CN102664730A - 128 bit secret key expansion method based on AES (Advanced Encryption Standard) - Google Patents
128 bit secret key expansion method based on AES (Advanced Encryption Standard) Download PDFInfo
- Publication number
- CN102664730A CN102664730A CN2012101325586A CN201210132558A CN102664730A CN 102664730 A CN102664730 A CN 102664730A CN 2012101325586 A CN2012101325586 A CN 2012101325586A CN 201210132558 A CN201210132558 A CN 201210132558A CN 102664730 A CN102664730 A CN 102664730A
- Authority
- CN
- China
- Prior art keywords
- register
- value
- wheel
- address
- xor
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
The invention discloses a 128 bit secret key expansion system and a method based on an AES (Advanced Encryption Standard), which mainly solve the problems of low efficiency and high power consumption in a 128 bit secret key expansion process of an existing AES encryption algorithm. A realization process comprises the following steps of: storing an initial secret key at a first round of secret key expansion; using the stored initial secret key as a round secret key of the round; carrying out word circulation, byte substitution and bitwise XOR operation on the round secret key; storing the round secret key in a local register and an external storage unit simultaneously so as to be read by an encryption process; repeating the operation on the round secret key obtained through the former round; and finishing secret key expansion until 10 round secret keys are obtained. According to the 128 bit secret key expansion system and method based on the AES, the instantaneity of secret key expansion and the reusability of the round secret key can be ensured, the high efficiency and the low power consumption of secret key expansion are realized; and the system and the method can be applied to the 128 bit secret key expansion process of the AES encryption algorithm.
Description
Technical field
The invention belongs to the safe practice field, relate to data encryption, particularly the cipher key spreading method among the Advanced Encryption Standard AES can be used for network service.
Background technology
Advanced Encryption Standard AES is that the national standard Technical Board NIST of the US Department of Commerce does not have a kind of algorithm that level of confidentiality is encrypted in November calendar year 2001 disclosed being used to.Aes algorithm has been widely used in the high-end products such as cryptographic protocol, communication terminal and server since open.
Aes algorithm obtains round key through initial key is carried out cipher key spreading, and with round key 128 data block is carried out encryption and decryption.This algorithm use the subclass of Rijndael symmetric key algorithm, support that length is that the grouping and the length of 128 bits is the key of 128,192 and 256 bits.
This algorithm is counted r according to the definite wheel of encrypting of the length of initial key, is under the situation of 128 bits, 192 bits and 256 bits in initial key length, takes turns number r accordingly and is respectively 10,12 and 14.Each takes turns encryption all needs the round key of 128 different bits and data block to carry out the step-by-step xor operation.Because initial key length can only be 128 bits, 192 bits or 256 bits; Can't for every take turns to encrypt different round key is provided; Therefore this algorithm also comprises key schedule; Be used for being extended to the serial data that length is 1280 bits, 1536 bits or 1792 bits to initial key, encrypt needed round key thereby generate.
The cipher key spreading method of extensive use at present has two kinds: a kind of is " A Rijndael Cryptoprocessor Using Shared On-the-fly Key Scheduler " employed real-time cipher key spreading method, and what promptly key expansion unit was real-time provides round key for crypto process; The shortcoming of this method is that round key can't reuse, thereby occasion big for data volume, that need to use continuously round key, and the power consumption that continuous service cipher key spreading program is brought is bigger;
Another kind is " the FPGA implementation method of a kind of optimization of aes algorithm " employed preparatory cipher key spreading method, carries out cipher key spreading earlier and generates all round key, and store in the internal memory, encrypts again; In the method, just can carry out after accomplishing, encrypt the needed time, so can't be applicable to and require real-time encrypted occasion thereby increased because encryption flow will be waited for cipher key spreading.
Summary of the invention
The objective of the invention is to deficiency to above-mentioned conventional method; A kind of 128 bit cipher key spreading system and methods based on Advanced Encryption Standard AES are proposed; With the real-time of assurance cipher key spreading and the reusability of round key, realize the high efficiency and the low-power consumption of cipher key spreading.
For realizing above-mentioned purpose, the present invention is based on the 128 bit cipher key spreading systems of Advanced Encryption Standard AES, comprising:
The wheel counter unit is used for wheel n is added an operation, and the number of wheel n is exported;
Register file, 44 registers that are 32 bits by bit wide constitute, and are used for temporary initial key and round key, and assurance cipher key spreading process can be taken immediately;
The round key memory cell; Adopting bit wide is 32 bits; The degree of depth is 44 twoport SDRAM; Be used for storing initial key and round key, make encryption flow can when cipher key spreading is carried out, obtain the round key of having stored, and guarantee that follow-up data need not cipher key spreading when encrypting and can directly read storage wheel key;
Circulating register is used to store the value that confession word cycling element reads 32 bits of use;
The word cycling element is used for the value of circulating register is carried out the operation of 1 byte of ring shift left, and the result is exported to the replacement register;
The replacement register is used to store the value that confession byte replacement unit reads 32 bits of use;
Byte replacement unit; The value that is used for replacing register as the address be divided into from the 31st to the 24th, these 4 bytes send to the S housing unit from the 23rd to the 16th, from the 15th to the 8th with from the 7th to the 0th, and export to step-by-step XOR unit after the return value of the S housing unit order when sending the address made up from high to low;
The S housing unit adopts 4 ROM that prestore the S box, is used for that byte is replaced 4 addresses of sending the unit and returns to byte replacement unit in the value of pairing 48 bits of S box;
Wheel constant selected cell is used for according to wheel n, from the candidate value of 11 16 systems: 0,1,2,4,8,10,20,40,80,1b selects a value in 36 and exports to step-by-step XOR unit;
The XOR deposit unit comprises that bit wide is No. 0 register of 32 bits, No. 1 register, No. 2 registers and No. 3 registers, be used to store step-by-step XOR unit the value of 32 bits that will use;
Step-by-step XOR unit comprises No. 0 step-by-step XOR subelement, No. 1 step-by-step XOR subelement, No. 2 step-by-step XOR subelements and No. 3 step-by-step XOR subelements, is used to carry out the step-by-step xor operation, and the gained result is exported to register file as round key;
Round key expansion control unit is used for that next step stops or proceeding the cipher key spreading process according to wheel n decision, if wheel n is 10, then finishes the cipher key spreading process, if wheel number be the value in the 0-9 scope, and continuation execution cipher key spreading process then.
For realizing above-mentioned purpose, the present invention is based on the 128 bit cipher key spreading methods of Advanced Encryption Standard AES, comprise the steps:
1) variable-definition that will count the cipher key spreading process is wheel n, and its span is divided into 0-9 integer field and the integer field both of these case between the 0-9 in addition;
2) number of wheel n is made zero beginning cipher key spreading process;
3) initial key is divided into the value of 4 32 bits from a high position to the low level, depositing the data of these 4 32 bits in address simultaneously in this order again is among 0,1,2,3 register and the twoport SDRAM who is specifically designed to the storage wheel key;
4) confirm register address a according to wheel n, if wheel n is the value outside the 0-9, then the value of register address a remains unchanged, otherwise confirms the address by following rule:
If wheel n is 0, then register address a is 3;
The every increase by 1 of wheel n, the value of register address a just increases by 4;
5) value is composed to circulating register from the pairing register of register address a, with the byte of 32 bit place value ring shift lefts in the circulating register, and outputs in the replacement register;
6) will replace in the register value as the address be divided into from the 31st to the 24th, these 4 bytes from the 23rd to the 16th, from the 15th to the 8th with from the 7th to the 0th; Send to 4 ROM that prestore the S box successively, these 4 ROM return the address value that receives 8 corresponding bit numerical value in the S box respectively again;
7) order of the 8 bit numerical value that 4 ROM returned when sending the address in the step 6) is combined into the output of the value of one 32 bit as the byte replacement operation from high to low;
8) confirm register address b0 according to wheel n, b1, b2 and b3, if wheel n is the value outside the 0-9, register address b0 then, b1, the value among b2 and the b3 all remains unchanged, otherwise confirms the address by following rule:
If wheel n is 0, register address b0 then, b1, b2 and b3 are successively by assignment 0,1,2,3;
The every increase by 1 of wheel n, register address b0 then, b1, the value of b2 and b3 all increases by 4;
9) from register address b0, b1, value in the pairing register of b2 and b3, and compose respectively and give No. 0 register, No. 1 register, No. 2 registers and No. 3 registers;
10) from the candidate value of 11 16 systems, select the output of wheel constant value according to wheel n, promptly when wheel n was 0-9, corresponding wheel constant value output was followed successively by 1,2,4,8,10,20,40,80,1b, and 36, otherwise the wheel constant value is output as 0;
11) confirm register address c0 according to wheel n, c1, the value of c2 and c3, if wheel n is the value outside the 0-9, register address c0 then, c1, the value among c2 and the c3 all remains unchanged, otherwise confirms the address by following rule:
If wheel n is 0, register address c0 then, c1, c2 and c3 are successively by assignment 4,5,6,7;
The every increase by 1 of wheel n, register address c0 then, c1, the value of c2 and c3 all increases by 4;
12) the step-by-step xor operation is carried out in the output of value in No. 0 register and byte replacement operation; After carrying out the step-by-step XOR with wheel constant value output again with this result, the gained result is deposited among pairing register of register address c0 and the twoport SDRAM as the 127th to the 96th of round key;
13) value in value in No. 1 register and the pairing register of register address c0 is carried out the step-by-step xor operation, the gained result is deposited among pairing register of register address c1 and the twoport SDRAM as the 95th to the 64th of round key;
14) value in value in No. 2 registers and the pairing register of register address c1 is carried out the step-by-step xor operation, the gained result is deposited among pairing register of register address c2 and the twoport SDRAM as the 63rd to the 32nd of round key;
15) value in value in No. 3 registers and the pairing register of register address c2 is carried out the step-by-step xor operation; The gained result is deposited among pairing register of register address c3 and the twoport SDRAM as the 31st to the 0th of round key, accomplished the expansion and the storage of one 128 bit round key this moment;
16) wheel n is added 1,, then stop the cipher key spreading process if the result who adds after 1 is 10, otherwise repeating step 4) to step 16).
The present invention has following advantage:
1) the present invention passes through to simplify the Rule of judgment of cipher key spreading circulation, and the cycle-index that reduces cipher key spreading, compares with conventional method, in the efficient that improves cipher key spreading, has reduced the power consumption of cipher key spreading.
Conventional method all adopts the key schedule among the Advanced Encryption Standard AES; Regard the expanded keys that the initial key expansion obtains as an array W [i]; 0≤i<44, wherein each array element w [i] is row of round key, and sequence number i is as the main reference object of cipher key spreading cyclic process; At initial key is under the situation of 128 bits; Can the circulation of traditional secrete key expansion be divided exactly and be divided into two kinds of situation by 4 according to sequence number i; If sequence number i can be divided exactly by 4; Then
otherwise,
Wherein, subword representes the value in the bracket is carried out the byte replacement operation, and rotword representes the value in the bracket is carried out the word cycling, and rcon representes to select the wheel constant according to the value in the bracket; The every circulation primary of this cipher key spreading method only produces row of round key; Need carry out cipher key spreading circulation 40 times so produce 10 all round key; And the judgement to condition " whether sequence number i can be divided exactly by 4 " will be carried out 40 times, and not only efficient is lower, and power consumption is big in practical application.
Among the present invention, the Rule of judgment of cipher key spreading circulation only has 1, is exactly wheel n; Promptly under normal situation about carrying out; The value of wheel n is 10 integer values between the 0-9; The cyclic process of cipher key spreading is to come the selection operation number according to wheel n, and carries out word circulation, byte replacement and step-by-step xor operation, and each circulation produces a complete round key; Through this endless form; Cipher key spreading method of the present invention only need circulate 10 times; Can accomplish the generation of all round key, and also only need carry out 10 times, not only simplify the Rule of judgment of cipher key spreading circulation for the judgement of wheel number; And reduced the cycle-index of cipher key spreading, thereby in the efficient that has improved cipher key spreading, reduced the power consumption of cipher key spreading;
2) the present invention has advantages of high practicability;
In practical application, owing to reasons such as environment and faults, the value that possibly cause wheel n is in the integer field between 0-9, thereby makes whole cipher key spreading process all can't normally carry out; For this situation, provided the corresponding processing mode among the present invention, make other the not influence of the unusual assignment of the number taken turns n of operation, thereby reduced the harmful effect that fault is brought, improved practicality of the present invention;
3) the present invention makes the cipher key spreading process to come optionally to read the round key that is temporarily stored in wherein through judging the address, again through register address a through the definition of register file; B0, b1, b2; B3, c0, c1; C2, the use of the value rule of c3 has improved the selection of the arithmetic operation number in the cipher key spreading and has read the efficient of process;
4) the present invention will be owing to will accomplish a round key expansion necessary operations procedure; And when accomplishing each round key expansion; Round key is deposited in twoport SDRAM and the register file; So guaranteed the reusability of round key real-time when round key being provided, thereby taken into account high efficiency and low-power consumption for encryption flow;
5) the present invention accomplishes the byte replacement through using 4 S boxes, makes the realization of byte replacement process be easy to Parallel Implementation, has improved the efficient of cipher key spreading simultaneously.
Description of drawings
Fig. 1 is the 128 bit cipher key spreading system construction drawings that the present invention is based on Advanced Encryption Standard AES;
Fig. 3 is the 128 bit cipher key spreading method flow sketches that the present invention is based on Advanced Encryption Standard AES;
Fig. 3 is the 128 bit cipher key spreading method flow detail drawings that the present invention is based on Advanced Encryption Standard AES.
Embodiment
With reference to Fig. 1; The 128 bit cipher key spreading systems that the present invention is based on Advanced Encryption Standard AES comprise: wheel counter unit 1, register file 2, round key memory cell 3, circulating register 4, word cycling element 5, replacement register 6, byte replacement unit 7, S housing unit 8, wheel constant selected cell 9, XOR deposit unit 10, step-by-step XOR unit 11, round key expansion control unit 12, and this S housing unit 8 comprises that 4 prestore the ROM:0 ROM of S box, No. 1 ROM, No. 2 ROM and No. 3 ROM; This XOR deposit unit 10 comprises that 4 bit wides are the register of 32 bits: No. 0 register, No. 1 register, No. 2 registers and No. 3 registers; This step-by-step XOR unit 11 comprises 4 step-by-step XOR subelements: No. 0 step-by-step XOR subelement, No. 1 step-by-step XOR subelement, No. 2 step-by-step XOR subelements and No. 3 step-by-step XOR subelements.Wherein:
Wheel counter unit 1 is used for wheel n is added an operation, and the number of wheel n is exported to round key expansion control unit 12, wheel constant selected cell 9 and register file 2 simultaneously.
Register file 2; 44 registers that are 32 bits by bit wide constitute, and are used for temporary initial key and round key, and assurance cipher key spreading process can be taken immediately; Be used in addition selecting round key to export to round key memory cell 3 and XOR register cell 10 according to wheel n; Round key wherein is meant 10 128 number of bits that the cipher key spreading process is produced, be used to AES among the Advanced Encryption Standard AES every take turns to encrypt 128 different number of bits are provided.
Round key memory cell 3; Adopting bit wide is 32 bits; The degree of depth is 44 twoport SDRAM; Be used for storing initial key and round key, make encryption flow can when cipher key spreading is carried out, obtain the round key of having stored, and guarantee that follow-up data need not cipher key spreading when encrypting and can directly read storage wheel key.
Circulating register 4, bit wide is 32 bits, is used to store supply word cycling element 5 to read the value of use.
Word cycling element 5 is used for the value of circulating register 4 is carried out 1 byte of ring shift left and exported to replacement register 6.
Replacement register 6 is used to store the value that confession byte replacement unit 7 reads 32 bits of use.
Byte replacement unit 7; Be used to carry out the byte replacement operation; At first will replace in the register 6 value as the address be divided into from the 31st to the 24th, these 4 bytes send to S housing unit 8 from the 23rd to the 16th, from the 15th to the 8th with from the 7th to the 0th; Afterwards with the return value of S housing unit 8 according to after the sequential combination of No. 0 ROM to 3 ROM, obtaining the result of byte replacement operation, and export to step-by-step XOR unit.
No. 0 ROM in the S housing unit 8, No. 1 ROM, No. 2 ROM and No. 3 ROM all have the S box; Each ROM bit wide is 8 bits, and the degree of depth is 256, is used to receive the address that byte replacement unit 7 sends over; And address corresponding value in the S box returned to byte replacement unit 7, wherein:
No. 0 ROM receives the 31st to the 24th the address that byte replacement unit 7 sends over, and the pairing 8 bit place values in this address are exported to byte replacement unit 7;
No. 1 ROM receives the 23rd to the 16th the address that byte replacement unit 7 sends over, and the pairing 8 bit place values in this address are exported to byte replacement unit 7;
No. 2 ROM receives the 15th to the 8th the address that byte replacement unit 7 sends over, and the pairing 8 bit place values in this address are exported to byte replacement unit 7;
No. 3 ROM receives the 7th to the 0th the address that byte replacement unit 7 sends over, and the pairing 8 bit place values in this address are exported to byte replacement unit 7.
Wheel constant selected cell 9 is used for according to wheel n, from the candidate value of 11 16 systems: 0,1,2,4,8; 10,20,40,80,1b selects a value in 36 and exports to step-by-step XOR unit 11, promptly when wheel n is 0-9; Corresponding output is followed successively by 1,2,4,8,10,20; 40,80,1b, 36, otherwise, be output as 0; Wherein, The wheel constant is the notion that key schedule adopted in the AES standard; Each is taken turns constant and is calculated by wheel n and get, because of wheel n span limited, so directly employing result of calculation as the candidate value of taking turns constant; Need to prove that 0 is not the wheel constant value, but the candidate value that is provided with in order to prevent that the number of wheel n is unusual.
Step-by-step XOR unit 11 comprises No. 0 step-by-step XOR subelement, No. 1 step-by-step XOR subelement, No. 2 step-by-step XOR subelements and No. 3 step-by-step XOR subelements, is used to carry out the step-by-step xor operation, and the gained result exported to register file 2 as round key, wherein:
No. 0 step-by-step XOR subelement; After the output of the output of the value in No. 0 register, byte replacement unit 11 and wheel constant selected cell 9 carried out the step-by-step XOR; With gained result the 127th to the 96th, export to No. 1 step-by-step XOR subelement and register file 2 simultaneously as round key;
No. 1 step-by-step XOR subelement carries out the step-by-step XOR with the value in No. 1 register and the output of No. 0 step-by-step XOR subelement, and with result the 95th to the 64th as round key, exports to No. 2 step-by-step XOR subelements and register file 2 simultaneously;
No. 2 step-by-step XOR subelements carry out the step-by-step XOR with the value in No. 2 registers and the output of No. 1 step-by-step XOR subelement, and with result the 63rd to the 32nd as round key, export to No. 3 step-by-step XOR subelements and register file 2 simultaneously;
No. 3 step-by-step XOR subelements carry out the step-by-step XOR with the value in No. 3 registers and the output of No. 2 step-by-step XOR subelements, and with the result as the 31st of round key to the 0th, export to register file 2; Accomplish the expansion and the storage of one 128 bit round key.
Round key expansion control unit 12, next step stops or proceeding the cipher key spreading process according to wheel n decision, if wheel n is 10, then finishes the cipher key spreading process, if wheel number be the value in the 0-9 scope, continuation execution cipher key spreading process then.
With reference to Fig. 2 and Fig. 3,128 bit cipher key spreading methods based on Advanced Encryption Standard AES of the present invention comprise the steps:
Step 1, the variable-definition that will count the cipher key spreading process is wheel n, its span is divided into 0-9 integer field and the integer field both of these case between the 0-9 in addition.
Step 2 makes zero the number of wheel n, beginning cipher key spreading process.
Step 3 is divided into the value of 4 32 bits with initial key from a high position to the low level, depositing the data of these 4 32 bits in address simultaneously in this order again is among 0,1,2,3 register and the twoport SDRAM who is specifically designed to the storage wheel key.
Step 4 is confirmed register address a according to wheel n, if wheel n is the value outside the 0-9, then the value of register address a remains unchanged, otherwise confirms the address by following rule:
If wheel n is 0, then register address a is 3;
The every increase by 1 of wheel n, the value of register address a just increases by 4, and for example, if wheel n is 5, then the value of register address a just is 23; If wheel n is 6, then the value of register address a increases to 27.
Step 5, value is composed to circulating register from the pairing register of register address a, with the byte of 32 bit place value ring shift lefts in the circulating register, and outputs in the replacement register.
Step 6; With the value of replacement in the register as the address be divided into from the 31st to the 24th, these 4 bytes from the 23rd to the 16th, from the 15th to the 8th with from the 7th to the 0th; And send to ROM No. 0 to the 24th bit address with the 31st; Send to ROM with the 23rd No. 1 to the 16th bit address; Send to ROM with the 15th No. 2 to the 8th bit address, send to ROM with the 7th No. 3 to the 0th bit address, these 4 ROM export the address value that receives 48 corresponding bit numerical value in the S box respectively again.
Step 7; The output valve of 4 ROM order when sending the address in the step 6 is combined into the output of the value of one 32 bit as the byte replacement operation from high to low, and the return value that is about to No. 0 ROM, No. 1 ROM, No. 2 ROM and No. 3 ROM is successively as the value of synthetic 32 bits of highest byte, inferior high byte, the 3rd byte and quadlets.
Step 8 is confirmed register address b0 according to wheel n, b1, and b2 and b3, if wheel n is the value outside the 0-9, register address b0 then, b1, the value among b2 and the b3 all remains unchanged, otherwise confirms the address by following rule:
If wheel n is 0, register address b0 then, b1, b2 and b3 are successively by assignment 0,1,2,3;
The every increase by 1 of wheel n, register address b0 then, b1, the value of b2 and b3 all increases by 4, and for example, if wheel n is 7, then the value of register address b0 is 28, and the value of b1 is 29, and the value of b2 is 30, the value of b3 is 31; If wheel n is 8, then the value of register address b0 increases to 32, and the value of b1 increases to 33, and the value of b2 increases to 34, and the value of b3 increases to 35.
Step 9, value is composed to different registers from the pairing register of different register addresss:
9a) value is composed to No. 0 register from the pairing register of register address b0;
9b) value is composed to No. 1 register from the pairing register of register address b1;
9c) value is composed to No. 2 registers from the pairing register of register address b2;
9d) value is composed to No. 3 registers from the pairing register of register address b3.
If wheel n is 0, register address c0 then, c1, c2 and c3 are successively by assignment 4,5,6,7;
The every increase by 1 of wheel n, register address c0 then, c1, the value of c2 and c3 all increases by 4, and for example, if wheel n is 8, then the value of register address c0 is 36, the value of c1 is 37, the value of c2 is 38, the value of c3 is 39; If number n is 9, then the value of register address c0 increases to 40, and the value of c1 increases to 41, and the value of c2 increases to 42, and the value of c3 increases to 43.
Step 12; The step-by-step xor operation is carried out in output to value in No. 0 register and byte replacement operation; After carrying out the step-by-step XOR with wheel constant value output again with this result, the gained result is deposited among pairing register of register address c0 and the twoport SDRAM to the 96th as the 127th of round key.
Step 13 is carried out the step-by-step xor operation to the value in two registers of appointment, and the gained result is deposited among register and the twoport SDRAM as row of round key:
13a) value in value in No. 1 register and the pairing register of register address c0 is carried out the step-by-step xor operation, the gained result is deposited among pairing register of register address c1 and the twoport SDRAM as the 95th to the 64th of round key;
13b) value in value in No. 2 registers and the pairing register of register address c1 is carried out the step-by-step xor operation, the gained result is deposited among pairing register of register address c2 and the twoport SDRAM as the 63rd to the 32nd of round key;
13c) value in value in No. 3 registers and the pairing register of register address c2 is carried out the step-by-step xor operation; The gained result is deposited among pairing register of register address c3 and the twoport SDRAM as the 31st to the 0th of round key, accomplished the expansion and the storage of one 128 bit round key this moment.
Step 14, n adds 1 to wheel, if the result who adds after 1 is 10, then stops the cipher key spreading process, otherwise repeating step 4) to step 14).
The advantage of cipher key spreading method of the present invention can further specify through theoretical derivation:
Derive 1, it is Tk that order generates whole round key required times; And the present invention adopts the encryption flow method of " the FPGA implementation method of a kind of optimization of aes algorithm ", and required time is Tc; Can know that then " the FPGA implementation method of a kind of optimization of aes algorithm " accomplished the required total time of data encryption of 128 bits is Tk+Tc; And in the present invention, carry out simultaneously with the AES encryption flow because of the round key expansion, accomplish the Tc that is merely needed total time of encryption of the data of 128 same bits; The data of every encryption 128 bits have been saved Tk; Thereby the present invention compares with the cipher key spreading method in " the FPGA implementation method of a kind of optimization of aes algorithm ", and is more efficient.
Derivation 2 makes method of the present invention in practical application, produce the power consumption of 10 round key and the power consumption of 11 round key of the generation of the forward cipher key spreading method in " A Ri jndael Cryptoprocessor Using Shared On-the-fly Key Scheduler " is p; And be-encrypted data length is the x bit, wherein x>128.As previously mentioned; Round key among the present invention can be stored in the internal memory after producing, after the encryption of accomplishing first 128 number of bits certificate, because of the required round key of follow-up data is identical; So need not to carry out cipher key spreading, the round key that only need directly read in the internal memory gets final product again; Encrypt the data of x bit like this, the power consumption of using key expansion unit of the present invention is merely p; And for the forward cipher key spreading method in " A Rijndael Cryptoprocessor Using Shared On-the-fly Key Scheduler ", every encryption 128 number of bits certificates all need be carried out cipher key spreading; Its power consumption of encrypting x number of bits certificate is then compared for
thereby with the forward cipher key spreading method in " A Rijndael Cryptoprocessor Using Shared On-the-fly Key Scheduler ", and power consumption of the present invention is lower.
Claims (6)
1. 128 bit cipher key spreading systems based on Advanced Encryption Standard AES comprise:
Wheel counter unit (1) is used for wheel n is added an operation, and the number of wheel n is exported;
Register file (2), 44 registers that are 32 bits by bit wide constitute, and are used for temporary initial key and round key, and assurance cipher key spreading process can be taken immediately;
Round key memory cell (3); Adopting bit wide is 32 bits; The degree of depth is 44 twoport SDRAM; Be used for storing initial key and round key, make encryption flow can when cipher key spreading is carried out, obtain the round key of having stored, and guarantee that follow-up data need not cipher key spreading when encrypting and can directly read storage wheel key;
Circulating register (4) is used for storage and supplies word cycling element (5) to read the value of 32 bits of use;
Word cycling element (5) is used for the value of circulating register (4) is carried out the operation of 1 byte of ring shift left, and the result is exported to replacement register (6);
Replacement register (6) is used for storage and supplies byte replacement unit (7) to read the value of 32 bits of use;
Byte replacement unit (7); The value that is used for replacing register (6) as the address be divided into from the 31st to the 24th, these 4 bytes send to S housing unit (8) from the 23rd to the 16th, from the 15th to the 8th with from the 7th to the 0th, and export to step-by-step XOR unit (11) after the return value of S housing unit (8) order when sending the address made up from high to low;
S housing unit (8) adopts 4 ROM that prestore the S box, is used for that byte is replaced 4 addresses of sending unit (7) and returns to byte replacement unit (7) in the value of pairing 48 bits of S box;
Wheel constant selected cell (9) is used for according to wheel n, from the candidate value of 11 16 systems: 0,1,2,4,8,10,20,40,80,1b selects a value in 36 and exports to step-by-step XOR unit (11);
XOR deposit unit (10) comprises that bit wide is No. 0 register of 32 bits, No. 1 register, No. 2 registers and No. 3 registers, be used to store step-by-step XOR unit (11) the value of 32 bits that will use;
Step-by-step XOR unit (11) comprises No. 0 step-by-step XOR subelement, No. 1 step-by-step XOR subelement, No. 2 step-by-step XOR subelements and No. 3 step-by-step XOR subelements, is used to carry out the step-by-step xor operation, and the gained result is exported to register file (2) as round key;
Round key expansion control unit (12) is used for that next step stops or proceeding the cipher key spreading process according to wheel n decision, if wheel n is 10, then finishes the cipher key spreading process, if wheel number be the value in the 0-9 scope, and continuation execution cipher key spreading process then.
2. 128 bit cipher key spreading systems based on Advanced Encryption Standard AES according to claim 1, wherein said 4 S boxes are respectively No. 0 ROM, No. 1 ROM, No. 2 ROM and No. 3 ROM;
No. 0 ROM, adopting bit wide is 8 bits, the degree of depth is 256, and prestores the ROM of S box, is used to receive the 31st to the 24th the address that byte replacement unit (7) sends over, and the pairing 8 bit place values in this address are exported to byte replacement unit (7);
No. 1 ROM, adopting bit wide is 8 bits, the degree of depth is 256, and prestores the ROM of S box, is used to receive the 23rd to the 16th the address that byte replacement unit (7) sends over, and the pairing 8 bit place values in this address are exported to byte replacement unit (7);
No. 2 ROM, adopting bit wide is 8 bits, the degree of depth is 256, and prestores the ROM of S box, is used to receive the 15th to the 8th the address that byte replacement unit (7) sends over, and the pairing 8 bit place values in this address are exported to byte replacement unit (7);
No. 3 ROM, adopting bit wide is 8 bits, the degree of depth is 256, and prestores the ROM of S box, is used to receive the 7th to the 0th the address that byte replacement unit (7) sends over, and the pairing 8 bit place values in this address are exported to byte replacement unit (7).
3. 128 bit cipher key spreading systems based on Advanced Encryption Standard AES according to claim 1; Wherein XOR deposit unit (10) storage step-by-step XOR unit (11) the value of 32 bits that will use; Be with No. 0 step-by-step XOR of No. 0 register-stored subelement the value of 32 bits that will use; With No. 1 step-by-step XOR of No. 1 register-stored subelement the value of 32 bits that will use; With No. 2 step-by-step XORs of No. 2 register-stored subelement the value of 32 bits that will use, with No. 3 step-by-step XORs of No. 3 register-stored subelement the value of 32 bits that will use.
4. 128 bit cipher key spreading systems based on Advanced Encryption Standard AES according to claim 1; Wherein the step-by-step xor operation is carried out in step-by-step XOR unit (11); And the gained result exported to register file (2) as round key, be to accomplish successively, that is: by 4 sub-cells
After by No. 0 step-by-step XOR subelement the step-by-step XOR being carried out in the output of the output of the value in No. 0 register, byte replacement unit (11) and wheel constant selected cell (9); With gained result the 127th to the 96th, export to No. 1 step-by-step XOR subelement and register file (2) simultaneously as round key;
By No. 1 step-by-step XOR subelement the value in No. 1 register and the output of No. 0 step-by-step XOR subelement are carried out the step-by-step XOR, and with result the 95th to the 64th, export to No. 2 step-by-step XOR subelements and register file (2) simultaneously as round key;
By No. 2 step-by-step XOR subelements the value in No. 2 registers and the output of No. 1 step-by-step XOR subelement are carried out the step-by-step XOR, and with result the 63rd to the 32nd, export to No. 3 step-by-step XOR subelements and register file (2) simultaneously as round key;
By No. 3 step-by-step XOR subelements the value in No. 3 registers and the output of No. 2 step-by-step XOR subelements are carried out the step-by-step XOR, and, export to register file (2) result the 31st to the 0th as round key; Accomplish the expansion and the storage of one 128 bit round key.
5. 128 bit cipher key spreading systems based on Advanced Encryption Standard AES according to claim 1; Wherein said round key; Be meant 10 128 number of bits that the cipher key spreading process is produced, be used to AES among the Advanced Encryption Standard AES every take turns to encrypt 128 different number of bits are provided.
6. 128 bit cipher key spreading methods based on Advanced Encryption Standard AES comprise the steps:
1) variable-definition that will count the cipher key spreading process is wheel n, and its span is divided into 0-9 integer field and the integer field both of these case between the 0-9 in addition;
2) number of wheel n is made zero beginning cipher key spreading process;
3) initial key is divided into the value of 4 32 bits from a high position to the low level, depositing the data of these 4 32 bits in address simultaneously in this order again is among 0,1,2,3 register and the twoport SDRAM who is specifically designed to the storage wheel key;
4) confirm register address a according to wheel n, if wheel n is the value outside the 0-9, then the value of register address a remains unchanged, otherwise confirms the address by following rule:
If wheel n is 0, then register address a is 3;
The every increase by 1 of wheel n, the value of register address a just increases by 4;
5) value is composed to circulating register from the pairing register of register address a, with the byte of 32 bit place value ring shift lefts in the circulating register, and outputs in the replacement register;
6) will replace in the register value as the address be divided into from the 31st to the 24th, these 4 bytes from the 23rd to the 16th, from the 15th to the 8th with from the 7th to the 0th; Send to 4 ROM that prestore the S box successively, these 4 ROM return the address value that receives 8 corresponding bit numerical value in the S box respectively again;
7) order of the 8 bit numerical value that 4 ROM returned when sending the address in the step 6) is combined into the output of the value of one 32 bit as the byte replacement operation from high to low;
8) confirm register address b0 according to wheel n, b1, b2 and b3, if wheel n is the value outside the 0-9, register address b0 then, b1, the value among b2 and the b3 all remains unchanged, otherwise confirms the address by following rule:
If wheel n is 0, register address b0 then, b1, b2 and b3 are successively by assignment 0,1,2,3;
The every increase by 1 of wheel n, register address b0 then, b1, the value of b2 and b3 all increases by 4;
9) from register address b0, b1, value in the pairing register of b2 and b3, and compose respectively and give No. 0 register, No. 1 register, No. 2 registers and No. 3 registers;
10) from the candidate value of 11 16 systems, select the output of wheel constant value according to wheel n, promptly when wheel n was 0-9, corresponding wheel constant value output was followed successively by 1,2,4,8,10,20,40,80,1b, and 36, otherwise the wheel constant value is output as 0;
11) confirm register address c0 according to wheel n, c1, the value of c2 and c3, if wheel n is the value outside the 0-9, register address c0 then, c1, the value among c2 and the c3 all remains unchanged, otherwise confirms the address by following rule:
If wheel n is 0, register address c0 then, c1, c2 and c3 are successively by assignment 4,5,6,7;
The every increase by 1 of wheel n, register address c0 then, c1, the value of c2 and c3 all increases by 4;
12) the step-by-step xor operation is carried out in the output of value in No. 0 register and byte replacement operation; After carrying out the step-by-step XOR with wheel constant value output again with this result, the gained result is deposited among pairing register of register address c0 and the twoport SDRAM as the 127th to the 96th of round key;
13) value in value in No. 1 register and the pairing register of register address c0 is carried out the step-by-step xor operation, the gained result is deposited among pairing register of register address c1 and the twoport SDRAM as the 95th to the 64th of round key;
14) value in value in No. 2 registers and the pairing register of register address c1 is carried out the step-by-step xor operation, the gained result is deposited among pairing register of register address c2 and the twoport SDRAM as the 63rd to the 32nd of round key;
15) value in value in No. 3 registers and the pairing register of register address c2 is carried out the step-by-step xor operation; The gained result is deposited among pairing register of register address c3 and the twoport SDRAM as the 31st to the 0th of round key, accomplished the expansion and the storage of one 128 bit round key this moment;
16) wheel n is added 1,, then stop the cipher key spreading process if the result who adds after 1 is 10, otherwise repeating step 4) to step 16).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210132558.6A CN102664730B (en) | 2012-05-02 | 2012-05-02 | 128 bit secret key expansion method based on AES (Advanced Encryption Standard) |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210132558.6A CN102664730B (en) | 2012-05-02 | 2012-05-02 | 128 bit secret key expansion method based on AES (Advanced Encryption Standard) |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN102664730A true CN102664730A (en) | 2012-09-12 |
| CN102664730B CN102664730B (en) | 2014-11-12 |
Family
ID=46774150
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210132558.6A Expired - Fee Related CN102664730B (en) | 2012-05-02 | 2012-05-02 | 128 bit secret key expansion method based on AES (Advanced Encryption Standard) |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102664730B (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103209071A (en) * | 2012-12-05 | 2013-07-17 | 无锡华大国奇科技有限公司 | Advanced Encryption Standard (AES) encryption device |
| CN103391186A (en) * | 2013-06-27 | 2013-11-13 | 清华大学 | Method for achieving replacing of S box and inverse S box in advanced encryption standard (AES) algorithm |
| CN104333447A (en) * | 2014-11-26 | 2015-02-04 | 上海爱信诺航芯电子科技有限公司 | SM4 method capable of resisting energy analysis attack |
| CN105187199A (en) * | 2015-09-09 | 2015-12-23 | 浪潮集团有限公司 | Data optimization method in AES encryption |
| CN107872317A (en) * | 2016-09-28 | 2018-04-03 | 北京同方微电子有限公司 | A kind of random mask method and its device for AES key extension |
| CN110047181A (en) * | 2019-04-20 | 2019-07-23 | 广东珠江智联信息科技股份有限公司 | A kind of intelligent door lock method of controlling security based on Zigbee |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1445681A (en) * | 2003-05-01 | 2003-10-01 | 南京邮电学院 | Encryption, decryption method using high security level symmetry secret key algorithm and its encipherer |
| CN101626289A (en) * | 2009-07-14 | 2010-01-13 | 青岛科技大学 | Design method of AES encryption chip and computer encryptor |
-
2012
- 2012-05-02 CN CN201210132558.6A patent/CN102664730B/en not_active Expired - Fee Related
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1445681A (en) * | 2003-05-01 | 2003-10-01 | 南京邮电学院 | Encryption, decryption method using high security level symmetry secret key algorithm and its encipherer |
| CN101626289A (en) * | 2009-07-14 | 2010-01-13 | 青岛科技大学 | Design method of AES encryption chip and computer encryptor |
Cited By (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN103209071A (en) * | 2012-12-05 | 2013-07-17 | 无锡华大国奇科技有限公司 | Advanced Encryption Standard (AES) encryption device |
| CN103391186A (en) * | 2013-06-27 | 2013-11-13 | 清华大学 | Method for achieving replacing of S box and inverse S box in advanced encryption standard (AES) algorithm |
| CN103391186B (en) * | 2013-06-27 | 2016-02-24 | 清华大学 | A kind of method realizing S box and inverse S box replacement in aes algorithm |
| CN104333447A (en) * | 2014-11-26 | 2015-02-04 | 上海爱信诺航芯电子科技有限公司 | SM4 method capable of resisting energy analysis attack |
| CN104333447B (en) * | 2014-11-26 | 2017-10-10 | 上海爱信诺航芯电子科技有限公司 | It is a kind of can resisting energy analysis attacks SM4 methods |
| CN105187199A (en) * | 2015-09-09 | 2015-12-23 | 浪潮集团有限公司 | Data optimization method in AES encryption |
| CN107872317A (en) * | 2016-09-28 | 2018-04-03 | 北京同方微电子有限公司 | A kind of random mask method and its device for AES key extension |
| CN110047181A (en) * | 2019-04-20 | 2019-07-23 | 广东珠江智联信息科技股份有限公司 | A kind of intelligent door lock method of controlling security based on Zigbee |
Also Published As
| Publication number | Publication date |
|---|---|
| CN102664730B (en) | 2014-11-12 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102710415B (en) | Method and table look-up device for encrypting and decrypting data by using symmetric cryptographic algorithm | |
| CN105490802B (en) | The parallel encryption and decryption communication means of improvement SM4 based on GPU | |
| US6246768B1 (en) | Data encryption system for encrypting plaintext data | |
| CN100423507C (en) | VPN system based on dynamic encryption algorithm | |
| Almuhammadi et al. | A comparative analysis of AES common modes of operation | |
| CN102185692B (en) | Multimode reconfigurable encryption method based on advanced encryption standard (AES) encryption algorithm | |
| CN102624520B (en) | 192 bit key expansion system and method based on AES (Advanced Encryption Standard) | |
| CN102664730B (en) | 128 bit secret key expansion method based on AES (Advanced Encryption Standard) | |
| CN1938980A (en) | Method and apparatus for cryptographically processing data | |
| CN102012993A (en) | Methods and devices for selectively encrypting and decrypting data | |
| CN103812641A (en) | System for realizing SM4 block symmetric cipher algorithm | |
| Panda | Data security in wireless sensor networks via AES algorithm | |
| US10686587B2 (en) | Method for safeguarding the information security of data transmitted via a data bus and data bus system | |
| Koko et al. | Comparison of Various Encryption Algorithms and Techniques for improving secured data Communication | |
| KR101095386B1 (en) | A Cryptosystem with a Discretized Chaotic Map | |
| CN103346878B (en) | A kind of secret communication method based on FPGA high-speed serial I/O | |
| CN112367342A (en) | Encryption transmission method and system for distributed photovoltaic operation and maintenance data | |
| CN102647272B (en) | Expansion system and method for 256-bit keys | |
| CN103414552A (en) | Method and device for encrypting and decrypting by using binary tree traversal mode | |
| CN1820449B (en) | Method for encoded data transmission via a communication network | |
| CN107659405A (en) | The encrypting and decrypting method that data communicate between a kind of transformer station boss station | |
| CN104065472A (en) | Meter encryption method | |
| CN109462468B (en) | Data processing method and device | |
| Srivastava et al. | AES-128 Performance in TinyOS with CBC algorithm (WSN) | |
| CN102404731B (en) | Wireless sensor network dynamic encryption method based on encryption parameter lists |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20141112 Termination date: 20190502 |