CN106998249B - Reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithm - Google Patents

Reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithm Download PDF

Info

Publication number
CN106998249B
CN106998249B CN201710316518.XA CN201710316518A CN106998249B CN 106998249 B CN106998249 B CN 106998249B CN 201710316518 A CN201710316518 A CN 201710316518A CN 106998249 B CN106998249 B CN 106998249B
Authority
CN
China
Prior art keywords
constant
matrix
box
unit
camellia
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201710316518.XA
Other languages
Chinese (zh)
Other versions
CN106998249A (en
Inventor
郑辛星
张肖强
邢博昱
王倩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhu Institute of Technology
Original Assignee
Wuhu Institute of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhu Institute of Technology filed Critical Wuhu Institute of Technology
Priority to CN201710316518.XA priority Critical patent/CN106998249B/en
Publication of CN106998249A publication Critical patent/CN106998249A/en
Application granted granted Critical
Publication of CN106998249B publication Critical patent/CN106998249B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Logic Circuits (AREA)

Abstract

The invention provides a reconfigurable S-box circuit structure applied to SM4 cryptographic algorithm and Camellia cryptographic algorithm, comprising: the complex matrix multiplication unit 1, the complex matrix multiplication unit 2, the constant adding unit 1, the constant adding unit 2, the constant adding unit 3, the constant adding unit 4, the complex domain multiplication inverse unit, the selector 1, the selector 2, the byte data input port, the byte data output port and the control signal input port, wherein the selector 1 and the selector 2 are both one-out-of-two selectors. The invention realizes the reconfigurable functions of SM4S box operation and Camellia S box operation by multiplexing the complex domain multiplication inverse unit mode, and the multiplexing of the complex domain multiplication inverse can greatly reduce the circuit area, and meanwhile, the composite matrix structure is beneficial to the improvement of the circuit optimization efficiency, thereby further reducing the circuit area.

Description

Reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithm
Technical Field
The invention relates to the technical field of cryptographic circuits, in particular to a reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithms.
Background
SM4 cryptographic algorithm and Camellia cryptographic algorithm
The SM4 cipher algorithm is the first commercial block cipher algorithm published by the national commercial cipher management office in 2006, and has a block length and a key length of 128 bits. The Camellia algorithm is designed by the Japanese telegraph telephone company and Mitsubishi company in 2000 together, the data packet length of the Camellia algorithm is 128 bits, and the key length is three of 128 bits, 192 bits and 256 bits. Camellia has been selected by many organizations as standard algorithms, including the NESSIE standard in Europe, the CRYPTREC standard in Japan, and the ISO/IEC 18033-3 standard established by the International organization for standardization and the International electrotechnical Commission.
The diversity of block cipher standards presents a significant challenge to the implementation of a cipher system, often requiring different algorithms to be integrated into one hardware platform in order to meet the application requirements of different regions and different industries.
SM4S box operation and Camellia S box operation
Of the SM4 cryptographic algorithm and the Camellia cryptographic algorithm, the byte substitution operation (commonly referred to as S-box operation) is the only nonlinear operation, with the highest computational complexity. Therefore, in both the SM4 cryptographic algorithm circuit and the Camellia cryptographic algorithm circuit, the S-box computing circuit is the most dominant computing component, and most of logic resources are respectively occupied in the two cryptographic algorithm circuits.
2.1 SM4S Box operation
In the SM4 cryptographic algorithm, the encryption process and the decryption process use the same S-box operation. The SM4S box first performs an affine operation on the input byte and then performs a GF (2 8 ) And performing domain multiplication inverse operation, and finally performing affine operation again, wherein the expression formula is as follows:
wherein (M) s ×x+c s ) S -1 GF (2) specified for SM4 cryptographic algorithm 8 ) Multiplication inverse operation on domain, M S Is an 8 x 8bit constant matrix, c S Is an 8bit constant vector, M S And c S For completing affine operations.
GF (2) specified in SM4 cryptographic algorithm 8 ) The irreducible polynomial of the domain is:
f(x)=x 8 +x 7 +x 6 +x 5 +x 4 +x 2 +1
constant matrix M S Sum constant vector c S The method comprises the following steps of:
2.2Camellia S-Box operation
The encryption process of the Camellia cryptographic algorithm adopts 4 different S-box operations, namely:
where x is the input byte, (M) Cf ×(x+c Cf )) C -1 Is of the finite field GF ((2) 4 ) 2 ) Multiplication inverse operation, M Cf And M Ch Is an 8 x 8bit constant matrix, c Cf And c Ch Is an 8bit constant vector, M Cf And c Cf For completing affine operations f, M Ch And c Ch For the completion of the affine operation h,<<<1 is a circular left-shift one-bit operation,>>>1 is a circular right shift one-bit operation.
As can be seen from the formula (2), S box S C1 Left shift by one bit of the output cycle of (a) constitutes an S box S C2 S box S C1 Right shift by one bit of the output cycle of (a) constitutes an S box S C3 S box S C1 Shifting one bit left in the input cycle constitutes an S-box S C4 . Since the loop left shift and loop right shift do not require any circuit logic in the hardware circuit implementation, only the bus order needs to be exchanged, and therefore, only S needs to be implemented in the hardware implementation C1 The circuit is only needed. S box S C1 An affine operation (affine operation f) is first performed on the input byte, and then a GF ((2) 4 ) 2 ) The domain multiplication is inverted, and finally an affine operation (affine operation h) is performed. GF ((2) specified in Camellia cryptographic algorithm 4 ) 2 ) The irreducible polynomial of the domain is
Wherein ω= {1001} 2 Constant matrix M Cf Sum constant matrix M Ch The method comprises the following steps of:
constant vector c Cf Sum constant vector c Ch The method comprises the following steps of:
the decryption operation of the Camellia cryptographic algorithm uses the same 4S-box operations as the encryption operation.
Isomorphic mapping of SM4S and Camellia S box operations
3.1 composite Domain mapping of the S box
The SM4S box operation expression based on the composite domain is as follows:
wherein (D) S ×(M S ×x+c S )) M -1 The multiplication inverse operation on the target compound domain is that the target compound domain is arbitrary AND GF (2 8 ) Domain isomorphic composite domain, D S Mapping matrix for 8 x 8 bits, which functions to specify input byte x from SM4 to GF (2 8 ) Domain mapping onto target composite Domain, D' A For D A An inverse matrix, which functions to map the result of the operation from the target complex domain back to SM 4-specified GF (2 8 ) Domain. In formula (3), M S And D' S Are all 8 x 8bit matrices and can therefore be combined into one 8 x 8bit matrix. Likewise, D S And M S Or combining into an 8×8bit matrix, and the SM4S box operation expression after combining is:
wherein the constant matrix Q S =M S ×D' S Constant matrix R S =D S ×M S Constant vector d S =D S ×c S
3.2 isomorphic mapping of the Camellia S Box
To multiplex the finite field multiplication inverse operation unit with the SM4S box, the finite field multiplication inverse (M Cf ×(x+c Cf )) C -1 Mapping onto the target composite domain is also required. The operational expression of the Camellia S box after mapping is:
wherein (D) C ×(M Cf ×x+c Cf )) M -1 For the multiplication inverse operation on the target complex domain, D C To map matrix D' C Is an inverse mapping matrix. Similarly, the correlation matrix in the formula (5) is combined, and the operational expression of the Camellia S box after the combination is as follows:
wherein the constant matrix Q Ch =M Ch ×D' C Constant matrix Q Cf =D C ×M Cf Constant vector d Cf =D C ×c Cf
In the prior art, when the SM4 cryptographic algorithm and the Camellia cryptographic algorithm are shared in one electronic device, the S-box operation in the SM4 cryptographic algorithm and the S-box operation in the Camellia cryptographic algorithm are respectively realized through two different circuits, so that the circuit area of the whole cryptographic algorithm is larger, the volume of the device applying the encryption method is larger, and the requirements of people on light, thin, short and small electronic devices are not met.
Disclosure of Invention
The invention provides a reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithms, which is used for reducing the total circuit area when the SM4 cryptographic algorithm and the Camellia cryptographic algorithm are shared in the same electronic device.
In order to solve the above problems, the present invention provides a reconfigurable S-box circuit structure applied to an SM4 cryptographic algorithm and a Camellia cryptographic algorithm, comprising: composite matrix multiplication unit 1, composite matrix multiplication unit 2, constant addition unit 1, constant addition unit 2, constant addition unit 3, constant addition unit 4, composite domainThe digital multiplication device comprises a multiplication inverse unit, a selector 1, a selector 2, a byte data input port, a byte data output port and a control signal input port, wherein the selector 1 and the selector 2 are both one-out-of-two selectors; the input end of the synthesis matrix multiplication unit 1 is connected with a byte data input port; the output P of the synthesis matrix multiplication unit 1 S Output end P C The constant adding units are respectively connected with the input end of the constant adding unit 1 and the input end of the constant adding unit 2 in a one-to-one correspondence manner; the output end of the constant adding unit 1 and the output end of the constant adding unit 2 are connected with the input end of the selector 1; the output end of the selector 1 is connected with the input end of the complex domain multiplication inverse unit; the output end of the composite domain multiplication inverse unit is connected with the input end of the synthesis matrix multiplication unit 2; the output end P of the synthesis matrix multiplication unit 2 S Output end P C The constant adding units are respectively connected with the input end of the constant adding unit 3 and the input end of the constant adding unit 4 in a one-to-one correspondence manner; the output end of the constant adding unit 3 and the output end of the constant adding unit 4 are connected with the input end of the selector 2; the output end of the selector 2 is connected with a byte count output port; the selection ends of the selector 1 and the selector 2 are connected with a control signal input port; the reconfigurable S-box circuit structure applied to the SM4 cryptographic algorithm and the Camellia cryptographic algorithm has two working modes: SM4S box operation mode and Camellia S box operation mode; under the control of the selection signal, the selector 1 and the selector 2 respectively select different signal channels, so as to realize different working modes: in the SM4S box working mode, the selector 1 outputs the operation result of the constant adding unit 1, and the selector 2 outputs the operation result of the constant adding unit 3; in the Camellia S box working mode, the selector 1 outputs the operation result of the constant adding unit 2, and the selector 2 outputs the operation result of the constant adding unit 4; the selection signal is input from the control signal input port.
Preferably, the composite matrix multiplication unit 1 implements a composite matrix multiplication operation Φ×; the synthesis matrix phi is formed by a constant matrix R in an SM4S box S And a constant matrix Q in the Camellia S box Cf Is combined into a whole; the output P of the synthesis matrix multiplication unit 1 S Output endP C One-to-one output constant matrix multiplication R S X operation result, constant matrix multiplication Q Cf X calculation results; the synthesis matrix multiplication unit 2 realizes synthesis matrix multiplication operation ψ×; the synthesis matrix ψ consists of a constant matrix Q in an SM4S box S And a constant matrix Q in the Camellia S box Ch Is combined into a whole; the output P of the synthesis matrix multiplication unit 2 S Output end P C One-to-one output constant matrix multiplication Q S X, constant matrix multiplication Q Ch X calculation results; the constant adding unit 1 realizes adding a constant d in the SM4S box S Calculating; the constant adding unit 2 realizes adding a constant d in the Camellia S box Cf Calculating; the constant adding unit 3 realizes adding a constant c in the SM4S box S Calculating; the constant adding unit 4 realizes adding a constant c in the Camellia S box Ch Calculating; the complex domain multiplication inverse unit realizes multiplication inverse operation of the input bytes on the complex domain.
Preferably, said constant d S Is a constant matrix D S And constant c S Is a product of (2); said constant d Cf Is a constant matrix D C And constant c Cf Is a product of (2); said constant c S Constant vectors in affine operations specified in SM4 cryptographic algorithms; said constant c Cf Constant vectors in affine operation f specified in the Camellia cryptographic algorithm; said constant c Ch Constant vectors in affine operation h specified in the Camellia cryptographic algorithm; the constant matrix R S Is a constant matrix D S And constant matrix M S Is a product of (2); the constant matrix Q S Is a constant matrix M S And a constant matrix D' S Is a product of (2); the constant matrix Q Cf Is a constant matrix D C And constant matrix M Cf Is a product of (2); the constant matrix Q Ch Is a constant matrix M C h and a constant matrix D' C Is a product of (2); the constant matrix D S To map the matrix, it acts to map GF (2 8 ) Elements on the domain map onto the target composite domain; the constant matrix D' S For mapping momentAn array whose function is to map elements on the target complex domain to GF (2) specified in the SM4 cryptographic algorithm 8 ) Domain-wise; the constant matrix D C To map the matrix, the effect is to map GF ((2) specified in the Camellia cryptographic algorithm 4 ) 2 ) Elements on the domain map onto the target composite domain; the constant matrix D' C To map the matrix, the effect is to map the elements on the target complex domain to GF ((2) specified in the Camellia cryptographic algorithm 4 ) 2 ) Domain-wise; the constant matrix M S A constant matrix in affine operation specified in SM4 cryptographic algorithm; the constant matrix M Cf A constant matrix in affine operation f specified in the Camellia cryptographic algorithm; the constant matrix M Ch A constant matrix in affine operation h specified in the Camellia cryptographic algorithm; the composite domain is random and GF (2) 8 ) Domain isomorphic composite domains.
The reconfigurable S-box circuit structure applied to the SM4 cryptographic algorithm and the Camellia cryptographic algorithm realizes finite field multiplication inversion based on the compound field, and realizes the reconfigurable functions of SM 4S-box operation and Camellia S-box operation in one electronic device in a multiplexing finite field multiplication inversion unit mode, so that the total circuit area for realizing the cryptographic algorithm can be greatly reduced, and meanwhile, the composite matrix structure in the reconfigurable S-box is beneficial to improving the circuit optimization efficiency, thereby further reducing the circuit area.
Drawings
FIG. 1 is a schematic diagram of a reconfigurable S-box circuit architecture for an SM4 cryptographic algorithm and a Camellia cryptographic algorithm in accordance with an embodiment of the present invention;
FIG. 2 is a schematic diagram of a reconfigurable S-box circuit architecture for an SM4 cryptographic algorithm and a Camellia cryptographic algorithm in accordance with an embodiment of the present invention in an SM 4S-box mode of operation;
fig. 3 is a schematic diagram of a reconfigurable S-box circuit architecture for use in SM4 cryptographic algorithms and Camellia cryptographic algorithms in accordance with a specific embodiment of the present invention in a Camellia S-box mode of operation.
Detailed Description
The following describes in detail the embodiments of the reconfigurable S-box circuit structure applied to the SM4 cryptographic algorithm and the Camellia cryptographic algorithm provided in the present invention with reference to the accompanying drawings.
The embodiment provides a reconfigurable S-box circuit structure applied to an SM4 cryptographic algorithm and a Camellia cryptographic algorithm, and fig. 1 is a schematic diagram of the reconfigurable S-box circuit structure applied to the SM4 cryptographic algorithm and the Camellia cryptographic algorithm in the embodiment of the invention.
As shown in fig. 1, the reconfigurable S-box circuit structure applied to the SM4 cryptographic algorithm and the Camellia cryptographic algorithm according to this embodiment includes: the system comprises a synthesis matrix multiplication unit 1, a synthesis matrix multiplication unit 2, a constant adding unit 1, a constant adding unit 2, a constant adding unit 3, a constant adding unit 4, a complex domain multiplication inverse unit, a selector 1, a selector 2, a byte data input port, a byte data output port and a control signal input port, wherein the selector 1 and the selector 2 are both one-out-of-two selectors.
The input end of the synthesis matrix multiplication unit 1 is connected with a byte data input port; the output P of the synthesis matrix multiplication unit 1 S Output end P C The constant adding units are respectively connected with the input end of the constant adding unit 1 and the input end of the constant adding unit 2 in a one-to-one correspondence manner; the output end of the constant adding unit 1 and the output end of the constant adding unit 2 are connected with the input end of the selector 1; the output end of the selector 1 is connected with the input end of the complex domain multiplication inverse unit; the output end of the composite domain multiplication inverse unit is connected with the input end of the synthesis matrix multiplication unit 2; the output end P of the synthesis matrix multiplication unit 2 S Output end P C The constant adding units are respectively connected with the input end of the constant adding unit 3 and the input end of the constant adding unit 4 in a one-to-one correspondence manner; the output end of the constant adding unit 3 and the output end of the constant adding unit 4 are connected with the input end of the selector 2; the output end of the selector 2 is connected with a byte count output port; the selection terminals of the selector 1 and the selector 2 are connected with a control signal input port.
The synthesis matrix multiplication unit 1 realizes synthesis matrix multiplication operation phi x; the synthesis matrix phi is formed by a constant matrix R in an SM4S box S And a constant matrix Q in the Camellia S box Cf Assembled into, i.e
The output P of the synthesis matrix multiplication unit 1 S Output end P C One-to-one output constant matrix multiplication R S X operation result, constant matrix multiplication Q Cf X arithmetic result.
The synthesis matrix multiplication unit 2 realizes synthesis matrix multiplication operation ψ×; the synthesis matrix ψ consists of a constant matrix Q in an SM4S box S And a constant matrix Q in the Camellia S box Ch Assembled into, i.e
The output P of the synthesis matrix multiplication unit 2 S Output end P C One-to-one output constant matrix multiplication Q S X, constant matrix multiplication Q Ch X arithmetic result.
The constant adding unit 1 realizes adding a constant d in the SM4S box S Calculating; the constant adding unit 2 realizes adding a constant d in the Camellia S box Cf Calculating; the constant adding unit 3 realizes adding a constant c in the SM4S box S Calculating; the constant adding unit 4 realizes adding a constant c in the Camellia S box Ch Calculating; the complex domain multiplication inverse unit realizes multiplication inverse operation of the input bytes on the complex domain.
The reconfigurable S-box circuit structure applied to the SM4 cryptographic algorithm and the Camellia cryptographic algorithm has two working modes: SM4S box operation mode and Camellia S box operation mode; under the control of the selection signal, the selector 1 and the selector 2 respectively select different signal channels, thereby realizing different operation modes.
The SM4S box operation and the Camellia S box operation are both composed of finite field multiplication inverse operation and affine operation, but the SM4S box operation and the Camellia S box operation areThe Camellia S box operation is defined on different finite fields. Finite field GF (2 8 ) Domain and finite domain GF ((2) 4 ) 2 ) The domains are isomorphic domains, and both domains can be mapped to the same finite domain by isomorphic mapping. Therefore, when the SM4 cryptographic algorithm and the Camellia cryptographic algorithm are implemented on the same hardware platform, the finite field multiplication inverse can be multiplexed in a multiplexing mode of the operation unit, so that the circuit area can be greatly reduced.
Due to the basis of the composite field GF ((2) 4 ) 2 ) The domain or based on a composite domain GF (((2) 2 ) 2 ) 2 ) The hardware complexity of the domain's finite field multiplication inverse is much less than that based on GF (2 8 ) The invention further maps the finite field multiplication inverse operation in the SM4S box and the finite field multiplication inverse operation in the Camellia S box to the same compound domain for realization, and reduces the circuit area realized by the cryptographic algorithm by multiplexing the finite field multiplication inverse mode.
SM4S box mode of operation
Fig. 2 is a schematic diagram of a reconfigurable S-box circuit architecture applied to an SM4 cryptographic algorithm and a Camellia cryptographic algorithm in accordance with an embodiment of the present invention in an SM 4S-box mode of operation. In the SM4S box working mode, the reconfigurable S box inputs a byte vector x, and the input byte vector x firstly enters the synthesis matrix multiplication unit 1 to carry out synthesis matrix multiplication operation, namely
Calculation result R S X output port P of the synthesis matrix multiplication unit 1 S Output, operation result Q Cf X output port P of the synthesis matrix multiplication unit 1 C And outputting. P (P) S Operation result R on port S X is further input into the constant adding unit 1 to add the constant d S Calculating, wherein the calculation result is R S ×x+d S 。P C Results of operations on ports Q Cf X is further input into a constant adding unit 2 to add a constant d Cf Calculation ofThe operation result is Q Cf ×x+d Cf
The selector 1 selects the operation result R of the constant adding unit 1 under the control of the selection signal S ×x+d S Output to the complex domain multiplication inverse unit, and output the operation result after passing through the complex domain multiplication inverse unitThe operation result is further input into the synthesis matrix multiplication unit 2 for synthesis matrix multiplication, i.e
Calculation resultFrom the output port P of the synthesis matrix multiplication unit 2 S Output, arithmetic result->From the output port P of the synthesis matrix multiplication unit 2 C And outputting. P (P) S Results of operations on portsFurther enter a constant adding unit 3 to add a constant c S Calculating, wherein the calculation result isP C Result of operation on port->Further enter a constant adding unit 4 to add a constant c Ch Calculation, the calculation result is->
The selector 2 controls P under the control of the selection signal S Results of operations on portsOutput from the byte data output port. As can be seen from comparison of equation (4), the operation result is SM4S box operation result S S (x) A. The invention relates to a method for producing a fibre-reinforced plastic composite The selection signals of the selector 1 and the selector 2 are input from the control signal input port.
Camellia S box operation mode
Fig. 3 is a schematic diagram of a reconfigurable S-box circuit architecture for use in SM4 cryptographic algorithms and Camellia cryptographic algorithms in accordance with a specific embodiment of the present invention in a Camellia S-box mode of operation. In the working mode of the Camellia S box, the reconfigurable S box inputs a byte vector x, and the input byte vector x firstly enters the synthesis matrix multiplication unit 1 to carry out synthesis matrix multiplication operation, namely
Calculation result R S X output port P of the synthesis matrix multiplication unit 1 S Output, operation result Q Cf X output port P of the synthesis matrix multiplication unit 1 C And outputting. P (P) S Operation result R on port S X is further input into the constant adding unit 1 to add the constant d S Calculating, wherein the calculation result is R S ×x+d S 。P C Results of operations on ports Q Cf X is further input into a constant adding unit 2 to add a constant d Cf Calculating, wherein the calculation result is Q Cf ×x+d Cf
The selector 1 selects the operation result Q of the constant adding unit 2 under the control of the selection signal Cf ×x+d Cf Output to the complex domain multiplication inverse unit, and output the operation result after passing through the complex domain multiplication inverse unitThe operation result is further input into the synthesis matrix multiplication unit 2 for synthesis matrix multiplication, i.e
Calculation resultFrom the output port P of the synthesis matrix multiplication unit 2 S Output, arithmetic result->From the output port P of the synthesis matrix multiplication unit 2 C And outputting. P (P) S Result of operation on port->Further enter a constant adding unit 3 to add a constant c S Calculating, wherein the calculation result isP C Result of operation on port->Further enter a constant adding unit 4 to add a constant c Ch Calculation, the calculation result is->
The selector 2 controls P under the control of the selection signal S Results of operations on portsOutput from the byte data output port. As can be seen from the comparison of the formula (6), the result is the operation result S of the Camellia S box C1 (x) A. The invention relates to a method for producing a fibre-reinforced plastic composite The selection signals of the selector 1 and the selector 2 are input from the control signal input port.
The reconfigurable S-box circuit structure applied to the SM4 cryptographic algorithm and the Camellia cryptographic algorithm provided by the specific embodiment realizes finite field multiplication inversion based on the compound field, and realizes the reconfigurable functions of SM 4S-box operation and Camellia S-box operation in one electronic device in a multiplexing finite field multiplication inversion unit mode, so that the total circuit area for realizing the cryptographic algorithm can be greatly reduced, and meanwhile, the composite matrix structure in the reconfigurable S-box is beneficial to improving the circuit optimization efficiency, so that the circuit area is further reduced.
The foregoing is merely a preferred embodiment of the present invention and it should be noted that modifications and adaptations to those skilled in the art may be made without departing from the principles of the present invention, which are intended to be comprehended within the scope of the present invention.

Claims (2)

1. A reconfigurable S-box circuit architecture for use in SM4 cryptographic algorithms and Camellia cryptographic algorithms, comprising: the system comprises a synthesis matrix multiplication unit 1, a synthesis matrix multiplication unit 2, a constant adding unit 1, a constant adding unit 2, a constant adding unit 3, a constant adding unit 4, a complex domain multiplication inverse unit, a selector 1, a selector 2, a byte data input port, a byte data output port and a control signal input port, wherein the selector 1 and the selector 2 are both one-out-of-two selectors;
the input end of the synthesis matrix multiplication unit 1 is connected with a byte data input port; the output P of the synthesis matrix multiplication unit 1 S Output end P C The constant adding units are respectively connected with the input end of the constant adding unit 1 and the input end of the constant adding unit 2 in a one-to-one correspondence manner; the output end of the constant adding unit 1 and the output end of the constant adding unit 2 are connected with the input end of the selector 1; the output end of the selector 1 is connected with the input end of the complex domain multiplication inverse unit; the output end of the composite domain multiplication inverse unit is connected with the input end of the synthesis matrix multiplication unit 2; the output end P of the synthesis matrix multiplication unit 2 S Output end P C The constant adding units are respectively connected with the input end of the constant adding unit 3 and the input end of the constant adding unit 4 in a one-to-one correspondence manner; the output end of the constant adding unit 3 and the output end of the constant adding unit 4 are connected with the input end of the selector 2; the output end of the selector 2 is connected with a byte count output port; the selection ends and control signals of the selector 1 and the selector 2The number input port is connected;
the synthesis matrix multiplication unit 1 realizes synthesis matrix multiplication operation phi x; the synthesis matrix phi is formed by a constant matrix R in an SM4S box S And a constant matrix Q in the Camellia S box Cf Is combined into a whole; the output P of the synthesis matrix multiplication unit 1 S Output end P C One-to-one output constant matrix multiplication R S X operation result, constant matrix multiplication Q Cf X calculation results;
the synthesis matrix multiplication unit 2 realizes synthesis matrix multiplication operation ψ×; the synthesis matrix ψ consists of a constant matrix Q in an SM4S box S And a constant matrix Q in the Camellia S box Ch Is combined into a whole; the output P of the synthesis matrix multiplication unit 2 S Output end P C One-to-one output constant matrix multiplication Q S X, constant matrix multiplication Q Ch X calculation results;
the constant adding unit 1 realizes adding a constant d in the SM4S box S Calculating; the constant adding unit 2 realizes adding a constant d in the Camellia S box Cf Calculating; the constant adding unit 3 realizes adding a constant c in the SM4S box S Calculating; the constant adding unit 4 realizes adding a constant c in the Camellia S box Ch Calculating; the complex domain multiplication inverse unit realizes multiplication inverse operation of input bytes on the complex domain;
the reconfigurable S-box circuit structure applied to the SM4 cryptographic algorithm and the Camellia cryptographic algorithm has two working modes: SM4S box operation mode and Camellia S box operation mode; under the control of the selection signal, the selector 1 and the selector 2 respectively select different signal channels, so as to realize different working modes: in the SM4S box working mode, the selector 1 outputs the operation result of the constant adding unit 1, and the selector 2 outputs the operation result of the constant adding unit 3; in the Camellia S box working mode, the selector 1 outputs the operation result of the constant adding unit 2, and the selector 2 outputs the operation result of the constant adding unit 4; the selection signal is input by a control signal input port;
the reconfigurable S-box circuit structure applied to the SM4 and the Camellia cryptographic algorithm inversely maps the finite field multiplication in the SM4S box and the Camellia S box to the same complex field, and when the SM4 cryptographic algorithm and the Camellia cryptographic algorithm are implemented on the same hardware platform, the circuit area can be greatly reduced by multiplexing the complex field multiplication inverse mode.
2. The reconfigurable S-box circuit structure applied to SM4 cryptographic algorithm and Camellia cryptographic algorithm of claim 1, wherein the constant d S Is a constant matrix D S And constant c S Is a product of (2);
said constant d Cf Is a constant matrix D C And constant c Cf Is a product of (2);
said constant c S Constant vectors in affine operations specified in SM4 cryptographic algorithms;
said constant c Cf Constant vectors in affine operation f specified in the Camellia cryptographic algorithm;
said constant c Ch Constant vectors in affine operation h specified in the Camellia cryptographic algorithm;
the constant matrix R S Is a constant matrix D S And constant matrix M S Is a product of (2);
the constant matrix Q S Is a constant matrix M S And a constant matrix D' S Is a product of (2);
the constant matrix Q Cf Is a constant matrix D C And constant matrix M Cf Is a product of (2);
the constant matrix Q Ch Is a constant matrix M C h and a constant matrix D' C Is a product of (2);
the constant matrix D S To map the matrix, it acts to map GF (2 8 ) Elements on the domain map onto the target composite domain;
the constant matrix D' S To map the matrix, the effect is to map the elements on the target composite domain to GF (2 8 ) Domain-wise;
the constant matrix D C For mapping momentAn array, which functions to divide GF ((2) specified in the Camellia cryptographic algorithm 4 ) 2 ) Elements on the domain map onto the target composite domain;
the constant matrix D' C To map the matrix, the effect is to map the elements on the target complex domain to GF ((2) specified in the Camellia cryptographic algorithm 4 ) 2 ) Domain-wise;
the constant matrix M S A constant matrix in affine operation specified in SM4 cryptographic algorithm;
the constant matrix M Cf A constant matrix in affine operation f specified in the Camellia cryptographic algorithm;
the constant matrix M Ch A constant matrix in affine operation h specified in the Camellia cryptographic algorithm;
the composite domain is random and GF (2) 8 ) Domain isomorphic composite domains.
CN201710316518.XA 2017-05-08 2017-05-08 Reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithm Active CN106998249B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710316518.XA CN106998249B (en) 2017-05-08 2017-05-08 Reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710316518.XA CN106998249B (en) 2017-05-08 2017-05-08 Reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithm

Publications (2)

Publication Number Publication Date
CN106998249A CN106998249A (en) 2017-08-01
CN106998249B true CN106998249B (en) 2023-09-15

Family

ID=59435191

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710316518.XA Active CN106998249B (en) 2017-05-08 2017-05-08 Reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithm

Country Status (1)

Country Link
CN (1) CN106998249B (en)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108989018B (en) * 2018-06-11 2021-05-04 安徽工程大学 AES encryption unit, AES encryption circuit and encryption method
CN109033892B (en) * 2018-06-11 2021-08-31 安徽工程大学 Round conversion multiplexing circuit based on synthetic matrix and AES decryption circuit
CN112507644B (en) * 2020-12-03 2021-05-14 湖北大学 Optimized SM4 algorithm linear layer circuit
CN113691363B (en) * 2021-08-24 2023-06-09 广东工业大学 AES & SM4 reconfigurable mask S box hardware circuit

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102801519A (en) * 2012-07-10 2012-11-28 记忆科技(深圳)有限公司 Method and device for implementing AES (Advanced Encryption Standard) enciphering and deciphering
CN106209358A (en) * 2016-07-12 2016-12-07 黑龙江大学 A kind of SM4 key schedule based on long key realize system and method
CN207184502U (en) * 2017-05-08 2018-04-03 芜湖职业技术学院 Applied to SM4 and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms

Family Cites Families (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060002548A1 (en) * 2004-06-04 2006-01-05 Chu Hon F Method and system for implementing substitution boxes (S-boxes) for advanced encryption standard (AES)
US9379887B2 (en) * 2012-09-14 2016-06-28 Qualcomm Incorporated Efficient cryptographic key stream generation using optimized S-box configurations

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102801519A (en) * 2012-07-10 2012-11-28 记忆科技(深圳)有限公司 Method and device for implementing AES (Advanced Encryption Standard) enciphering and deciphering
CN106209358A (en) * 2016-07-12 2016-12-07 黑龙江大学 A kind of SM4 key schedule based on long key realize system and method
CN207184502U (en) * 2017-05-08 2018-04-03 芜湖职业技术学院 Applied to SM4 and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
Hai Cheng,Qun Ding.Overview of Block Cipher.《2012 Second International Conference on Instrumentation & Measurement, Computer, Communication and Control》.全文. *
曾纯,吴宁,张肖强,周芳,叶云飞 .基于多因子CSE算法的AES S-盒电路优化设计.《电子学报》.2014,全文. *

Also Published As

Publication number Publication date
CN106998249A (en) 2017-08-01

Similar Documents

Publication Publication Date Title
CN106921487B (en) Reconfigurable S-box circuit structure
CN107181586B (en) Reconfigurable S-box circuit structure
CN106992852B (en) Reconfigurable S-box circuit structure applied to AES and Camellia cryptographic algorithm
CN106998249B (en) Reconfigurable S-box circuit structure applied to SM4 and Camellia cryptographic algorithm
Zhang et al. On the optimum constructions of composite field for the AES algorithm
Akishita et al. Very compact hardware implementations of the blockcipher CLEFIA
CN106233660B (en) Encryption processing device, encryption processing method, and program
CN207184503U (en) reconfigurable S-box circuit structure
Lemsitzer et al. Multi-gigabit GCM-AES architecture optimized for FPGAs
CN109033892B (en) Round conversion multiplexing circuit based on synthetic matrix and AES decryption circuit
Jing et al. Reconfigurable system for high-speed and diversified AES using FPGA
CN109039583B (en) Multiplexing round conversion circuit, AES encryption circuit and encryption method
CN109150495B (en) Round conversion multiplexing circuit and AES decryption circuit thereof
KR100457177B1 (en) Serial-Parallel Multiplier to Multiply Two Elements in the Finite Field
Gangadari et al. FPGA implementation of compact S-box for AES algorithm using composite field arithmetic
Arrag et al. Design and Implementation A different Architectures of mixcolumn in FPGA
CN109033847B (en) AES encryption operation unit, AES encryption circuit and encryption method thereof
CN207010694U (en) Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms
CN108566271B (en) Multiplexing round conversion circuit, AES encryption circuit and encryption method thereof
CN109033893B (en) AES encryption unit based on synthetic matrix, AES encryption circuit and encryption method thereof
CN114826560B (en) Lightweight block cipher CREF implementation method and system
KR20050092698A (en) A small hardware implementation of the subbyte function of rijndael
Rashidi et al. FPGA based a new low power and self-timed AES 128-bit encryption algorithm for encryption audio signal
CN207184502U (en) Applied to SM4 and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms
CN108989018B (en) AES encryption unit, AES encryption circuit and encryption method

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant