CN102231665A - RC5 encryption array FPGA design method based on fault tolerance - Google Patents
RC5 encryption array FPGA design method based on fault tolerance Download PDFInfo
- Publication number
- CN102231665A CN102231665A CN2011101771667A CN201110177166A CN102231665A CN 102231665 A CN102231665 A CN 102231665A CN 2011101771667 A CN2011101771667 A CN 2011101771667A CN 201110177166 A CN201110177166 A CN 201110177166A CN 102231665 A CN102231665 A CN 102231665A
- Authority
- CN
- China
- Prior art keywords
- fault
- tolerant
- array
- memory
- key
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention discloses an RC5 encryption array FPGA design method based on fault tolerance. The method comprises two parts: firstly, a multiple PE operation array is designed for the structure and the characteristic of the RC5 algorithm to realize a large-scale secret key search; secondly, a hamming code fault tolerance reinforcement is carried out on the position where an SEU may happen to improve the stability of the algorithm under the prerequisite that the efficiency does not obviously reduce. The RC5 algorithm can be divided into a plurality of non-interacting subtasks. Therefore, the control logic towards the multiple PE array is quite simple and the ability of using a simple logic to control hundreds of calculating units is realized.
Description
Technical field
The present invention relates to a kind of FPGA implementation and RC5 arithmetic unit of RC5 block cipher of array of fault tolerant.
Background technology
The RC5 block cipher is the 1994 Ronald professor L.Rivest inventions by Massachusetts technical research institute, and by the RSA lab analysis.Along with the rise of FPGA technology, many secure cryptographic algorithm all by hardwareization to improve computational speed and fail safe, the RC5 block encryption algorithm all is widely used in all many-sides such as network securitys.
At the attack of RC5 algorithm, following several mode can be arranged:
1, ciphertext only attack (Ciphertext Only attack) only.Cryptanalysis person has the ciphertext of some message, and these message all use same cryptographic algorithm to encrypt.
2, known plain text attack (Known Plaintext attack).The analyst not only can obtain the ciphertext and the corresponding plaintext of some message, and they also can select encrypted plaintext.This is more effective than known plain text attack.
3, select plaintext attack (Chosen Plaintext attack).Cryptanalysis person can select different encrypted ciphertexts, and can obtain the plaintext of corresponding deciphering, the automatic deciphering box of a tamperproof of cryptanalysis person's access for example, and cryptanalysis person's task is to release key.
4, select cipher key attacks (Chosen Ciphertext attack).This attack does not represent that cryptanalysis person can select key, and it only represents that cryptanalysis person has the relevant knowledge that concerns between the different keys.
Can not crack by the method for analyzing because the integrality of RSA Algorithm and its are expressly too short, present unique valid approach is exactly the Brute Force method of attempting the possible key of institute.Though Brute Force process and ciphering process all are the ciphering process of forward, the main distinction is their input information difference, and the process that cracks is constantly attempted new key, till obtaining correct key.And be to realize the search procedure of key more efficiently based on the design object of FPGA, obtain very high throughput with lower resource, and make computational process that higher stability and fault-tolerant ability be arranged.
Summary of the invention
The present invention is intended to design a kind of RC5 hardware encipher method that has fault-tolerant ability and have the superelevation throughput, for the application of Brute Force RC5 provides strong calculating support.The RC5 cryptographic algorithm is being carried out on the basis of structural analysis, designing the FPGA hardware acceleration structure of a kind of multiple unit (PE) array, and carrying out fault-tolerant reinforcing at single-particle inversion common error in data such as (SEU) and mistake in computation.
The present invention mainly comprises two parts: at first, be to design many PE computing array at the structure of RC5 algorithm and characteristic, realize simultaneously large-scale cipher key search.
Secondly, carry out the fault-tolerant reinforcing of Hamming code, under the not obvious prerequisite that lowers efficiency, improve the steadiness of algorithm according to the contingent position of SEU.
General system set-up of the present invention is divided into three parts: state machine, memory and arithmetic element array.State machine is responsible for controlling the operation order of whole system, comprises the visit of memory and sharing out the work and help one another of arithmetic element.Memory is dynamic random access memory (DRAM), and the data of any size in any address can be provided at any time.The arithmetic element array is then arranged by the capable m column operations of n unit (PE) and formed, and is separate between the PE; Send to by data path to the data of each PE by memory; Sent to by control circuit to the control signal of each PE by state machine, PE also sends to by control circuit to the feedback signal of state machine simultaneously.
The structure of arithmetic element (PE) comprises three chief components: key is provided with structure, RC5 cryptographic structure and a S table memory.
The invention has the advantages that: therefore also very simple because the RC5 algorithm can be divided into a plurality of noninteracting subtasks for the control logic of many PE array, realized the ability of up to a hundred computing units of simple logic control.Also the critical path in the RC5 cryptographic calculation has been done to shorten among the present invention and optimized, promoted the operating frequency of system, improved the computing capability of unit, increased the throughput of system.
Description of drawings
Fig. 1 general system set-up of the present invention.
Fig. 2 arithmetic element of the present invention (PE) structure.
Fig. 3 RC 5 is provided with key (SetUp Key) stage F PGA implementation structure figure.
Fig. 4 RC 5 encrypts (Encrypt) stage F PGA implementation structure figure.
The formed critical path schematic diagram of the process of Fig. 5 treatments B
Fig. 6 carries out the SetUp Key stage structures figure after critical path shortens.
Fig. 7 carries out the Enerypt stage structures figure after critical path shortens.
Fig. 8 carries out the fault-tolerant reinforcing schematic diagram of Hamming code to register.
Embodiment
Symbol description: PE: arithmetic element; S-Table: the form of depositing array S; Reg: register, reg_32:32 bit register;<<<: ring shift left; XOR: XOR.
At first, introduce the prototype structure of system configuration of the present invention and computing unit, introduce the acceleration optimization and the fault-tolerant design of computing unit then.
With reference to Fig. 1, general system set-up of the present invention is divided into three parts: state machine, memory and arithmetic element array.State machine is responsible for controlling the operation order of whole system, comprises the visit of memory and sharing out the work and help one another of arithmetic element.Memory is dynamic random access memory (DRAM), and the data of any size in any address can be provided at any time.The arithmetic element array is then arranged by the capable m column operations of n unit (PE) and is formed, and separate between the PE, the lateral arrows between the PE shown in Fig. 1 is a data path, is sent to by data path to the data of each PE by memory; Vertical arrow between the PE shown in Fig. 1 is a control circuit, is sent to by control circuit to the control signal of each PE by state machine, and PE also sends to by control circuit to the feedback signal of state machine simultaneously.The actual course of work is such, and when system received task (password that needs decoding), state machine woke the PE array up, distributed the conjecture scope and provide ciphertext for each PE.Each PE calculates own responsible conjecture zone then, compares with password after calculating the result, if be not inconsistent then then guess next group.In case there is a PE to find oneself to have compared out correct password, then signal to state machine immediately, the state machine reception result also orders all PE to quit work.
With reference to Fig. 2, the structure of the arithmetic element among the present invention (PE) comprises three chief components: key is provided with structure, RC5 cryptographic structure and a S table memory.For the encrypting and decrypting process of RC5 is described, at first simply introduce the implementation of RC5.Rivest has designed a kind of special implementation of RC5, therefore the RC5 algorithm has word-oriented structure a: RC5-w/r/b, here w is that its value of word length can be 16,32 or 64, for the different word length plaintexts and the block length of ciphertext blocks is the 2w position, r is the encryption round number, and b is a key byte length.Used during the RC5 algorithm for encryption 2r+2 key relevant 32 word S, r represents the wheel number encrypted here.The process of creating this set of cipher key is very complicated but also is direct, at first key byte is copied among the array L of 32 words (to note this moment processor be little-endian in proper order or the big-endian order), if desired, the last character can be used zero padding.Utilize linear congruence generator mould 2 initialization array S then.In the computational process of single PE, be the key setting up procedure at first, and then utilize the result of key setting to encrypt what carry out.These two steps key in Fig. 2 respectively are provided with in structure and the RC5 cryptographic structure and finish, and this two step calculates needed data and temporarily providing room is then provided by the S-Table memory.
With reference to Fig. 3, the key of RC5 is provided with the stage (Set Up Key Step).Shown in the following code of process of its establishment set of cipher key:
i=j=0;
A=B=0;
DO?3*max(t,c)times;
A=S[i]=(S[i]+A+B)<<<3;
B=L[j]=(L[j]+A+B)<<<(A+B);
i=(i+1)mod(t);
j=(j+1)mod(c);
In FPGA of the present invention realized, as shown in Figure 3, each step cyclic process was made up of two beats.By the temporary intermediate object program of one group of register, there is one group of register to keep in intermediate object program equally in the rear end of computational logic (right-hand member), between the value of the value of calculating A and calculating B so that next beat carries out the next round computing with the input that the result feeds back to left end.Because the design key stage is a cyclic process, the exit portion of right-hand member also will feed back to the input of the intake section of left end as next beat.In Fig. 3, do not draw and read the control circuit of S-Table memory, but each is taken turns calculating and all can have Si and Lj to read in calculating unit from memory.
With reference to Fig. 4, the encryption stage of RC5 (Encrypt Step) structure chart.Shown in the following code of the ciphering process of RC5:
A=A+S[0];
B=B+S[1];
FOR?i=1?To?r?DO
A=((A?xor?B)<<<B)+S[2*i];
B=((B?xor?A)<<<A)+S[2*i+1];
After having created set of cipher key, begin to carry out to encryption expressly, during encryption, (at hypothesis processor byte order is under the situation of little-endian, w=32 at first clear packets to be divided into two 32 word: A and B, first plaintext byte enters the lowest byte of A, and the 4th plaintext byte enters the highest byte of A, and the 5th plaintext byte enters the lowest byte of B, by that analogy), wherein operator<<<the expression ring shift left, add computing and be mould (should mould, make w=32 herein).The ciphertext of output is the content in register A and B.
In FPGA of the present invention realized, each cryptographic calculation of taking turns was divided into two beats equally, and the process of calculating A and calculating B is separated with temporary intermediate object program by a pair of register.In the rear end of computational logic a pair of register is set also and deposits intermediate object program, so that next beat carries out the next round computing with the input that the result feeds back to left end.Data the read in characteristics of encryption stage to S-Table are that continuous linearity is read in, and each is taken turns and reads two adjacent data (S among Fig. 4
2iAnd S
2i+1).
With reference to Fig. 6, Fig. 7.The critical path that key is provided with the stage and the stage of encryption shortens.Be provided with in the realization at key of the present invention, two stages of handling A and treatments B are distributed in two adjacent beats, but owing to handle ring shift left in the process of A is 3 of specific ring shift lefts, and the operation of the ring shift left in the treatments B is complete uncertain shift count, first addition with the right side, perhaps XOR advances in the beat of handling A and goes.Therefore the delay that cyclic shift causes in the process of treatments B is very huge, considerably beyond the process of handling A.The formed critical path schematic diagram of the process of treatments B such as Fig. 5 show: advanced to anatomize, we think can be with first addition on right side, and perhaps XOR advances in the beat of handling A and goes.Specific implementation is seen Fig. 6 and Fig. 7.Mode by mobile distributor moves on to previous beat with the calculating before the ring shift left.
At last, fault-tolerant design of the present invention and implementation are described once.In FPGA hardware was realized, the easiest place that mistake occurs was storage medium and register, and modal mistake is a single event upset (SEU).Promptly store in the data certain the position owing to data bit flop phenomenon (0 becomes 1 or 1 becomes 0) has taken place some transient cause.Done fault-tolerant Design of Reinforcement at the SEU phenomenon that may occur in the RS specially among the present invention.In order to make data can carry error message, we have used Hamming code that data are carried out code storage, and Hamming code can be corrected a bit-errors automatically and find two bit-errors, and this just in time is fit to the correction of SEU phenomenon.
With reference to Fig. 8, because the calculating among the present invention is all with 32 bit data position masters, so designed the encoder of Hamming code at 32 bit data.It is 38 bit data that 32 bit data are carried out behind the Hamming code coding.Therefore the register reality among the present invention all is 38, and storage list is that a word length is stored with 38 also.Each data is carried out the Hamming code decoding before use.Before depositing register in, carry out the Hamming code coding, carry out the Hamming code decoding when reading.
Claims (5)
1. based on fault-tolerant RC5 encrypted array FPGA method for designing, it is characterized in that this method comprises two parts: at first, be structure and many PE of characteristics design computing array, realize simultaneously large-scale cipher key search at the RC5 algorithm; Secondly, carry out the fault-tolerant reinforcing of Hamming code, under the not obvious prerequisite that lowers efficiency, improve the steadiness of algorithm according to the contingent position of SEU.
2. according to claim 1 based on fault-tolerant RC5 encrypted array FPGA method for designing, it is characterized in that this encrypted array general system set-up is divided into three parts: state machine, memory and arithmetic element array; State machine is responsible for controlling the operation order of whole system, comprises the visit of memory and sharing out the work and help one another of arithmetic element; Memory is a dynamic random access memory, and the data of any size in any address can be provided at any time; The arithmetic element array is then arranged by the capable m column operations unit PE of n and formed, and is separate between the PE.
3. according to claim 1 based on fault-tolerant RC5 encrypted array FPGA method for designing, it is characterized in that the structure of arithmetic element PE comprises three parts: key is provided with structure, RC5 cryptographic structure, a S table memory.
4. according to claim 1 based on fault-tolerant RC5 encrypted array FPGA method for designing, it is characterized in that, during FPGA realized, each cryptographic calculation of taking turns was divided into two beats equally, and the process of calculating A and calculating B is separated with temporary intermediate object program by a pair of register; In the rear end of computational logic a pair of register is set also and deposits intermediate object program, so that next beat carries out the next round computing with the input that the result feeds back to left end.
5. according to claim 1 based on fault-tolerant RC5 encrypted array FPGA method for designing, it is characterized in that, key is provided with in the realization, and two stages of handling A and treatments B are distributed in two adjacent beats, handles ring shift left in the process of A and be 3 of specific ring shift lefts; In the process of treatments B, with first addition on right side, perhaps XOR advances in the beat of handling A and goes.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011101771667A CN102231665A (en) | 2011-06-28 | 2011-06-28 | RC5 encryption array FPGA design method based on fault tolerance |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2011101771667A CN102231665A (en) | 2011-06-28 | 2011-06-28 | RC5 encryption array FPGA design method based on fault tolerance |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102231665A true CN102231665A (en) | 2011-11-02 |
Family
ID=44844205
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2011101771667A Pending CN102231665A (en) | 2011-06-28 | 2011-06-28 | RC5 encryption array FPGA design method based on fault tolerance |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102231665A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107526963A (en) * | 2017-08-30 | 2017-12-29 | 深圳市风云实业有限公司 | Cipher key lookup equipment, method and computer-readable recording medium |
| CN110795900A (en) * | 2019-11-26 | 2020-02-14 | 北京智慧云测信息技术有限公司 | Intelligent burr design circuit |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060265603A1 (en) * | 2005-03-24 | 2006-11-23 | Sony United Kingdom Limited | Programmable logic device |
| CN101867471A (en) * | 2010-06-11 | 2010-10-20 | 南京邮电大学 | Irrational number based DES authentication encryption algorithm |
-
2011
- 2011-06-28 CN CN2011101771667A patent/CN102231665A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20060265603A1 (en) * | 2005-03-24 | 2006-11-23 | Sony United Kingdom Limited | Programmable logic device |
| CN101867471A (en) * | 2010-06-11 | 2010-10-20 | 南京邮电大学 | Irrational number based DES authentication encryption algorithm |
Non-Patent Citations (3)
| Title |
|---|
| 倪时策等: "《基于FPGA 的细粒度并行K- means算法加速器的设计与实现》", 《计算机工程与科学》 * |
| 武朋等: "《信息科技辑》", 30 June 2009 * |
| 黄琳等: "《S698M SoC芯片中EDAC模块的设计与实现》", 《中国集成电路》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN107526963A (en) * | 2017-08-30 | 2017-12-29 | 深圳市风云实业有限公司 | Cipher key lookup equipment, method and computer-readable recording medium |
| CN110795900A (en) * | 2019-11-26 | 2020-02-14 | 北京智慧云测信息技术有限公司 | Intelligent burr design circuit |
| CN110795900B (en) * | 2019-11-26 | 2023-04-28 | 北京智慧云测信息技术有限公司 | Intelligent burr design circuit |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Rahim et al. | Cryptography technique with modular multiplication block cipher and playfair cipher | |
| US11546135B2 (en) | Key sequence generation for cryptographic operations | |
| US9843440B2 (en) | Encryptor/decryptor, electronic device including encryptor/decryptor, and method of operating encryptor/decryptor | |
| US20160013939A1 (en) | Generating a key based on a combination of keys | |
| CA3051928A1 (en) | Equivocation augmentation | |
| KR20100069610A (en) | Methods and devices for a chained encryption mode | |
| CN106598882A (en) | Secure memory data protection method and device | |
| CN110880967B (en) | Method for parallel encryption and decryption of multiple messages by adopting packet symmetric key algorithm | |
| US20190103957A1 (en) | Encryption device, encryption method, decryption device and decryption method | |
| JP2011512562A (en) | Random encryption and decryption method for access and communication data | |
| CN116488794B (en) | Method and device for realizing high-speed SM4 password module based on FPGA | |
| CN105916141A (en) | Self-synchronizing realization system and self-synchronizing realization method for Zu Chongzhi encryption and decryption algorithm | |
| CN102946315A (en) | Method and system for constructing MAC (Media Access Control) code by utilizing packet mode | |
| Han et al. | Improved biclique cryptanalysis of the lightweight block cipher piccolo | |
| CN103501220A (en) | Encryption method and device | |
| CN102231665A (en) | RC5 encryption array FPGA design method based on fault tolerance | |
| KR101678182B1 (en) | Method of encryption and decryption | |
| US20240097880A1 (en) | High-speed circuit combining aes and sm4 encryption and decryption | |
| Singh et al. | Study & analysis of cryptography algorithms: RSA, AES, DES, T-DES, blowfish | |
| KR101584220B1 (en) | Encoding Method for Maintaining Sorting Order of Encrypted Data | |
| JP5586758B1 (en) | Dynamic encryption key generation system | |
| NehaKhatri-Valmik et al. | Blowfish algorithm | |
| JP2009098321A (en) | Information processor | |
| JP5051429B2 (en) | Encryption key management method, system thereof, and program thereof | |
| Islam et al. | Data encryption standard |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C02 | Deemed withdrawal of patent application after publication (patent law 2001) | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20111102 |