing unit according to claim 1 is characterized in that described protocol parameter represents a kind of host-host protocol.
8. hashing unit according to claim 7 is characterized in that described host-host protocol is a transmission control protocol.
9. hashing unit according to claim 7 is characterized in that described host-host protocol is a User Datagram Protoco (UDP).
10. hashing unit according to claim 7 is characterized in that described host-host protocol is an Internet Control Message Protocol.
11. one kind is used for one group of parameter and a protocol parameter are carried out the hashing unit that the hash computing obtains a hashed value, it is characterized in that this hashing unit comprises:
One group of memory cell is used to receive above-mentioned one group of parameter and exports one group of product according to the product of this group parameter and one group of interim modular constant;
First group of adder unit is used to receive one group of above-mentioned product, and should organize product and described protocol parameter addition results of adduction output mutually, and this addition results is divided into a plurality of partial results and output;
Second group of adder unit, be used to receive a plurality of partial results of above-mentioned addition results, and the various piece results added obtained above-mentioned hashed value, it is that mould carries out the result that modular arithmetic obtains with a modular constant that wherein said hashed value equals addition results, each partial results of described addition results all is not more than above-mentioned modular constant, and described hashed value equals the various piece results added sum of described addition results.
12. hashing unit according to claim 11 is characterized in that each memory cell in described one group of memory cell all is used for a parameter of described one group of parameter and an interim modular constant in described one group of interim modular constant multiplied each other and exports a product in described one group of product.
13. hashing unit according to claim 11 is characterized in that described modular constant is the figure place and the identical number of described hashed value figure place of maximum number.
14. hashing unit according to claim 11 is characterized in that described one group of memory cell is one group of read-only memory.
15. hashing unit according to claim 11 is characterized in that described first group of adder unit is group carry storage adder.
16. hashing unit according to claim 11 is characterized in that described second group of adder unit is another group carry storage adder.
17. hashing unit according to claim 11 is characterized in that described protocol parameter represents a kind of host-host protocol.
18. one kind is used for one group of parameter is carried out the method that the hash computing obtains a hashed value, it is characterized in that this method may further comprise the steps:
With each parameter in above-mentioned one group of parameter respectively with one group of interim modular constant in a modular constant multiply each other, obtain one group of product;
Each product addition is obtained an addition results;
Is that mould carries out modular arithmetic and obtains a modular arithmetic result with above-mentioned addition results with a modular constant, and the step that wherein obtains the modular arithmetic result comprises;
Addition results is added 1 divided by above-mentioned modular constant, obtain first remainder and first quotient;
First quotient is added 1 divided by above-mentioned modular constant, obtain second remainder and second quotient;
Repeating the gained quotient is added 1 divided by above-mentioned modular constant, is 0 up to the quotient of gained;
With all remainder additions, gained and be the modular arithmetic result;
The result exports as above-mentioned hashed value with this modular arithmetic.
19. method according to claim 18, it is characterized in that described with each parameter in described one group of parameter respectively with one group of interim modular constant in a modular constant multiply each other, the step that obtains one group of product further may further comprise the steps:
Preserve a class value respectively in a group address of read-only memory, each value in the above-mentioned class value equals respectively a modular constant in described one group of interim modular constant be multiply by in one group of product that an above-mentioned group address obtains one;
Import described one group of parameter respectively;
According to the parameter of importing in one group of above-mentioned parameter, output is stored in an above-mentioned class value of certain address in the above-mentioned group address respectively, and this class value of output is described one group of product.
20. method according to claim 18 is characterized in that described one group of parameter comprises source Internet Protocol address variable, source port variable, target Internet Protocol address variable and target port variable.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101067761A CN101330497B (en) | 2007-06-20 | 2007-06-20 | Hashing unit and method for implementing hashing operation |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2007101067761A CN101330497B (en) | 2007-06-20 | 2007-06-20 | Hashing unit and method for implementing hashing operation |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101330497A true CN101330497A (en) | 2008-12-24 |
| CN101330497B CN101330497B (en) | 2013-06-12 |
Family
ID=40206088
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2007101067761A Expired - Fee Related CN101330497B (en) | 2007-06-20 | 2007-06-20 | Hashing unit and method for implementing hashing operation |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN101330497B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102681818A (en) * | 2011-03-09 | 2012-09-19 | 上海华虹集成电路有限责任公司 | 128-bit modulo addition circuit based on UCPS (unified content protection system) encryption algorithm and control method |
| CN107835071A (en) * | 2017-11-03 | 2018-03-23 | 中国人民解放军国防科技大学 | Method and device for improving operation speed of key-in-hash method |
| CN113922949A (en) * | 2021-10-14 | 2022-01-11 | 合肥工业大学 | Password coprocessor based on CLEFIA-SHA3 |
-
2007
- 2007-06-20 CN CN2007101067761A patent/CN101330497B/en not_active Expired - Fee Related
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102681818A (en) * | 2011-03-09 | 2012-09-19 | 上海华虹集成电路有限责任公司 | 128-bit modulo addition circuit based on UCPS (unified content protection system) encryption algorithm and control method |
| CN107835071A (en) * | 2017-11-03 | 2018-03-23 | 中国人民解放军国防科技大学 | Method and device for improving operation speed of key-in-hash method |
| CN107835071B (en) * | 2017-11-03 | 2020-02-21 | 中国人民解放军国防科技大学 | Method and device for improving operation speed of key-in-hash method |
| CN113922949A (en) * | 2021-10-14 | 2022-01-11 | 合肥工业大学 | Password coprocessor based on CLEFIA-SHA3 |
| CN113922949B (en) * | 2021-10-14 | 2023-07-25 | 合肥工业大学 | Cryptographic coprocessor based on CLEFIA-SHA3 |
Also Published As
| Publication number | Publication date |
|---|---|
| CN101330497B (en) | 2013-06-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Hu et al. | Automatic search for a variant of division property using three subsets | |
| CN101330497B (en) | Hashing unit and method for implementing hashing operation | |
| Sateesan et al. | Novel Bloom filter algorithms and architectures for ultra-high-speed network security applications | |
| CN107992283A (en) | A kind of method and apparatus that finite field multiplier is realized based on dimensionality reduction | |
| CN109933304B (en) | Rapid Montgomery modular multiplier operation optimization method suitable for national secret sm2p256v1 algorithm | |
| CN102546293B (en) | High speed network flow network address measuring method based on Hash bit string multiplexing | |
| SE531989C2 (en) | Procedure and computer program product for multi-field classification in a data communication network | |
| CN107885486B (en) | Composite finite field inversion device based on search tree | |
| JP4177526B2 (en) | Multiplication residue calculation method and multiplication residue circuit | |
| US20080317245A1 (en) | Hash function implemention with ROM and CSA | |
| CN104572010B (en) | multiplier based on FPGA chip | |
| CN116318660B (en) | Message expansion and compression method and related device | |
| Luo et al. | A block cryptographic algorithm for wireless sensor networks based on hybrid chaotic map | |
| CN114615069B (en) | Quartet lightweight encryption algorithm implementation device and method | |
| Abbasi et al. | A compact S-Box design for SMS4 block cipher | |
| CN207115387U (en) | XIU accumulator registers, XIU accumulator registers circuit and electronic equipment | |
| CN108418687A (en) | A kind of Fast Modular of suitable SM2 algorithms about subtracts method and medium | |
| CN209560522U (en) | Obtain the hardware device of the intermediate result group in encryption and decryption operation | |
| Jansen et al. | Cascade jump controlled sequence generator and Pomaranch stream cipher | |
| CN112631546A (en) | KO-8 algorithm-based high-performance modular multiplier | |
| Das et al. | bFLEX-γ: A lightweight block cipher utilizing key cross approach via probability density function | |
| Ali | Efficient implementation of linearisation attacks on F-FCSR-16 type key-stream generators | |
| CN102929705B (en) | Method for quickly generating coordinate points in embedded system | |
| CN111147390B (en) | Load sharing residual solving method and device | |
| CN117406957B (en) | Modular multiplication method, modular multiplication assembly and semi-custom circuit |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: O2 TECH. INTERNATIONAL LTD. Free format text: FORMER OWNER: O2MICRO TECHNOLOGY (CHINA) CO., LTD. Effective date: 20120216 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20120216 Address after: Grand Cayman British Cayman Islands Applicant after: O2Micro International Ltd. Address before: 201203 Shanghai City Songtao road Zhangjiang hi tech park, No. 560 Zhang Jiang Building 2B Applicant before: OMicro Technology (China) Co.,Ltd. |
|
| ASS | Succession or assignment of patent right |
Owner name: AIYOUKE SERVICE LTD. Free format text: FORMER OWNER: O2 TECH. INTERNATIONAL LTD. Effective date: 20120828 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| TA01 | Transfer of patent application right |
Effective date of registration: 20120828 Address after: Delaware Applicant after: O2MICRO CHINA Co.,Ltd. Address before: Grand Cayman British Cayman Islands Applicant before: O2Micro International Ltd. |
|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130612 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |