CN101719827B - Method for executing hardware realization of Petri network-based block cipher algorithm - Google Patents
Method for executing hardware realization of Petri network-based block cipher algorithm Download PDFInfo
- Publication number
- CN101719827B CN101719827B CN200910253697.2A CN200910253697A CN101719827B CN 101719827 B CN101719827 B CN 101719827B CN 200910253697 A CN200910253697 A CN 200910253697A CN 101719827 B CN101719827 B CN 101719827B
- Authority
- CN
- China
- Prior art keywords
- hardware
- petri
- reachable
- hardware realization
- petri network
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
Images
Abstract
The invention relates to the hardware realization of a petri network-based block cipher algorithm, which belongs to the field of the hardware realization of a cryptographic algorithm. The invention adopts a technical scheme that: (1) a hardware realization petri network runs to calculate all inferior reachable identifiers of some a given petri network identifier in a way that the calculations of each single clock period are performed in parallel, remove repeated identifiers, add the rest identifiers in a reachable identifier set of a system and assign serial numbers to the identifiers according to a calculation order; (2) the hardware realization petri network effectively orders the reachable identifiers Mx; (3) corresponding relationships among hardware realization Mx serial numbers and the calculation serial numbers to obtain a permutation table; and (4) a mainstream on-chip bus interface is adopted to read plaintext/ciphertext data from an external memory in a hardware DMA mode and perform permutation on the data through the permutation table in the step (3) to obtain the ciphertext/plaintext data. In the method, the pure hardware realization of the petri network-based block cipher algorithm is adopted, which remarkably reduces algorithm execution time, and compared with pure software realization, actually measured encryption and decryption speed can be improved by 210 times.
Description
Technical field
The hardware that the present invention relates to a kind of block cipher based on Petri net is realized, and belongs to cryptographic algorithm hardware and realizes field.
Background technology
Information security issue becomes more and more important, and cryptographic technique is the core technology of information security, and greater security, more efficient cryptographic algorithm are all constantly being studied by various countries.The block cipher based on Petri net the present invention relates to is the state natural sciences fund achievement in research that professor Wu Zhehui of China University Of Science and Technology Of Shandong bears, design philosophy is different from existing password system, algorithm basic ideas are to choose a unique reachable vector unbounded Petri net, the operation of netting by this Petri obtains this Petri mesh portions set of reachable markings and the reachable vector collection that reaches this sign, prime factor decomposition and the synthetic mark vector that Petri is netted by integer are converted to large integer, to this large integer and reachable vector sequence, and determine one 2 by the sequence number corresponding relation after reachable marking and reachable vector sequence
kunit's displacement, thus realize k position block cipher.This cryptographic algorithm important feature is one-time pad, and block length is adjustable, effectively resists existing password analysis means, thereby has better fail safe.Displacement relation is only calculated once when enciphering and deciphering algorithm starts, subsequently the encryption and decryption operation of data is finally reduced to replacement operator, during encryption and decryption big data quantity, the initial expense proportion that calculates displacement relation reduces, encryption and decryption efficiency is approximately equal to displacement efficiency, and efficiency is high compared with other algorithms.
The Petri net operation operation that this algorithm relates to can be converted into matrix manipulation, and algorithm is complicated, relates to the operations such as matrix multiplication, sequence, and the amount of calculation needing is larger.While adopting pure software to realize, getting block length be 9 in the situation that, cryptographic algorithm roughly needs addition, multiplication and the comparison operation of 600,000 integers.Through test, on the double-core CPU of 2.40GHz desktop computer, the incidence matrices of Petri net is 4 * 6 matrixes, and L1 is that 1, L2 is 7, and once institute's time spent is 10ms to calculate permutation table.In embedded system, the hardware resources such as CPU operational capability, storage are all very limited, pure software is realized the time that this algorithm need to be longer, after tested, in the NiosII/f microprocessor platform of operation uClinux operating system, clock frequency 100MHz, 4Kbytes instruction buffer, in the situation of 2Kbytes data buffer storage, the incidence matrices of Petri net is 4 * 6 matrixes, and L1 is 1, L2 is 7 o'clock, calculate the time of permutation table up to 3470ms, this is in practical application, to be intolerable, has therefore limited the application of this algorithm in embedded system.Adopting hardware to realize this algorithm is feasible solution.
Summary of the invention
The present invention proposes a kind of Hardware Implementation of the block cipher based on Petri net.Content comprises:
(1) Petri net information being pressed to matrix form expresses, and send hardware to, hardware is realized Petri network operation by matrix manipulation, single clock cycle calculates all next stage reachable markings of specifying certain Petri network mark to know, and removes and adds after duplicate marking system reachable marking to concentrate and by the attached sequence number of computation sequence;
(2) hardware using finite states machine control, realizes Petri and nets the sequence between effective reachable marking Mx;
(3) hardware using finite states machine control, realizes Mx sequence number and the corresponding relation that calculates sequence number, obtains permutation table;
(4) core circuit outside can form ip module (IP kernel) after articulating main flow on-chip bus interface, inside modules is designed to hardware dma mode and from external access device, reads plain/cipher text data, adopt after (3) middle permutation table displacement, write out ciphertext/clear data.
The present invention adopts pure hardware to realize the block cipher based on Petri net, significantly reduces algorithm execution time, and actual measurement encryption/decryption speed is compared pure software realization can improve 210 times, has cleared away the performance penalty that this algorithm is applied in embedded system.
Accompanying drawing explanation
Fig. 1 is the hardware capability circuit block diagram the present invention relates to
Fig. 2 is the input explanation of the block cipher based on Petri net
Fig. 3 adopts the method the present invention relates to, the connection layout of the Petri net cryptographic algorithm Hardware I P core based on avalon bus interface of design in real system
Embodiment
This realization example illustrates Petri net cryptographic algorithm hardware knowledge property right module (IP kernel) how to apply the inventive method design avalon bus interface.
(1) Petri net is expressed as to incidence matrices form, as shown in Figure 2, the unique unbounded Petri net that reaches of example 4 * 6 is expressed as to incidence matrices A, A is inputted to algorithm.Equally, reachable marking is expressed as to vector form.
(2) Petri network operation module
First this module adopts combinational logic circuit, according to formula Mx '=Mx+A
tall next stage reachable markings of parallel computation reachable marking Mx complete within the monocycle.
Employing finite state machine FSM design, the next Mx ' that this is obtained, judges whether, in the effective set of reachable markings of system, if exist, to give up in order, otherwise, added in the effective set of reachable markings of system, and by computation sequence mark sequence number.
(3) Mx order module
Generate after the reachable marking of sufficient amount, finite state machine FSM enters Mx phase sorting under controlling, and according to certain ordering rule, to the Mx sequence obtaining, and composes sequence number, selects front 2
kindividual Mx subset.
(4) calculate the order module that reorders
To choose by Mx sequence itself 2
kindividual Mx subset, by the calculating sequence number rearrangement of sign in (2), lays equal stress on by 0 ~ 2
k-1 composes sequence number.
(5) permutation table generation module
Step (3) is permutation table with two the sequence number corresponding relations that obtain in (4), and FSM controls lower traversal a Mx, i.e. exportable permutation table.
(6) dma mode replacement module
For improving encryption and decryption efficiency, adopt hardware dma mode reading out data, adopt permutation table displacement, write out data.Software only need to provide plain/cipher text buffer address.DMA controls two master port reading out datas, completes data replacement, and write out data according to permutation table, provides status signal or interrupt signal after completing.
(7) external bus interface module
At the peripheral IEEE that adds of core circuit, what this example adopted is avalon bus, can build intellectual property IP kernel.
Whole instance system annexation as shown in Figure 3.
Claims (2)
1. a Hardware Implementation for the block cipher of netting based on petri, is characterized in that:
(1) hardware is realized petri network operation, and single clock cycle calculates all next stage reachable markings of specifying certain petri network mark to know, and removes and adds after duplicate marking system reachable marking to concentrate and by the attached sequence number of computation sequence;
(2) hardware is realized petri and is netted the sequence between effective reachable marking Mx;
(3) hardware is realized petri and is netted effective reachable marking Mx sequence number and the corresponding relation that calculates sequence number, obtains permutation table;
(4) clear data is adopted to permutation table displacement, obtain encrypt data, realize and encrypting; Or encrypt data is adopted to permutation table displacement, obtain clear data, realize deciphering.
2. a method for method design petri net block cipher hardware knowledge property right module (IP kernel) according to claim 1, is characterized in that:
(1) core circuit adopts (1), (2), (3) described method in claim 1;
(2) adopt wishbone on-chip bus interface, design hardware dma mode reads plain/cipher text data from external memory storage, adopts after permutation table displacement, writes out ciphertext/clear data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200910253697.2A CN101719827B (en) | 2009-12-03 | 2009-12-03 | Method for executing hardware realization of Petri network-based block cipher algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN200910253697.2A CN101719827B (en) | 2009-12-03 | 2009-12-03 | Method for executing hardware realization of Petri network-based block cipher algorithm |
Publications (2)
Publication Number | Publication Date |
---|---|
CN101719827A CN101719827A (en) | 2010-06-02 |
CN101719827B true CN101719827B (en) | 2014-04-02 |
Family
ID=42434348
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN200910253697.2A Expired - Fee Related CN101719827B (en) | 2009-12-03 | 2009-12-03 | Method for executing hardware realization of Petri network-based block cipher algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN101719827B (en) |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2015178082A1 (en) * | 2014-05-21 | 2015-11-26 | 富士電機株式会社 | Information-processing device, program, and recording medium |
CN105812329B (en) * | 2014-12-31 | 2018-07-20 | 中国科学院沈阳自动化研究所 | For the mobile security encryption method in complicated production management system |
CN107679298A (en) * | 2017-09-20 | 2018-02-09 | 中国航空工业集团公司沈阳飞机设计研究所 | A kind of 1394b bus load emulation modelling methods based on Petri network |
CN114299636B (en) * | 2020-09-22 | 2023-05-12 | 云丁网络技术(北京)有限公司 | Method and apparatus for processing device offline passwords |
-
2009
- 2009-12-03 CN CN200910253697.2A patent/CN101719827B/en not_active Expired - Fee Related
Non-Patent Citations (2)
Title |
---|
一种基于Petri网的序列密码加密方案;吴振寰等;《系统仿真学报》;20070831;第19卷;第281-284、288页 * |
吴振寰等.一种基于Petri网的序列密码加密方案.《系统仿真学报》.2007,第19卷第281-284、288页. |
Also Published As
Publication number | Publication date |
---|---|
CN101719827A (en) | 2010-06-02 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN104202161B (en) | A kind of SoC crypto chips | |
CN109194491B (en) | Password evaluation test system and password evaluation test method | |
CN101719827B (en) | Method for executing hardware realization of Petri network-based block cipher algorithm | |
CN109039591A (en) | The implementation method of internet of things information encryption system based on FPGA | |
CN107924444A (en) | Montgomery Algorithm processor, method, system and the instruction of safety | |
Nabil et al. | Design and implementation of pipelined and parallel AES encryption systems using FPGA | |
McMillan et al. | JBits™ implementations of the advanced encryption standard (Rijndael) | |
US20170302438A1 (en) | Advanced bus architecture for aes-encrypted high-performance internet-of-things (iot) embedded systems | |
CN104539417A (en) | Encryption device based on stream ciphers | |
Kamadi et al. | Implementation of TRNG with SHA-3 for hardware security | |
Homsirikamol et al. | Implementer’s Guide to the CAESAR Hardware API | |
Singh et al. | Design of high performance MIPS cryptography processor based on T-DES algorithm | |
Kiningham et al. | Cipher Implementation for CESEL | |
Conti et al. | Design exploration of aes accelerators on fpgas and gpus | |
Hasamnis et al. | Custom hardware interface using NIOS II processor through GPIO | |
CN203102265U (en) | Solid state disk (SSD) control chip | |
Earanky et al. | GPU-acceleration of blowfish cryptographic algorithm | |
Gomez et al. | Functional comparison of the present algorithm on hardware and software embedded platforms | |
Deshpande et al. | Design of encryption system using NIOS II processor | |
CN105786528B (en) | A kind of design method of the SM3 Algorithm IP based on Avalon interface | |
Thoonen | Hardening FPGA-based AES implementations against side channel attacks based on power analysis | |
CN117353923B (en) | Exercise method of lightweight hash encryption algorithm and related equipment | |
Sun et al. | Design and verification of AES encryption algorithm based on hardware agile development | |
Hartono et al. | A multicore system using NoC communication for parallel coarse-grain data processing | |
Yang | A High Performance Advanced Encryption Standard (AES) Encrypted On-Chip Bus Architecture for Internet-of-Things (IoT) System-on-Chips (SoC) |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20140402 Termination date: 20141203 |
|
EXPY | Termination of patent right or utility model |