CN105049194A - SM4 algorithm realization system of pipeline structure - Google Patents

SM4 algorithm realization system of pipeline structure Download PDF

Info

Publication number
CN105049194A
CN105049194A CN201510293265.XA CN201510293265A CN105049194A CN 105049194 A CN105049194 A CN 105049194A CN 201510293265 A CN201510293265 A CN 201510293265A CN 105049194 A CN105049194 A CN 105049194A
Authority
CN
China
Prior art keywords
data
module
round function
computing
round
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201510293265.XA
Other languages
Chinese (zh)
Other versions
CN105049194B (en
Inventor
牛砚波
蒋安平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Microelectronic Technology Institute
Mxtronics Corp
Original Assignee
Beijing Microelectronic Technology Institute
Mxtronics Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Microelectronic Technology Institute, Mxtronics Corp filed Critical Beijing Microelectronic Technology Institute
Priority to CN201510293265.XA priority Critical patent/CN105049194B/en
Publication of CN105049194A publication Critical patent/CN105049194A/en
Application granted granted Critical
Publication of CN105049194B publication Critical patent/CN105049194B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Landscapes

  • Storage Device Security (AREA)

Abstract

The invention relates to an SM4 algorithm realization system of a pipeline structure. An input buffer module, an internal four-level water turbine function module, an output buffer module, a storage module, a constant generating operation module and a control module are included. An enable signal is received, a mode control signal is obtained and parsed, key expansion operation, encryption operation and decryption operation are completed according to the mode control signal, and encryption result data and decryption result data are obtained and output. The realization system employs a non-linear S box for displacement operation, the non-linear S box uses random mask and addition mask technology of PPRM structure and a single-wheel iteration internal four-level pipeline structure, and compared with the prior art, the realization area is small, the safety level is high, resistance to zero-value attack is high, the operation speed is higher, the power consumption of operation is lower, and the application prospect is better.

Description

A kind of SM4 algorithm realization system of pipeline organization
Technical field
The present invention relates to the SM4 algorithm realization system in SM4 algorithm realization field, particularly a kind of pipeline organization.
Background technology
Within 2012, China national Password Management office discloses SM4 algorithm standard rules, and SM4 algorithm has good speed, power consumption and security advantages, and being all has important meaning to wireless local area industry or for commercial cipher research.But along with the fast propagation of the universal and information of handheld device, smart card is had higher requirement to the arithmetic speed of SM4 hardware algorithm circuit, power consumption, in addition, differential power consumption analysis technology has cryptochannel implements the high feature of simple attack success rate, therefore it is also proposed higher requirement to the fail safe of SM4 hardware algorithm circuit.
The round function computing circuit of SM4 algorithm realizes, comprise input data XOR, the computing of S box non-linear permutation, linear transformation arithmetic operation and export data XOR, wherein, critical effect is played in the power consumption at whole algorithm circuit of S box non-linear permutation computing circuit, speed and fail safe.Traditional S box in-place computation circuit implementing method has look-up table and compositum method, and look-up table logic simply easily realizes and has higher arithmetic speed, but the streamline of total algorithm circuit realizes because it realizes needing larger hardware resource consumption to be unfavorable for; Compositum method has very little hardware resource consumption, the streamline being beneficial to algorithm circuit realizes and resisting differential power consumption analysis attack, but the time delay of its circuit and power consumption are comparatively large, are unfavorable for the use of algorithm circuit in the smart card being applied to handheld device or embedded system equally.In addition, in order to improve the resisting differential power consumption analysis attack ability of algorithm circuit, fixing mask and multiplicative masking become common mean of defense, but fixing mask method needs to store a large amount of mask data and algorithm circuit computing correction term, and the method has started to be broken through by new attack means, multiplicative masking can resist Differential power attack analysis, but can not resist zero-value attack.
The overall structure of SM4 algorithm circuit realizes, and because SM4 block cipher is electronic codebook mode (ECB) mode of operation, therefore SM4 algorithm circuit utilizes single-wheel iteration structure or wheel stage pipeline structure to realize more.When adopting single-wheel iteration structure, its algorithm circuit only needs less hardware resource consumption, but the data processing speed of correspondence is comparatively slow, can not meet the high-speed transfer of present data.When adopting wheel stage pipeline structure, its circuit can have higher data processing speed, but corresponding hardware resource consumption is larger.
In order to meet the development of existing embedded system or smart card better, improve the performance of SM4 algorithm circuit in arithmetic speed, power consumption and fail safe, proposing a kind of novel SM4 algorithm circuit from the round function part of SM4 algorithm and overall architecture part two aspects becomes extremely urgent task.
Summary of the invention
The technical problem that the present invention solves is: overcome the deficiencies in the prior art, provides a kind of low in energy consumption, resisting differential power consumption analysis attack, fast operation and realizes the SM4 algorithm realization structure of the little pipeline organization of area.
Technical solution of the present invention is: a kind of SM4 algorithm realization system of pipeline organization, comprises control module, input buffer module, inner level Four flowing water round function module, constant generation computing module, memory module, output buffer module, wherein
Control module, monitoring and receives the extraneous enable signal sent, obtaining and interpretive model control signal when receiving enable signal,
If cryptographic calculation mode control signal, then control inputs buffer module receives 128 original plaintext data and 32 random mask data of outside input, control inner level Four flowing water round function module and read round function subkey data needed for i-th encryption round functional operation from memory module, wherein, i=1,2,3 ... 32 and initial value is 1;
If decrypt operation mode control signal, then control inputs buffer module receives 128 original cipher text data and 32 random mask data of outside input, control inner level Four flowing water round function module from the round function subkey data needed for time decryption round functional operation of memory module reading jth, wherein, j=1,2,3 ... 32 and initial value is 1;
If cipher key spreading operational pattern control signal, then control inputs buffer module receives 128 primary keys and 32 random mask data of outside input, and the 32 bit constant subkey data that constant generation module generates by enable constant generation module every four cycles under outside base system clock Clk controls deliver to inner level Four flowing water round function module;
Input buffer module, under the control of control module, adopts 32 bit data bus input modes receive 128 primary keys of outside input and 32 random mask data and deliver to inner level Four flowing water round function module;
Under the control of control module, 32 bit data bus input modes are adopted to accept outside input 128 original plaintext data and 32 random mask data and deliver to inner level Four flowing water round function module;
Under the control of control module, 32 bit data bus input modes are adopted to accept outside input 128 original cipher text data and 32 random mask data and deliver to inner level Four flowing water round function module;
Inner level Four flowing water round function module, receive 128 primary keys and 32 random mask data of the transmission of input buffer module, after one group of 32 bit constant that constant generation module sends, high 96 of getting in 128 primary keys are divided into three group of 32 bit data successively, this three group of 32 bit data and 32 random mask data, 32 bit constants totally five groups of data carry out the first cipher key spreading computing intermediate data that XOR obtains 32, first cipher key spreading computing intermediate data is divided into successively four group of 8 bit data and delivers to four 8 respectively and input the second cipher key spreading computing intermediate data that 8 output nonlinear S boxes obtain 32, that is then carried out by the second cipher key spreading computing intermediate data with 128 primary keys after linear transformation is low 32, 32 random mask data totally three groups of data carry out XOR, complete a round function computing and obtain the round function subkey data of 32, described round function computing carries out 32 times altogether, obtain 32 round function subkey data and deliver to memory module storing,
Receive the original plaintext data of 128 and 32 random mask data of the transmission of input buffer module, select from memory module and read the round function subkey data that address is i, by in 128 original plaintext data high 96 be divided into three group of 32 bit data successively after, this three group of 32 bit data and 32 random mask data, the round function subkey data of 32 totally five groups of data carries out the first cryptographic calculation intermediate data that XOR obtains 32, first cryptographic calculation intermediate data is divided into four group of 8 bit data and delivers to four 8 respectively and input the second cryptographic calculation intermediate data that 8 output nonlinear S boxes obtain 32, that is then carried out by this second cryptographic calculation intermediate data with 128 original plaintext data after linear transformation is low 32, 32 random mask data totally three groups of data carry out XOR, obtain the 3rd cryptographic calculation intermediate data of 32, using the 3rd cryptographic calculation intermediate data as high 32 with high 96 round function encrypted result data merging generation 128 of original plaintext data, as the original plaintext data of 128 of the i-th+1 time encryption round functional operation, complete i-th encryption round functional operation, i=i+1, repeat above-mentioned encryption round functional operation until i=32, output buffer module is delivered to after 128 result datas 32nd next round functional operation obtained carry out high-low-position conversion as encrypted result data,
Receive the original cipher text data of 128 and 32 random mask data of the transmission of input buffer module, select from memory module and read the round function subkey data that address is 33-j, in 128 original plaintext data high 96 are divided into three group of 32 bit data successively, this three group of 32 bit data and 32 random mask data, 32 round function subkey data totally five groups of data carry out the first decrypt operation intermediate data that XOR obtains 32, first decrypt operation intermediate data is divided into four group of 8 bit data and delivers to four 8 respectively and input the second decrypt operation intermediate data that 8 output nonlinear S boxes obtain 32, that is then carried out by the second decrypt operation intermediate data with 128 original cipher text data after linear transformation is low 32, 32 random mask data totally three groups of data carry out XOR, obtain the 3rd decrypt operation intermediate data of 32, using the 3rd decrypt operation intermediate data as high 32 with high 96 round function decrypted result data merging generation 128 of original cipher text data, as the original cipher text data of 128 of jth+1 encryption round functional operation, complete jth time decryption round functional operation, j=j+1, repeat above-mentioned decryption round functional operation until j=32, output buffer module is delivered to after 128 result datas 32nd next round functional operation obtained carry out high-low-position conversion as decrypted result data,
Memory module, receives 32 round function subkey data that inner level Four flowing water round function module sends, and with the number of times i of round function computing corresponding to each round function subkey data for memory address stores;
Constant generation module, with constant (0007E15) 16for mould adds computing initial value, with (1C, 1C, 1C, 1C) 16add computing and obtain four groups of moulds for each mould adds the walk abreast mould that carries out four groups 8 of arithmetic constant and add operation result data, and then obtain one group of 32 mould and add operation result data, add operation result data according to four groups of moulds of outside reference system clock Clk every four cycles reading current time and add computing initial value as mould, then with (1C, 1C, 1C, 1C) 16add computing for each mould adds the parallel mould carrying out four groups 8 of arithmetic constant continuation, obtain 32 moulds are added operation result data as 32 bit constants simultaneously, and deliver to inner level Four flowing water round function module;
Export buffer module, receive encrypted result data, decrypted result data exporting that inner level Four flowing water round function module sends.
Described nonlinear transformation S box comprises front end converter unit, territory inversion operation unit and rear end converter unit, wherein
Front end converter unit, carries out Pa after receiving 8 bit data t+ C1 computing, obtains the first intermediate data temp1, and delivers to territory inversion operation unit;
Territory inversion operation unit, carries out GF (2 after receiving the first intermediate data temp1 4) territory inversion operation, obtain the second intermediate data temp2, and deliver to rear end converter unit;
Rear end converter unit, carries out Rtemp2+C2 computing after receiving the second intermediate data temp2, obtains the nonlinear transformation S box result data of 8, and wherein, a is 8 bit data, and I is GF (2 4) territory inversion operation symbol,
P = 01111111 11000100 01000000 10010011 00011000 11010110 01110010 11110000 , R = 00101001 00000111 00101010 10001010 10110101 00010100 01100101 00110011
C1=[1,0,1,0,1,1,1,1],C2=[1,1,0,1,0,0,1,1]。
The present invention's advantage is compared with prior art:
(1) SM4 algorithm realization system of the present invention adopts non-linear S box to carry out in-place computation, and the S box phase specific area realized with existing look-up table is less, the less and lower power consumption of time delay compared with the S box realized with common compositum method;
(2) the non-linear S box in SM4 algorithm realization system of the present invention have employed the addition mask technology of random mask, system realizes that area is little, fail safe is high compared with existing fixing mask technology, and anti-zero-value attack ability is strong compared with existing multiplicative masking technology;
(3) the SM4 algorithm constant generation module in SM4 algorithm realization system of the present invention have employed the algebraically implementation method that mould adds, and compared with existing look-up method, realization is simple and flexibility ratio is high;
(4) SM4 algorithm realization system of the present invention have employed single-wheel iteration-internal level Four flowing structure, has arithmetic speed, less computing power consumption faster compared with existing single-wheel iteration structure, four stage pipeline structure.
Accompanying drawing explanation
Fig. 1 is SM4 algorithm realization system construction drawing of the present invention;
Fig. 2 is SM4 algorithm circuit control module working timing figure of the present invention;
Fig. 3 is SM4 algorithm circuit S box in-place computation PPRM circuit structure diagram of the present invention;
Fig. 4 is SM4 algorithm inside circuit level Four flowing water round function structure chart of the present invention;
Fig. 5 is SM4 algorithm circuit constant generation module circuit structure diagram of the present invention;
Fig. 6 is SM4 algorithm circuit sub-key memory module circuit connection diagram of the present invention;
Fig. 7 is for SM4 algorithm circuit sub-key of the present invention reads sequence of addresses list.
Embodiment
The present invention proposes a kind of SM4 algorithm realization system of pipeline organization, comprises control module, input buffer module, inner level Four flowing water round function module, constant generation computing module, memory module, output buffer module as shown in Figure 1, wherein
Control module, monitor and receive the extraneous enable signal sent, resolve it when receiving enable signal, obtaining mode control signal also judges, if cryptographic calculation mode control signal, then control inputs buffer module receives 128 initial data to be encrypted and 32 random mask data of outside input, control inner level Four flowing water round function module and read round function subkey data needed for i-th encryption round functional operation from memory module, wherein, i=1,2,3 ... 32 and initial value is 1; If decrypt operation mode control signal, then control inputs buffer module receives 128 initial data to be decrypted and 32 random mask data of outside input, control inner level Four flowing water round function module from the round function subkey data needed for time decryption round functional operation of memory module reading jth, wherein, j=1,2,3 ... 32 and initial value is 1; If cipher key spreading operational pattern control signal, then control inputs buffer module receives 128 primary keys and 32 random mask data of outside input, and the 32 bit constant subkey data that constant generation module generates by enable constant generation module every four cycles under system clock Clk controls deliver to inner level Four flowing water round function module;
Input buffer module, adopts 32 bit data bus input modes to receive 128 primary keys of outside input and 32 random mask data and inner level Four flowing water round function module is delivered in the data output being transformed 160; 32 bit data bus input modes are adopted to accept outside input 128 initial data to be encrypted and 32 random mask data and inner level Four flowing water round function module is delivered in the data output being transformed 160; 32 bit data bus input modes are adopted to accept outside input 128 initial data to be decrypted and 32 random mask data and inner level Four flowing water round function module is delivered in the data output being transformed 160;
Inner level Four flowing water round function module, receive 128 primary keys and 32 random mask data of the transmission of input buffer module, after one group of 32 bit constant that constant generation module every four cycles send, high 96 of getting in 128 primary keys are divided into three group of 32 bit data successively, then with 32 random mask data, 32 bit constants carry out the first cipher key spreading computing intermediate data that XOR obtains 32, first cipher key spreading computing intermediate data is divided into successively four group of 8 bit data and delivers to four 8 respectively and input the second cipher key spreading computing intermediate data that 8 output nonlinear S boxes obtain 32, that is then carried out by the second cipher key spreading computing intermediate data with 128 primary keys after linear transformation is low 32, 32 random mask data carry out XOR, complete first time round function computing and obtain the round function subkey data of 32, carry out 32 next round functional operation, obtain 32 round function subkey data and deliver to memory module storing.Receive the original plaintext data of 128 and 32 random mask data of the transmission of input buffer module, select from memory module and read the round function subkey data that address is i, by in 128 original plaintext data high 96 be divided into successively after three group of 32 bit data with 32 random mask data, the round function subkey data of 32 carries out the first cryptographic calculation intermediate data that XOR obtains 32, first cryptographic calculation intermediate data is divided into four group of 8 bit data and delivers to four 8 respectively and input the second cryptographic calculation intermediate data that 8 output nonlinear S boxes obtain 32, that is then carried out by this second cryptographic calculation intermediate data with 128 original plaintext data after linear transformation is low 32, 32 random mask data carry out XOR, obtain the 3rd cryptographic calculation intermediate data of 32, using the 3rd cryptographic calculation intermediate data as high 32 with high 96 round function encrypted result data merging generation 128 of original plaintext data, as the original plaintext data of 128 of the i-th+1 time encryption round functional operation, complete i-th encryption round functional operation, i=i+1, repeat above-mentioned encryption round functional operation until i=32, output buffer module is delivered to after 128 result datas 32nd next round functional operation obtained carry out high-low-position conversion as encrypted result data, receive the original cipher text data of 128 and 32 random mask data of the transmission of input buffer module, select from memory module and read the round function subkey data that address is 33-j, by in 128 original plaintext data high 96 be divided into successively after three group of 32 bit data with 32 random mask data, 32 round function subkey data carry out the first decrypt operation intermediate data that XOR obtains 32, first decrypt operation intermediate data is divided into four group of 8 bit data and delivers to four 8 respectively and input the second decrypt operation intermediate data that 8 output nonlinear S boxes obtain 32, that is then carried out by the second decrypt operation intermediate data with 128 original cipher text data after linear transformation is low 32, 32 random mask data carry out XOR, obtain the 3rd decrypt operation intermediate data of 32, using the 3rd decrypt operation intermediate data as high 32 with high 96 round function decrypted result data merging generation 128 of original cipher text data, as the original cipher text data of 128 of jth+1 encryption round functional operation, complete jth time decryption round functional operation, j=j+1, repeat above-mentioned decryption round functional operation until j=32, output buffer module is delivered to after 128 result datas 32nd next round functional operation obtained carry out high-low-position conversion as decrypted result data,
Memory module, receives 32 round function subkey data that inner level Four flowing water round function module sends, and with the number of times of round function computing corresponding to each round function subkey data for memory address stores;
Constant generation module, with constant E iVfor mould adds computing initial value, with (1C, 1C, 1C, 1C) 16add computing for each mould adds the arithmetic constant mould carrying out four groups 8 that walks abreast, the four groups of moulds reading current time according to system clock Clk every four cycles add operation result data and add computing initial value as mould, with (1C, 1C, 1C, 1C) 16computing is added for each mould adds the parallel mould carrying out four groups 8 of arithmetic constant continuation, four of current time groups of moulds are added operation result data to combine successively simultaneously, obtain one group of 32 mould and add operation result data as 32 bit constants, and deliver to inner level Four flowing water round function module; Wherein, E iVfor (0007E15) 16;
Export buffer module, receive encrypted result data, decrypted result data exporting that inner level Four flowing water round function module sends.
Below in conjunction with accompanying drawing, SM4 algorithm realization structure of the present invention is described in detail, as shown in Figure 1, for SM4 algorithm circuit framework of the present invention divides, comprise input buffer module, SM4 algorithm circuit control module, inner four level production line round function modules, constant generation computing module, memory module and export buffer module formation.
The control signal of SM4 algorithm circuit control module respectively connected other three circuit modules, be used for the carrying out in order of the cipher key spreading computing of control algolithm circuit and data encrypting and deciphering computing, module is received by input and output buffer module and sends data, input buffer module is connected to the data input pin of round function, and 128 result datas obtained after 32 next round functional operation also export by exporting buffer module 106.As shown in Figure 2, for SM4 algorithm circuit control module working timing figure of the present invention, circuit control module is by Start, Enable, Op [1:0] three input signals control, Start signal indication enabling signal, Enable representation module enable signal, Op represents operational pattern, comprise cipher key spreading operational pattern, data encryption operational pattern and data deciphering operational pattern, first at initial condition S_IDLE, SM4 algorithm circuit control module judges whether data encrypting and deciphering computing primary key upgrades, if upgraded, enter cipher key spreading compute mode S_KEYGEN, otherwise directly enter data encrypting and deciphering compute mode S_DATAGEN, in cipher key spreading compute mode, round function carries out 32 next round functional operation altogether, every four cycles complete a round function computing, need 128 cycles altogether, constant generation computing module every four cycles generate the round key of one group of constant as cipher key spreading computing, 32 groups of data that round function generates as the sub-key of data encrypting and deciphering computing stored in sub-key memory module, after cipher key spreading computing terminates, control module enters data encrypting and deciphering compute mode, constant generates computing module and quits work, now the memory module of sub-key enters digital independent state, each cycle provides one group of sub-key for round function computing, after data encrypting and deciphering arithmetic operation is completed to initial data, circuit sends interruption, return to reset condition.
Be illustrated in figure 3 the circuit realiration of the nonlinear transformation S box of the present invention's inner level Four flowing water round function module, four nonlinear transformation S boxes are included in the computing of SM4 algorithm round function, nonlinear transformation S box receive round function input high 96 be divided into 3 group of 32 bit data block successively after carry out 32 intermediate data after XOR with 32 random numbers, 32 intermediate data are divided into 4 group of 8 bit data block and are input to 4 parallel nonlinear transformation S box inputs respectively.S box operational formula is S (a)=R (I (Pa t+ C1))+C2, computing comprises three parts, wherein Pa t+ C1 is leading portion translation operation part, I ( *) be GF (2 4) territory inversion operation part, R ( *)+C2 is rear end conversion fraction.Wherein a is 8 binary system input data vectors, a trepresent the transposition of input binary vector, P and R represents front end transformation matrix and rear end transformation matrix respectively, C1 and C2 is respectively front end conversion vector sum rear end conversion vector.Matrix and the vector of correspondence are as follows,
P = 01111111 11000100 01000000 10010011 00011000 11010110 01110010 11110000 , R = 00101001 00000111 00101010 10001010 10110101 00010100 01100101 00110011
C1=[1,0,1,0,1,1,1,1],C2=[1,1,0,1,0,0,1,1]
The correction term that C3, C4, C5, C6, C7 in nonlinear transformation S box are corresponding when being random mask participation computing.The front end conversion of nonlinear transformation S box, GF (2 4) territory inversion operation and rear end conversion all utilize PPRM circuit structure to realize, namely whole nonlinear transformation S box only includes AND-XOR arithmetic element.S box is by GF (2 8) territory with random mask input data a as binary vector be input to front end conversion, export obtain GF (2 4) territory intermediate data temp1, intermediate data temp1 is at GF (2 4) carry out inversion operation after obtain intermediate data temp2, intermediate data temp2 obtains the result data of nonlinear transformation S box after the conversion of rear end, four groups of parallel result datas obtaining 32 of non-linear S box conversion, output to the linear transformation part of round function computing.
As shown in Figure 4, for SM4 algorithm inside circuit four level production line round function module of the present invention, this module is from SM4 algorithm circuit control module reception control signal DK_sel and dataload, the low and high level of inner level Four flowing water round function module foundation DK_sel carrys out decision circuitry and carries out cipher key spreading computing or data encrypting and deciphering computing, and the selection of correspondence every four cycles sub-key CK of receiving one 32 from constant generation module is for carrying out the computing of round function cipher key spreading or each cycle receives the sub-key rk of a group 32 for carrying out round function encryption or decrypt operation from sub-key memory module.Circuit is selected to receive initial data from input buffer module or receive the intermediate result data of round function generation from the result output of round function according to the low and high level of dataload.Inner four level production line round functions include XOR, the conversion of non-linear S box and linear transformation computing, the GradeNDivision of this module to the nonlinear transformation S box of PPRM structure adjusts, be combined with the XOR of front and back and linear transformation computing and generate inner level Four flowing water part1, part2, part3, part4, form inner level Four flowing water round function module thus.After the computing of inner level Four flowing water round function, obtain the result data of 32, when inner level Four flowing water round function carries out cipher key spreading computing, 32 result datas output to sub-key memory module; When inner level Four flowing water round function carries out data encrypting and deciphering computing, high 96 of 32 result datas and input data are merged into 128 bit data and output to round function input or output to output buffer after carrying out the conversion of high status.
As shown in Figure 5, for SM4 algorithm circuit constant generation module circuit structure diagram of the present invention, constant generation module in cipher key spreading computing for round function provides sub-key, module comprises four parallel adders, one group of register CK and selector, register every four cycles carry out a Sampling hold to its result of calculation of addition, minimum two of counter completes an end-around carry and also needs four cycles, therefore round function count signal Cnt is received from SM4 algorithm circuit control module, and low two Cnt [1:0] of count signal Cnt are input to register control end as control signal, selector is from SM4 algorithm circuit control module (control module) reception control signal dataload, input initial data or register CK sampled result data are selected by the low and high level of dataload.
As shown in Figure 6, Figure 7, be sub-key memory module (memory module) and the corresponding sub-key address list of SM4 algorithm circuit of the present invention.Sub-key memory module is realized by customization single port RAM memory, select signal DE_sel from SM4 algorithm circuit control module receive clock signal clk, counter works flag bit signal cnt_start, mode select signal KD_sel and data ciphering and deciphering, and be connected respectively to the selector control end that sub-key memory module clock signal terminal Clk, enable signal end CNE, Read-write Catrol end WEN and address signal A hold.Control signal KD_sel and DE_sel is from intermediate variable cnt, temp1, correct data address is selected to be input to customization RAM storage address input in temp2, wherein Cnt [6:2] is sub-key memory address, the sub-key that temp1 is corresponding when being data encryption computing reads sequence of addresses, and sub-key corresponding when temp2 is data deciphering computing reads sequence of addresses.When circuit carries out cipher key spreading computing, cipher key spreading computing every four cycles complete a round function computing, sub-key memory module only carries out storage operation, sub-key memory module every four cycles receive a sub-key memory address and subkey data from SM4 algorithm circuit control module and inner four level production line round functions respectively, subkey data is input to the Datain end of sub-key memory module, completes a data storage operations; When circuit carries out data encrypting and deciphering computing, sub-key memory module only carries out read operation, each cycle receives a subkey data reading address signal from SM4 algorithm circuit control module, and exports the sub-key input of one group of subkey data Q to inner four level production line round function modules.
The content be not described in detail in specification of the present invention belongs to the known technology of those skilled in the art.

Claims (2)

1. a SM4 algorithm realization system for pipeline organization, is characterized in that comprising control module, input buffer module, inner level Four flowing water round function module, constant generation computing module, memory module, output buffer module, wherein
Control module, monitoring and receives the extraneous enable signal sent, obtaining and interpretive model control signal when receiving enable signal,
If cryptographic calculation mode control signal, then control inputs buffer module receives 128 original plaintext data and 32 random mask data of outside input, control inner level Four flowing water round function module and read round function subkey data needed for i-th encryption round functional operation from memory module, wherein, i=1,2,3 ... 32 and initial value is 1;
If decrypt operation mode control signal, then control inputs buffer module receives 128 original cipher text data and 32 random mask data of outside input, control inner level Four flowing water round function module from the round function subkey data needed for time decryption round functional operation of memory module reading jth, wherein, j=1,2,3 ... 32 and initial value is 1;
If cipher key spreading operational pattern control signal, then control inputs buffer module receives 128 primary keys and 32 random mask data of outside input, and the 32 bit constant subkey data that constant generation module generates by enable constant generation module every four cycles under outside base system clock Clk controls deliver to inner level Four flowing water round function module;
Input buffer module, under the control of control module, adopts 32 bit data bus input modes receive 128 primary keys of outside input and 32 random mask data and deliver to inner level Four flowing water round function module;
Under the control of control module, 32 bit data bus input modes are adopted to accept outside input 128 original plaintext data and 32 random mask data and deliver to inner level Four flowing water round function module;
Under the control of control module, 32 bit data bus input modes are adopted to accept outside input 128 original cipher text data and 32 random mask data and deliver to inner level Four flowing water round function module;
Inner level Four flowing water round function module, receive 128 primary keys and 32 random mask data of the transmission of input buffer module, after one group of 32 bit constant that constant generation module sends, high 96 of getting in 128 primary keys are divided into three group of 32 bit data successively, this three group of 32 bit data and 32 random mask data, 32 bit constants totally five groups of data carry out the first cipher key spreading computing intermediate data that XOR obtains 32, first cipher key spreading computing intermediate data is divided into successively four group of 8 bit data and delivers to four 8 respectively and input the second cipher key spreading computing intermediate data that 8 output nonlinear S boxes obtain 32, that is then carried out by the second cipher key spreading computing intermediate data with 128 primary keys after linear transformation is low 32, 32 random mask data totally three groups of data carry out XOR, complete a round function computing and obtain the round function subkey data of 32, described round function computing carries out 32 times altogether, obtain 32 round function subkey data and deliver to memory module storing,
Receive the original plaintext data of 128 and 32 random mask data of the transmission of input buffer module, select from memory module and read the round function subkey data that address is i, by in 128 original plaintext data high 96 be divided into three group of 32 bit data successively after, this three group of 32 bit data and 32 random mask data, the round function subkey data of 32 totally five groups of data carries out the first cryptographic calculation intermediate data that XOR obtains 32, first cryptographic calculation intermediate data is divided into four group of 8 bit data and delivers to four 8 respectively and input the second cryptographic calculation intermediate data that 8 output nonlinear S boxes obtain 32, that is then carried out by this second cryptographic calculation intermediate data with 128 original plaintext data after linear transformation is low 32, 32 random mask data totally three groups of data carry out XOR, obtain the 3rd cryptographic calculation intermediate data of 32, using the 3rd cryptographic calculation intermediate data as high 32 with high 96 round function encrypted result data merging generation 128 of original plaintext data, as the original plaintext data of 128 of the i-th+1 time encryption round functional operation, complete i-th encryption round functional operation, i=i+1, repeat above-mentioned encryption round functional operation until i=32, output buffer module is delivered to after 128 result datas 32nd next round functional operation obtained carry out high-low-position conversion as encrypted result data,
Receive the original cipher text data of 128 and 32 random mask data of the transmission of input buffer module, select from memory module and read the round function subkey data that address is 33-j, in 128 original plaintext data high 96 are divided into three group of 32 bit data successively, this three group of 32 bit data and 32 random mask data, 32 round function subkey data totally five groups of data carry out the first decrypt operation intermediate data that XOR obtains 32, first decrypt operation intermediate data is divided into four group of 8 bit data and delivers to four 8 respectively and input the second decrypt operation intermediate data that 8 output nonlinear S boxes obtain 32, that is then carried out by the second decrypt operation intermediate data with 128 original cipher text data after linear transformation is low 32, 32 random mask data totally three groups of data carry out XOR, obtain the 3rd decrypt operation intermediate data of 32, using the 3rd decrypt operation intermediate data as high 32 with high 96 round function decrypted result data merging generation 128 of original cipher text data, as the original cipher text data of 128 of jth+1 encryption round functional operation, complete jth time decryption round functional operation, j=j+1, repeat above-mentioned decryption round functional operation until j=32, output buffer module is delivered to after 128 result datas 32nd next round functional operation obtained carry out high-low-position conversion as decrypted result data,
Memory module, receives 32 round function subkey data that inner level Four flowing water round function module sends, and with the number of times i of round function computing corresponding to each round function subkey data for memory address stores;
Constant generation module, with constant (0007E15) 16for mould adds computing initial value, with (1C, 1C, 1C, 1C) 16add computing and obtain four groups of moulds for each mould adds the walk abreast mould that carries out four groups 8 of arithmetic constant and add operation result data, and then obtain one group of 32 mould and add operation result data, add operation result data according to four groups of moulds of outside reference system clock Clk every four cycles reading current time and add computing initial value as mould, then with (1C, 1C, 1C, 1C) 16add computing for each mould adds the parallel mould carrying out four groups 8 of arithmetic constant continuation, obtain 32 moulds are added operation result data as 32 bit constants simultaneously, and deliver to inner level Four flowing water round function module;
Export buffer module, receive encrypted result data, decrypted result data exporting that inner level Four flowing water round function module sends.
2. the SM4 algorithm realization system of a kind of pipeline organization according to claim 1, is characterized in that: described nonlinear transformation S box comprises front end converter unit, territory inversion operation unit and rear end converter unit, wherein
Front end converter unit, carries out Pa after receiving 8 bit data t+ C1 computing, obtains the first intermediate data temp1, and delivers to territory inversion operation unit;
Territory inversion operation unit, carries out GF (2 after receiving the first intermediate data temp1 4) territory inversion operation, obtain the second intermediate data temp2, and deliver to rear end converter unit;
Rear end converter unit, carries out Rtemp2+C2 computing after receiving the second intermediate data temp2, obtains the nonlinear transformation S box result data of 8, and wherein, a is 8 bit data, and I is GF (2 4) territory inversion operation symbol,
P = 01111111 11000100 01000000 10010011 00011000 11010110 01110010 11110000 , R = 00101001 00000111 00101010 10001010 10110101 00010100 01100101 00110011
C1=[1,0,1,0,1,1,1,1],C2=[1,1,0,1,0,0,1,1]。
CN201510293265.XA 2015-06-01 2015-06-01 A kind of SM4 algorithms of pipeline organization realize system Active CN105049194B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510293265.XA CN105049194B (en) 2015-06-01 2015-06-01 A kind of SM4 algorithms of pipeline organization realize system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510293265.XA CN105049194B (en) 2015-06-01 2015-06-01 A kind of SM4 algorithms of pipeline organization realize system

Publications (2)

Publication Number Publication Date
CN105049194A true CN105049194A (en) 2015-11-11
CN105049194B CN105049194B (en) 2018-05-08

Family

ID=54455417

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510293265.XA Active CN105049194B (en) 2015-06-01 2015-06-01 A kind of SM4 algorithms of pipeline organization realize system

Country Status (1)

Country Link
CN (1) CN105049194B (en)

Cited By (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105356996A (en) * 2015-12-14 2016-02-24 联想(北京)有限公司 Ciphertext processing method, electronic equipment and ciphertext processing device
CN105490802A (en) * 2015-11-27 2016-04-13 桂林电子科技大学 Improved SM4 parallel encryption and decryption communication method based on GPU (Graphics Processing Unit)
CN105790923A (en) * 2016-04-26 2016-07-20 深圳市证通电子股份有限公司 Cipher algorithm anti-power consumption analysis realization method and device
CN106789056A (en) * 2017-02-03 2017-05-31 济南浪潮高新科技投资发展有限公司 A kind of hardware encryption system and method
CN107800530A (en) * 2017-11-28 2018-03-13 聚辰半导体(上海)有限公司 A kind of S box mask methods of SMS4
CN108092760A (en) * 2016-11-22 2018-05-29 北京同方微电子有限公司 A kind of co-processor device of block cipher and non-linear transformation method
CN110855431A (en) * 2019-09-12 2020-02-28 南方电网数字电网研究院有限公司 Encryption and decryption system for cryptographic algorithm
CN110912679A (en) * 2019-11-19 2020-03-24 海南众博数据科技有限公司 Password device
CN112242186A (en) * 2020-10-20 2021-01-19 山东省千佛山医院 Blood test result output customization system
CN112350819A (en) * 2020-10-23 2021-02-09 四川九洲电器集团有限责任公司 Full-pipeline SMS4 encryption and decryption method and system
CN114697094A (en) * 2022-03-21 2022-07-01 北京交大微联科技有限公司 Encryption method and encryption device compatible with multiple encryption algorithms and storage medium
CN115208626A (en) * 2022-06-02 2022-10-18 北京交大微联科技有限公司 Communication method and device based on secure communication ciphertext transmission in railway signal system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101764685A (en) * 2009-10-26 2010-06-30 广州杰赛科技股份有限公司 Encrypting and deciphering system for realizing SMS4 algorithm
CN104579636A (en) * 2015-02-16 2015-04-29 滨州职业学院 System for realizing SM4 algorithm at super-speed as well as operating method of system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101764685A (en) * 2009-10-26 2010-06-30 广州杰赛科技股份有限公司 Encrypting and deciphering system for realizing SMS4 algorithm
CN104579636A (en) * 2015-02-16 2015-04-29 滨州职业学院 System for realizing SM4 algorithm at super-speed as well as operating method of system

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
HAO LIANG,ETC: "Design of a Masked S-box for SM4 Based on Composite Field", 《IEEE》 *
YANBO NIU,ETC: "The Low Power Design of SM4 Cipher with Resistance to Differential Power Analysis", 《IEEE》 *
徐艳华等: "适合SMS4 算法硬件实现的S盒构造新方法", 《中国科学技术大学学报》 *
牛砚波等: "一种低功耗抗差分功耗分析攻击的SM4算法实现", 《微电子学与计算机》 *

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105490802A (en) * 2015-11-27 2016-04-13 桂林电子科技大学 Improved SM4 parallel encryption and decryption communication method based on GPU (Graphics Processing Unit)
CN105490802B (en) * 2015-11-27 2018-07-27 桂林电子科技大学 The parallel encryption and decryption communication means of improvement SM4 based on GPU
CN105356996A (en) * 2015-12-14 2016-02-24 联想(北京)有限公司 Ciphertext processing method, electronic equipment and ciphertext processing device
CN105356996B (en) * 2015-12-14 2018-11-09 联想(北京)有限公司 A kind of ciphertext processing method, electronic equipment and ciphertext processing unit
CN105790923A (en) * 2016-04-26 2016-07-20 深圳市证通电子股份有限公司 Cipher algorithm anti-power consumption analysis realization method and device
CN108092760A (en) * 2016-11-22 2018-05-29 北京同方微电子有限公司 A kind of co-processor device of block cipher and non-linear transformation method
CN106789056A (en) * 2017-02-03 2017-05-31 济南浪潮高新科技投资发展有限公司 A kind of hardware encryption system and method
CN107800530A (en) * 2017-11-28 2018-03-13 聚辰半导体(上海)有限公司 A kind of S box mask methods of SMS4
CN110855431A (en) * 2019-09-12 2020-02-28 南方电网数字电网研究院有限公司 Encryption and decryption system for cryptographic algorithm
CN110912679A (en) * 2019-11-19 2020-03-24 海南众博数据科技有限公司 Password device
CN112242186A (en) * 2020-10-20 2021-01-19 山东省千佛山医院 Blood test result output customization system
CN112242186B (en) * 2020-10-20 2021-04-06 山东省千佛山医院 Blood test result output customization system
CN112350819A (en) * 2020-10-23 2021-02-09 四川九洲电器集团有限责任公司 Full-pipeline SMS4 encryption and decryption method and system
CN114697094A (en) * 2022-03-21 2022-07-01 北京交大微联科技有限公司 Encryption method and encryption device compatible with multiple encryption algorithms and storage medium
CN114697094B (en) * 2022-03-21 2024-03-26 北京交大微联科技有限公司 Encryption method and encryption device compatible with multiple encryption algorithms and storage medium
CN115208626A (en) * 2022-06-02 2022-10-18 北京交大微联科技有限公司 Communication method and device based on secure communication ciphertext transmission in railway signal system
CN115208626B (en) * 2022-06-02 2023-12-01 北京交大微联科技有限公司 Communication method and device based on secure communication ciphertext transmission in railway signal system

Also Published As

Publication number Publication date
CN105049194B (en) 2018-05-08

Similar Documents

Publication Publication Date Title
CN105049194A (en) SM4 algorithm realization system of pipeline structure
CN101626289B (en) Design method of AES encryption chip and computer encryptor
CN101764685B (en) Encrypting and deciphering system for realizing SMS4 algorithm
CN104639314A (en) Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method
CN110321162A (en) PRESENT Encryption Algorithm realization method and system based on coarseness Reconfigurable Computation unit
CN108933653A (en) A kind of AES encrypting and deciphering system and method based on large-scale data
CN101938349A (en) S box applicable to hardware realization and circuit realization method thereof
CN103152165A (en) Field programmable gate array (FPGA)-based superfast auxiliary encoder system (AES) processor and implementing method thereof
CN107566113A (en) The symmetrical encipher-decipher methods of 3DES, system and computer-readable recording medium
CN103903047A (en) Elliptic curve encryption coprocessor suitable for RFID security communication
CN103905182A (en) Anti-attack method based on middle data storage position dynamic change and circuit implementation
CN103916236A (en) Power attack prevention method oriented at AES algorithm and circuit achieving method thereof
CN103346878B (en) A kind of secret communication method based on FPGA high-speed serial I/O
CN104486068A (en) Stream cipher algorithm SNRR based on nonlinear circulating shift register
CN102411683B (en) Cache-based AES (Advanced Encryption Standard) accelerator suitable for embedded system
CN101958790B (en) Encryption or decryption method of wireless communication network digital information
CN103336920B (en) Security system for wireless sensor network SOC chip
CN110120867A (en) A kind of implementation method of the AES hardware encryption system based on quantum reversible link
CN101969374B (en) Method for realizing confusing layer in block cipher algorithm
CN104219045A (en) RC4 (Rivest cipher 4) stream cipher generator
CN200990078Y (en) Fast RSA cipher code and large digital/analog exponential computing circuit
CN113949504B (en) High-speed SM4 cryptographic algorithm circuit suitable for mobile device
Bouesse et al. Asynchronous AES crypto-processor including secured and optimized blocks
CN105721139B (en) A kind of the AES encipher-decipher method and circuit of the FPGA suitable for limited I/O resource
CN103209071B (en) Aes encryption device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant