CN103716150A - MD5 and SHA-1 coprocessor suitable for SOC - Google Patents
MD5 and SHA-1 coprocessor suitable for SOC Download PDFInfo
- Publication number
- CN103716150A CN103716150A CN201310739644.8A CN201310739644A CN103716150A CN 103716150 A CN103716150 A CN 103716150A CN 201310739644 A CN201310739644 A CN 201310739644A CN 103716150 A CN103716150 A CN 103716150A
- Authority
- CN
- China
- Prior art keywords
- module
- sha
- computing
- register
- coprocessor
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Landscapes
- Advance Control (AREA)
Abstract
The invention discloses an MD5 and SHA-1 coprocessor suitable for an SOC. The MD5 and SHA-1 coprocessor suitable for the SOC comprises a DIN register, a SWAP module, an input FIFO module, a position supplementing module, a length supplementing module, an MD5 one-time operation module, an SHA-1 one-time operation module, a CR controller, an STR register, an IMR register and an abstract storage module. The MD5 and SHA-1 coprocessor can be connected to an APB bus, and the reusability of the coprocessor is enhanced to some degree. Due to the fact that the one-time operation modules are reused reasonably and the periodicity of operation is adjusted reasonably, the MD5 and SHA-1 coprocessor has the advantages of being small in area, high in speed, low in power consumption and the like.
Description
Technical field
The present invention relates to MD5/SHA-1 coprocessor, relate in particular to the MD5/SHA-1 coprocessor of the SOC that is applicable to adopt ARM core.
Background technology
At society, along with the development of the network information technology, the application of information security in every field seems more and more important.The safe transmission of guarantee information how, has become the focus of a trend and research.To cleartext information, encrypt and become cipher-text information reliability and fail safe in transmission and circulation with guarantee information, just like, information encryption has become distorting, losing in prevention cleartext information, ensures effective ways of its safety.Therefore, cryptographic algorithm has become importance and the part in cryptography, is also focus and the trend of society research.
MD5 and SHA-1 hashing algorithm can be realized with software, and still, along with the development of information technology, the shortcoming that software is realized seems obvious all the more.For example, execution speed is slow, is easily subjected to virus attack.Comparatively speaking, realize MD5 and SHA-l just do not have this situation with hardware, institute is so that the hardware implementation structure of research MD5 and SHA-1 algorithm becomes certainty.
Summary of the invention
For the problems referred to above, applicant through Improvement, provides MD5 and the SHA-1 coprocessor of a kind of SOC of being applicable to, has well solved the problem of arithmetic speed, area occupied, power consumption three aspects:.
Technical scheme of the present invention is as follows:
Be applicable to MD5 and a SHA-1 coprocessor of SOC, comprise DIN register, SWAP module, input fifo module, cover module, mend length module, MD5/SHA-1 arithmetic element, CR controller, STR register, IMR register and summary memory module; Wherein MD5/SHA-1 arithmetic element is comprised of MD5 single computing module and SHA-1 single computing module;
Described DIN register is connected with SWAP module with APB bus, and bit wide is 32bit, and it receives the message plaintext transmitting from APB bus, sends into subsequently SWAP module;
Described SWAP module is connected with input fifo module with DIN register, for carrying out the displacement of every bit, every byte, every half-word;
Described input fifo module is connected with cover module with SWAP module, in the mode of first-in first-out, stores the data after SWAP module displacement, when FIFO is filled with or computing during to last data block, the data in FIFO is sent into cover module;
Described cover module is connected with benefit length module with input fifo module, does not carry out cover computing when the number of bits of input data does not meet K*512+448, mends 1, all the other zero paddings for first; Described cover computing is undertaken by data amount check and state machine state in judgement FIFO, and when not needing cover, described cover module does not participate in computing;
Described benefit length module is connected with MD5/SHA-1 arithmetic element with cover module, is carrying out after the message of cover computing, represents the length of origination message with the binary data of 64; The computing of described benefit length is undertaken by data amount check and state machine state in judgement FIFO; Through cover with after mending length, form the data that length is the integral multiple of 512 bits, send into MD5/SHA-1 arithmetic element;
Described MD5 single computing module, for carrying out the computing of MD5 single, to 3 variable B, C, D does a logical operation according to Boolean function, and operation result is added in variables A; 32 place values of gained add a subgroup Mj and a constant ti of message itself, ring shift left s position; Wherein the constant ti of every group calculated in advance draw, with lookup table mode, participate in computing; S draws with the form of tabling look-up equally;
Described SHA-1 single computing module, for carrying out the computing of SHA-1 single, the Kt using in computing obtains with lookup table mode, and W0~W15 is known-plaintext message blocks, and W16~W19 takes turns before computing uses every, according to interative computation, obtains;
Described CR controller is connected with APB bus with MD5/SHA-1 arithmetic element, for by the configuration of APB bus, controls coprocessor and carries out that digest algorithm selection, coprocessor enable, data type is selected;
Described STR register is connected with APB bus with MD5/SHA-1 arithmetic element, is the status register of coprocessor, for reacting the current residing state of coprocessor, the empty full situation of FIFO;
Described IMR register is connected with APB bus with MD5/SHA-1 arithmetic element, for by the configuration of APB bus, enables coprocessor and interrupts;
Described summary memory module is connected with APB bus with MD5/SHA-1 arithmetic element, for the operation result of store M D5/SHA-1 arithmetic element, for APB bus, reads; In described summary memory module, have H0 H1 H2 H3 five 32-bit registers of H4, when using MD5 algorithm, register H0 H1 H2 H3 effective, when using SHA-1 algorithm, register H0 H1 H2 H3 H4 effective.
Useful technique effect of the present invention is:
The present invention, without software intervention, according to the judgement to FIFO and state machine situation, can automatically complete cover, mend size operation, has strengthened speed and the easy operating of computing.
The inventive example MD5 single computing module, every, adopt different Boolean functions, Mj, ti while taking turns computing, with this, reduce chip area, reduce power consumption.
The inventive example SHA-1 single computing module, every, adopt different Boolean functions, Kt, Wt while taking turns computing, with this, reduce chip area, reduce power consumption.
The present invention, by reading the data of STR register, can judge coprocessor status, and the empty full situation of FIFO, is convenient to software operation.
The present invention has more reasonably and controls power consumption.When needs are used MD5/SHA-1 coprocessor, enable MD5/SHA-1 coprocessor special clock; When not using MD5/SHA-1 coprocessor, to close clock and enable, this coprocessor just can not worked, and reduces chip power-consumption.
Accompanying drawing explanation
Fig. 1 is structured flowchart of the present invention.
Embodiment
Below in conjunction with accompanying drawing, the specific embodiment of the present invention is described further.
One, structure explanation:
Fig. 1 is that the present invention is applicable to the MD5 of SOC and the structured flowchart of SHA-1 coprocessor.See Fig. 1, the present invention is comprised of DIN register, SWAP module, input fifo module, cover module, benefit length module, MD5/SHA-1 arithmetic element, CR controller, STR register, IMR register and summary memory module.
DIN register, this register bit wide is 32bit, receives the message plaintext transmitting from APB bus.
SWAP module, this module can realize the displacement of every bit, every byte, every half-word, to meet the different input modes of software.
Input fifo module, this module is stored the data after SWAP module displacement in first-in first-out mode, whenever FIFO is filled with or computing during to last data block, data in FIFO is sent into cover module.
Cover module, when the number of bits of input data does not meet K*512+448, cover module completes cover computing automatically, mends 1, all the other zero paddings for first; This computing is carried out computing by data amount check and state machine state in judgement FIFO, without software intervention; When not needing cover, this module does not participate in computing.
Mend length module, carrying out after the message of cover computing, with the binary data of 64, represent the product degree of origination message; This computing is carried out computing by data amount check and state machine state in judgement FIFO, without software intervention; Through automatic cover with after mending length, the data length of sending into MD5/SHA-1 arithmetic element is the integral multiple of 512 bits.
MD5/SHA-1 arithmetic element is comprised of MD5 single computing module and SHA-1 single computing module.
MD5 single computing module, to 3 variable B, C, D does a logical operation according to Boolean function, and operation result is added in variables A; 32 place values of gained are added a subgroup Mj and a constant ti of message itself, the recirculation s position that moves to left; Wherein every group of ti calculated in advance draw, with lookup table mode, participate in computing, strengthened arithmetic speed; S draws with the form of tabling look-up equally.
SHA-1 single computing module, the Kt using in this computing obtains with lookup table mode, and W0~W15 is known-plaintext message blocks, and W16~W19 takes turns before computing uses every, obtains, to reduce chip area according to interative computation.
CR controller, this register is controlled coprocessor device and is carried out that digest algorithm selection, coprocessor enable, data type is selected.
STR register, the status register of coprocessor, this register has reacted the current residing state of coprocessor, the empty full situation of FIFO etc.
IMR register, can enable coprocessor by this register and interrupt.
Summary memory module, the result of store M D5/SHA-1 computing.
Two, operation principle explanation:
Before operation coprocessor of the present invention, by APB bus, configuration IMR register, the interruption of the computing that enabled once to make a summary;
By APB bus, configuration CR controller, selects the digest algorithm that uses, data type etc., and enable this invention coprocessor;
After completing the configuration of CR controller, IMR register, write the data of need encrypting by APB bus to DIN register, write 32-bit at every turn, the data that write carry out after position changes, depositing in the input fifo module of 16X32 through SWAP module;
When the data in input fifo module expire 512-bit, data are sent into SHA-1 single computing module or MD5 single computing module;
Data in input fifo module are less than 512-bit, and countless according to when input again, data in input fifo module are sent into cover module, mended length module, then the data of carrying out cover, benefit length are sent into SHA-1 single computing module or MD5 single computing module;
Utilize pipelining, repeatedly call SHA-1 single computing module or MD5 single computing module, complete digest algorithm, the summary obtaining is sent into summary memory module;
Summary have in memory module H0 H1 H2 H3 five 32-bit registers of H4, when using MD5 algorithm, only H0 H1 H2 H3 effective; When using SHA-1 algorithm, five registers are all effective;
After completing computing, produce and interrupt, notice CPU, CPU reads the value in summary memory module by APB bus.
Note: in the present invention, the MD5 algorithm that MD5/SHA-1 arithmetic element is in operation related and SHA-1 algorithm are prior art.
Above-described is only the preferred embodiment of the present invention, the invention is not restricted to above embodiment.Be appreciated that the oher improvements and changes that those skilled in the art directly derive or associate without departing from the spirit and concept in the present invention, within all should thinking and being included in protection scope of the present invention.
Claims (1)
1. the MD5 and the SHA-1 coprocessor that are applicable to SOC, is characterized in that: comprise DIN register, SWAP module, input fifo module, cover module, mend length module, MD5/SHA-1 arithmetic element, CR controller, STR register, IMR register and summary memory module; Wherein MD5/SHA-1 arithmetic element is comprised of MD5 single computing module and SHA-1 single computing module;
Described DIN register is connected with SWAP module with APB bus, and bit wide is 32bit, and it receives the message plaintext transmitting from APB bus, sends into subsequently SWAP module;
Described SWAP module is connected with input fifo module with DIN register, for carrying out the displacement of every bit, every byte, every half-word;
Described input fifo module is connected with cover module with SWAP module, in the mode of first-in first-out, stores the data after SWAP module displacement, when FIFO is filled with or computing during to last data block, the data in FIFO is sent into cover module;
Described cover module is connected with benefit length module with input fifo module, does not carry out cover computing when the number of bits of input data does not meet K*512+448, mends 1, all the other zero paddings for first; Described cover computing is undertaken by data amount check and state machine state in judgement FIFO, and when not needing cover, described cover module does not participate in computing;
Described benefit length module is connected with MD5/SHA-1 arithmetic element with cover module, is carrying out after the message of cover computing, represents the length of origination message with the binary data of 64; The computing of described benefit length is undertaken by data amount check and state machine state in judgement FIFO; Through cover with after mending length, form the data that length is the integral multiple of 512 bits, send into MD5/SHA-1 arithmetic element;
Described MD5 single computing module, for carrying out the computing of MD5 single, to 3 variable B, C, D does a logical operation according to Boolean function, and operation result is added in variables A; 32 place values of gained add a subgroup Mj and a constant ti of message itself, ring shift left s position; Wherein the constant ti of every group calculated in advance draw, with lookup table mode, participate in computing; S draws with the form of tabling look-up equally;
Described SHA-1 single computing module, for carrying out the computing of SHA-1 single, the Kt using in computing obtains with lookup table mode, and W0~W15 is known-plaintext message blocks, and W16~W19 takes turns before computing uses every, according to interative computation, obtains;
Described CR controller is connected with APB bus with MD5/SHA-1 arithmetic element, for by the configuration of APB bus, controls coprocessor and carries out that digest algorithm selection, coprocessor enable, data type is selected;
Described STR register is connected with APB bus with MD5/SHA-1 arithmetic element, is the status register of coprocessor, for reacting the current residing state of coprocessor, the empty full situation of FIFO;
Described IMR register is connected with APB bus with MD5/SHA-1 arithmetic element, for by the configuration of APB bus, enables coprocessor and interrupts;
Described summary memory module is connected with APB bus with MD5/SHA-1 arithmetic element, for the operation result of store M D5/SHA-1 arithmetic element, for APB bus, reads; In described summary memory module, have H0 H1 H2 H3 five 32-bit registers of H4, when using MD5 algorithm, register H0 H1 H2 H3 effective, when using SHA-1 algorithm, register H0 H1 H2 H3 H4 effective.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310739644.8A CN103716150A (en) | 2013-12-27 | 2013-12-27 | MD5 and SHA-1 coprocessor suitable for SOC |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201310739644.8A CN103716150A (en) | 2013-12-27 | 2013-12-27 | MD5 and SHA-1 coprocessor suitable for SOC |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103716150A true CN103716150A (en) | 2014-04-09 |
Family
ID=50408767
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201310739644.8A Pending CN103716150A (en) | 2013-12-27 | 2013-12-27 | MD5 and SHA-1 coprocessor suitable for SOC |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103716150A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111711745A (en) * | 2020-05-06 | 2020-09-25 | 中国科学院西安光学精密机械研究所 | Portable camera link data acquisition system and acquisition method |
| CN113922949A (en) * | 2021-10-14 | 2022-01-11 | 合肥工业大学 | Password coprocessor based on CLEFIA-SHA3 |
| WO2023061291A1 (en) * | 2021-10-14 | 2023-04-20 | International Business Machines Corporation | Supporting large-word operations in a reduced instruction set computer ( "risc" ) processor |
-
2013
- 2013-12-27 CN CN201310739644.8A patent/CN103716150A/en active Pending
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111711745A (en) * | 2020-05-06 | 2020-09-25 | 中国科学院西安光学精密机械研究所 | Portable camera link data acquisition system and acquisition method |
| CN111711745B (en) * | 2020-05-06 | 2021-06-22 | 中国科学院西安光学精密机械研究所 | Portable camera link data acquisition system and acquisition method |
| CN113922949A (en) * | 2021-10-14 | 2022-01-11 | 合肥工业大学 | Password coprocessor based on CLEFIA-SHA3 |
| WO2023061291A1 (en) * | 2021-10-14 | 2023-04-20 | International Business Machines Corporation | Supporting large-word operations in a reduced instruction set computer ( "risc" ) processor |
| US11663009B2 (en) | 2021-10-14 | 2023-05-30 | International Business Machines Corporation | Supporting large-word operations in a reduced instruction set computer (“RISC”) processor |
| CN113922949B (en) * | 2021-10-14 | 2023-07-25 | 合肥工业大学 | Cryptographic coprocessor based on CLEFIA-SHA3 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Bernstein et al. | NEON crypto | |
| EP3322119B1 (en) | Data processing method and apparatus | |
| EP2872990B1 (en) | Parallel processing of a single data buffer | |
| EP2645235B1 (en) | Random value production methods and systems | |
| KR20220028132A (en) | Cryptographic Architectures for Cryptographic Permutations | |
| US20110255689A1 (en) | Multiple-mode cryptographic module usable with memory controllers | |
| CN102043916B (en) | High-performance extensible public key password coprocessor structure | |
| CN110391900A (en) | Private key processing method, terminal and cipher key center based on SM2 algorithm | |
| CN102664729B (en) | Field programmable gate array (FPGA)-based advanced encryption standard (AES) encryption and decryption network communication device and implementation method thereof | |
| JP2007094377A (en) | Encryption processor | |
| JP4337675B2 (en) | Cryptographic processing apparatus and cryptographic processing method | |
| EP3758275A1 (en) | Post quantum public key signature operation for reconfigurable circuit devices | |
| CN103716150A (en) | MD5 and SHA-1 coprocessor suitable for SOC | |
| US10536264B2 (en) | Efficient cryptographically secure control flow integrity protection | |
| CN112367155B (en) | FPGA-based ZUC encryption system IP core construction method | |
| CN102737270A (en) | Security co-processor of bank smart card chip based on domestic algorithms | |
| CN113890728A (en) | Key processing method, system, equipment and medium based on FPGA encryption card | |
| CN116488794A (en) | Method and device for realizing high-speed SM4 password module based on FPGA | |
| Ferozpuri et al. | Hardware api for post-quantum public key cryptosystems | |
| CN104219045B (en) | RC4 stream cipher generators | |
| US20210006391A1 (en) | Data processing method, circuit, terminal device and storage medium | |
| JP2004207891A (en) | Data communication apparatus, data communication method, data communication program, and recording medium having data communication program recorded thereon | |
| CN109714151A (en) | Chip data processing method and system based on AES-GCM | |
| US9092283B2 (en) | Systems with multiple port random number generators and methods of their operation | |
| CN102023936B (en) | Method for decrypting encrypted data in USB (universal serial bus) storage device |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| ASS | Succession or assignment of patent right |
Owner name: DONGGUAN RUNFENG ELECTRONIC SCIENCE AND TECHNOLOGY Free format text: FORMER OWNER: WUXI ALPSCALE INTEGRATED CIRCUITS CO., LTD. Effective date: 20150319 |
|
| C41 | Transfer of patent application or patent right or utility model | ||
| COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 214028 WUXI, JIANGSU PROVINCE TO: 523000 DONGGUAN, GUANGDONG PROVINCE |
|
| TA01 | Transfer of patent application right |
Effective date of registration: 20150319 Address after: 523000 Guangdong city of Dongguan province Dongguan Songshan Lake Science and Technology Industrial Park Building No. 8 Room 303 Keyuan pine Applicant after: Dongguan Runfeng Electronic Science and Technology Co., Ltd. Address before: 2, building 214028, building F, Information Technology Industrial Park, 21 Changjiang Road, Wuxi New District, Jiangsu, China Applicant before: Wuxi Alpscale Integrated Circuits Co., Ltd. |
|
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140409 |
|
| RJ01 | Rejection of invention patent application after publication |