CN105049194B - A kind of SM4 algorithms of pipeline organization realize system - Google Patents
A kind of SM4 algorithms of pipeline organization realize system Download PDFInfo
- Publication number
- CN105049194B CN105049194B CN201510293265.XA CN201510293265A CN105049194B CN 105049194 B CN105049194 B CN 105049194B CN 201510293265 A CN201510293265 A CN 201510293265A CN 105049194 B CN105049194 B CN 105049194B
- Authority
- CN
- China
- Prior art keywords
- data
- module
- mtr
- mtd
- computing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
A kind of SM4 algorithms of pipeline organization realize system, including input buffer module, internal level Four flowing water round function module, output buffer module, memory module, constant generation computing module, control module, enable signal is received first, obtain simultaneously interpretive model control signal, then cipher key spreading computing, cryptographic calculation, decryption computing are completed according to mode control signal, finally obtains encrypted result data, decrypted result data and export.The present invention is realized in system using non-linear S boxes progress in-place computation, non-linear S boxes using the random mask addition mask technology of PPRM structures, using single-wheel iteration-internal level Four flowing structure, compared with prior art, realize that small, safe, the anti-zero-value attack ability of area is strong, and with faster arithmetic speed, smaller computing power consumption, there is preferable application prospect.
Description
Technical field
The present invention relates to SM4 algorithms to realize field, and a kind of SM4 algorithms of particularly pipeline organization realize system.
Background technology
China national Password Management office in 2012 discloses SM4 algorithm standard rules, and SM4 algorithms have good speed, power consumption
And security advantages, either still there is important meaning for commercial cipher research to wireless local area industry.But with
The fast propagation for handheld device, the popularization of smart card and information proposes arithmetic speed, the power consumption of SM4 hardware algorithm circuits
The requirement of higher, in addition, differential power consumption analysis technology has the characteristics that cryptochannel implementation simple attack success rate is high, therefore
The requirement of higher it is also proposed to the security of SM4 hardware algorithm circuits.
The round function computing circuit of SM4 algorithms is realized, including input data XOR operation, the computing of S box non-linear permutations, line
Property transform operation operation and output data XOR operation, wherein, S box non-linear permutation computing circuits in whole algorithm circuit
Power consumption, play critical effect in terms of speed and security.Traditional S box in-place computation circuit implementing methods have look-up table
With compositum method, look-up table logic is simple easy to implement and has higher arithmetic speed, but because its realization needs compared with
The assembly line that big hardware resource consumption is unfavorable for total algorithm circuit is realized;The hardware resource that compositum method has very little disappears
Consumption, beneficial to the assembly line realization of algorithm circuit and resisting differential power consumption analysis attack, but the delay of its circuit and power consumption are larger,
Equally it is unfavorable for use of the algorithm circuit in applied to the smart card of handheld device or embedded system.In addition, in order to improve
The resisting differential power consumption analysis attack ability of algorithm circuit, fixed mask and multiplicative masking become common mean of defense, but solid
Determining mask method needs to store substantial amounts of mask data and algorithm circuit computing correction term, and this method have begun to it is new
Attack means break through, multiplicative masking can resist Differential power attack analysis, but can not resist zero-value attack.
The overall structure of SM4 algorithm circuits is realized, since SM4 block ciphers are electronic codebook mode (ECB) operating mode, because
This SM4 algorithms circuit is realized using single-wheel iteration structure or wheel stage pipeline structure more.When using single-wheel iteration structure, it is calculated
Method circuit only needs less hardware resource consumption, but corresponding data processing speed is slower, it is impossible to meets present data
High-speed transfer.When using stage pipeline structure is taken turns, its circuit can have higher data processing speed, but corresponding hard
Part resource consumption is larger.
In order to preferably meet the development of existing embedded system or smart card, improve SM4 algorithms circuit arithmetic speed,
Performance in terms of power consumption and security, proposes a kind of new in terms of the round function part and overall architecture part two of SM4 algorithms
The SM4 algorithms circuit of type becomes extremely urgent task.
The content of the invention
Present invention solves the technical problem that it is:A kind of low in energy consumption, resisting differential power consumption is overcome the deficiencies of the prior art and provide
Analytical attack, arithmetic speed are fast and realize that the SM4 algorithms of the small pipeline organization of area realize structure.
The present invention technical solution be:A kind of SM4 algorithms of pipeline organization realize system, including control module,
Buffer module, internal level Four flowing water round function module, constant generation computing module, memory module, output buffer module are inputted, its
In
Control module, monitors and receives the enable signal of extraneous transmission, obtained when receiving enable signal and parse mould
Formula control signal,
If cryptographic calculation mode control signal, then externally input 128 of control input buffer module reception is original
Clear data and 32 random mask data, control internal level Four flowing water round function module to read ith encryption from memory module
Round function subkey data needed for round function computing, wherein, i=1,2,3 ... 32 and initial value be 1;
If decryption operational pattern control signal, then externally input 128 of control input buffer module reception is original
Ciphertext data and 32 random mask data, control internal level Four flowing water round function module to read jth time decryption from memory module
Round function subkey data needed for round function computing, wherein, j=1,2,3 ... 32 and initial value be 1;
If cipher key spreading operational pattern control signal, then control input buffer module receives externally input 128
Primary key and 32 random mask data, enable constant generation module every four under exterior base system clock Clk controls
The 32 bit constant subkey datas that cycle generates constant generation module are sent to internal level Four flowing water round function module;
Buffer module is inputted, under the control of control module, external input is received using 32 bit data bus input modes
128 primary keys and 32 random mask data and send to internal level Four flowing water round function module;
Under the control of control module, receive 128 original plaintexts of external input using 32 bit data bus input modes
Data and 32 random mask data are simultaneously sent to internal level Four flowing water round function module;
Under the control of control module, receive 128 original cipher texts of external input using 32 bit data bus input modes
Data and 32 random mask data are simultaneously sent to internal level Four flowing water round function module;
Internal level Four flowing water round function module, receives 128 primary keys for inputting buffer module transmission and 32 random
After one group of 32 bit constant that mask data, constant generation module are sent, high 96 in 128 primary keys are taken to be divided into three
32 data of group, totally five groups of data progress XOR operation obtain three groups of 32 data with 32 random mask data, 32 bit constants
To the first key extended arithmetic intermediate data of 32, first key extended arithmetic intermediate data is divided into four group of 8 digit
According to and send respectively to four 8 input 8 output nonlinear S boxes obtain the second cipher key spreading computing intermediate data of 32, then will
Second cipher key spreading computing intermediate data carry out linear transformation after with 128 primary keys low 32,32 random masks
Totally three groups of data carry out XOR operation to data, complete a round function computing and obtain the round function sub-key number of one 32
According to the round function computing carries out 32 times altogether, obtains 32 round function subkey datas and send to memory module to store;
The original plaintext data of 128 and 32 random mask data that input buffer module is sent are received, from storage mould
Block selects and reads round function subkey data of the address for i, and high 96 in 128 original plaintext data are divided into three
After 32 data of group, three groups of 32 data and 32 random mask data, the round function subkey data of 32 totally five groups of numbers
The first cryptographic calculation intermediate data of 32 is obtained according to XOR operation is carried out, the first cryptographic calculation intermediate data is divided into four group 8
Position data and send respectively to four 8 input 8 output nonlinear S boxes obtain the second cryptographic calculation intermediate data of 32, then will
The second cryptographic calculation intermediate data carry out linear transformation after low 32 with 128 original plaintext data, 32 cover at random
Totally three groups of data carry out XOR operation to code data, the 3rd cryptographic calculation intermediate data of 32 are obtained, by the 3rd cryptographic calculation
The high 96 round function encrypted result data that merge generation 128 of the intermediate data as high 32 with original plaintext data, make
For the original plaintext data of 128 of i+1 time encryption round functional operation, ith encryption round functional operation is completed, i=i+1,
Above-mentioned encryption round functional operation is repeated until i=32,128 result datas that the 32nd next round functional operation is obtained carry out height
Encrypted result data are used as after bit map and are sent to output buffer module;
The original cipher text data of 128 and 32 random mask data that input buffer module is sent are received, from storage mould
Block selects and reads round function subkey data of the address for 33-j, and high 96 in 128 original plaintext data are divided successively
For three groups of 32 data, three groups of 32 data and 32 random mask data, 32 round function subkey datas totally five groups of numbers
The first decryption computing intermediate data of 32 is obtained according to XOR operation is carried out, the first decryption computing intermediate data is divided into four group 8
Position data and send respectively to four 8 input 8 output nonlinear S boxes obtain 32 second decryption computing intermediate data, then will
Second decryption computing intermediate data carries out after linear transformation low 32,32 random masks with 128 original cipher text data
Totally three groups of data carry out XOR operation to data, obtain the 3rd decryption computing intermediate data of one 32, computing is decrypted by the 3rd
The high 96 round function decrypted result data that merge generation 128 of the intermediate data as high 32 with original cipher text data, make
For the original cipher text data of 128 of+1 encryption round functional operation of jth, jth time decryption round functional operation is completed, j=j+1,
Above-mentioned decryption round functional operation is repeated until j=32,128 result datas that the 32nd next round functional operation is obtained carry out height
Decrypted result data are used as after bit map and are sent to output buffer module;
Memory module, receives 32 round function subkey datas that internal level Four flowing water round function module is sent, and with each
The number i of the corresponding round function computing of a round function subkey data is stored for storage address;
Constant generation module, with constant (0007E15)16For mould plus computing initial value, with (1C, 1C, 1C, 1C)16To be each
The mould that mould adds arithmetic constant to carry out four groups 8 parallel adds computing to obtain four groups of moulds and adds operation result data, and then obtains one group 32
Position mould adds operation result data, and reading four groups of moulds at current time according to outside reference system clock Clk every four cycles adds fortune
Calculate result data and add computing initial value as mould, then with (1C, 1C, 1C, 1C)16Arithmetic constant is added to continue and advance for each mould
The mould that row four group is 8 adds computing, while obtain 32 moulds are added operation result data as 32 bit constants, and send to inside four
Level flowing water round function module;
Buffer module is exported, receives encrypted result data, decrypted result number that internal level Four flowing water round function module is sent
According to and export.
The nonlinear transformation S boxes include front end converter unit, domain inversion operation unit and rear end converter unit, wherein
Front end converter unit, Pa is carried out after receiving 8 dataT+ C1 computings, obtain the first intermediate data temp1, and send
To domain inversion operation unit;
Domain inversion operation unit, GF (2 is carried out after receiving the first intermediate data temp14) domain inversion operation, obtain in second
Between data temp2, and send to rear end converter unit;
Rear end converter unit, carries out Rtemp2+C2 computings after receiving the second intermediate data temp2, obtains 8 non-thread
Property conversion S box result datas, wherein, a is 8 data, and I is GF (24) domain inversion operation symbol,
C1=[1,0,1,0,1,1,1,1], C2=[1,1,0,1,0,0,1,1].
The present invention compared with prior art the advantages of be:
(1) SM4 algorithms of the present invention realize that system carries out in-place computation using non-linear S boxes, are realized with existing look-up table
S boxes compare area smaller, with the S boxes that common compositum method is realized compared to the smaller and lower power consumption of delay;
(2) SM4 algorithms of the present invention realize that the non-linear S boxes in system employ the addition mask technology of random mask, with
Existing fixed mask technology realizes that area is small, safe compared to system, the anti-null value compared with existing multiplicative masking technology
Attacking ability is strong;
(3) SM4 algorithms of the present invention realize that the SM4 algorithm constant generation modules in system employ the algebraically realization side that mould adds
Method, compared with existing look-up method, realizes that simple and flexibility ratio is high;
(4) SM4 algorithms of the present invention realize that system employs single-wheel iteration-internal level Four flowing structure, change with existing single-wheel
Compared for structure, four stage pipeline structures with faster arithmetic speed, smaller computing power consumption.
Brief description of the drawings
Fig. 1 realizes system construction drawing for SM4 algorithms of the present invention;
Fig. 2 is SM4 algorithms circuit control module working timing figure of the present invention;
Fig. 3 is for SM4 algorithms circuit S box in-place computation PPRM circuit structure diagrams of the present invention;
Fig. 4 is for level Four flowing water round function structure chart inside SM4 algorithms circuit of the present invention;
Fig. 5 is for SM4 algorithms circuit constant generation module circuit structure diagram of the present invention;
Fig. 6 is for SM4 algorithms circuit sub-key memory module circuit connection diagram of the present invention;
Fig. 7 is to read sequence of addresses list for SM4 algorithms circuit sub-key of the present invention.
Embodiment
The present invention proposes that a kind of SM4 algorithms of pipeline organization realize system, as shown in Figure 1 including control module, input
Buffer module, internal level Four flowing water round function module, constant generation computing module, memory module, output buffer module, wherein
Control module, monitors and receives the enable signal of extraneous transmission, it is parsed when receiving enable signal,
Obtaining mode control signal simultaneously judges, if cryptographic calculation mode control signal, then control input buffer module receives exterior
128 initial data to be encrypted and 32 random mask data of input, control internal level Four flowing water round function module from storage
Module read ith encryption round functional operation needed for round function subkey data, wherein, i=1,2,3 ... 32 and initial value be 1;
If decryption operational pattern control signal, then control input buffer module receives externally input 128 original numbers to be decrypted
According to and 32 random mask data, control internal level Four flowing water round function module to read jth time decryption round function from memory module
Round function subkey data needed for computing, wherein, j=1,2,3 ... 32 and initial value be 1;If cipher key spreading operational pattern
Control signal, then control input buffer module externally input 128 primary keys of reception and 32 random mask data, enable
The constant generation module 32 bit constant sub-key numbers that every four cycles generate constant generation module under system clock Clk controls
According to sending to internal level Four flowing water round function module;
Buffer module is inputted, externally input 128 primary keys and 32 are received using 32 bit data bus input modes
Position random mask data and convert 160 data export send to internal level Four flowing water round function module;Using 32 digits
Receive 128 initial data to be encrypted of external input and 32 random mask data according to bus input mode and converted
The data output of 160 is sent to internal level Four flowing water round function module;Received using 32 bit data bus input modes exterior defeated
Enter 128 initial data to be decrypted and 32 random mask data and converted 160 data output send to inside four
Level flowing water round function module;
Internal level Four flowing water round function module, receives 128 primary keys for inputting buffer module transmission and 32 random
After one group of 32 bit constant that mask data, constant generation module every four cycles send, take 96 high in 128 primary keys
Three groups of 32 data are divided into, then carrying out XOR operation with 32 random mask data, 32 bit constants obtains the of 32
One cipher key spreading computing intermediate data, is divided into four groups of 8 data by first key extended arithmetic intermediate data and send respectively
The second cipher key spreading computing intermediate data of 32 is obtained to four 88 output nonlinear S boxes of input, then expands the second key
Open up computing intermediate data carry out after linear transformation low 32 with 128 primary keys, 32 random mask data carry out it is different
Or computing, complete first time round function computing and obtain the round function subkey data of one 32, carry out 32 round function fortune
Calculate, obtain 32 round function subkey datas and send to memory module to store.Receive the original of 128 that input buffer module is sent
Beginning clear data and 32 random mask data, select from memory module and read round function subkey data of the address for i, will
High 96 in 128 original plaintext data are divided into after three groups of 32 data and 32 random mask data, the wheel of 32
Function subkey data carries out XOR operation and obtains the first cryptographic calculation intermediate data of 32, by the first cryptographic calculation mediant
Obtained according to being divided into four groups of 8 data and sending respectively to four 88 output nonlinear S boxes of input among second cryptographic calculation of 32
Data, then by the second cryptographic calculation intermediate data carry out linear transformation after low 32 with 128 original plaintext data,
32 random mask data carry out XOR operation, the 3rd cryptographic calculation intermediate data of 32 are obtained, by the 3rd cryptographic calculation
The high 96 round function encrypted result data that merge generation 128 of the intermediate data as high 32 with original plaintext data, make
For the original plaintext data of 128 of i+1 time encryption round functional operation, ith encryption round functional operation is completed, i=i+1,
Above-mentioned encryption round functional operation is repeated until i=32,128 result datas that the 32nd next round functional operation is obtained carry out height
Encrypted result data are used as after bit map and are sent to output buffer module;Receive the original of 128 of input buffer module transmission
Ciphertext data and 32 random mask data, select from memory module and read round function subkey data of the address for 33-j,
High 96 in 128 original plaintext data are divided into taking turns with 32 random mask data, 32 after three groups of 32 data
Function subkey data carries out XOR operation and obtains the first decryption computing intermediate data of 32, and computing mediant is decrypted by first
Obtained according to being divided into four groups of 8 data and sending respectively to four 88 output nonlinear S boxes of input among the second decryption computing of 32
Data, then carry out the second decryption computing intermediate data after linear transformation low 32 with 128 original cipher text data, 32
Position random mask data carry out XOR operation, obtain the 3rd decryption computing intermediate data of one 32, computing is decrypted by the 3rd
The high 96 round function decrypted result data that merge generation 128 of the intermediate data as high 32 with original cipher text data, make
For the original cipher text data of 128 of+1 encryption round functional operation of jth, jth time decryption round functional operation is completed, j=j+1,
Above-mentioned decryption round functional operation is repeated until j=32,128 result datas that the 32nd next round functional operation is obtained carry out height
Decrypted result data are used as after bit map and are sent to output buffer module;
Memory module, receives 32 round function subkey datas that internal level Four flowing water round function module is sent, and with each
The number of the corresponding round function computing of a round function subkey data is stored for storage address;
Constant generation module, with constant EIVFor mould plus computing initial value, with (1C, 1C, 1C, 1C)16Add computing for each mould
The mould that constant carries out four groups 8 parallel adds computing, and reading four groups of moulds at current time according to system clock Clk every four cycles adds
Operation result data add computing initial value as mould, with (1C, 1C, 1C, 1C)16Arithmetic constant is added to continue parallel carry out for each mould
The mould of four groups 8 adds computing, while adds operation result data to be combined successively four groups of moulds at current time, obtains one group 32
Position mould adds operation result data as 32 bit constants, and send to internal level Four flowing water round function module;Wherein, EIVFor
(0007E15)16;
Buffer module is exported, receives encrypted result data, decrypted result number that internal level Four flowing water round function module is sent
According to and export.
Realize that structure describes in detail to SM4 algorithms of the present invention below in conjunction with the accompanying drawings, as shown in Figure 1, being calculated for the SM4 of the present invention
Method circuit framework divides, including input buffer module, SM4 algorithms circuit control module, internal four level production line round function modules,
Constant generation computing module, memory module and output buffer module are formed.
The control signal of SM4 algorithm circuit control modules respectively connected other three circuit modules, for control algolithm
The computing of circuit cipher key spreading and the orderly progress of data encrypting and deciphering computing, module are received and sent out by input and output buffer module
Data are sent, input buffer module is connected to the data input pin of round function, by 128 knots obtained after 32 next round functional operation
Fruit data are simultaneously exported by exporting buffer module 106.As shown in Fig. 2, when working for the SM4 algorithms circuit control module of the present invention
Sequence figure, circuit control module is by Start, Enable, Op [1:0] three input signals are controlled, and Start signals represent to start
Signal, Enable representation module enable signals, Op represent operational pattern, including cipher key spreading operational pattern, data encryption computing
Pattern and data deciphering operational pattern, first SM4 algorithms circuit control module judge data encrypting and deciphering in original state S_IDLE
Whether computing primary key updates, and enters cipher key spreading computing state S_KEYGEN if being updated over, is otherwise directly entered
Data encrypting and deciphering computing state S_DATAGEN, in cipher key spreading computing state, round function carries out 32 next round functional operation altogether, often
Four cycles complete a round function computing, need 128 cycles altogether, and every one group of the four cycles generation of constant generation computing module is normal
Round key of the number as cipher key spreading computing, 32 groups of data of round function generation are stored in as the sub-key of data encrypting and deciphering computing
Sub-key memory module, control module enters data encrypting and deciphering computing state, constant generation fortune after cipher key spreading computing
Module from service is calculated, the memory module of sub-key enters digital independent state at this time, and each cycle provides one for round function computing
Group sub-key, after data encrypting and deciphering arithmetic operation is completed to initial data, circuit sends interruption, returns to reset condition.
It is illustrated in figure 3 the circuit realization of the nonlinear transformation S boxes of level Four flowing water round function module inside the present invention, SM4
Include four nonlinear transformation S boxes in algorithm round function computing, nonlinear transformation S boxes receive high 96 of round function input terminal according to
It is secondary be divided into after 3 group of 32 bit data block 32 intermediate data after exclusive or are carried out with 32 random numbers, 32 intermediate data are divided into 4
8 bit data blocks of group are separately input to 4 parallel nonlinear transformation S box input terminals.S boxes operational formula is S (a)=R (I (P
aT+ C1))+C2, computing includes three parts, wherein PaT+ C1 is leading portion translation operation part, I (*) it is GF (24) domain inverts fortune
Calculation part, R (*)+C2 is rear end conversion section.Wherein a is vectorial for 8 binary system data, aTRepresent input binary vector
Transposition, P and R represent front end transformation matrix and rear end transformation matrix respectively, and C1 and C2 are respectively front end conversion vector sum rear end
Conversion vector.Corresponding matrix and vector are as follows,
C1=[1,0,1,0,1,1,1,1], C2=[1,1,0,1,0,0,1,1]
C3, C4, C5, C6, C7 in nonlinear transformation S boxes are that random mask participates in corresponding correction term during computing.It is non-thread
Property conversion S boxes front end conversion, GF (24) domain inversion operation and rear end conversion using PPRM circuit structures realize, i.e., entirely it is non-
Linear transformation S boxes only include AND-XOR arithmetic elements.S boxes are by GF (28) domain with random mask input data a as two into
Vector processed is input to front end conversion, and output obtains GF (24) domain intermediate data temp1, intermediate data temp1 is in GF (24) asked
Intermediate data temp2 is obtained after inverse operation, intermediate data temp2 obtains the result of nonlinear transformation S boxes after rear end converts
Data, four groups of non-linear S boxes conversion obtain the result data of 32 parallel, are output to the linear transformation part of round function computing.
As shown in figure 4, for four level production line round function modules inside the SM4 algorithms circuit of the present invention, which calculates from SM4
Method circuit control module receives control signal DK_sel and dataload, and internal level Four flowing water round function module is according to DK_sel's
It is to carry out cipher key spreading computing or data encrypting and deciphering computing that low and high level, which carrys out decision circuitry, and corresponding selection every four cycles
The sub-key CK of one 32 is received from constant generation module to be used to carry out the computing of round function cipher key spreading or each cycle from son
The sub-key rk that cipher key storage block receives one group 32 is used to carry out round function encryption or decryption computing.Circuit foundation
The low and high level of dataload is selected to receive initial data from input buffer module or received from the result output terminal of round function
The intermediate result data that round function produces.Internal four level production line round functions include XOR operation, the conversion of non-linear S boxes and line
Property transform operation, which is adjusted the GradeNDivision of the nonlinear transformation S boxes of PPRM structures, with front and rear XOR operation
Generation internal level Four flowing water part1, part2, part3, part4 are combined with linear transformation computing, thus forms internal level Four stream
Water wheels function module.The result data of 32 is obtained after internal level Four flowing water round function computing, when internal level Four flowing water wheel
When function carries out cipher key spreading computing, 32 result datas are output to sub-key memory module;When internal level Four flowing water round function
When carrying out data encrypting and deciphering computing, high 96 of 32 result datas and input data are merged into 128 data and are output to wheel letter
Output buffer is output to after number input terminal or the high status conversion of progress.
As shown in figure 5, for the SM4 algorithm circuit constant generation module circuit structure diagrams of the present invention, constant generation module exists
Sub-key is provided for round function in cipher key spreading computing, module includes four parallel adders, one group of register CK and selector,
Register every four cycles carry out addition its result of calculation Sampling hold, minimum two of counter complete one cycle into
Position is also required to four cycles, therefore receives round function count signal Cnt from SM4 algorithms circuit control module, and by count signal
Low two Cnt [1 of Cnt:0] it is input to register control terminal as control signal, selector is from SM4 algorithm circuit control modules
(control module) receives control signal dataload, and input initial data or deposit are selected by the low and high level of dataload
Device CK sampled result data.
As shown in Figure 6, Figure 7, it is the sub-key memory module (memory module) of SM4 algorithm circuits of the present invention and corresponding
Sub-key address list.Sub-key memory module is realized by customizing single port RAM memory, from SM4 algorithm circuit controls
Molding block receives clock signal clk, counter works flag signal cnt_start, mode select signal KD_sel and data
Encrypting and decrypting selection signal DE_sel, and be connected respectively to sub-key memory module clock signal terminal Clk, enable signal end CNE,
Read-write Catrol end WEN and the selector control terminal at address signal A ends.Control signal KD_sel and DE_sel from intermediate variable cnt,
Correct data address is selected to be input to customization RAM memory address input end, wherein Cnt [6 in temp1, temp2:2] it is son
Key storage address, temp1 corresponding sub-key reading sequence of addresses when being data encryption computing, temp2 is that data deciphering is transported
Corresponding sub-key reads sequence of addresses during calculation.When circuit carries out cipher key spreading computing, cipher key spreading computing every four cycles
A round function computing is completed, sub-key memory module only carries out storage operation, the every four cycles difference of sub-key memory module
A sub-key storage address and sub-key number are received from SM4 algorithms circuit control module and internal four level production line round functions
According to subkey data is input to the Data in ends of sub-key memory module, completes a data storage operations;When circuit carries out
During data encrypting and deciphering computing, sub-key memory module is only read, and each cycle is received from SM4 algorithms circuit control module
Subkey data reading address signal, and one group of subkey data Q is exported to internal four level production line round function modules
Sub-key input terminal.
The content not being described in detail in description of the invention belongs to the known technology of those skilled in the art.
Claims (2)
1. a kind of SM4 algorithms of pipeline organization realize system, it is characterised in that including control module, input buffer module, interior
Portion's level Four flowing water round function module, constant generation computing module, memory module, output buffer module, wherein
Control module, monitors and receives the enable signal of extraneous transmission, simultaneously interpretive model control is obtained when receiving enable signal
Signal processed,
If cryptographic calculation mode control signal, then control input buffer module receives externally input 128 original plaintexts
Data and 32 random mask data, control internal level Four flowing water round function module to read ith encryption round letter from memory module
Number computings needed for round function subkey data, wherein, i=1,2,3 ... 32 and initial value be 1;
If decryption operational pattern control signal, then control input buffer module receives externally input 128 original cipher texts
Data and 32 random mask data, control internal level Four flowing water round function module to read jth time decryption round letter from memory module
Number computings needed for round function subkey data, wherein, j=1,2,3 ... 32 and initial value be 1;
If cipher key spreading operational pattern control signal, then externally input 128 of control input buffer module reception is original
Key and 32 random mask data, enable constant generation module every four cycles under exterior base system clock Clk controls
The 32 bit constant subkey datas that constant generation module is generated are sent to internal level Four flowing water round function module;
Buffer module is inputted, under the control of control module, externally input 128 are received using 32 bit data bus input modes
Position primary key and 32 random mask data are simultaneously sent to internal level Four flowing water round function module;
Under the control of control module, receive 128 original plaintext data of external input using 32 bit data bus input modes
And 32 random mask data and send to internal level Four flowing water round function module;
Under the control of control module, receive 128 original cipher text data of external input using 32 bit data bus input modes
And 32 random mask data and send to internal level Four flowing water round function module;
Internal level Four flowing water round function module, receives 128 primary keys and 32 random masks that input buffer module is sent
After one group of 32 bit constant that data, constant generation module are sent, high 96 in 128 primary keys are taken to be divided into three group 32
Position data, totally five groups of data progress XOR operation obtain 32 to three groups of 32 data with 32 random mask data, 32 bit constants
The first key extended arithmetic intermediate data of position, four groups of 8 data are divided into simultaneously by first key extended arithmetic intermediate data
Send respectively to four 88 output nonlinear S boxes of input and obtain the second cipher key spreading computing intermediate data of 32, then by second
Cipher key spreading computing intermediate data carry out linear transformation after with 128 primary keys low 32,32 random mask data
Totally three groups of data carry out XOR operation, complete a round function computing and obtain the round function subkey data of one 32, institute
The round function computing stated carries out 32 times altogether, obtains 32 round function subkey datas and send to memory module to store;
The original plaintext data of 128 and 32 random mask data that input buffer module is sent are received, are selected from memory module
Select and read the round function subkey data that address is i, high 96 in 128 original plaintext data are divided into three group 32
After the data of position, three groups of 32 data and 32 random mask data, the round function subkey data of 32 totally five groups of data into
Row XOR operation obtains the first cryptographic calculation intermediate data of 32, and the first cryptographic calculation intermediate data is divided into four group of 8 digit
According to and send respectively to four 88 output nonlinear S boxes of input and obtain the second cryptographic calculation intermediate data of 32, then by this
Two cryptographic calculation intermediate data carry out linear transformation after with 128 original plaintext data low 32,32 random mask numbers
XOR operation is carried out according to totally three groups of data, the 3rd cryptographic calculation intermediate data of 32 is obtained, among the 3rd cryptographic calculation
The high 96 round function encrypted result data that merge generation 128 of the data as high 32 with original plaintext data, as i-th
The original plaintext data of 128 of+1 encryption round functional operation, complete ith encryption round functional operation, i=i+1, in repetition
Encryption round functional operation is stated until i=32,128 result datas that the 32nd next round functional operation is obtained carry out height bit map
Encrypted result data are used as afterwards and are sent to output buffer module;
The original cipher text data of 128 and 32 random mask data that input buffer module is sent are received, are selected from memory module
Select and read the round function subkey data that address is 33-j, high 96 in 128 original plaintext data are divided into three
32 data of group, three groups of 32 data and 32 random mask data, 32 round function subkey datas totally five groups of data into
Row XOR operation obtains the first decryption computing intermediate data of 32, and the first decryption computing intermediate data is divided into four group of 8 digit
According to and send respectively to four 8 input 8 output nonlinear S boxes obtain 32 second decryption computing intermediate data, then by second
Decrypt computing intermediate data and carry out after linear transformation low 32,32 random mask data with 128 original cipher text data
Totally three groups of data carry out XOR operation, obtain the 3rd decryption computing intermediate data of one 32, the 3rd is decrypted among computing
The high 96 round function decrypted result data that merge generation 128 of the data as high 32 with original cipher text data, as jth
The original cipher text data of 128 of+1 encryption round functional operation, complete jth time decryption round functional operation, j=j+1, in repetition
Decryption round functional operation is stated until j=32,128 result datas that the 32nd next round functional operation is obtained carry out height bit map
Decrypted result data are used as afterwards and are sent to output buffer module;
Memory module, receives 32 round function subkey datas that internal level Four flowing water round function module is sent, and with each wheel
The number i of the corresponding round function computing of function subkey data is stored for storage address;
Constant generation module, with constant (0007E15)16For mould plus computing initial value, with (1C, 1C, 1C, 1C)16Add for each mould
The parallel mould for carrying out four groups 8 of arithmetic constant adds computing to obtain four groups of moulds and adds operation result data, and then obtains one group of 32 mould
Add operation result data, reading four groups of moulds at current time according to outside reference system clock Clk every four cycles adds computing knot
Fruit data add computing initial value as mould, then with (1C, 1C, 1C, 1C)16Arithmetic constant is added to continue parallel progress four for each mould
The mould of group 8 adds computing, while obtain 32 moulds are added operation result data as 32 bit constants, and send to internal level Four stream
Water wheels function module;
Buffer module is exported, receives encrypted result data, decrypted result data that internal level Four flowing water round function module sends simultaneously
Output.
2. a kind of SM4 algorithms of pipeline organization according to claim 1 realize system, it is characterised in that:Described is non-
Linear transformation S boxes include front end converter unit, domain inversion operation unit and rear end converter unit, wherein
Front end converter unit, Pa is carried out after receiving 8 dataT+ C1 computings, obtain the first intermediate data temp1, and send to domain
Inversion operation unit;
Domain inversion operation unit, GF (2 is carried out after receiving the first intermediate data temp14) domain inversion operation, obtain the second mediant
According to temp2, and send to rear end converter unit;
Rear end converter unit, carries out Rtemp2+C2 computings after receiving the second intermediate data temp2, obtains the non-linear change of 8
S box result datas are changed, wherein, a is 8 data,
<mrow>
<mi>P</mi>
<mo>=</mo>
<mfenced open = "[" close = "]">
<mtable>
<mtr>
<mtd>
<mn>01111111</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>11000100</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>01000000</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>10010011</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>00011000</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>11010110</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>01110010</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>11110000</mn>
</mtd>
</mtr>
</mtable>
</mfenced>
<mo>,</mo>
<mi>R</mi>
<mo>=</mo>
<mfenced open = "[" close = "]">
<mtable>
<mtr>
<mtd>
<mn>00101001</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>00000111</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>00101010</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>10001010</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>10110101</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>00010100</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>01100101</mn>
</mtd>
</mtr>
<mtr>
<mtd>
<mn>00110011</mn>
</mtd>
</mtr>
</mtable>
</mfenced>
</mrow>
C1=[1,0,1,0,1,1,1,1], C2=[1,1,0,1,0,0,1,1].
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510293265.XA CN105049194B (en) | 2015-06-01 | 2015-06-01 | A kind of SM4 algorithms of pipeline organization realize system |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201510293265.XA CN105049194B (en) | 2015-06-01 | 2015-06-01 | A kind of SM4 algorithms of pipeline organization realize system |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105049194A CN105049194A (en) | 2015-11-11 |
CN105049194B true CN105049194B (en) | 2018-05-08 |
Family
ID=54455417
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201510293265.XA Active CN105049194B (en) | 2015-06-01 | 2015-06-01 | A kind of SM4 algorithms of pipeline organization realize system |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105049194B (en) |
Families Citing this family (11)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105490802B (en) * | 2015-11-27 | 2018-07-27 | 桂林电子科技大学 | The parallel encryption and decryption communication means of improvement SM4 based on GPU |
CN105356996B (en) * | 2015-12-14 | 2018-11-09 | 联想(北京)有限公司 | A kind of ciphertext processing method, electronic equipment and ciphertext processing unit |
CN105790923A (en) * | 2016-04-26 | 2016-07-20 | 深圳市证通电子股份有限公司 | Cipher algorithm anti-power consumption analysis realization method and device |
CN108092760A (en) * | 2016-11-22 | 2018-05-29 | 北京同方微电子有限公司 | A kind of co-processor device of block cipher and non-linear transformation method |
CN106789056A (en) * | 2017-02-03 | 2017-05-31 | 济南浪潮高新科技投资发展有限公司 | A kind of hardware encryption system and method |
CN107800530B (en) * | 2017-11-28 | 2020-09-18 | 聚辰半导体股份有限公司 | S-box mask method of SMS4 |
CN110912679A (en) * | 2019-11-19 | 2020-03-24 | 海南众博数据科技有限公司 | Password device |
CN112242186B (en) * | 2020-10-20 | 2021-04-06 | 山东省千佛山医院 | Blood test result output customization system |
CN112350819B (en) * | 2020-10-23 | 2022-02-18 | 四川九洲电器集团有限责任公司 | Full-pipeline SMS4 encryption and decryption method and system |
CN114697094B (en) * | 2022-03-21 | 2024-03-26 | 北京交大微联科技有限公司 | Encryption method and encryption device compatible with multiple encryption algorithms and storage medium |
CN115208626B (en) * | 2022-06-02 | 2023-12-01 | 北京交大微联科技有限公司 | Communication method and device based on secure communication ciphertext transmission in railway signal system |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101764685A (en) * | 2009-10-26 | 2010-06-30 | 广州杰赛科技股份有限公司 | Encrypting and deciphering system for realizing SMS4 algorithm |
CN104579636A (en) * | 2015-02-16 | 2015-04-29 | 滨州职业学院 | System for realizing SM4 algorithm at super-speed as well as operating method of system |
-
2015
- 2015-06-01 CN CN201510293265.XA patent/CN105049194B/en active Active
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101764685A (en) * | 2009-10-26 | 2010-06-30 | 广州杰赛科技股份有限公司 | Encrypting and deciphering system for realizing SMS4 algorithm |
CN104579636A (en) * | 2015-02-16 | 2015-04-29 | 滨州职业学院 | System for realizing SM4 algorithm at super-speed as well as operating method of system |
Non-Patent Citations (4)
Title |
---|
Design of a Masked S-box for SM4 Based on Composite Field;Hao Liang,ETC;《IEEE》;20150122;全文 * |
The Low Power Design of SM4 Cipher with Resistance to Differential Power Analysis;Yanbo Niu,ETC;《IEEE》;20150304;全文 * |
一种低功耗抗差分功耗分析攻击的SM4算法实现;牛砚波等;《微电子学与计算机》;20140930;全文 * |
适合SMS4 算法硬件实现的S盒构造新方法;徐艳华等;《中国科学技术大学学报》;20091130;全文 * |
Also Published As
Publication number | Publication date |
---|---|
CN105049194A (en) | 2015-11-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105049194B (en) | A kind of SM4 algorithms of pipeline organization realize system | |
Hatzivasilis et al. | A review of lightweight block ciphers | |
CN101739889B (en) | Cryptographic processing apparatus | |
CN104639314A (en) | Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method | |
CN103051442B (en) | Cipher device adopting Feistel-PG structure and encryption method | |
CN101764685B (en) | Encrypting and deciphering system for realizing SMS4 algorithm | |
CN109981249B (en) | Encryption and decryption method and device based on zipper type dynamic hash and NLFSR | |
CN107078902A (en) | Cryptography based on rotation | |
CN101938349A (en) | S box applicable to hardware realization and circuit realization method thereof | |
CN104065473A (en) | Compact realization method of SM4 block cipher algorithm S box | |
CN108650076A (en) | The implementation method of AES encryption system hardware module based on Quantum Reversible Logic | |
CN108933653A (en) | A kind of AES encrypting and deciphering system and method based on large-scale data | |
Sakamoto et al. | Rocca: an efficient AES-based encryption scheme for beyond 5G | |
CN101958790B (en) | Encryption or decryption method of wireless communication network digital information | |
CN110120867A (en) | A kind of implementation method of the AES hardware encryption system based on quantum reversible link | |
CN104219045A (en) | RC4 (Rivest cipher 4) stream cipher generator | |
Paar et al. | New designs in lightweight symmetric encryption | |
Sakamoto et al. | Rocca: an efficient AES-based encryption scheme for beyond 5G (full version) | |
CN107171782A (en) | A kind of AES secret daily record encryption methods based on reversible logic circuits | |
CN103731257B (en) | A kind of Piccolo AES Hardware Implementation | |
CN105577362B (en) | A kind of byte replacement method and system applied to aes algorithm | |
CN108134665A (en) | A kind of 8 bit A ES circuits applied towards IoT | |
Fu et al. | A simplified FPGA implementation based on an Improved DES algorithm | |
Li et al. | Improved meet‐in‐the‐middle attacks on reduced‐round Joltik‐BC | |
Jun et al. | A design and implementation of high-speed 3DES algorithm system |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |