CN106254061B - A kind of high speed network storage encipher-decipher method - Google Patents
A kind of high speed network storage encipher-decipher method Download PDFInfo
- Publication number
- CN106254061B CN106254061B CN201610666423.6A CN201610666423A CN106254061B CN 106254061 B CN106254061 B CN 106254061B CN 201610666423 A CN201610666423 A CN 201610666423A CN 106254061 B CN106254061 B CN 106254061B
- Authority
- CN
- China
- Prior art keywords
- encryption
- fpga
- interface board
- decryption
- exchange
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
Abstract
The present invention provides a kind of high speed network storage encipher-decipher method, the method is by carrying out the processing of exchange concurrent operations to status information, it completes to map the linear speed disk command of FC encryption equipment, independent burst processing is carried out again with 64 burst assembly lines, data stream scheduling is carried out to densifying plate using interface FPGA, the value of waterline is adjusted by GPIO signal between interface board FPGA and encryption and decryption plate FPGA, QDR SRAM is used to complete the caching of second level intermodule as level cache, DIMM DDR3 completes the caching between previous module as L2 cache, complete encryption process, using more common HASH chained list mode, lookup target can fast and accurately be navigated to, by stamping token flag on each frame, random ordering can be effectively prevented Occur;A plurality of 64 bursts assembly line is taken inside FPGA, independent burst processing is carried out according to the difference of task, procedure-node composite result, effective solution access processing capacity.
Description
Technical field
The invention belongs to the field of information security technology under Information Networking Architecture, and in particular to a kind of high speed network is deposited
Store encipher-decipher method.
Background technique
In field of storage, FC SAN(optical fiber storage area network) it is occupied always based on its inborn high-performance, stability
Most of market.With the outburst of various information security events in recent years, people there is an urgent need to have a kind of approach ensure from
Oneself data safety, especially as units such as banks.Application environment, FC agreement feature for the FC logical volume transfer method and storage network system of user
And high-availability requirement, privacy problem that is how reliable and stable, safely controllable, quickly and efficiently solving user's storage network data
And cipher key management considerations, exactly develop the background and meaning of high speed network storage encryption equipment.High speed network storage encryption
Owner will be by a kind of data encrypting and deciphering mechanism based on FC agreement, and the application server in parsing FC SAN network is (hereinafter referred to as
Server end) and disk array (hereinafter referred to as memory end) between FC agreement, for being passed between server end and memory end
Defeated data carry out encryption and decryption.Encryption and decryption technology used in equipment avoids the performance for reducing the original application system of user, special
It is not the efficiency of transmission of data information, meets the harsher requirement that the long delay characteristic of system proposes encryption and decryption system,
While meeting user demand, it is ensured that system meets close office, state to the demand of technical standard of commercial encryption product.
Summary of the invention
To solve the above-mentioned problems, the present invention provides a kind of high speed network storage encipher-decipher method,
The method completes the linear speed magnetic to FC encryption equipment by carrying out the processing of exchange concurrent operations to status information
Disk command mapping, then independent burst processing is carried out with 64 burst assembly lines, data flow is carried out to densifying plate using interface FPGA
Scheduling, is adjusted the value of waterline by GPIO signal between interface board FPGA and encryption and decryption plate FPGA, is made using QDR SRAM
The caching of second level intermodule is completed for level cache, DIMM DDR3 completes the caching between previous module as L2 cache, complete
At encryption process;
Further, which comprises
S1: input state information;
S2: the processing of exchange concurrent operations is carried out to status information in S1;
S3: data processing is carried out to information processed in S2;
S4: frame buffer and frame order-preserving are carried out to the information of data processing in S3, complete encryption and decryption;
Further, the S2 is specially in the encryption and decryption operation of an exchange, and key remains unchanged, and records data
The FCP_DATA of LUN, LBA, ID and offset information in frame, subsequent arrival is uniquely positioned according to ID, the LUN and LBA letter
Key of the breath for encryption and decryption guides;
Further, the exchange is specially to FCP-SCSI disk commands, and one time disk command is mapped as
Exchange, each exchange are decomposed into multiple unidirectional sequence, and each sequence is decomposed into multiple FC-2
Frame;
Further, by the chained list side HASH when handling concurrent exchange and sequence crossover operation in the S2
Formula records million grades of FC session, and is updated with secondary hash and dynamic and solve HASH conflict;
Further, the secondary hash is to be respectively compared to the keyword of hash by hash algorithms different twice
Positioning, the dynamic update is to remove session node in time after an exchange, discharges resource;
Further, the S3 is specially that 64 burst assembly lines are taken inside FPGA, is carried out according to the difference of task
Independent burst processing, and procedure-node composite result is used, data stream scheduling is carried out to densifying plate using interface board FPGA, is being connect
The value of waterline is adjusted between oralia FPGA and encryption and decryption plate FPGA by GPIO signal;
Further, the value of the adjustment waterline method particularly includes: when encryption and decryption plate FPGA processing queue reaches waterline
When, inform that interface board FPGA selective intake message, interface board FPGA abandon same connection by the statistical information in conversational list
On transmitted the message of minimum data;
Further, the S4 is specially the caching for using QDR SRAM to complete second level intermodule as level cache, is made
The DIMM DDR3 used completes the caching between previous module as L2 cache, and stamps token flag on each frame;
Further, the S1 input information status information method includes the heartbeat line locking by equipment rear portion and passes through
The HA interface synchronization of equipment front.
Beneficial effects of the present invention are as follows:
1) by handling concurrent magnanimity exchange and sequence crossover operation, the encryption and decryption for completing linear speed is operated,
It being in due to equipment on the node of a mass memory, the quantity of concurrent exchange is possible to reach million grades,
That is system needs to record million grades of FC session, the realization mechanism of this FC session will be used more common
HASH chained list mode, can fast and accurately navigate to lookup target;
2) each unit processing delay will lead to frame buffer memory it is very big, by stamping token flag on each frame,
Out-of-order generation can be effectively prevented;
3) hardware completes the data frame forwarding of all FCP, encryption and decryption, and software completes configuration and management;
4) a plurality of 64 bursts assembly line is taken inside FPGA, and independent burst processing, process are carried out according to the difference of task
Node composite result, effective solution access processing capacity;
5) densifying plate does data stream scheduling using interface FPGA, realizes data balancing algorithm, in multiple encryption chip cores
Equilibrium assignmen data flow between piece plays the processing capacity of more encryption chips to greatest extent;
6) since interface supports 8G data access, and encryption and decryption processing capacity only has 4G, this necessarily causes some
Message is dropped inside equipment, since FC agreement only can carry out weight to some message of discarding unlike Transmission Control Protocol
It passes, but whole operation is retransmitted, so being adjusted between interface board FPGA and encryption and decryption plate FPGA by GPIO signal
The value of whole waterline informs interface board FPGA selective intake message, interface when encryption and decryption plate FPGA processing queue reaches waterline
Plate FPGA guarantees only to abandon the message for having transmitted minimum data in those same connections by the statistical information in conversational list;
7) FPGA work meets 4Gbps processing capacity in 166MHz dominant frequency;
8) both can be by the heartbeat Synchronization Status Message at equipment rear portion, it can also be same by the HA interface of equipment front
Status information is walked, realizes two-node cluster hot backup.
Detailed description of the invention
The hardware structure diagram of Fig. 1 equipment of the method to realize the present invention.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is explained in further detail.It should be appreciated that specific embodiment described herein is used only for explaining the present invention, and
It is not used in the restriction present invention.On the contrary, the present invention cover it is any be defined by the claims do on the essence and scope of the present invention
Substitution, modification, equivalent method and scheme.Further, in order to make the public have a better understanding the present invention, below to this
It is detailed to describe some specific detail sections in the datail description of invention.It is thin without these for a person skilled in the art
The present invention can also be understood completely in the description of section part.
The present invention will be further explained below with reference to the attached drawings and specific examples, but not as a limitation of the invention.
Most preferred embodiment is enumerated below for of the invention:
As shown in Figure 1, the present invention provides a kind of high speed network storage encipher-decipher method, the method is based on hard in Fig. 1
Part structure, by carrying out the processing of exchange concurrent operations to status information, the linear speed disk command of FC encryption equipment is reflected in completion
It penetrates, then carries out independent burst processing with 64 burst assembly lines, data stream scheduling is carried out to densifying plate using interface FPGA, is being connect
The value for adjusting waterline between oralia FPGA and encryption and decryption plate FPGA by GPIO signal, uses QDR SRAM as level cache
The caching of second level intermodule is completed, DIMM DDR3 completes the caching between previous module as L2 cache, completes encryption and decryption mistake
Journey, which comprises
S1: input state information;
S2: the processing of exchange concurrent operations is carried out to status information in S1;
S3: data processing is carried out to information processed in S2;
S4: frame buffer and frame order-preserving are carried out to the information of data processing in S3, complete encryption and decryption, the S1 inputs information
Status information approach includes the heartbeat line locking by equipment rear portion and the HA interface synchronization by equipment front, and the S2 is specific
For in the encryption and decryption operation of an exchange, key is remained unchanged, LUN, LBA, ID and offset letter in data frame are recorded
Breath, the FCP_DATA of subsequent arrival are uniquely positioned according to ID, and the key of the LUN and LBA information for encryption and decryption guides, described
Exchange is specially to FCP-SCSI disk commands, and a disk command is mapped as an exchange, every time
Exchange is decomposed into multiple unidirectional sequence, and each sequence is decomposed into the frame of multiple FC-2, and the processing is concurrent
Exchange and sequence crossover operation when million grades of FC session is recorded by HASH chained list mode, and with secondary
Hash and dynamic, which update, solves HASH conflict, and the secondary hash is calculated by hash different twice the keyword of hash
Method is respectively compared positioning, and the dynamic update is to remove session node in time after an exchange, release money
Source, the S3 are specially that 64 burst assembly lines are taken inside FPGA, carry out independent burst processing according to the difference of task, and
Using procedure-node composite result, data stream scheduling is carried out to densifying plate using interface board FPGA, in interface board FPGA and plus solution
The value of waterline is adjusted between close plate FPGA by GPIO signal, the value of the adjustment waterline method particularly includes: work as encryption and decryption
When plate FPGA processing queue reaches waterline, inform that interface board FPGA selective intake message, interface board FPGA pass through in conversational list
Statistical information abandon the message that minimum data has been transmitted in same connection, the S4 is specially to use QDR SRAM as level-one
Caching completes the caching of second level intermodule, and the DIMM DDR3 used completes the caching between previous module as L2 cache, and
Token flag is stamped on each frame.
The specific encryption flow of the method for the invention is as follows:
During disk write, write order and write data be all inside equipment by interface board FPGA outer net receive after,
It is sent to encryption/decryption module, after encrypting to the data that needs encrypt, re-sends to interface board FPGA Intranet.Its corresponding meeting
Words are recorded in outer network interface plate.The process is broadly divided into following steps:
1) server sends FCP_CMMD write order frame.
2) after the interface module of interface board FPGA outer net receives FCP_CMMD write order frame, association is sent to by combiner
Discuss parsing module.
3) interface board FPGA outer net identifies that the frame is FCP_CMMD write order frame in protocol resolution module, and extracts in frame head
S_ID, D_ID, LUN and LBA information in OX_ID information, and FC frame payload.
4) interface board FPGA outer net searches corresponding Device_ID using D_ID in Disk Mapping table module.
5) interface board FPGA outer net is that keyword creates a session with { S_ID, D_ID, OX_ID } in conversational list module,
Record { LUN, LBA, Device_ID } information in a session simultaneously.
6) interface board FPGA outer net is given after uplink module encapsulates FCP_CMMD write order frame using customized PDU
XAUI transceiver module, is finally sent to encryption/decryption module.
7) the PDU message transmission is sent interface board FPGA Intranet by encryption/decryption module.
8) after the XAUI transceiver module of interface board FPGA Intranet receives the PDU message from encryption/decryption module, downlink mould is given
Block processing.
9) downstream module of interface board FPGA Intranet passes through combining after taking out FCP_CMMD write order frame in PDU message
Device is sent to interface module, is finally sent to disk array.
10) disk array replys FCP_XFER_RDY transmission preparation frame.
11) after the interface module of interface board FPGA Intranet receives FCP_XFER_RDY transmission preparation frame, pass through combiner
It is sent to protocol resolution module.
12) protocol resolution module of interface board FPGA Intranet identifies that the frame is that FCP_XFER_RDY transmission prepares frame, then
It is sent to uplink module.
13) FCP_XFER_RDY frame is packaged by the uplink module of interface board FPGA Intranet using customized PDU, is sent
To XAUI transceiver module, it is finally sent to encryption/decryption module.
14) the PDU message transmission is sent interface board FPGA outer net by encryption/decryption module.
15) after the XAUI transceiver module of interface board FPGA outer net receives the PDU message from encryption/decryption module, downlink mould is given
Block processing.
16) downstream module of interface board FPGA outer net is led to after taking out FCP_XFER_RDY transmission preparation frame in PDU message
It crosses combiner and is sent to interface module, be finally sent to server.
17) after server receives FCP_XFER_RDY transmission preparation frame, FCP_DATA write data frame is sent.
18) it after the interface module of interface board FPGA outer net receives FCP_DATA write data frame, is sent to by combiner
Protocol resolution module.
19) protocol resolution module of interface board FPGA outer net identifies that the frame is FCP_DATA write data frame, and extracts frame head
In S_ID, D_ID, OX_ID information.
20) interface board FPGA outer net is that keyword is searched with { S_ID, D_ID, OX_ID } in conversational list module, is searched
To after session, obtain session information { LUN, LBA, Device_ID }.
21) interface board FPGA outer net is split FCP_DATA write data frame by 512 bytes in uplink module, will be each
Segment is packaged using customized PDU, is sent to XAUI transceiver module, is finally sent to encryption/decryption module.
22) after encryption/decryption module encrypts the data in PDU message, it is sent to interface board FPGA Intranet.
23) after the XAUI transceiver module of interface board FPGA Intranet receives the PDU message from encryption/decryption module, downlink mould is given
Block processing.
24) downstream module of interface board FPGA Intranet takes out FCP_DATA write data frame from PDU message, if not most
The latter fragment will no longer carry out the processing of follow-up process after the fragment cache memory.
25) downstream module of interface board FPGA Intranet receives all FCP_DATA fragment assemblies after the last one fragment
For a complete FCP_DATA write data frame, interface module is then sent to by combiner, is finally sent to disk array.
26) step 17-25 repeatedly, handles multiple FCP_DATA write data frames.
27) disk array sends FCP_RSP write response frame.
28) after the interface module of interface board FPGA Intranet receives FCP_RSP write response frame, association is sent to by combiner
Discuss parsing module.
29) protocol resolution module of interface board FPGA Intranet identifies that the frame is FCP_RSP write response frame, and extracts in frame head
S_ID, D_ID, OX_ID information.
30) interface board FPGA Intranet is that keyword carries out closing connection with { S_ID, D_ID, OX_ID } in conversational list module
Operation.
31) FCP_RSP write response frame is packaged by the uplink module of interface board FPGA Intranet using customized PDU, hair
It is sent to XAUI transceiver module, is finally sent to encryption/decryption module.
32) the PDU message transmission is sent interface board FPGA outer net by encryption/decryption module.
33) after the XAUI transceiver module of interface board FPGA outer net receives the PDU message from encryption/decryption module, downlink mould is given
Block processing.
34) downstream module of interface board FPGA outer net passes through combining after taking out FCP_RSP write response frame in PDU message
Device is sent to interface module, is finally sent to server.
35) server completes a write operation.
Wherein the algorithm types of encryption method include that symmetric block ciphers algorithm, asymmetric cryptographic algorithm and cryptographic Hash are calculated
Method, random number used in crypto-operation are generated using the physical noise source in safety chip.Wherein:
1) asymmetric cryptographic algorithm ratifies the SM2 algorithm used using close office, state, using the safe core of macro think of being formed
Piece HS32U2-K(SSX0912-B) it is strong existing.
2) cryptographic Hash algorithm ratifies the SM3 algorithm used using close office, state.Using the macro think of safety chip being formed
HS32U2-K(SSX0912-B soft realization).
3) symmetric block ciphers algorithm ratifies the SM4 algorithm used using close office, state.Using the macro think of safety chip of sizing
HS32U2-K(SSX0912-B soft realization (being used for key management) and the soft realization of interface board FPGA) (adds solution for business
It is close).
4) the macro think of WNG serial physical noise source WNG9 that random number uses close office, state to be formed, fully ensures that generation
Random number has good randomness.
The cryptographic algorithm that network storage encryption equipment uses is provided with the integrality to cryptographic algorithm, module of software and hardware, just
True property such as examines at the security mechanisms, so that it is guaranteed that cryptographic algorithm is in always in correct, safe working condition.
All keys used of network storage encryption equipment, certification when random parameter by safety chip physical noise source
It generates.
Above-mentioned encryption method is mainly used for business datum encryption and decryption, abstract, digital signature authentication, authentication, storage guarantor
The functions such as shield encryption and key distribution encryption.Wherein business datum encryption function has used SM4 algorithm, and block length is
128bit, key length 128bit;Digital signature authentication and identity authentication function use SM2, SM3 algorithm to realize jointly, public/
Private key length is 512/256 bit.Storage protection encryption function is using the realization of SM4 algorithm, grouping algorithm key length 128bit.
Key distributes Encryption Algorithm and uses SM2, SM3, and SM4 algorithm is completed jointly, and public/private key pair length is 512/256 bit, grouping algorithm
128 bit of key length.
Wherein, business datum Encryption Algorithm is realized using SM4 algorithm by grouping ecb mode.
Storage protection Encryption Algorithm is realized using SM4 algorithm by grouping ecb mode.
Key distribution Encryption Algorithm is realized using SM2, SM3 and SM4 algorithm by digital envelope mode.
Authentication Encryption Algorithm is realized using SM2 and SM3 algorithm.
Concrete configuration of the cryptographic algorithm in network storage encryption equipment, effect and management are as follows:
Embodiment described above, only one kind of the present invention more preferably specific embodiment, those skilled in the art
The usual variations and alternatives that member carries out within the scope of technical solution of the present invention should be all included within the scope of the present invention.
Claims (8)
1. a kind of high speed network stores encipher-decipher method, which is characterized in that the method is by carrying out status information
The processing of exchange concurrent operations is completed to map the linear speed disk command of FC encryption equipment, then is carried out with 64 burst assembly lines
Independent burst processing carries out data stream scheduling to encryption and decryption plate using interface board FPGA, in interface board FPGA and encryption and decryption plate
The value for adjusting waterline between FPGA by GPIO signal uses QDR SRAM to complete the slow of second level intermodule as level cache
It deposits, DIMM DDR3 completes the caching between previous module as L2 cache, completes encryption process, the exchange tool
Body is to FCP-SCSI disk commands, and a disk command is mapped as an exchange, and each exchange is decomposed into
Multiple unidirectional sequence, each sequence are decomposed into the frame of multiple FC-2.
2. encipher-decipher method according to claim 1, which is characterized in that the described method includes:
S1: input state information;
S2: the processing of exchange concurrent operations is carried out to status information in S1;
S3: data processing is carried out to information processed in S2;
S4: frame buffer and frame order-preserving are carried out to the information of data processing in S3, complete encryption and decryption.
3. encipher-decipher method according to claim 2, which is characterized in that the S2 is specially to solve adding for an exchange
In close operation, key is remained unchanged, and records LUN, LBA, ID and offset information in data frame, the FCP_DATA of subsequent arrival
It is uniquely positioned according to ID, the key of the LUN and LBA information for encryption and decryption guides.
4. encipher-decipher method according to claim 2, which is characterized in that handled in the S2 concurrent exchange and
Million grades of FC session is recorded by HASH chained list mode when sequence crossover operation, and more with secondary hash and dynamic
New to solve HASH conflict, the secondary hash is to the keyword of hash by hash algorithms different twice, and it is fixed to be respectively compared
Position, the dynamic update is to remove session node in time after an exchange, discharges resource.
5. encipher-decipher method according to claim 2, which is characterized in that the S3 is specially to take 64 inside FPGA
Happen suddenly assembly line, carries out independent burst processing according to the difference of task, and use procedure-node composite result, uses interface board
FPGA carries out data stream scheduling to encryption and decryption plate, is adjusted between interface board FPGA and encryption and decryption plate FPGA by GPIO signal
The value of waterline.
6. encipher-decipher method according to claim 5, which is characterized in that the value of the adjustment waterline method particularly includes:
When encryption and decryption plate FPGA processing queue reaches waterline, inform that interface board FPGA selective intake message, interface board FPGA pass through
Statistical information in conversational list abandons the message that minimum data has been transmitted in same connection.
7. encipher-decipher method according to claim 2, which is characterized in that the S4 is specially to use QDR SRAM as one
Grade caching completes the caching of second level intermodule, and the DIMM DDR3 used completes the caching between previous module as L2 cache,
And token flag is stamped on each frame.
8. encipher-decipher method according to claim 2, which is characterized in that the S1 inputs information status information method and includes
Heartbeat line locking by equipment rear portion and the HA interface synchronization by equipment front.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610666423.6A CN106254061B (en) | 2016-08-14 | 2016-08-14 | A kind of high speed network storage encipher-decipher method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201610666423.6A CN106254061B (en) | 2016-08-14 | 2016-08-14 | A kind of high speed network storage encipher-decipher method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN106254061A CN106254061A (en) | 2016-12-21 |
| CN106254061B true CN106254061B (en) | 2019-08-23 |
Family
ID=57592930
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201610666423.6A Active CN106254061B (en) | 2016-08-14 | 2016-08-14 | A kind of high speed network storage encipher-decipher method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106254061B (en) |
Families Citing this family (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2019041272A1 (en) * | 2017-08-31 | 2019-03-07 | 华为技术有限公司 | Method and device for encrypting and decrypting computer memory data |
| CN109286501B (en) * | 2018-11-13 | 2021-07-13 | 北京深思数盾科技股份有限公司 | Authentication method for encryption device and encryption device |
| CN109474429B (en) * | 2018-12-24 | 2022-02-15 | 无锡市同威科技有限公司 | Key configuration strategy method facing FC storage encryption gateway |
| CN112910891B (en) * | 2021-01-29 | 2021-12-14 | 南京十方网络科技有限公司 | Network security interconnection system based on FPGA high-speed encryption and decryption |
| CN113220231B (en) * | 2021-05-11 | 2022-07-22 | 无锡众星微系统技术有限公司 | Adaptive flow control method and device supporting STP application |
| CN117560226B (en) * | 2024-01-09 | 2024-03-19 | 上海芯联芯智能科技有限公司 | Method and device for data transmission through VPN |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1910571A (en) * | 2003-07-25 | 2007-02-07 | 国际商业机器公司 | A single chip protocol converter |
| CN101854353A (en) * | 2010-04-28 | 2010-10-06 | 国网电力科学研究院 | Multi-chip parallel encryption method based on FPGA |
| CN103152165A (en) * | 2013-01-25 | 2013-06-12 | 西安电子科技大学 | Field programmable gate array (FPGA)-based superfast auxiliary encoder system (AES) processor and implementing method thereof |
| CN204028891U (en) * | 2014-07-31 | 2014-12-17 | 深圳市惠立智能电力科技有限公司 | A kind of dsp chip reads the circuit of two panels A/D chip data continuously |
| CN104852798A (en) * | 2015-05-11 | 2015-08-19 | 清华大学深圳研究生院 | Data encryption and decryption system and method thereof |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR100675837B1 (en) * | 2004-12-13 | 2007-01-29 | 한국전자통신연구원 | Fast-GCM-AES block encoding apparatus and method |
-
2016
- 2016-08-14 CN CN201610666423.6A patent/CN106254061B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1910571A (en) * | 2003-07-25 | 2007-02-07 | 国际商业机器公司 | A single chip protocol converter |
| CN101854353A (en) * | 2010-04-28 | 2010-10-06 | 国网电力科学研究院 | Multi-chip parallel encryption method based on FPGA |
| CN103152165A (en) * | 2013-01-25 | 2013-06-12 | 西安电子科技大学 | Field programmable gate array (FPGA)-based superfast auxiliary encoder system (AES) processor and implementing method thereof |
| CN204028891U (en) * | 2014-07-31 | 2014-12-17 | 深圳市惠立智能电力科技有限公司 | A kind of dsp chip reads the circuit of two panels A/D chip data continuously |
| CN104852798A (en) * | 2015-05-11 | 2015-08-19 | 清华大学深圳研究生院 | Data encryption and decryption system and method thereof |
Also Published As
| Publication number | Publication date |
|---|---|
| CN106254061A (en) | 2016-12-21 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN106254061B (en) | A kind of high speed network storage encipher-decipher method | |
| US8526615B2 (en) | Storage system executing encryption and decryption processing | |
| US8989388B2 (en) | Distribution of storage area network encryption keys across data centers | |
| US8855318B1 (en) | Master key generation and distribution for storage area network devices | |
| US7869597B2 (en) | Method and system for secure packet communication | |
| US8218770B2 (en) | Method and apparatus for secure key management and protection | |
| US7290134B2 (en) | Encapsulation mechanism for packet processing | |
| CN109388960A (en) | Information sharing and multi-party computations model based on block chain | |
| CN106130721B (en) | A kind of high speed network storage encryption equipment | |
| CN106330868A (en) | Encrypted storage key management system and method of high-speed network | |
| US8842675B2 (en) | Systems and methods for multicore processing of data with in-sequence delivery | |
| CN107171811B (en) | Lightweight RFID security authentication method based on Present algorithm | |
| US20210243172A1 (en) | Methods to strengthen cyber-security and privacy in a deterministic internet of things | |
| US9071589B1 (en) | Encryption key management for storage area network devices | |
| JP6529694B2 (en) | Transfer device and communication network | |
| Puthal et al. | A synchronized shared key generation method for maintaining end-to-end security of big data streams | |
| Haase et al. | Secure communication protocol for network-on-chip with authenticated encryption and recovery mechanism | |
| CN116208330A (en) | Industrial Internet cloud-edge cooperative data secure transmission method and system based on quantum encryption | |
| CN109495253A (en) | A method of privacy of user protection is realized in heart network in the information | |
| Li et al. | A novel data deduplication scheme for encrypted cloud databases | |
| US20210126906A1 (en) | Communication device, server device, concealed communication system, methods for the same, and program | |
| CN110233829A (en) | Confidential information system and communication means based on distributed storage | |
| Tripathi et al. | The hybrid cryptography for enhancing the data security in fog computing | |
| JP3615281B2 (en) | Encryption key / decryption key generation method | |
| US11886463B2 (en) | Distributed ledger object router using nested time signals |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right | ||
| PE01 | Entry into force of the registration of the contract for pledge of patent right |
Denomination of invention: A high speed network storage encryption and decryption method Effective date of registration: 20210312 Granted publication date: 20190823 Pledgee: Beijing Yanhong Financing Guarantee Co.,Ltd. Pledgor: BEIJING SHUDUN INFORMATION TECHNOLOGY Co.,Ltd. Registration number: Y2021990000232 |
|
| PC01 | Cancellation of the registration of the contract for pledge of patent right | ||
| PC01 | Cancellation of the registration of the contract for pledge of patent right |
Date of cancellation: 20220325 Granted publication date: 20190823 Pledgee: Beijing Yanhong Financing Guarantee Co.,Ltd. Pledgor: BEIJING SHUDUN INFORMATION TECHNOLOGY CO.,LTD. Registration number: Y2021990000232 |
|
| CP02 | Change in the address of a patent holder | ||
| CP02 | Change in the address of a patent holder |
Address after: 100000 901, Floor 9, Building 7, Yard 8, Auto Museum East Road, Fengtai District, Beijing Patentee after: BEIJING SHUDUN INFORMATION TECHNOLOGY CO.,LTD. Address before: Room 101-502, 5 / F, building 10, courtyard 3, fengxiu Middle Road, Haidian District, Beijing 100083 Patentee before: BEIJING SHUDUN INFORMATION TECHNOLOGY CO.,LTD. |