CN105049194B - A kind of SM4 algorithms of pipeline organization realize system - Google Patents

A kind of SM4 algorithms of pipeline organization realize system Download PDF

Info

Publication number
CN105049194B
CN105049194B CN201510293265.XA CN201510293265A CN105049194B CN 105049194 B CN105049194 B CN 105049194B CN 201510293265 A CN201510293265 A CN 201510293265A CN 105049194 B CN105049194 B CN 105049194B
Authority
CN
China
Prior art keywords
data
module
mtr
mtd
computing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201510293265.XA
Other languages
Chinese (zh)
Other versions
CN105049194A (en
Inventor
牛砚波
蒋安平
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Microelectronic Technology Institute
Mxtronics Corp
Original Assignee
Beijing Microelectronic Technology Institute
Mxtronics Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Microelectronic Technology Institute, Mxtronics Corp filed Critical Beijing Microelectronic Technology Institute
Priority to CN201510293265.XA priority Critical patent/CN105049194B/en
Publication of CN105049194A publication Critical patent/CN105049194A/en
Application granted granted Critical
Publication of CN105049194B publication Critical patent/CN105049194B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D30/00Reducing energy consumption in communication networks
    • Y02D30/50Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate

Abstract

A kind of SM4 algorithms of pipeline organization realize system, including input buffer module, internal level Four flowing water round function module, output buffer module, memory module, constant generation computing module, control module, enable signal is received first, obtain simultaneously interpretive model control signal, then cipher key spreading computing, cryptographic calculation, decryption computing are completed according to mode control signal, finally obtains encrypted result data, decrypted result data and export.The present invention is realized in system using non-linear S boxes progress in-place computation, non-linear S boxes using the random mask addition mask technology of PPRM structures, using single-wheel iteration-internal level Four flowing structure, compared with prior art, realize that small, safe, the anti-zero-value attack ability of area is strong, and with faster arithmetic speed, smaller computing power consumption, there is preferable application prospect.

Description

A kind of SM4 algorithms of pipeline organization realize system
Technical field
The present invention relates to SM4 algorithms to realize field, and a kind of SM4 algorithms of particularly pipeline organization realize system.
Background technology
China national Password Management office in 2012 discloses SM4 algorithm standard rules, and SM4 algorithms have good speed, power consumption And security advantages, either still there is important meaning for commercial cipher research to wireless local area industry.But with The fast propagation for handheld device, the popularization of smart card and information proposes arithmetic speed, the power consumption of SM4 hardware algorithm circuits The requirement of higher, in addition, differential power consumption analysis technology has the characteristics that cryptochannel implementation simple attack success rate is high, therefore The requirement of higher it is also proposed to the security of SM4 hardware algorithm circuits.
The round function computing circuit of SM4 algorithms is realized, including input data XOR operation, the computing of S box non-linear permutations, line Property transform operation operation and output data XOR operation, wherein, S box non-linear permutation computing circuits in whole algorithm circuit Power consumption, play critical effect in terms of speed and security.Traditional S box in-place computation circuit implementing methods have look-up table With compositum method, look-up table logic is simple easy to implement and has higher arithmetic speed, but because its realization needs compared with The assembly line that big hardware resource consumption is unfavorable for total algorithm circuit is realized;The hardware resource that compositum method has very little disappears Consumption, beneficial to the assembly line realization of algorithm circuit and resisting differential power consumption analysis attack, but the delay of its circuit and power consumption are larger, Equally it is unfavorable for use of the algorithm circuit in applied to the smart card of handheld device or embedded system.In addition, in order to improve The resisting differential power consumption analysis attack ability of algorithm circuit, fixed mask and multiplicative masking become common mean of defense, but solid Determining mask method needs to store substantial amounts of mask data and algorithm circuit computing correction term, and this method have begun to it is new Attack means break through, multiplicative masking can resist Differential power attack analysis, but can not resist zero-value attack.
The overall structure of SM4 algorithm circuits is realized, since SM4 block ciphers are electronic codebook mode (ECB) operating mode, because This SM4 algorithms circuit is realized using single-wheel iteration structure or wheel stage pipeline structure more.When using single-wheel iteration structure, it is calculated Method circuit only needs less hardware resource consumption, but corresponding data processing speed is slower, it is impossible to meets present data High-speed transfer.When using stage pipeline structure is taken turns, its circuit can have higher data processing speed, but corresponding hard Part resource consumption is larger.
In order to preferably meet the development of existing embedded system or smart card, improve SM4 algorithms circuit arithmetic speed, Performance in terms of power consumption and security, proposes a kind of new in terms of the round function part and overall architecture part two of SM4 algorithms The SM4 algorithms circuit of type becomes extremely urgent task.
The content of the invention
Present invention solves the technical problem that it is:A kind of low in energy consumption, resisting differential power consumption is overcome the deficiencies of the prior art and provide Analytical attack, arithmetic speed are fast and realize that the SM4 algorithms of the small pipeline organization of area realize structure.
The present invention technical solution be:A kind of SM4 algorithms of pipeline organization realize system, including control module, Buffer module, internal level Four flowing water round function module, constant generation computing module, memory module, output buffer module are inputted, its In
Control module, monitors and receives the enable signal of extraneous transmission, obtained when receiving enable signal and parse mould Formula control signal,
If cryptographic calculation mode control signal, then externally input 128 of control input buffer module reception is original Clear data and 32 random mask data, control internal level Four flowing water round function module to read ith encryption from memory module Round function subkey data needed for round function computing, wherein, i=1,2,3 ... 32 and initial value be 1;
If decryption operational pattern control signal, then externally input 128 of control input buffer module reception is original Ciphertext data and 32 random mask data, control internal level Four flowing water round function module to read jth time decryption from memory module Round function subkey data needed for round function computing, wherein, j=1,2,3 ... 32 and initial value be 1;
If cipher key spreading operational pattern control signal, then control input buffer module receives externally input 128 Primary key and 32 random mask data, enable constant generation module every four under exterior base system clock Clk controls The 32 bit constant subkey datas that cycle generates constant generation module are sent to internal level Four flowing water round function module;
Buffer module is inputted, under the control of control module, external input is received using 32 bit data bus input modes 128 primary keys and 32 random mask data and send to internal level Four flowing water round function module;
Under the control of control module, receive 128 original plaintexts of external input using 32 bit data bus input modes Data and 32 random mask data are simultaneously sent to internal level Four flowing water round function module;
Under the control of control module, receive 128 original cipher texts of external input using 32 bit data bus input modes Data and 32 random mask data are simultaneously sent to internal level Four flowing water round function module;
Internal level Four flowing water round function module, receives 128 primary keys for inputting buffer module transmission and 32 random After one group of 32 bit constant that mask data, constant generation module are sent, high 96 in 128 primary keys are taken to be divided into three 32 data of group, totally five groups of data progress XOR operation obtain three groups of 32 data with 32 random mask data, 32 bit constants To the first key extended arithmetic intermediate data of 32, first key extended arithmetic intermediate data is divided into four group of 8 digit According to and send respectively to four 8 input 8 output nonlinear S boxes obtain the second cipher key spreading computing intermediate data of 32, then will Second cipher key spreading computing intermediate data carry out linear transformation after with 128 primary keys low 32,32 random masks Totally three groups of data carry out XOR operation to data, complete a round function computing and obtain the round function sub-key number of one 32 According to the round function computing carries out 32 times altogether, obtains 32 round function subkey datas and send to memory module to store;
The original plaintext data of 128 and 32 random mask data that input buffer module is sent are received, from storage mould Block selects and reads round function subkey data of the address for i, and high 96 in 128 original plaintext data are divided into three After 32 data of group, three groups of 32 data and 32 random mask data, the round function subkey data of 32 totally five groups of numbers The first cryptographic calculation intermediate data of 32 is obtained according to XOR operation is carried out, the first cryptographic calculation intermediate data is divided into four group 8 Position data and send respectively to four 8 input 8 output nonlinear S boxes obtain the second cryptographic calculation intermediate data of 32, then will The second cryptographic calculation intermediate data carry out linear transformation after low 32 with 128 original plaintext data, 32 cover at random Totally three groups of data carry out XOR operation to code data, the 3rd cryptographic calculation intermediate data of 32 are obtained, by the 3rd cryptographic calculation The high 96 round function encrypted result data that merge generation 128 of the intermediate data as high 32 with original plaintext data, make For the original plaintext data of 128 of i+1 time encryption round functional operation, ith encryption round functional operation is completed, i=i+1, Above-mentioned encryption round functional operation is repeated until i=32,128 result datas that the 32nd next round functional operation is obtained carry out height Encrypted result data are used as after bit map and are sent to output buffer module;
The original cipher text data of 128 and 32 random mask data that input buffer module is sent are received, from storage mould Block selects and reads round function subkey data of the address for 33-j, and high 96 in 128 original plaintext data are divided successively For three groups of 32 data, three groups of 32 data and 32 random mask data, 32 round function subkey datas totally five groups of numbers The first decryption computing intermediate data of 32 is obtained according to XOR operation is carried out, the first decryption computing intermediate data is divided into four group 8 Position data and send respectively to four 8 input 8 output nonlinear S boxes obtain 32 second decryption computing intermediate data, then will Second decryption computing intermediate data carries out after linear transformation low 32,32 random masks with 128 original cipher text data Totally three groups of data carry out XOR operation to data, obtain the 3rd decryption computing intermediate data of one 32, computing is decrypted by the 3rd The high 96 round function decrypted result data that merge generation 128 of the intermediate data as high 32 with original cipher text data, make For the original cipher text data of 128 of+1 encryption round functional operation of jth, jth time decryption round functional operation is completed, j=j+1, Above-mentioned decryption round functional operation is repeated until j=32,128 result datas that the 32nd next round functional operation is obtained carry out height Decrypted result data are used as after bit map and are sent to output buffer module;
Memory module, receives 32 round function subkey datas that internal level Four flowing water round function module is sent, and with each The number i of the corresponding round function computing of a round function subkey data is stored for storage address;
Constant generation module, with constant (0007E15)16For mould plus computing initial value, with (1C, 1C, 1C, 1C)16To be each The mould that mould adds arithmetic constant to carry out four groups 8 parallel adds computing to obtain four groups of moulds and adds operation result data, and then obtains one group 32 Position mould adds operation result data, and reading four groups of moulds at current time according to outside reference system clock Clk every four cycles adds fortune Calculate result data and add computing initial value as mould, then with (1C, 1C, 1C, 1C)16Arithmetic constant is added to continue and advance for each mould The mould that row four group is 8 adds computing, while obtain 32 moulds are added operation result data as 32 bit constants, and send to inside four Level flowing water round function module;
Buffer module is exported, receives encrypted result data, decrypted result number that internal level Four flowing water round function module is sent According to and export.
The nonlinear transformation S boxes include front end converter unit, domain inversion operation unit and rear end converter unit, wherein
Front end converter unit, Pa is carried out after receiving 8 dataT+ C1 computings, obtain the first intermediate data temp1, and send To domain inversion operation unit;
Domain inversion operation unit, GF (2 is carried out after receiving the first intermediate data temp14) domain inversion operation, obtain in second Between data temp2, and send to rear end converter unit;
Rear end converter unit, carries out Rtemp2+C2 computings after receiving the second intermediate data temp2, obtains 8 non-thread Property conversion S box result datas, wherein, a is 8 data, and I is GF (24) domain inversion operation symbol,
C1=[1,0,1,0,1,1,1,1], C2=[1,1,0,1,0,0,1,1].
The present invention compared with prior art the advantages of be:
(1) SM4 algorithms of the present invention realize that system carries out in-place computation using non-linear S boxes, are realized with existing look-up table S boxes compare area smaller, with the S boxes that common compositum method is realized compared to the smaller and lower power consumption of delay;
(2) SM4 algorithms of the present invention realize that the non-linear S boxes in system employ the addition mask technology of random mask, with Existing fixed mask technology realizes that area is small, safe compared to system, the anti-null value compared with existing multiplicative masking technology Attacking ability is strong;
(3) SM4 algorithms of the present invention realize that the SM4 algorithm constant generation modules in system employ the algebraically realization side that mould adds Method, compared with existing look-up method, realizes that simple and flexibility ratio is high;
(4) SM4 algorithms of the present invention realize that system employs single-wheel iteration-internal level Four flowing structure, change with existing single-wheel Compared for structure, four stage pipeline structures with faster arithmetic speed, smaller computing power consumption.
Brief description of the drawings
Fig. 1 realizes system construction drawing for SM4 algorithms of the present invention;
Fig. 2 is SM4 algorithms circuit control module working timing figure of the present invention;
Fig. 3 is for SM4 algorithms circuit S box in-place computation PPRM circuit structure diagrams of the present invention;
Fig. 4 is for level Four flowing water round function structure chart inside SM4 algorithms circuit of the present invention;
Fig. 5 is for SM4 algorithms circuit constant generation module circuit structure diagram of the present invention;
Fig. 6 is for SM4 algorithms circuit sub-key memory module circuit connection diagram of the present invention;
Fig. 7 is to read sequence of addresses list for SM4 algorithms circuit sub-key of the present invention.
Embodiment
The present invention proposes that a kind of SM4 algorithms of pipeline organization realize system, as shown in Figure 1 including control module, input Buffer module, internal level Four flowing water round function module, constant generation computing module, memory module, output buffer module, wherein
Control module, monitors and receives the enable signal of extraneous transmission, it is parsed when receiving enable signal, Obtaining mode control signal simultaneously judges, if cryptographic calculation mode control signal, then control input buffer module receives exterior 128 initial data to be encrypted and 32 random mask data of input, control internal level Four flowing water round function module from storage Module read ith encryption round functional operation needed for round function subkey data, wherein, i=1,2,3 ... 32 and initial value be 1; If decryption operational pattern control signal, then control input buffer module receives externally input 128 original numbers to be decrypted According to and 32 random mask data, control internal level Four flowing water round function module to read jth time decryption round function from memory module Round function subkey data needed for computing, wherein, j=1,2,3 ... 32 and initial value be 1;If cipher key spreading operational pattern Control signal, then control input buffer module externally input 128 primary keys of reception and 32 random mask data, enable The constant generation module 32 bit constant sub-key numbers that every four cycles generate constant generation module under system clock Clk controls According to sending to internal level Four flowing water round function module;
Buffer module is inputted, externally input 128 primary keys and 32 are received using 32 bit data bus input modes Position random mask data and convert 160 data export send to internal level Four flowing water round function module;Using 32 digits Receive 128 initial data to be encrypted of external input and 32 random mask data according to bus input mode and converted The data output of 160 is sent to internal level Four flowing water round function module;Received using 32 bit data bus input modes exterior defeated Enter 128 initial data to be decrypted and 32 random mask data and converted 160 data output send to inside four Level flowing water round function module;
Internal level Four flowing water round function module, receives 128 primary keys for inputting buffer module transmission and 32 random After one group of 32 bit constant that mask data, constant generation module every four cycles send, take 96 high in 128 primary keys Three groups of 32 data are divided into, then carrying out XOR operation with 32 random mask data, 32 bit constants obtains the of 32 One cipher key spreading computing intermediate data, is divided into four groups of 8 data by first key extended arithmetic intermediate data and send respectively The second cipher key spreading computing intermediate data of 32 is obtained to four 88 output nonlinear S boxes of input, then expands the second key Open up computing intermediate data carry out after linear transformation low 32 with 128 primary keys, 32 random mask data carry out it is different Or computing, complete first time round function computing and obtain the round function subkey data of one 32, carry out 32 round function fortune Calculate, obtain 32 round function subkey datas and send to memory module to store.Receive the original of 128 that input buffer module is sent Beginning clear data and 32 random mask data, select from memory module and read round function subkey data of the address for i, will High 96 in 128 original plaintext data are divided into after three groups of 32 data and 32 random mask data, the wheel of 32 Function subkey data carries out XOR operation and obtains the first cryptographic calculation intermediate data of 32, by the first cryptographic calculation mediant Obtained according to being divided into four groups of 8 data and sending respectively to four 88 output nonlinear S boxes of input among second cryptographic calculation of 32 Data, then by the second cryptographic calculation intermediate data carry out linear transformation after low 32 with 128 original plaintext data, 32 random mask data carry out XOR operation, the 3rd cryptographic calculation intermediate data of 32 are obtained, by the 3rd cryptographic calculation The high 96 round function encrypted result data that merge generation 128 of the intermediate data as high 32 with original plaintext data, make For the original plaintext data of 128 of i+1 time encryption round functional operation, ith encryption round functional operation is completed, i=i+1, Above-mentioned encryption round functional operation is repeated until i=32,128 result datas that the 32nd next round functional operation is obtained carry out height Encrypted result data are used as after bit map and are sent to output buffer module;Receive the original of 128 of input buffer module transmission Ciphertext data and 32 random mask data, select from memory module and read round function subkey data of the address for 33-j, High 96 in 128 original plaintext data are divided into taking turns with 32 random mask data, 32 after three groups of 32 data Function subkey data carries out XOR operation and obtains the first decryption computing intermediate data of 32, and computing mediant is decrypted by first Obtained according to being divided into four groups of 8 data and sending respectively to four 88 output nonlinear S boxes of input among the second decryption computing of 32 Data, then carry out the second decryption computing intermediate data after linear transformation low 32 with 128 original cipher text data, 32 Position random mask data carry out XOR operation, obtain the 3rd decryption computing intermediate data of one 32, computing is decrypted by the 3rd The high 96 round function decrypted result data that merge generation 128 of the intermediate data as high 32 with original cipher text data, make For the original cipher text data of 128 of+1 encryption round functional operation of jth, jth time decryption round functional operation is completed, j=j+1, Above-mentioned decryption round functional operation is repeated until j=32,128 result datas that the 32nd next round functional operation is obtained carry out height Decrypted result data are used as after bit map and are sent to output buffer module;
Memory module, receives 32 round function subkey datas that internal level Four flowing water round function module is sent, and with each The number of the corresponding round function computing of a round function subkey data is stored for storage address;
Constant generation module, with constant EIVFor mould plus computing initial value, with (1C, 1C, 1C, 1C)16Add computing for each mould The mould that constant carries out four groups 8 parallel adds computing, and reading four groups of moulds at current time according to system clock Clk every four cycles adds Operation result data add computing initial value as mould, with (1C, 1C, 1C, 1C)16Arithmetic constant is added to continue parallel carry out for each mould The mould of four groups 8 adds computing, while adds operation result data to be combined successively four groups of moulds at current time, obtains one group 32 Position mould adds operation result data as 32 bit constants, and send to internal level Four flowing water round function module;Wherein, EIVFor (0007E15)16
Buffer module is exported, receives encrypted result data, decrypted result number that internal level Four flowing water round function module is sent According to and export.
Realize that structure describes in detail to SM4 algorithms of the present invention below in conjunction with the accompanying drawings, as shown in Figure 1, being calculated for the SM4 of the present invention Method circuit framework divides, including input buffer module, SM4 algorithms circuit control module, internal four level production line round function modules, Constant generation computing module, memory module and output buffer module are formed.
The control signal of SM4 algorithm circuit control modules respectively connected other three circuit modules, for control algolithm The computing of circuit cipher key spreading and the orderly progress of data encrypting and deciphering computing, module are received and sent out by input and output buffer module Data are sent, input buffer module is connected to the data input pin of round function, by 128 knots obtained after 32 next round functional operation Fruit data are simultaneously exported by exporting buffer module 106.As shown in Fig. 2, when working for the SM4 algorithms circuit control module of the present invention Sequence figure, circuit control module is by Start, Enable, Op [1:0] three input signals are controlled, and Start signals represent to start Signal, Enable representation module enable signals, Op represent operational pattern, including cipher key spreading operational pattern, data encryption computing Pattern and data deciphering operational pattern, first SM4 algorithms circuit control module judge data encrypting and deciphering in original state S_IDLE Whether computing primary key updates, and enters cipher key spreading computing state S_KEYGEN if being updated over, is otherwise directly entered Data encrypting and deciphering computing state S_DATAGEN, in cipher key spreading computing state, round function carries out 32 next round functional operation altogether, often Four cycles complete a round function computing, need 128 cycles altogether, and every one group of the four cycles generation of constant generation computing module is normal Round key of the number as cipher key spreading computing, 32 groups of data of round function generation are stored in as the sub-key of data encrypting and deciphering computing Sub-key memory module, control module enters data encrypting and deciphering computing state, constant generation fortune after cipher key spreading computing Module from service is calculated, the memory module of sub-key enters digital independent state at this time, and each cycle provides one for round function computing Group sub-key, after data encrypting and deciphering arithmetic operation is completed to initial data, circuit sends interruption, returns to reset condition.
It is illustrated in figure 3 the circuit realization of the nonlinear transformation S boxes of level Four flowing water round function module inside the present invention, SM4 Include four nonlinear transformation S boxes in algorithm round function computing, nonlinear transformation S boxes receive high 96 of round function input terminal according to It is secondary be divided into after 3 group of 32 bit data block 32 intermediate data after exclusive or are carried out with 32 random numbers, 32 intermediate data are divided into 4 8 bit data blocks of group are separately input to 4 parallel nonlinear transformation S box input terminals.S boxes operational formula is S (a)=R (I (P aT+ C1))+C2, computing includes three parts, wherein PaT+ C1 is leading portion translation operation part, I (*) it is GF (24) domain inverts fortune Calculation part, R (*)+C2 is rear end conversion section.Wherein a is vectorial for 8 binary system data, aTRepresent input binary vector Transposition, P and R represent front end transformation matrix and rear end transformation matrix respectively, and C1 and C2 are respectively front end conversion vector sum rear end Conversion vector.Corresponding matrix and vector are as follows,
C1=[1,0,1,0,1,1,1,1], C2=[1,1,0,1,0,0,1,1]
C3, C4, C5, C6, C7 in nonlinear transformation S boxes are that random mask participates in corresponding correction term during computing.It is non-thread Property conversion S boxes front end conversion, GF (24) domain inversion operation and rear end conversion using PPRM circuit structures realize, i.e., entirely it is non- Linear transformation S boxes only include AND-XOR arithmetic elements.S boxes are by GF (28) domain with random mask input data a as two into Vector processed is input to front end conversion, and output obtains GF (24) domain intermediate data temp1, intermediate data temp1 is in GF (24) asked Intermediate data temp2 is obtained after inverse operation, intermediate data temp2 obtains the result of nonlinear transformation S boxes after rear end converts Data, four groups of non-linear S boxes conversion obtain the result data of 32 parallel, are output to the linear transformation part of round function computing.
As shown in figure 4, for four level production line round function modules inside the SM4 algorithms circuit of the present invention, which calculates from SM4 Method circuit control module receives control signal DK_sel and dataload, and internal level Four flowing water round function module is according to DK_sel's It is to carry out cipher key spreading computing or data encrypting and deciphering computing that low and high level, which carrys out decision circuitry, and corresponding selection every four cycles The sub-key CK of one 32 is received from constant generation module to be used to carry out the computing of round function cipher key spreading or each cycle from son The sub-key rk that cipher key storage block receives one group 32 is used to carry out round function encryption or decryption computing.Circuit foundation The low and high level of dataload is selected to receive initial data from input buffer module or received from the result output terminal of round function The intermediate result data that round function produces.Internal four level production line round functions include XOR operation, the conversion of non-linear S boxes and line Property transform operation, which is adjusted the GradeNDivision of the nonlinear transformation S boxes of PPRM structures, with front and rear XOR operation Generation internal level Four flowing water part1, part2, part3, part4 are combined with linear transformation computing, thus forms internal level Four stream Water wheels function module.The result data of 32 is obtained after internal level Four flowing water round function computing, when internal level Four flowing water wheel When function carries out cipher key spreading computing, 32 result datas are output to sub-key memory module;When internal level Four flowing water round function When carrying out data encrypting and deciphering computing, high 96 of 32 result datas and input data are merged into 128 data and are output to wheel letter Output buffer is output to after number input terminal or the high status conversion of progress.
As shown in figure 5, for the SM4 algorithm circuit constant generation module circuit structure diagrams of the present invention, constant generation module exists Sub-key is provided for round function in cipher key spreading computing, module includes four parallel adders, one group of register CK and selector, Register every four cycles carry out addition its result of calculation Sampling hold, minimum two of counter complete one cycle into Position is also required to four cycles, therefore receives round function count signal Cnt from SM4 algorithms circuit control module, and by count signal Low two Cnt [1 of Cnt:0] it is input to register control terminal as control signal, selector is from SM4 algorithm circuit control modules (control module) receives control signal dataload, and input initial data or deposit are selected by the low and high level of dataload Device CK sampled result data.
As shown in Figure 6, Figure 7, it is the sub-key memory module (memory module) of SM4 algorithm circuits of the present invention and corresponding Sub-key address list.Sub-key memory module is realized by customizing single port RAM memory, from SM4 algorithm circuit controls Molding block receives clock signal clk, counter works flag signal cnt_start, mode select signal KD_sel and data Encrypting and decrypting selection signal DE_sel, and be connected respectively to sub-key memory module clock signal terminal Clk, enable signal end CNE, Read-write Catrol end WEN and the selector control terminal at address signal A ends.Control signal KD_sel and DE_sel from intermediate variable cnt, Correct data address is selected to be input to customization RAM memory address input end, wherein Cnt [6 in temp1, temp2:2] it is son Key storage address, temp1 corresponding sub-key reading sequence of addresses when being data encryption computing, temp2 is that data deciphering is transported Corresponding sub-key reads sequence of addresses during calculation.When circuit carries out cipher key spreading computing, cipher key spreading computing every four cycles A round function computing is completed, sub-key memory module only carries out storage operation, the every four cycles difference of sub-key memory module A sub-key storage address and sub-key number are received from SM4 algorithms circuit control module and internal four level production line round functions According to subkey data is input to the Data in ends of sub-key memory module, completes a data storage operations;When circuit carries out During data encrypting and deciphering computing, sub-key memory module is only read, and each cycle is received from SM4 algorithms circuit control module Subkey data reading address signal, and one group of subkey data Q is exported to internal four level production line round function modules Sub-key input terminal.
The content not being described in detail in description of the invention belongs to the known technology of those skilled in the art.

Claims (2)

1. a kind of SM4 algorithms of pipeline organization realize system, it is characterised in that including control module, input buffer module, interior Portion's level Four flowing water round function module, constant generation computing module, memory module, output buffer module, wherein
Control module, monitors and receives the enable signal of extraneous transmission, simultaneously interpretive model control is obtained when receiving enable signal Signal processed,
If cryptographic calculation mode control signal, then control input buffer module receives externally input 128 original plaintexts Data and 32 random mask data, control internal level Four flowing water round function module to read ith encryption round letter from memory module Number computings needed for round function subkey data, wherein, i=1,2,3 ... 32 and initial value be 1;
If decryption operational pattern control signal, then control input buffer module receives externally input 128 original cipher texts Data and 32 random mask data, control internal level Four flowing water round function module to read jth time decryption round letter from memory module Number computings needed for round function subkey data, wherein, j=1,2,3 ... 32 and initial value be 1;
If cipher key spreading operational pattern control signal, then externally input 128 of control input buffer module reception is original Key and 32 random mask data, enable constant generation module every four cycles under exterior base system clock Clk controls The 32 bit constant subkey datas that constant generation module is generated are sent to internal level Four flowing water round function module;
Buffer module is inputted, under the control of control module, externally input 128 are received using 32 bit data bus input modes Position primary key and 32 random mask data are simultaneously sent to internal level Four flowing water round function module;
Under the control of control module, receive 128 original plaintext data of external input using 32 bit data bus input modes And 32 random mask data and send to internal level Four flowing water round function module;
Under the control of control module, receive 128 original cipher text data of external input using 32 bit data bus input modes And 32 random mask data and send to internal level Four flowing water round function module;
Internal level Four flowing water round function module, receives 128 primary keys and 32 random masks that input buffer module is sent After one group of 32 bit constant that data, constant generation module are sent, high 96 in 128 primary keys are taken to be divided into three group 32 Position data, totally five groups of data progress XOR operation obtain 32 to three groups of 32 data with 32 random mask data, 32 bit constants The first key extended arithmetic intermediate data of position, four groups of 8 data are divided into simultaneously by first key extended arithmetic intermediate data Send respectively to four 88 output nonlinear S boxes of input and obtain the second cipher key spreading computing intermediate data of 32, then by second Cipher key spreading computing intermediate data carry out linear transformation after with 128 primary keys low 32,32 random mask data Totally three groups of data carry out XOR operation, complete a round function computing and obtain the round function subkey data of one 32, institute The round function computing stated carries out 32 times altogether, obtains 32 round function subkey datas and send to memory module to store;
The original plaintext data of 128 and 32 random mask data that input buffer module is sent are received, are selected from memory module Select and read the round function subkey data that address is i, high 96 in 128 original plaintext data are divided into three group 32 After the data of position, three groups of 32 data and 32 random mask data, the round function subkey data of 32 totally five groups of data into Row XOR operation obtains the first cryptographic calculation intermediate data of 32, and the first cryptographic calculation intermediate data is divided into four group of 8 digit According to and send respectively to four 88 output nonlinear S boxes of input and obtain the second cryptographic calculation intermediate data of 32, then by this Two cryptographic calculation intermediate data carry out linear transformation after with 128 original plaintext data low 32,32 random mask numbers XOR operation is carried out according to totally three groups of data, the 3rd cryptographic calculation intermediate data of 32 is obtained, among the 3rd cryptographic calculation The high 96 round function encrypted result data that merge generation 128 of the data as high 32 with original plaintext data, as i-th The original plaintext data of 128 of+1 encryption round functional operation, complete ith encryption round functional operation, i=i+1, in repetition Encryption round functional operation is stated until i=32,128 result datas that the 32nd next round functional operation is obtained carry out height bit map Encrypted result data are used as afterwards and are sent to output buffer module;
The original cipher text data of 128 and 32 random mask data that input buffer module is sent are received, are selected from memory module Select and read the round function subkey data that address is 33-j, high 96 in 128 original plaintext data are divided into three 32 data of group, three groups of 32 data and 32 random mask data, 32 round function subkey datas totally five groups of data into Row XOR operation obtains the first decryption computing intermediate data of 32, and the first decryption computing intermediate data is divided into four group of 8 digit According to and send respectively to four 8 input 8 output nonlinear S boxes obtain 32 second decryption computing intermediate data, then by second Decrypt computing intermediate data and carry out after linear transformation low 32,32 random mask data with 128 original cipher text data Totally three groups of data carry out XOR operation, obtain the 3rd decryption computing intermediate data of one 32, the 3rd is decrypted among computing The high 96 round function decrypted result data that merge generation 128 of the data as high 32 with original cipher text data, as jth The original cipher text data of 128 of+1 encryption round functional operation, complete jth time decryption round functional operation, j=j+1, in repetition Decryption round functional operation is stated until j=32,128 result datas that the 32nd next round functional operation is obtained carry out height bit map Decrypted result data are used as afterwards and are sent to output buffer module;
Memory module, receives 32 round function subkey datas that internal level Four flowing water round function module is sent, and with each wheel The number i of the corresponding round function computing of function subkey data is stored for storage address;
Constant generation module, with constant (0007E15)16For mould plus computing initial value, with (1C, 1C, 1C, 1C)16Add for each mould The parallel mould for carrying out four groups 8 of arithmetic constant adds computing to obtain four groups of moulds and adds operation result data, and then obtains one group of 32 mould Add operation result data, reading four groups of moulds at current time according to outside reference system clock Clk every four cycles adds computing knot Fruit data add computing initial value as mould, then with (1C, 1C, 1C, 1C)16Arithmetic constant is added to continue parallel progress four for each mould The mould of group 8 adds computing, while obtain 32 moulds are added operation result data as 32 bit constants, and send to internal level Four stream Water wheels function module;
Buffer module is exported, receives encrypted result data, decrypted result data that internal level Four flowing water round function module sends simultaneously Output.
2. a kind of SM4 algorithms of pipeline organization according to claim 1 realize system, it is characterised in that:Described is non- Linear transformation S boxes include front end converter unit, domain inversion operation unit and rear end converter unit, wherein
Front end converter unit, Pa is carried out after receiving 8 dataT+ C1 computings, obtain the first intermediate data temp1, and send to domain Inversion operation unit;
Domain inversion operation unit, GF (2 is carried out after receiving the first intermediate data temp14) domain inversion operation, obtain the second mediant According to temp2, and send to rear end converter unit;
Rear end converter unit, carries out Rtemp2+C2 computings after receiving the second intermediate data temp2, obtains the non-linear change of 8 S box result datas are changed, wherein, a is 8 data,
<mrow> <mi>P</mi> <mo>=</mo> <mfenced open = "[" close = "]"> <mtable> <mtr> <mtd> <mn>01111111</mn> </mtd> </mtr> <mtr> <mtd> <mn>11000100</mn> </mtd> </mtr> <mtr> <mtd> <mn>01000000</mn> </mtd> </mtr> <mtr> <mtd> <mn>10010011</mn> </mtd> </mtr> <mtr> <mtd> <mn>00011000</mn> </mtd> </mtr> <mtr> <mtd> <mn>11010110</mn> </mtd> </mtr> <mtr> <mtd> <mn>01110010</mn> </mtd> </mtr> <mtr> <mtd> <mn>11110000</mn> </mtd> </mtr> </mtable> </mfenced> <mo>,</mo> <mi>R</mi> <mo>=</mo> <mfenced open = "[" close = "]"> <mtable> <mtr> <mtd> <mn>00101001</mn> </mtd> </mtr> <mtr> <mtd> <mn>00000111</mn> </mtd> </mtr> <mtr> <mtd> <mn>00101010</mn> </mtd> </mtr> <mtr> <mtd> <mn>10001010</mn> </mtd> </mtr> <mtr> <mtd> <mn>10110101</mn> </mtd> </mtr> <mtr> <mtd> <mn>00010100</mn> </mtd> </mtr> <mtr> <mtd> <mn>01100101</mn> </mtd> </mtr> <mtr> <mtd> <mn>00110011</mn> </mtd> </mtr> </mtable> </mfenced> </mrow>
C1=[1,0,1,0,1,1,1,1], C2=[1,1,0,1,0,0,1,1].
CN201510293265.XA 2015-06-01 2015-06-01 A kind of SM4 algorithms of pipeline organization realize system Active CN105049194B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510293265.XA CN105049194B (en) 2015-06-01 2015-06-01 A kind of SM4 algorithms of pipeline organization realize system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510293265.XA CN105049194B (en) 2015-06-01 2015-06-01 A kind of SM4 algorithms of pipeline organization realize system

Publications (2)

Publication Number Publication Date
CN105049194A CN105049194A (en) 2015-11-11
CN105049194B true CN105049194B (en) 2018-05-08

Family

ID=54455417

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510293265.XA Active CN105049194B (en) 2015-06-01 2015-06-01 A kind of SM4 algorithms of pipeline organization realize system

Country Status (1)

Country Link
CN (1) CN105049194B (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105490802B (en) * 2015-11-27 2018-07-27 桂林电子科技大学 The parallel encryption and decryption communication means of improvement SM4 based on GPU
CN105356996B (en) * 2015-12-14 2018-11-09 联想(北京)有限公司 A kind of ciphertext processing method, electronic equipment and ciphertext processing unit
CN105790923A (en) * 2016-04-26 2016-07-20 深圳市证通电子股份有限公司 Cipher algorithm anti-power consumption analysis realization method and device
CN108092760A (en) * 2016-11-22 2018-05-29 北京同方微电子有限公司 A kind of co-processor device of block cipher and non-linear transformation method
CN106789056A (en) * 2017-02-03 2017-05-31 济南浪潮高新科技投资发展有限公司 A kind of hardware encryption system and method
CN107800530B (en) * 2017-11-28 2020-09-18 聚辰半导体股份有限公司 S-box mask method of SMS4
CN110912679A (en) * 2019-11-19 2020-03-24 海南众博数据科技有限公司 Password device
CN112242186B (en) * 2020-10-20 2021-04-06 山东省千佛山医院 Blood test result output customization system
CN112350819B (en) * 2020-10-23 2022-02-18 四川九洲电器集团有限责任公司 Full-pipeline SMS4 encryption and decryption method and system
CN114697094B (en) * 2022-03-21 2024-03-26 北京交大微联科技有限公司 Encryption method and encryption device compatible with multiple encryption algorithms and storage medium
CN115208626B (en) * 2022-06-02 2023-12-01 北京交大微联科技有限公司 Communication method and device based on secure communication ciphertext transmission in railway signal system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101764685A (en) * 2009-10-26 2010-06-30 广州杰赛科技股份有限公司 Encrypting and deciphering system for realizing SMS4 algorithm
CN104579636A (en) * 2015-02-16 2015-04-29 滨州职业学院 System for realizing SM4 algorithm at super-speed as well as operating method of system

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101764685A (en) * 2009-10-26 2010-06-30 广州杰赛科技股份有限公司 Encrypting and deciphering system for realizing SMS4 algorithm
CN104579636A (en) * 2015-02-16 2015-04-29 滨州职业学院 System for realizing SM4 algorithm at super-speed as well as operating method of system

Non-Patent Citations (4)

* Cited by examiner, † Cited by third party
Title
Design of a Masked S-box for SM4 Based on Composite Field;Hao Liang,ETC;《IEEE》;20150122;全文 *
The Low Power Design of SM4 Cipher with Resistance to Differential Power Analysis;Yanbo Niu,ETC;《IEEE》;20150304;全文 *
一种低功耗抗差分功耗分析攻击的SM4算法实现;牛砚波等;《微电子学与计算机》;20140930;全文 *
适合SMS4 算法硬件实现的S盒构造新方法;徐艳华等;《中国科学技术大学学报》;20091130;全文 *

Also Published As

Publication number Publication date
CN105049194A (en) 2015-11-11

Similar Documents

Publication Publication Date Title
CN105049194B (en) A kind of SM4 algorithms of pipeline organization realize system
Hatzivasilis et al. A review of lightweight block ciphers
CN101739889B (en) Cryptographic processing apparatus
CN104639314A (en) Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method
CN103051442B (en) Cipher device adopting Feistel-PG structure and encryption method
CN101764685B (en) Encrypting and deciphering system for realizing SMS4 algorithm
CN109981249B (en) Encryption and decryption method and device based on zipper type dynamic hash and NLFSR
CN107078902A (en) Cryptography based on rotation
CN101938349A (en) S box applicable to hardware realization and circuit realization method thereof
CN104065473A (en) Compact realization method of SM4 block cipher algorithm S box
CN108650076A (en) The implementation method of AES encryption system hardware module based on Quantum Reversible Logic
CN108933653A (en) A kind of AES encrypting and deciphering system and method based on large-scale data
Sakamoto et al. Rocca: an efficient AES-based encryption scheme for beyond 5G
CN101958790B (en) Encryption or decryption method of wireless communication network digital information
CN110120867A (en) A kind of implementation method of the AES hardware encryption system based on quantum reversible link
CN104219045A (en) RC4 (Rivest cipher 4) stream cipher generator
Paar et al. New designs in lightweight symmetric encryption
Sakamoto et al. Rocca: an efficient AES-based encryption scheme for beyond 5G (full version)
CN107171782A (en) A kind of AES secret daily record encryption methods based on reversible logic circuits
CN103731257B (en) A kind of Piccolo AES Hardware Implementation
CN105577362B (en) A kind of byte replacement method and system applied to aes algorithm
CN108134665A (en) A kind of 8 bit A ES circuits applied towards IoT
Fu et al. A simplified FPGA implementation based on an Improved DES algorithm
Li et al. Improved meet‐in‐the‐middle attacks on reduced‐round Joltik‐BC
Jun et al. A design and implementation of high-speed 3DES algorithm system

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant