CN107888373A - XTS AES encryptions circuit, decryption circuit and its method - Google Patents

XTS AES encryptions circuit, decryption circuit and its method Download PDF

Info

Publication number
CN107888373A
CN107888373A CN201610867007.2A CN201610867007A CN107888373A CN 107888373 A CN107888373 A CN 107888373A CN 201610867007 A CN201610867007 A CN 201610867007A CN 107888373 A CN107888373 A CN 107888373A
Authority
CN
China
Prior art keywords
unit
data
xor
output
data block
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201610867007.2A
Other languages
Chinese (zh)
Inventor
伍德斌
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
BEIJING CORE TECHNOLOGY Co Ltd
Original Assignee
BEIJING CORE TECHNOLOGY Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by BEIJING CORE TECHNOLOGY Co Ltd filed Critical BEIJING CORE TECHNOLOGY Co Ltd
Priority to CN201910576163.7A priority Critical patent/CN110276208B/en
Priority to CN201610867007.2A priority patent/CN107888373A/en
Publication of CN107888373A publication Critical patent/CN107888373A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/72Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • G06F21/76Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in application-specific integrated circuits [ASIC] or field-programmable devices, e.g. field-programmable gate arrays [FPGA] or programmable logic devices [PLD]

Abstract

This application discloses a kind of XTS AES encryptions circuit, decryption circuit and its method, it is related to information security field, when solving available data unit Cipher-Text Stealing computing is carried out in pipeline organization, the high technical problem of linear speed computing, complex designing difficulty can not be carried out.Data cell includes m+1 data block P0~Pm, m is positive integer, wherein, 1~m data block P0~Pm‑1It is respectively provided with predetermined word joint number, the m+1 data block PmByte number be less than or equal to predetermined word joint number wherein, XTS AES encryption circuits include:First ciphering unit (AES0), modular multiplication unit, XOR unit, the second ciphering unit (AES1), the 3rd ciphering unit (AES2) and caching and adjustment unit.The application is applied to encryption/decrypted transport of data cell.

Description

XTS-AES encrypted circuits, decryption circuit and its method
Technical field
The application is related to information security field, and in particular to a kind of XTS-AES data cells encrypted circuit, decryption circuit.
Background technology
XTS-AES (Advanced Encryption Standard with adjustment and Cipher-Text Stealing, XEX encryption mode with Tweak and ciphertext Stealing-ADVANCED_ENCRYPTION_STANDARD) algorithm is mainly used in data Based on unit (including sector, logic magnetic disc block etc.) in the storage device of structure inactive state data encryption.XTS-AES's Announcement solves a series of security threat, and allows to apply parallelization and pipeline organization in algorithm realization.
In the XTS-AES agreements of prior art, the data of input are divided into different types of data, but every kind of data type is equal Being handled by 128 bit groupings, last group of data have that length is less than 128 bits, in Cipher-Text Stealing processing procedure, need Will be to last complete 128 bit block of plaintext data Pm-1With last non-128 bit block of plaintext data PmComputing it is suitable Sequence is adjusted (m is positive integer).When being handled according to standard IEEE 1619, PmWith Pm-1Operation result it is related, while finally The order of output result be also required to be exchanged, result in the data of last part during Cipher-Text Stealing can not be carried out simultaneously Row or linear speed computing.Have XTS-AES computing circuit compared with high clock frequency and higher timing requirements, can not be with data Transmission uses same clock, brings the complexity of hardware design, it is difficult to ensures that linear speed exports.In " IEEE P1619TM/ D16Standard for Cryptographic Protection of Data on Block-Oriented Storage Devices”(http://grouper.ieee.org/groups/1619/email/pdf00086.pdf) defined in XTS-AES Algorithm, its full text is incorporated herein by reference.
The content of the invention
According to the first aspect of the invention, there is provided the first XTS-AES data cells according to a first aspect of the present invention add Cipher telegram road, data cell include m+1 data block P0~Pm, m is positive integer, wherein, 1~m data block P0~Pm-1Have There are predetermined word joint number, the m+1 data block PmByte number be less than or equal to predetermined word joint number;The XTS-AES data sheets First encrypted circuit includes:First ciphering unit (AES0), modular multiplication unit, XOR unit, the second ciphering unit (AES1), the 3rd add Close unit (AES2) and caching and adjustment unit, wherein, the first ciphering unit is used to the adjusted value of data cell be encrypted And export and give modular multiplication unit;The previous operation result of output or modular multiplication unit of the modular multiplication unit to the first ciphering unit carries out modular multiplication Computing, and cache operation result;XOR unit includes the first XOR unit, the second XOR unit and the 3rd XOR unit, wherein, First XOR unit is used for one of data block of output to modular multiplication unit and data cell and does XOR, the first XOR unit it is defeated Go out the input for being coupled to the second ciphering unit (AES1);Second XOR unit be used for output to the second ciphering unit (AES1) with XOR is done in the output of modular multiplication unit, the output coupling of the second XOR unit to the 3rd ciphering unit (AES2);3rd XOR unit XOR is done in output for the output to the 3rd ciphering unit (AES2) and modular multiplication unit;Caching is used for second with adjustment unit The XOR result of output with the output of modular multiplication unit of ciphering unit (AES1) is cached, and caching is additionally operable to spell with adjustment unit Meet the data block P of data cellmWith the data block of caching, cache and the output coupling of adjustment unit to the 3rd ciphering unit (AES2)。
The first XTS-AES data cell encrypted circuits according to the first aspect of the invention, there is provided according to the present invention the 2nd XTS-AES data cell encrypted circuits of one side, the processing to data cell include corresponding to data block P0~PmM+ 1 stage S1~Sm+1
The 2nd XTS-AES data cell encrypted circuits according to the first aspect of the invention, there is provided according to the present invention the 3rd XTS-AES data cell encrypted circuits of one side, in response to the stage S of processing data block1:First AES encryption unit (AES0) adjusted value of data cell is encrypted, its output coupling to modular multiplication unit.
Second according to the first aspect of the invention is one of to the 3rd XTS-AES data cell encrypted circuits, there is provided root According to the 4th XTS-AES data cell encrypted circuits of first aspect present invention, in response to the stage S of processing data block2-Sm+1:Will Input of the upper output for modular multiplication unit as modular multiplication unit.
Second according to the first aspect of the invention is one of to the 4th XTS-AES data cell encrypted circuits, there is provided root According to the 5th XTS-AES data cell encrypted circuits of first aspect present invention, in response to the stage S of processing data block1-Sm-1:The One XOR unit, output and the data block (P of the current generation corresponding to data cell to modular multiplication unit0-Pm-2) do XOR; Output encryption of second ciphering unit (AES1) to the first XOR unit, the second XOR unit is to the second ciphering unit (AES1) XOR is done in output and the output of modular multiplication unit, by the stage S of the second XOR cell processing data cell1To stage Sm-1Output The 1st to the m-1 output as the XTS-AES data cells encrypted circuit processing data cell.
Second according to the first aspect of the invention is one of to the 5th XTS-AES data cell encrypted circuits, there is provided root According to the 6th XTS-AES data cell encrypted circuits of first aspect present invention, in response to the stage S of processing data blockm:First is different Or unit, output and the data block (P of the current generation corresponding to data cell to modular multiplication unitm-1) do XOR;Second encryption Output encryption of the unit (AES1) to the first XOR unit, (AES1) output of the second ciphering unit are supplied to the caching and adjusted Whole unit;Caching does XOR with output of the adjustment unit to the second ciphering unit (AES1) and the output of modular multiplication unit, and caches XOR result.
Second according to the first aspect of the invention is one of to the 6th XTS-AES data cell encrypted circuits, there is provided root According to the 7th XTS-AES data cell encrypted circuits of first aspect present invention, in response to the stage S of processing data blockm+1:By number According to block PmThe caching and adjustment unit are supplied to, the caching includes data block C with the data block that adjustment unit is cachedmWith Data block CpTwo parts, the caching is with adjustment unit by data block PmWith data block CpMerge, by the data block and modular multiplication of merging XOR is done in the output of unit, and XOR result is supplied into the 3rd ciphering unit (AES2);The output of 3rd ciphering unit (AES2) The 3rd XOR unit is supplied to, the 3rd XOR unit does XOR to the result of the 3rd ciphering unit (AES2) and modular multiplication unit, the M-th output of the output of three XOR units as the XTS-AES encrypted circuits processing data cell.
The 7th XTS-AES data cell encrypted circuits according to the first aspect of the invention, there is provided according to the present invention the 8th XTS-AES data cell encrypted circuits of one side, caching and adjustment unit output Cm, as the XTS-AES data The m+1 output of the unit encrypted circuit processing data cell.
According to the second aspect of the invention, there is provided the first XTS-AES data cells according to the second aspect of the invention Circuit is decrypted, data cell includes m+1 data block C0~Cm, m is positive integer, wherein, 1~m data block C0~Cm-1 With predetermined word joint number, the m+1 data block CmByte number be less than or equal to predetermined word joint number;The XTS-AES decryption Circuit includes:First ciphering unit (AES0), modular multiplication unit, XOR unit, the second decryption unit (AES1), the 3rd decryption unit (AES2) with caching and adjustment unit, wherein, the first ciphering unit (AES0) is used to the adjusted value of data cell be encrypted And export and give modular multiplication unit;The previous operation result of output or modular multiplication unit of the modular multiplication unit to the first ciphering unit (AES0) enters Row modular multiplication, and cache operation result;XOR unit includes the first XOR unit, the second XOR unit and the 3rd XOR list Member, wherein, the first XOR unit is used for one of the output to modular multiplication unit and the data block of data cell and does XOR, the first XOR Input of the output coupling of unit to the second decryption unit (AES1);Second XOR unit is used for the second decryption unit (AES1) The output of output and modular multiplication unit do XOR, the output coupling of the second XOR unit to the 3rd decryption unit (AES2);3rd XOR is done in the output that XOR unit is used for output and modular multiplication unit to the 3rd decryption unit (AES2);Caching is used with adjustment unit Cached in the XOR result of the output to the second decryption unit (AES1) and the output of modular multiplication unit, caching and adjustment unit It is additionally operable to the data block C for splicing data cellmWith the data block of caching, the output coupling of caching and adjustment unit is decrypted to the 3rd Unit (AES2).
The first XTS-AES data cells decryption circuit according to the second aspect of the invention, there is provided according to the present invention the The 2nd XTS-AES data cells decryption circuit of two aspects, the processing to data cell include corresponding to data block C0~CmM+ 1 stage Q1~Qm+1
The 2nd XTS-AES data cells decryption circuit according to the second aspect of the invention, there is provided according to the present invention the The 3rd XTS-AES data cells decryption circuit of two aspects, in response to the stage Q of processing data block1:First ciphering unit (AES1) adjusted value of data cell is encrypted, its output coupling to modular multiplication unit.
Second according to the second aspect of the invention to the 3rd XTS-AES data cells decrypt one of circuit, there is provided root Circuit is decrypted according to the 4th XTS-AES data cells of second aspect of the present invention, in response to the stage Q of processing data block2~Qm+1: Input using a upper output for modular multiplication unit as modular multiplication unit.
Second according to the second aspect of the invention to the 4th XTS-AES data cells decrypt one of circuit, there is provided root Circuit is decrypted according to the 5th XTS-AES data cells of second aspect of the present invention, in response to the stage Q of processing data block1-Qm-1:The One XOR unit, output and the data block (C of the current generation corresponding to data cell to modular multiplication unit0~Cm-2) do XOR; Output decryption of second decryption unit (AES1) to the first XOR unit, the second XOR unit is to the second decryption unit (AES1) XOR is done in output and the output of modular multiplication unit, by the stage Q of the second XOR cell processing data cell1To stage Qm-1Output The 1st to the m-1 output as data cell described in XTS-AES data cells decryption processing of circuit.
Second according to the second aspect of the invention to the 5th XTS-AES data cells decrypt one of circuit, there is provided root Circuit is decrypted according to the 6th XTS-AES data cells of second aspect of the present invention, in response to the stage Q of processing data blockm:First is different Or unit, by the Q of modular multiplication unitm+1Output (the C in stagem') with corresponding to data cell current generation data block (Cm-1) Do XOR;Output decryption of second decryption unit (AES1) to the first XOR unit, the output of the second decryption unit (AES1) carry Supply the caching and adjustment unit;Caching and output of the adjustment unit to the second decryption unit (AES1) and modular multiplication unit Qm+1Output (the C in stagem') XOR is done, and cache XOR result.
Second according to the second aspect of the invention to the 6th XTS-AES data cells decrypt one of circuit, there is provided root Circuit is decrypted according to the 7th XTS-AES data cells of second aspect of the present invention, in response to the stage Q of processing data blockm+1:By number According to block CmThe caching and adjustment unit are supplied to, the caching includes data block P with the data block that adjustment unit is cachedmWith Data block PpTwo parts, the caching is with adjustment unit by data block CmWith data block PpMerge, by the data block and modular multiplication of merging Output (the C of unitm-1') XOR is done, XOR result is supplied to the 3rd decryption unit (AES2);3rd decryption unit (AES2) Output be supplied to the 3rd XOR unit, output of the 3rd XOR unit to the 3rd decryption unit (AES2) and modular multiplication unit (Cm-1') it is XOR, the output P of the 3rd XOR unitm-1As data described in XTS-AES data cells decryption processing of circuit M-th of output of unit.
The 7th XTS-AES data cells decryption circuit according to the second aspect of the invention, there is provided according to the present invention the The 8th XTS-AES data cells decryption circuit of two aspects, caching and adjustment unit output Pm, as the XTS-AES data The m+1 output of data cell described in unit decryption processing of circuit.
According to the third aspect of the invention we, there is provided the first XTS-AES encrypted circuits according to a third aspect of the present invention, use In being encrypted according to XTS-AES agreements to data cell, data cell includes m+1 data block P0~Pm, m is positive integer, and right The processing of data cell includes corresponding to data block P0~PmM+1 stage S1~Sm+1;The XTS-AES encrypted circuits bag Include:First AES encryption unit (AES0), the second AES encryption unit (AES1), the 3rd AES encryption unit (AES2), modular multiplication list Member, the first XOR unit (101), the second XOR unit (102), the 3rd XOR unit (103) and data buffer storage unit;Handling The processing stage S of data cell1, the first AES encryption unit (AES0) encrypts to the adjusted value of data cell, and its output coupling arrives Modular multiplication unit;Input of the output coupling of modular multiplication unit to the first XOR unit (101) and modular multiplication unit;First XOR unit (101) it is used for the output to modular multiplication unit and the data block (P of the current generation corresponding to data cell0-Pm-1) do XOR;The Output encryption of the two AES encryption units (AES1) to the first XOR unit (101);Second XOR unit (102) adds to the 2nd AES XOR is done in close unit (AES1) and the output of modular multiplication unit;Wherein as the S of processing data unitmDuring the stage, with data buffer storage list The output of member the second XOR unit (AES1) of caching, the data block cached include data block CmWith data block CpTwo parts;By The stage S of two XOR cell processing data cells1To stage Sm-1Output as the XTS-AES encrypted circuits processing described in 1st to the m-1 output of data cell;The data block C for the data cell of buffer unit cachingmAs described XTS-AES encrypted circuits handle the m+1 output during the data cell;Data buffer storage unit also receives in plain text, and data are delayed Memory cell is by data block PmWith data block CpMerge;3rd ciphering unit (AES2) is coupled to data buffer storage unit, to data buffer storage The P that unit is cachedmWith CpData block after merging is encrypted with the XOR result of the output of modular multiplication unit;3rd XOR unit (103) XOR is done in the output to the 3rd ciphering unit (AES2) and the output of modular multiplication unit, by the defeated of the 3rd XOR unit (103) Go out m-th of the output as the XTS-AES encrypted circuits processing data cell.
The first XTS-AES encrypted circuits according to the third aspect of the invention we, there is provided according to a third aspect of the present invention 2nd XTS-AES encrypted circuits, 1~m data block P0~Pm-1It is respectively provided with predetermined word joint number, the m+1 data block PmWord Joint number is less than or equal to predetermined word joint number.
First according to the third aspect of the invention we or the 2nd XTS-AES encrypted circuit, there is provided according to the present invention the 3rd 3rd XTS-AES encrypted circuits of aspect, data block CmWith data block CpIt is byte number and be predetermined word joint number.
First according to the third aspect of the invention we is one of to the 3rd XTS-AES encrypted circuits, there is provided according to the present invention The third aspect the 4th XTS-AES encrypted circuits, data block PmWith data block CpByte number after combination and be preset byte Number, and data block PmWith data block CpAfter combination, data block PmA high position for data after combining, data block C are providedpCombination is provided The low level of data afterwards.
One of first to fourth XTS-AES encrypted circuits according to the third aspect of the invention we, there is provided according to the present invention The third aspect the 5th XTS-AES encrypted circuits, in the processing stage S of processing data unit2-Sm+1, the first AES encryption list First (AES0) is closed.
First according to the third aspect of the invention we is one of to the 5th XTS-AES encrypted circuits, there is provided according to the present invention The third aspect the 6th XTS-AES encrypted circuits, the modular multiplication unit includes multiple caching parts, for cache be used for it is multiple Each modular multiplication result of data cell, and when handling the stage of the first data cell, by the first data cell of caching Output of the modular multiplication result as modular multiplication unit, and update with next output of the modular multiplication unit the first data of the caching The modular multiplication result of unit.
First according to the third aspect of the invention we is one of to the 6th XTS-AES encrypted circuits, there is provided according to the present invention The third aspect the 7th XTS-AES encrypted circuits, the data buffer storage unit includes multiple memory units, is used for for storing Data block P after each merging of multiple data cellsmWith data block Cp
First according to the third aspect of the invention we is one of to the 7th XTS-AES encrypted circuits, there is provided according to the present invention The third aspect the 8th XTS-AES encrypted circuits, in the stage S of processing data unit1, the input of modular multiplication unit is first The output of AES encryption unit (AES0), in the stage S of processing data unit2To stage Sm+1, the input of modular multiplication unit is modular multiplication The previous output of unit.
First according to the third aspect of the invention we is one of to the 8th XTS-AES encrypted circuits, there is provided according to the present invention The third aspect the 9th XTS-AES encrypted circuits, the 3rd ciphering unit (AES2) is only in the stage S of processing data unitmWhen, The P cached to data buffer storage unitmWith CpData after merging are encrypted with the XOR result of the output of modular multiplication unit.
First according to the third aspect of the invention we is one of to the 9th XTS-AES encrypted circuits, there is provided according to the present invention The third aspect the tenth XTS-AES encrypted circuits, the only stage S in processing data unit1To stage SmWhen, the first XOR list The output and the data block (P of the current generation corresponding to data cell of first (101) to modular multiplication unit0-Pm-1) do XOR.
First according to the third aspect of the invention we is one of to the tenth XTS-AES encrypted circuits, there is provided according to the present invention The third aspect the 11st XTS-AES encrypted circuits, the only stage S in processing data unit1To stage SmWhen, the 2nd AES adds Output encryption of the close unit (AES1) to the first XOR unit (101).
First according to the third aspect of the invention we is one of to the 11st XTS-AES encrypted circuits, there is provided according to this hair 12nd XTS-AES encrypted circuits of the bright third aspect, only the stage S in processing data unit1To stage SmWhen, second is different Or XOR is done in output of the unit (102) to the second AES encryption unit (AES1) and modular multiplication unit.
First according to the third aspect of the invention we is one of to the 12nd XTS-AES encrypted circuits, there is provided according to this hair 13rd XTS-AES encrypted circuits of the bright third aspect, data buffer storage unit is only as the S of processing data unitm+1During the stage Data buffer storage unit is by block of plaintext data PmWith data block CpMerge.
According to the fourth aspect of the invention, there is provided the first XTS-AES decryption circuits according to a fourth aspect of the present invention, use In being decrypted according to XTS-AES agreements to data cell, data cell includes m+1 data block C0~Cm, m is positive integer, and right The processing of data cell includes corresponding to data block C0~CmM+1 stage Q1~Qm+1;The XTS-AES decrypts circuit bag Include:First ciphering unit (AES0), the second decryption unit (AES1), the 3rd decryption unit (AES2), modular multiplication unit, the first XOR Unit (101), the second XOR unit (102), the 3rd XOR unit (103) and data buffer storage unit;In processing data unit Processing stage Q1, adjusted value encryption of the first ciphering unit (AES0) to data cell, its output coupling to modular multiplication unit;Modular multiplication Input of the output coupling of unit to the first XOR unit (101) and modular multiplication unit;First XOR unit (101) is used for modular multiplication The Q of unit1-Qm-2Stage exports and the Q corresponding to data cell1-Qm-2Data block (the C in stage0-Cm-2) it is XOR, Yi Jiyong In the Q to modular multiplication unitmThe output in stage and the Q of data cellm-1Data block (the C in stagem-1) do XOR;2nd AES is decrypted Output decryption of the unit (AES1) to the first XOR unit (101);Second XOR unit (102) is to the 2nd AES decryption units (AES1) XOR is done in output and the output of modular multiplication unit;Wherein as the Q of processing data unitmDuring the stage, with data buffer storage list The output of member the second XOR unit (102) of caching, the data block cached include data block PmWith data block PpTwo parts;By The stage Q of two XOR cell processing data cells1To stage Qm-1Output as the XTS-AES decryption processing of circuit described in 1st to the m-1 output of data cell;The data block P for the data cell of buffer unit cachingmAs described The m+1 output described in XTS-AES decryption processing of circuit during data cell;Data buffer storage unit also receives ciphertext, and data are delayed Memory cell is by data block CmWith data block PpMerge;3rd decryption unit (AES2) is coupled to data buffer storage unit, to data buffer storage The C that unit is cachedmWith PpData after merging are decrypted with the XOR result of the output of modular multiplication unit;3rd XOR unit (103) XOR is done in output and the output of modular multiplication unit to the 3rd decryption unit (AES2), and the output of the 3rd XOR unit (103) is made M-th of output of data cell described in processing of circuit is decrypted for the XTS-AES.
The first XTS-AES decryption circuits according to the fourth aspect of the invention, there is provided according to a fourth aspect of the present invention 2nd XTS-AES decrypts circuit, 1~m data block C0~Cm-1It is respectively provided with predetermined word joint number, the m+1 data block CmWord Joint number is less than or equal to predetermined word joint number.
According to the fourth aspect of the invention first or the 2nd XTS-AES decryption circuit, there is provided according to the present invention the 4th The 3rd XTS-AES decryption circuits of aspect, data block PmWith data block PpIt is byte number and be predetermined word joint number.
First according to the fourth aspect of the invention is to the 3rd XTS-AES decryption one of circuits, there is provided according to the present invention Fourth aspect the 4th XTS-AES decryption circuit, data block CmWith data block PpByte number after combination and be preset byte Number, and data block CmWith data block PpAfter combination, data block CmA high position for data after combining, data block P are providedpCombination is provided The low level of data afterwards.
One of first to fourth XTS-AES decryption circuits according to the fourth aspect of the invention, there is provided according to the present invention Fourth aspect the 5th XTS-AES decryption circuit, in the processing stage Q of processing data unit2~Qm+1, the first AES encryption list First (AES0) is closed.
First according to the fourth aspect of the invention is to the 5th XTS-AES decryption one of circuits, there is provided according to the present invention Fourth aspect the 6th XTS-AES decryption circuits, the modular multiplication unit includes multiple caching parts, for caching for multiple Each modular multiplication result of data cell, and when handling the stage of the first data cell, by the first data cell of caching Output of the modular multiplication result as modular multiplication unit, and update with next output of the modular multiplication unit the first data of the caching The modular multiplication result of unit.
First according to the fourth aspect of the invention is to the 6th XTS-AES decryption one of circuits, there is provided according to the present invention Fourth aspect the 7th XTS-AES decryption circuits, the data buffer storage unit includes multiple memory units, is used for for storage Data block C after each merging of multiple data cellsmWith data block Pp
First according to the fourth aspect of the invention is to the 7th XTS-AES decryption one of circuits, there is provided according to the present invention Fourth aspect the 8th XTS-AES decryption circuit, in the stage Q of processing data unit1, the input of modular multiplication unit be first plus The output of close unit (AES0), in the stage Q of processing data unit2To stage Qm+1, the input of modular multiplication unit is modular multiplication unit Previous output.
First according to the fourth aspect of the invention is to the 8th XTS-AES decryption one of circuits, there is provided according to the present invention Fourth aspect the 9th XTS-AES decryption circuit, the 3rd decryption unit (AES2) is only in the stage Q of processing data unitmWhen, The C cached to data buffer storage unitmWith PpData block after merging is encrypted with the XOR result of the output of modular multiplication unit.
First according to the fourth aspect of the invention is to the 9th XTS-AES decryption one of circuits, there is provided according to the present invention Fourth aspect the tenth XTS-AES decryption circuit, the only stage Q in processing data unit1To stage Qm-1When, the first XOR Output and the data block (C of current generation corresponding to data cell of the unit (101) to modular multiplication unit0-Cm-2) do XOR.
First according to the fourth aspect of the invention is to the tenth XTS-AES decryption one of circuits, there is provided according to the present invention Fourth aspect the 11st XTS-AES decryption circuit, the only stage Q in processing data unit1To stage QmWhen, the second decryption Output decryption of the unit (AES1) to the first XOR unit (101).
First according to the fourth aspect of the invention is to the 11st XTS-AES decryption one of circuits, there is provided according to this hair The 12nd XTS-AES decryption circuits of bright fourth aspect, only the stage Q in processing data unit1To stage QmWhen, second is different Or XOR is done in output of the unit (102) to the 2nd AES decryption units (AES1) and modular multiplication unit.
First according to the fourth aspect of the invention is to the 12nd XTS-AES decryption one of circuits, there is provided according to this hair The 13rd XTS-AES decryption circuits of bright fourth aspect, data buffer storage unit is only as the Q of processing data unitm+1During the stage Data buffer storage unit is by ciphertext block data CmWith data block PpMerge.
According to the fifth aspect of the invention, there is provided the first XTS-AES data cells according to a fifth aspect of the present invention add Cipher telegram road, data cell include m+1 data block P0~Pm, m is positive integer, wherein, 1~m data block P0~Pm-1Have There are predetermined word joint number, the m+1 data block PmByte number be less than or equal to predetermined word joint number;The XTS-AES encryptions electricity Road includes:First ciphering unit (AES0), modular multiplication unit, XOR unit, the second ciphering unit (AES1), the 3rd ciphering unit (AES2) with caching and adjustment unit, wherein, the first ciphering unit (AES0) is used to the adjusted value of data cell be encrypted Obtain data block P0', and deliver this to modular multiplication unit;Modular multiplication unit is to data block P0' or modular multiplication unit previous operation result Modular multiplication is carried out, obtains data block P0" and data block P1'~Pm', and cache operation result;XOR unit includes the first XOR Unit, the second XOR unit and the 3rd XOR unit, wherein, the first XOR unit is used for data block P0" and data block P1'~ Pm-1' and corresponding data block P0~Pm-1XOR is carried out respectively obtains data block A0~Am-1;Second XOR unit is used for will be through Obtained data block A after second ciphering unit (AES1) encryption0'~Am-1' respectively with data block P0", data block P1'~Pm-1’ Carry out XOR and obtain data block B0~Bm-1;Wherein data block B0~Bm-2It is that XTS-AES data cells encrypted circuit handles the number According to the 1st to the m-1 output of unit;3rd XOR unit is used for will be through the 3rd ciphering unit (AES2) by data block PmWith number According to block Bm-1The data block C obtained after fractionationmWith data block CpIn data block CpAfter combination, and with the output data of modular multiplication unit Block PmAfter doing XOR, obtained data block A is encryptedm' with the output block P of modular multiplication unitm' XOR is carried out, obtain data block Cm-1, m-th of the output as the XTS-AES data cells encrypted circuit processing data cell;Second ciphering unit (AES1) For to data block A0~Am-1It is encrypted, obtains data block A0'~Am-1’;Caching is used for through the second encryption with adjustment unit Obtained data block A after unit (AES1) encryptionm-1' and data block Pm-1' carry out the data block B that XOR obtainsm-1Delayed Deposit, by data block PmWith data block Bm-1The data block C obtained after fractionationmWith data block CpIn data block CpCombination, data block Cm The m+1 output during the data cell is handled as the XTS-AES encrypted circuits;3rd ciphering unit (AES2) is used for To data block PmWith data block CpCombination with data block Pm' XOR result be encrypted.
The first XTS-AES data cell encrypted circuits according to the fifth aspect of the invention, there is provided according to the present invention the 2nd XTS-AES data cell encrypted circuits of five aspects, predetermined word joint number is 128 bytes.
The first XTS-AES data cell encrypted circuits according to the fifth aspect of the invention, there is provided according to the present invention the 3rd XTS-AES data cell encrypted circuits of five aspects, each data block P in data cell0~PmAlso include sequence number, Indicate data block P0~PmOne of position in data cell.
The first XTS-AES data cell encrypted circuits according to the fifth aspect of the invention, there is provided according to the present invention the 4th XTS-AES data cell encrypted circuits of five aspects, data block CmWith data block CpIt is byte number and be preset byte Number.
The first XTS-AES data cell encrypted circuits according to the fifth aspect of the invention, there is provided according to the present invention the 5th XTS-AES data cell encrypted circuits of five aspects, data block PmWith data block CpByte number after combination is preset byte Number.
The first XTS-AES data cell encrypted circuits according to the fifth aspect of the invention, there is provided according to the present invention the 6th XTS-AES data cell encrypted circuits of five aspects, the first ciphering unit (AES0) is only in the data of processing data unit Block P0When work.
According to the sixth aspect of the invention, there is provided the first XTS-AES data cells according to the sixth aspect of the invention Circuit is decrypted, data cell includes m+1 data block C0~Cm, m is positive integer, wherein, 1~m data block C0~Cm-1 With predetermined word joint number, the m+1 data block CmByte number be less than or equal to predetermined word joint number;The XTS-AES decryption Circuit includes:First ciphering unit (AES0), modular multiplication unit, XOR unit, the second decryption unit (AES1), the 3rd decryption unit (AES2) with caching and adjustment unit, wherein, the first ciphering unit (AES0) is used to the adjusted value of data cell be encrypted Obtain data block C0', and deliver this to modular multiplication unit;Modular multiplication unit is to data block C0' or modular multiplication unit previous operation result Modular multiplication is carried out, obtains data block C0" and data block C1'~Cm', and cache operation result;XOR unit includes the first XOR Unit, the second XOR unit and the 3rd XOR unit, wherein, the first XOR unit is used for data block C0" and data block C1'~ Cm-2' and corresponding data block C0~Cm-2XOR is carried out respectively obtains data block D0~Dm-2, and for by data block Cm' with Data block Cm-1Carry out XOR and obtain data block Dm-1;Second XOR unit is used to obtain after the second decryption unit (AES1) decryption The data block D arrived0'~Dm-1' respectively and with data block C0", data block C1'~Cm-1' carry out XOR obtain data block E0~Em-2, And the data block D for that will be obtained after the second decryption unit (AES1) decryptionm-1' and data block Cm' carry out XOR number According to block Em-1;Wherein data block E0~Em-2It is the 1st to m- of data cell described in XTS-AES data cells decryption processing of circuit 1 output;3rd XOR unit is used for will be through the 3rd decryption unit (AES2) by data block CmWith data block Em-1Obtained after fractionation Data block PmWith data block PpIn data block PpAfter combination, and with the output block C of modular multiplication unitm-1' do XOR after, solution Close obtained data block EmWith the output block C of modular multiplication unitm-1' XOR is carried out, obtain data block Pm-1, as XTS-AES M-th of output of data cell described in data cell decryption processing of circuit;Second decryption unit (AES1) is used for data block D0 ~Dm-1It is decrypted, obtains data block D0'~Dm-1’;Caching is used for being solved through the second decryption unit (AES1) with adjustment unit Obtained data block D after closem-1' and data block Cm' carry out the data block E that XOR obtainsm-1Cached, by data block CmWith Data block Em-1The data block P obtained after fractionationmWith data block PpIn data block PpCombination, data block PmAs the XTS- The m+1 output described in AES decryption processing of circuit during data cell;3rd decryption unit (AES2) is used for data block CmWith Data block PpCombination with data block Cm-1' XOR result be decrypted.
The first XTS-AES data cells decryption circuit according to the sixth aspect of the invention, there is provided according to the present invention the The 2nd XTS-AES data cells decryption circuit of six aspects, predetermined word joint number is 128 bytes.
The first XTS-AES data cells decryption circuit according to the sixth aspect of the invention, there is provided according to the present invention the The 3rd XTS-AES data cells decryption circuit of six aspects, each data block C in data cell0~CmAlso include sequence Number, instruction data block C0~CmOne of position in data cell.
The first XTS-AES data cells decryption circuit according to the sixth aspect of the invention, there is provided according to the present invention the The 4th XTS-AES data cells decryption circuit of six aspects, data block PmWith data block PpIt is byte number and be preset byte Number.
The first XTS-AES data cells decryption circuit according to the sixth aspect of the invention, there is provided according to the present invention the The 5th XTS-AES data cells decryption circuit of six aspects, data block CmWith data block PpByte number after combination is preset byte Number.
The first XTS-AES data cells decryption circuit according to the sixth aspect of the invention, there is provided according to the present invention the The 6th XTS-AES data cells decryption circuit of six aspects, the first ciphering unit (AES0) is only in the data of processing data unit Block C0When work.
According to the seventh aspect of the invention, there is provided the first data cell encryption method according to a seventh aspect of the present invention, For being encrypted according to XTS-AES agreements to data cell, data cell is in plain text, data cell includes m+1 data block P0~ Pm, m is the positive integer more than or equal to 1, wherein, 1~m data block P0~Pm-1Predetermined word joint number is respectively provided with, m+1 is individual Data block PmByte number be less than or equal to predetermined word joint number;This method comprises the following steps:By the first ciphering unit (AES0) adjusted value of data cell is encrypted to obtain data block P0’;By modular multiplication unit to data block P0' or modular multiplication unit Previous operation result carry out modular multiplication, after obtain data block P0" and data block P1'~Pm', and cache operation result;By mould Multiply the operation result of unit, i.e. data block P0" and data block P1'~Pm-1' and corresponding data block P0~Pm-1Carry out respectively different Or obtain data block A0~Am-1;By the second ciphering unit (AES1) by data block A0~Am-1It is encrypted to obtain data block respectively A0'~Am-1', and by data block A0'~Am-2' respectively with the operation result of modular multiplication unit is different or, XOR result is used as to data Block P0~Pm-2Encryption output C0~Cm-2, by data block Am-1' with the operation result P of modular multiplication unitm-1' carry out XOR after obtain Data block Bm-1;By data block Bm-1It is divided into data block CmWith data block CpTwo parts, and by data block PmWith data block CpCombination with Data block block Pm' encrypted by the 3rd ciphering unit (AES2) after XOR, obtain data block Am', and by data block Am' and data block Pm’ XOR obtains data block Cm-1After export, then output block Cm
The first data cell encryption method according to the seventh aspect of the invention, there is provided according to a seventh aspect of the present invention Second data cell encryption method, data block P0~PmIn data cell, in addition to sequence number, instruction data block P0~PmIt One position in data cell.
The first data cell encryption method according to the seventh aspect of the invention, there is provided according to a seventh aspect of the present invention 3rd data cell encryption method, predetermined word joint number are 128 bytes.
The first data cell encryption method according to the seventh aspect of the invention, there is provided according to a seventh aspect of the present invention 4th data cell encryption method, data block CmWith data block CpIt is byte number and be predetermined word joint number.
The first data cell encryption method according to the seventh aspect of the invention, there is provided according to a seventh aspect of the present invention 5th data cell encryption method, data block PmWith data block CpByte number after combination is predetermined word joint number.
According to the eighth aspect of the invention, there is provided the first data cell decryption computing according to a eighth aspect of the present invention Method, for being decrypted according to XTS-AES agreements to data cell, data cell is ciphertext, and data cell includes m+1 data block C0~Cm, m is the positive integer more than or equal to 1, wherein, 1~m data block C0~Cm-1It is respectively provided with predetermined word joint number, m + 1 data block CmByte number be less than or equal to predetermined word joint number;This method comprises the following steps:By the first ciphering unit (AES0) adjusted value of data cell is encrypted to obtain data block C0’;By modular multiplication unit to data block C0' or modular multiplication list Member previous operation result carry out, modular multiplication, after obtain data block C0" and data block C1'~Cm', and cache operation result; By the operation result of modular multiplication unit, i.e. data block C0" and data block C1'~Cm-2' and corresponding data block C0~Cm-2Enter respectively Row XOR obtains data block D0~Dm-2;By data block Cm' and data block Cm-1Do XOR and obtain data block Dm-1;It is single by the second decryption First (AES1) is by data block D0~Dm-1It is decrypted to obtain data block D respectively0'~Dm-1', and by data block D0'~Dm-2' respectively With the operation result of modular multiplication unit is different or, XOR result is used as to data block C0~Cm-2Decryption output P0~Pm-2, by data Block Dm-1' with the operation result C of modular multiplication unitm' carry out XOR after obtain data block Em-1After cache;By data block Em-1It is divided into number According to block PmWith data block PpTwo parts, and by ciphertext block data CmWith data block PpCombination and data block Cm-1' after XOR by the 3rd Decryption unit (AES2) is decrypted, and obtains data block Dm', and by data block Dm' and data block Cm-1' XOR obtains data block Pm-1It is defeated afterwards Go out, then output block Pm
The method of the first data cell decryption computing according to the eighth aspect of the invention, there is provided according to the present invention the 8th The method of the second data cell decryption computing of aspect, data block C0~CmIn data cell, in addition to sequence number, indicated number According to block C0~CmOne of position in data cell.
The method of the first data cell decryption computing according to the eighth aspect of the invention, there is provided according to the present invention the 8th The method of the 3rd data cell decryption computing of aspect, predetermined word joint number is 128 bytes.
The method of the first data cell decryption computing according to the eighth aspect of the invention, there is provided according to the present invention the 8th The method of the 4th data cell decryption computing of aspect, data block PmWith data block PpIt is byte number and be predetermined word joint number.
The method of the first data cell decryption computing according to the eighth aspect of the invention, there is provided according to the present invention the 8th The method of the 5th data cell decryption computing of aspect, data block CmWith data block PpByte number after combination is predetermined word joint number.
According to the ninth aspect of the invention, there is provided the first data cell encryption/solution according to the ninth aspect of the invention The method of close computing, the arithmetic type to be carried out is identified, the such as third aspect present invention is performed in computing to be encrypted Encryption method described in one to the 5th data cell encryption method;And in computing to be decrypted, perform such as the present invention the Decryption method described in first to the 5th data cell decryption method of four aspects.
According to the tenth aspect of the invention, there is provided a kind of program including program code, when be loaded into storage device and When being performed in storage device, described program code make the storage device perform according to the seventh aspect of the invention, eighth aspect Or the method for the computing in terms of the 9th.
From above technical scheme, the application has following technique effect:Improve XTS-AES encryptions/decryption fortune The concurrency of Cipher-Text Stealing in calculation, and avoid data dependence and processing procedure is interrupted.
Brief description of the drawings
, below will be to embodiment or existing in order to illustrate more clearly of the embodiment of the present application or technical scheme of the prior art There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this Some embodiments described in application, for those of ordinary skill in the art, other can also be obtained according to these accompanying drawings Accompanying drawing.
Fig. 1 illustrates the pipeline organization of the XTS-AES encrypted circuits according to the embodiment of the present application;
Fig. 2 illustrates XTS-AES encrypted circuit encrypting plaintext data blocks P according to embodiments of the present invention0~Pm-2Generation Ciphertext block data C0~Cm-2Data path;
Fig. 3 illustrates XTS-AES encrypted circuit encrypting plaintext data blocks P according to embodiments of the present inventionm-1Generate ciphertext Data block CmData path;
Fig. 4 illustrates XTS-AES encrypted circuit encrypting plaintext data blocks P according to embodiments of the present inventionmGenerate ciphertext number According to block Cm-1Data path;
Fig. 5 illustrates multiple data cells and is processed in parallel in XTS-AES encrypted circuits according to embodiments of the present invention Timing diagram;
Fig. 6 is the same first ciphering unit relevant portion according to the XTS-AES encrypted circuits of further embodiment of this invention Block diagram;
Fig. 7 is the same second ciphering unit relevant portion according to the XTS-AES encrypted circuits of further embodiment of this invention Block diagram;And
Fig. 8 is the same 3rd ciphering unit relevant portion according to the XTS-AES encrypted circuits of further embodiment of this invention Block diagram.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Site preparation describes, it is clear that described embodiment is part of the embodiment of the present invention, rather than whole embodiments.Based on this hair Embodiment in bright, the every other implementation that those of ordinary skill in the art are obtained under the premise of creative work is not made Example, belongs to the scope of protection of the invention.
Embodiment 1
Fig. 1 illustrates the pipeline organization of the XTS-AES encrypted circuits according to the embodiment of the present application.XTS-AES is encrypted Circuit is encrypted to clear data unit.Each data cell of plaintext includes m+1 (plaintext) data block P0, P1, P2…Pm-1, Pm.Except data block PmByte number be less than or equal to predetermined word joint number outside, the byte number of other data blocks is all preset byte Number, for example, data cell is in plain text, predetermined word joint number is 16 bytes (128 bit).First ciphering unit 11, second adds Ciphering unit of the close ciphering unit 15 of unit 13 and the 3rd to be encrypted according to AES standards to input data.
As shown in figure 1, processing data block P0When, the first ciphering unit 11 is encrypted to adjusted value, the first ciphering unit 11 Output is supplied to modular multiplication unit 12.The result of calculation of modular multiplication unit 12 is sent to the first XOR unit 101.In the first XOR unit 101, by the result of calculation isolog data block P of modular multiplication unit 120XOR is done, the output of the first XOR unit 101 is supplied to Two ciphering units 13, result after encryption again with after the output XOR of modular multiplication unit 12, as to data block P0Encryption output C0.Alternatively, during data cell encryption, the first ciphering unit 11 is only used for encrypting adjusted value, and in completion pair After the encryption of adjusted value, the first ciphering unit 11 can close, to reduce power consumption.
Processing data block P1~Pm-2When, the output of modular multiplication unit 12 is supplied to the first XOR unit 101.Block of plaintext data P1 ~Pm-2It is also provided to the first XOR unit 101.The output of first XOR unit 101 is supplied to the second ciphering unit 13.Modular multiplication list The output of member 12 is also provided to the second XOR unit 102.Result and modular multiplication unit 12 after the encryption of second ciphering unit 13 it is defeated Go out after the XOR of the second XOR unit 102 is corresponding data block P1~Pm-2Encryption output, be designated as data block C1~Cm-2
Processing data block Pm-1When, the output of modular multiplication unit 12 is supplied to the first XOR unit 101.First XOR unit 101 By the output isolog data block P of modular multiplication unit 12m-1XOR, the output of the first XOR unit 101 are supplied to the second ciphering unit 13.Result after the encryption of second ciphering unit 13 is with after the output XOR of modular multiplication unit 12, being stored in data buffer storage and adjustment logic Unit 14 is (as data block CmWith data block Cp) in, for adjusting output order, wait data block PmArrival.
Processing data block PmWhen, by data block PmData buffer storage and adjustment logic unit 14 are provided.Data buffer storage and adjustment are patrolled Unit 14 is collected by data block PmWith data block CpCombination, does XOR, XOR result is sent after combination with the corresponding output of modular multiplication unit 12 To the 3rd ciphering unit 15.The output of 3rd ciphering unit 15 is supplied to the 3rd XOR unit 103 with the output of modular multiplication unit 12. It is the data block C as encrypted result output in the output of the 3rd XOR unit 103m-1.Then again by data block CmAs encryption As a result export.
Each data cell each has adjusted value, and the first ciphering unit 11 is exclusively used in the adjusted value to current data unit Encryption.
From described above, to carry out Cipher-Text Stealing computing, the second ciphering unit 13 is to except last data block Pm Outer all data carry out computing, and to data block PmBypassed.The data of the unit of second ciphering unit 13 output, by number According to caching and adjusting logic unit 14, by data block Pm-1Cryptographic calculation result a part (i.e. data block Cp) and data block Pm Merge to obtain the data of 128 bits.Data and corresponding modular multiplication result XOR after combination, export to the 3rd encryption Unit 15.It is now consistent with the data order of the standards of IEEE 1619 requirement into the data of the 3rd ciphering unit 15. According to an embodiment of the invention, the 3rd ciphering unit 15 is only to last after data buffer storage and adjustment logic unit 14 merge One complete 128 bit data block carries out computing, and other data are bypassed.In above process, using this at a high speed Pipeline organization completes Cipher-Text Stealing computing, without because its data dependence interrupts the processing of streamline.
In order to be explicitly described according to an embodiment of the invention, with reference to Fig. 2-Fig. 4, Fig. 1 XTS-AES encryptions are illustrated Data path of the circuit in the different pieces of information block of processing data unit.
Fig. 2 illustrates XTS-AES encrypted circuit encrypting plaintext data blocks P according to embodiments of the present invention0~Pm-2Generation Ciphertext block data C0~Cm-2Data path.
P0~Pm-2For the data block of order in same data cell, and it is 128 bits, the ciphertext data that computing obtains Block C0~Cm-2Order and input sequence correspond.Corresponding data flow as shown in dashed line in figure 2, wherein input data For the block of plaintext data of data cell, adjusted value is corresponding with data cell, is obtained according to XTS-AES standards.
In a data unit process is handled, first data block P is only corresponded to0, the input of the first ciphering unit 11 is The adjusted value of 128 bits corresponding to data cell, key used be 256 bits key2, caused 128 bit ciphertext data Input of the block as modular multiplication unit 12.In other data blocks of processing data unit, the first ciphering unit 11 can close, or Person is used to encrypt other data cell adjusted values.
Block of plaintext data P0~Pm-2Computing generation ciphertext block data C0~Cm-2When, if current data block is place data sheet First data block P in member0, the input of the result of calculation of the first ciphering unit 11 as modular multiplication unit 12;In processing data Block P1~Pm-2When input of the last operation result of modular multiplication unit 12 as modular multiplication.
The input of second ciphering unit 13 is the output of XOR unit 101.The block of plaintext data P of input0~Pm-2With modular multiplication After the output of unit 12 carries out XOR at XOR unit 101, XOR result is sent into the second ciphering unit 13 fortune is encrypted Calculate.The key that cryptographic calculation uses for 256 bits key1.The output coupling of second ciphering unit 13 is to XOR unit 102 Input.XOR is done in output of the XOR unit 102 to the second ciphering unit 13 and the output of modular multiplication unit 12.XOR unit 102 Output is isolog data block P0~Pm-2Corresponding ciphertext block data C0~Cm-2
With block of plaintext data P0And P1Exemplified by, for data cell adjusted value through the first ciphering unit 11 encryption after, obtain Data block P0', obtain data block P after the computing of modular multiplication unit 120", data block P0" and block of plaintext data P0XOR is carried out, is obtained Data block A0, data block A0After the encryption of the second ciphering unit 13, data block A is obtained0', and by data block A0' and modular multiplication unit 12 operation result, i.e. data block P0" different or, XOR result be used as to block of plaintext data P0Encryption output C0
For block of plaintext data P1, in modular multiplication unit 12, the operation result last using modular multiplication unit 12 is used as modular multiplication Input, i.e., by data block P0" input as modular multiplication, obtain data block P after the computing of modular multiplication unit 121', data block P1' with Block of plaintext data P1XOR is carried out, obtains data block A1, data block A1After the encryption of the second ciphering unit 13, data block is obtained A1', and by data block A1' with the operation result of modular multiplication unit 12, i.e. data block P1' different or, XOR result be used as to plaintext number According to block P1Encryption output C1.The like, modular multiplication unit obtains data block P2'~Pm', as block of plaintext data P2~PmIt is corresponding Modular multiplication result.
Optionally, the output of XOR unit 102 is provided to the 3rd ciphering unit 15.In processing block of plaintext data P0~ Pm-2When the 3rd ciphering unit 15 bypass XOR unit 102 output.
Fig. 3 illustrates XTS-AES encrypted circuit encrypting plaintext data blocks P according to embodiments of the present inventionm-1Generate ciphertext Data block CmData path.
Data block Pm-1As penultimate data in data cell, it has 128 bits.XOR unit 101 is to data Block Pm-1The data block P exported with modular multiplication unit 12m-1' XOR is done, the output of XOR unit 101 is provided to the second ciphering unit 13, output and the modular multiplication result P of the second ciphering unit 13m-1' XOR unit 102 carry out XOR, obtain data block Bm-1, data Block Bm-1It is split as ciphertext block data CmWith ciphertext block data Cp.Wherein ciphertext block data CmLast as data cell is close Literary data block output, another part ciphertext block data CpWill be with last block of plaintext data PmIt is merged into complete 128 ratio Special data, continue follow-up computing.Corresponding data flow is as shown by the dotted line in fig. 3.
Block of plaintext data Pm-1Computing generation ciphertext block data CmWhen, the input of modular multiplication unit 12 is last modular multiplication fortune The result of calculation.
For the second ciphering unit 13, input data is block of plaintext data Pm-1With the output P of modular multiplication unit 12m-1' through One XOR unit 101 carries out the data block A obtained after XORm-1.The key that second ciphering unit 13 uses is 256 bit Key1, the output P of operation result and modular multiplication unit 12m-1' through the second XOR unit 102 carry out XOR after obtain data block Bm-1。 Data block Bm-1Into data buffer storage and adjustment logic unit 14.
In another example, caching and adjustment logic unit 14 include XOR unit, and caching and adjustment logic list Member 14 also receives the output of modular multiplication unit 12.The output of second ciphering unit 13 is supplied directly to caching and adjustment unit 14. In caching and adjustment unit 14, the output to the second ciphering unit 13 does XOR with the output of modular multiplication unit 12, obtains data block Bm-1, and data block Bm-1It is split as ciphertext block data CmWith ciphertext block data Cp
Data buffer storage and adjustment logic unit 14 cache to the data of input.Data block Bm-1It is divided into ciphertext block data CmWith ciphertext block data CpTwo parts, ciphertext block data CmOrder is output it by data buffer storage and adjustment logic unit 14 to adjust To last data for the encrypted result for corresponding to data cell.
Data block CmLast data block obtained as encrypted data unit, alternatively, it is provided to the 3rd encryption Unit 15.The bypass data block C of 3rd ciphering unit 15m
Fig. 4 illustrates XTS-AES encrypted circuit encrypting plaintext data blocks P according to embodiments of the present inventionmGenerate ciphertext number According to block Cm-1Data path.
Data block PmFor last data block in data cell, its size is likely less than or equal to 128 bit.According to XTS-AES agreements, data block PmWith data block Pm-1Operation result a part of ciphertext block data CpMerge, after merging Data block again the result after computing as ciphertext block data Cm-1Output, as data block PmByte number when being 128 byte, it is close Literary data block CpByte number be 0.Corresponding data flow is as shown in phantom in figure 4.
Block of plaintext data PmComputing generation ciphertext block data Cm-1When, the input of modular multiplication unit 12 is last modular multiplication fortune The result of calculation.
The bypass data block P of second ciphering unit 13m, then data block PmInto data buffer storage and adjustment logic unit 14.
The data of input are spliced and adjusted in data buffer storage and adjustment logic unit 14.Specifically, data are delayed Deposit and adjust logic unit 14 and wait data block PmArrive, by data block PmCached with data buffer storage and adjustment logic unit 14 Data block CpSpliced and combined into complete 128 bit data, and with corresponding modular multiplication result Pm' XOR.XOR result quilt It is supplied to the 3rd ciphering unit 15.3rd ciphering unit 15 XOR result is encrypted computing, and key used is 256 bits Key1.Output A of the XOR unit 103 to the 3rd ciphering unit 15m' with the modular multiplication result P of modular multiplication unit 12m' XOR, XOR Result afterwards is as ciphertext block data Cm-1Output.
Fig. 5 illustrates multiple data cells and is processed in parallel in XTS-AES encrypted circuits according to embodiments of the present invention Timing diagram.Streamline is made up of cryptographic calculation unit and associated control logic.
As shown in figure 5, BP represents ciphering unit without cryptographic calculation but bypasses the data of (ByPass) input in figure Block.DU0、DU1The data cell of representative, different subscripts indicate different data cells.DU0P0、DU1P1Instruction is to data cell Data block P it is corresponding data block processing.In Fig. 5, transverse axis instruction time, in the T of transverse axis0、T1、…、Tn、Tn+1、…Tn+4When Between section, the one-time pad encryption computing of the complete paired data block of ciphering unit in each period.As shown in figure 5, the first ciphering unit, The calculating of two ciphering units and the 3rd ciphering unit performs parallel, so as to eliminate the Cipher-Text Stealing operation because of XTS-AES to encryption The obstruction of process.For example, referring to Fig. 5 in T0Period, the first ciphering unit processing DU0P0, in T1、T2Period, the second encryption Cell processing DU0P0、DU0P1.In T3Period, although DU0Ciphering process not yet complete, but can be by DU1P0It is sent into the first encryption Unit is handled, to increase the concurrency of computations.Alternatively (not shown), in T3Moment, by the first ciphering unit Manage DU1P0, while the second ciphering unit processing DU0P2, with the concurrency of further increase calculating.And still alternatively, modular multiplication Unit 12 includes multiple buffer units, for caching the modular multiplication result corresponding to multiple data cells.
In Tn+1Period, the second ciphering unit calculate DU0Pm-1, and in Tn+2Period, the 3rd ciphering unit, which calculates, to be utilized Second ciphering unit is to DU0Pm-1Result of calculation calculate DU0Pm|Cp.In Figure 5, Tn+2The ciphering unit of period second is illustrated For idle (bypass input data, BP).Alternatively, in Tn+2Period, can be by DU1Pm-1The second ciphering unit is inputed to (not show Go out), and in Tn+3Period, DU is calculated by the 3rd ciphering unit1Pm|Cp(not shown), so as to further increase computations Concurrency.And still alternatively, data buffer storage and adjustment logic unit 14 include multiple buffer units, correspond to for caching The data block B of multiple data cellsm-1
According to embodiments of the present invention, the solution cipher telegram that ciphertext data cell is decrypted by XTS-AES standards is additionally provided Road.It is similar with Fig. 1 to decrypt the pipeline organization of circuit, difference is to distinguish the second ciphering unit 13 with the 3rd ciphering unit 15 Replace with the second decryption unit and the 3rd decryption unit.Second decryption unit is according to AES standards pair with the 3rd decryption unit The decryption unit of input data decryption.
In decrypting process, ciphertext data cell to be decrypted includes m+1 data block C0~Cm, data block C0~Cm-1's Size is such as 128 bits, data block CmSize be less than or equal to 128 bits.When decrypting a ciphertext data cell, The corresponding output of modular multiplication unit 12 is designated as data block C0" and data block C1'~Cm’。
In processing ciphertext block data Cm-1When, ciphertext block data Cm-1The data block C exported with modular multiplication unit 12m' carry out it is different Or (result is designated as Dm-1).Second decryption unit is to data block Dm-1It is decrypted, decrypted result is exported with modular multiplication unit 12 Data block Cm' carrying out XOR, (result is designated as Em-1).By data buffer storage and adjustment logic unit 14 caching data block Em-1.Data block Em-1Including data block PmWith data block PpTwo parts.In processing ciphertext block data CmWhen, by ciphertext block data CmData are sent to delay Deposit and adjust logic 14.Data buffer storage and adjustment logic 14 are by ciphertext block data CmWith the data block P of cachingpMerge, tied merging The data block C that fruit exports with modular multiplication unit 12m-1' XOR is carried out, XOR result is supplied to the 3rd decryption unit.And by the 3rd The data block C that the output of decryption unit is exported by XOR unit 103 with modular multiplication unit 12m-1' carry out XOR, XOR result conduct The second-to-last clear data unit P for decrypting to obtain to ciphertext data cellm-1.And by data buffer storage and adjust logical cache Data block PmAs the 1st clear data unit of inverse for decrypting to obtain to ciphertext data cell.
Fig. 6 is the same first ciphering unit relevant portion according to the XTS-AES encrypted circuits of further embodiment of this invention Block diagram.The data of first ciphering unit 11 input are the adjusted value of 128 bits.
Exemplarily, the course of work of the first ciphering unit 11 and modular multiplication unit 12 is described in detail as follows.
For each data cell, the first ciphering unit 11 adjusted value of input is encrypted computing, encryption used Key is the key2 of 256 bits, produces the encrypted result P of 128 bytes0’。
The input storage modular multiplication result cache unit 122 of modular multiplication unit 12.Modular multiplication result cache unit 122 and first is encrypted The output of unit 11 is all coupled to selector 102, and the input of modular multiplication unit 122 is the defeated of the selector 102 of 128 bytes Go out.If the 1st data block of currently processed data cell, selector 102 selects encrypted result P0' it is supplied to modular multiplication unit 12; If the 2nd to the m+1 data block of currently processed data cell, selector 102 selects the output of modular multiplication result cache unit 122 It is supplied to modular multiplication unit 12.The output of modular multiplication unit 12 is designated as modular multiplication result 104.M-th is arrived corresponding to the 1st of data cell the According to block, the output of modular multiplication unit 12 is followed successively by data block P0”、P1’、P2’、…Pm-1' and Pm’。
Fig. 7 is the same second ciphering unit relevant portion according to the XTS-AES encrypted circuits of further embodiment of this invention Block diagram.
Second ciphering unit 13 is to last data block P in ciphering process except corresponding data unitmOutside it is all Other encryption of blocks of data, and by last data block PmBypass.The modular multiplication result 104 of input is the mould that modular multiplication unit 12 exports Multiply result 104 (referring also to Fig. 6).
Referring to Fig. 7, the isolog data block of modular multiplication result 104 is coupled to XOR unit 101.The output coupling of XOR unit 101 Selector 202 is closed, block of plaintext data is also coupled to selector 202.In the final data block that block of plaintext data is data cell PmWhen, selector 202 selects data block Pm, and in other cases, selector 202 selects the output of XOR unit 101.Multichannel One of the output, the output of Port Multiplier 204 of the input coupling of device 204 to selector 202 is supplied to the second ciphering unit 13, and more Another output of road device 204 is bypassed by the second ciphering unit 13 and is supplied to the rear class of streamline.It is data in block of plaintext data The final data block P of unitmWhen, the data block P of the output of Port Multiplier 204mBypassed by the second ciphering unit 13.Second ciphering unit 13 output is designated as the second ciphering unit output 206.
Specifically, selector 202 according to currently processed data block whether last data block of corresponding data unit PmAnd make a choice.Wherein, if currently processed data block is not last data block of corresponding data unit, selector 202 output is the XOR result of XOR unit 101, exports to the second ciphering unit 13 and is encrypted through Port Multiplier 204;If work as Last data block P of the data block corresponding data unit of pre-treatmentm, the output of selector 202 is block of plaintext data Pm, but As a result do not export to the second ciphering unit 13, but the bypass output of the allocated device 204.
Currently processed data block is not last data block P of corresponding data unitmWhen, the second ciphering unit 13 is right Computing is encrypted in the data block that Port Multiplier 204 exports.Encryption key used in second ciphering unit 13 is 256 bit key1, Produce the encrypted result 206 of 128 bits.
Fig. 8 is the same 3rd ciphering unit relevant portion according to the XTS-AES encrypted circuits of further embodiment of this invention Block diagram.As shown in figure 8, correspond to last block of plaintext data P in the 3rd ciphering unit 15 processing Cipher-Text StealingmComputing.Number According to block PmSize be less than or equal to 128 bits (for the ease of description, hereinafter make PmSize be X bits), for other Data bypass exports.Referring to Fig. 8, modular multiplication result 104 (referring to Fig. 6) couples with the output of the second ciphering unit 13 (referring to Fig. 7) To XOR unit 102.As an example, the block of plaintext data that the output of the second ciphering unit 13 includes encrypted result or is bypassed. In the different phase of data cell encryption, the second ciphering unit 13 output encrypted result or block of plaintext data Pm.Selector 302 selects One of XOR unit 102 or block of plaintext data are selected, the output of selector 302 is written into data register 304.
The output (referring to Fig. 7) of second ciphering unit 13 is coupled to XOR unit (referring to Fig. 6) with modular multiplication result 104 1028.The output of XOR unit 1028 is written into data register 306.(the block of plaintext data P of second ciphering unit 13m) output Concatenation unit 328 is additionally coupled to, the data of data register 304 are also coupled to concatenation unit 328.Alternatively, XOR unit 1028 and XOR unit 102 are same XOR units.
XOR is done in output of the XOR unit 1038 to modular multiplication result 104 and concatenation unit 328, and XOR unit 1038 is coupled to Selector 310.Another input of selector 310 is the output of selector 308.Selector 308 selects data register 304 or number According to one of register 306 as output.
Port Multiplier 312 is by the output coupling of selector 310 to the 3rd ciphering unit 15 or provides bypass output (without the Three ciphering units 15).The output coupling XOR unit 103 of 3rd ciphering unit 15, XOR unit 103 to modular multiplication result 104 with XOR is done in the output of 3rd ciphering unit 15.
Corresponding data unit first to the m-1 data block processing stage, XOR unit 102 is single to the second encryption The encrypted result of member output does XOR with modular multiplication result 104.Selector 302 selects the output of XOR unit 102, and writes data Register 304.And selector 308 selects the output of data register 304, selector 310 selects the output of selector 308, Port Multiplier 312 makes the output of selector 308 bypass (without the 3rd ciphering unit 15) (as the encrypted result to data cell The 1st to the m-1 ciphertext block data, be designated as C0~Cm-2).Alternatively, the 3rd ciphering unit 15 can be closed, to reduce power consumption.
In the than the m-th data block (P of corresponding data unitm-1) processing stage, modular multiplication unit 102 is to the second ciphering unit 13 encrypted result is the same as (the P of modular multiplication result 104m-1') XOR is done, XOR result (is designated as data block Bm-1, including data block CmWith number According to block CpTwo parts, data block CmWith data block PmByte number it is identical) pass through selector 302 write data register 304.It is different Or the data block C in resultmIt is written into data register 306.
In the m+1 data block (P of corresponding data unitm) processing stage, concatenation unit 328 is by data register Data block C in 304pWith the block of plaintext data (P of the second XOR unit 13 outputm) splicing.XOR unit 1038 is by concatenation unit 328 and (the data block P of modular multiplication result 104m') phase XOR.The output of XOR unit 1038 is supplied to Port Multiplier by selector 310 312.The output of XOR unit 1038 is supplied to the 3rd ciphering unit 15 by Port Multiplier 312.3rd ciphering unit 15 is to XOR list The output encryption of member 1038.XOR unit 103 is by the output of the 3rd ciphering unit 15 with modular multiplication result (data block Pm') different Or, obtained result (is designated as C as the second-to-last ciphertext block data encrypted to data cellm-1)。
And next, the output of data register 306 is supplied to selector 310 by selector.Selector 310 is by data The output of register 306 is supplied to Port Multiplier 312.Port Multiplier 312 bypasses the output of data register 306 (without the 3rd Ciphering unit 15) (it is designated as Cm)。
According to further embodiment of this invention, the solution that ciphertext data cell is decrypted by XTS-AES standards is additionally provided Cipher telegram road.It is similar to the block diagram that Fig. 6-Fig. 8 is shown to decrypt the block diagram of circuit, difference is to add the second ciphering unit 13 and the 3rd Close unit 15 replaces with the second decryption unit and the 3rd decryption unit respectively.Second decryption unit and the 3rd decryption unit are root The decryption unit decrypted according to AES standards to input data.
In decrypting process, ciphertext data cell to be decrypted includes m+1 data block C0~Cm, data block C0~Cm-1's Size is such as 128 bits, data block CmSize be less than or equal to 128 bits.When decrypting a ciphertext data cell, The corresponding output of modular multiplication unit 12 is designated as data block C0" and data block C1'~Cm’。
In corresponding ciphertext block data Cm-1Processing stage, ciphertext block data Cm-1The data block provided with modular multiplication result 104 Cm' carrying out XOR (by XOR unit 101, referring also to Fig. 7), (result is designated as Dm-1).Second decryption unit is to data block Dm-1Enter Row decryption, the data block C that decrypted result is provided with modular multiplication result 104m' carry out XOR (by XOR unit 102, referring also to Fig. 8) (result is designated as Em-1, and data register 304 is stored in, referring also to Fig. 8).Data block Em-1Including data block PmWith data Block PpTwo parts.Also by data block PmIt is stored in data register 306 (referring to Fig. 8).In corresponding ciphertext block data CmProcessing rank Section, by the ciphertext block data C of data register 304 (referring to Fig. 8)mIt is sent to concatenation unit 328.With the data block P of cachingpMerge. The data block C that concatenation unit 308 provides amalgamation result and modular multiplication result 104m-1' XOR (by XOR unit 1038) is carried out, XOR result is supplied to the 3rd decryption unit.And by the output of the 3rd decryption unit by XOR unit 103 with modular multiplication result 104 The data block C of offerm-1' XOR is carried out, XOR result is as the second-to-last plaintext number for decrypting to obtain to ciphertext data cell According to unit Pm-1.And the data block P for caching data register 306mAs the inverse the 1st for decrypting to obtain to ciphertext data cell Individual clear data unit.
The processing speed of XTS-AES encryptions/decryption is carried out to data cell by according to an embodiment of the invention, improving Degree, and avoid data dependence and processing procedure is interrupted.
Although having been described for the preferred embodiment of the application, those skilled in the art once know basic creation Property concept, then can make other change and modification to these embodiments.So appended claims be intended to be construed to include it is excellent Select embodiment and fall into having altered and changing for the application scope.Obviously, those skilled in the art can be to the application Various changes and modification are carried out without departing from spirit and scope.So, if these modifications and variations of the application Belong within the scope of the application claim and its equivalent technologies, then the application is also intended to exist comprising these changes and modification It is interior.

Claims (10)

1. a kind of XTS-AES data cells encrypted circuit, it is characterised in that data cell includes m+1 data block P0~Pm, m is Positive integer, wherein, 1~m data block P0~Pm-1It is respectively provided with predetermined word joint number, the m+1 data block PmByte number be less than Or equal to predetermined word joint number;
The XTS-AES data cells encrypted circuit includes:First ciphering unit (AES0), modular multiplication unit, XOR unit, second Ciphering unit (AES1), the 3rd ciphering unit (AES2) and caching and adjustment unit, wherein,
First ciphering unit is used to the adjusted value of data cell is encrypted and exported to give modular multiplication unit;
The previous operation result of output or modular multiplication unit of the modular multiplication unit to the first ciphering unit carries out modular multiplication, and caches fortune Calculate result;
XOR unit includes the first XOR unit, the second XOR unit and the 3rd XOR unit, wherein, the first XOR unit is used for One of data block of output and data cell to modular multiplication unit does XOR, and the output coupling of the first XOR unit is encrypted to second The input of unit (AES1);Second XOR unit is done for the output to the second ciphering unit (AES1) and the output of modular multiplication unit XOR, the output coupling of the second XOR unit to the 3rd ciphering unit (AES2);3rd XOR unit is used for single to the 3rd encryption First output of (AES2) does XOR with the output of modular multiplication unit;
Cache and enter with XOR result of the adjustment unit for output and the output of modular multiplication unit to the second ciphering unit (AES1) Row caching, caching are additionally operable to the data block P of splicing data cell with adjustment unitmIt is single with adjustment with the data block of caching, caching The output coupling of member is to the 3rd ciphering unit (AES2).
2. XTS-AES data cells encrypted circuit as claimed in claim 1, it is characterised in that the processing bag to data cell Include and correspond to data block P0~PmM+1 stage S1~Sm+1
3. XTS-AES data cells encrypted circuit as claimed in claim 2, it is characterised in that
In response to the stage S of processing data block1-Sm-1
First XOR unit, output and the data block (P of the current generation corresponding to data cell to modular multiplication unit0-Pm-2) do XOR;Output encryption of second ciphering unit (AES1) to the first XOR unit, the second XOR unit is to the second ciphering unit (AES1) XOR is done in output and the output of modular multiplication unit, by the stage S of the second XOR cell processing data cell1To the stage Sm-1Output exported as the 1st to the m-1 that the XTS-AES data cells encrypted circuit handles the data cell.
4. the XTS-AES data cell encrypted circuits as described in one of claim 2-3, it is characterised in that
In response to the stage S of processing data blockm
First XOR unit, output and the data block (P of the current generation corresponding to data cell to modular multiplication unitm-1) do it is different Or;Output encryption of second ciphering unit (AES1) to the first XOR unit, (AES1) output of the second ciphering unit are supplied to The caching and adjustment unit;Caching is done with output of the adjustment unit to the second ciphering unit (AES1) and the output of modular multiplication unit XOR, and cache XOR result.
5. the XTS-AES data cell encrypted circuits as described in one of claim 2-4, it is characterised in that
In response to the stage S of processing data blockm+1
By data block PmThe caching and adjustment unit are supplied to, the caching includes number with the data block that adjustment unit is cached According to block CmWith data block CpTwo parts, the caching is with adjustment unit by data block PmWith data block CpMerge, by the data of merging XOR is done in the output of block and modular multiplication unit, and XOR result is supplied into the 3rd ciphering unit (AES2);
The output of 3rd ciphering unit (AES2) is supplied to the 3rd XOR unit, and the 3rd XOR unit is to the 3rd ciphering unit (AES2) XOR is done with the result of modular multiplication unit, the output of the 3rd XOR unit handles institute as the XTS-AES encrypted circuits State m-th of output of data cell.
6. XTS-AES data cells encrypted circuit as claimed in claim 5, it is characterised in that
Caching and adjustment unit output Cm, the m+ as the XTS-AES data cells encrypted circuit processing data cell 1 output.
7. a kind of XTS-AES data cells decrypt circuit, it is characterised in that data cell includes m+1 data block C0~Cm, m is Positive integer, wherein, 1~m data block C0~Cm-1It is respectively provided with predetermined word joint number, the m+1 data block CmByte number be less than Or equal to predetermined word joint number;
The XTS-AES data cells decryption circuit includes:First ciphering unit (AES0), modular multiplication unit, XOR unit, second Decryption unit (AES1), the 3rd decryption unit (AES2) and caching and adjustment unit, wherein,
First ciphering unit (AES0) is used to the adjusted value of data cell is encrypted and exported to give modular multiplication unit;
The previous operation result of output or modular multiplication unit of the modular multiplication unit to the first ciphering unit (AES0) carries out modular multiplication, and Cache operation result;
XOR unit includes the first XOR unit, the second XOR unit and the 3rd XOR unit, wherein, the first XOR unit is used for One of data block of output and data cell to modular multiplication unit does XOR, and the output coupling of the first XOR unit is decrypted to second The input of unit (AES1);Second XOR unit is done for the output to the second decryption unit (AES1) and the output of modular multiplication unit XOR, the output coupling of the second XOR unit to the 3rd decryption unit (AES2);3rd XOR unit is used for single to the 3rd decryption First output of (AES2) does XOR with the output of modular multiplication unit;
Cache and enter with XOR result of the adjustment unit for output and the output of modular multiplication unit to the second decryption unit (AES1) Row caching, caching are additionally operable to the data block C of splicing data cell with adjustment unitmIt is single with adjustment with the data block of caching, caching The output coupling of member is to the 3rd decryption unit (AES2).
A kind of 8. XTS-AES encrypted circuits, for being encrypted according to XTS-AES agreements to data cell, it is characterised in that data sheet Member includes m+1 data block P0~Pm, m is positive integer, and the processing to data cell includes corresponding to data block P0~Pm's M+1 stage S1~Sm+1
The XTS-AES encrypted circuits include:First AES encryption unit (AES0), the second AES encryption unit (AES1), the 3rd AES encryption unit (AES2), modular multiplication unit, the first XOR unit (101), the second XOR unit (102), the 3rd XOR unit And data buffer storage unit (103);
In the processing stage S of processing data unit1, adjusted value encryption of the first AES encryption unit (AES0) to data cell, its Output coupling is to modular multiplication unit;
Input of the output coupling of modular multiplication unit to the first XOR unit (101) and modular multiplication unit;
First XOR unit (101) is used for output and the data block of the current generation corresponding to data cell to modular multiplication unit (P0-Pm-1) do XOR;
Output encryption of the second AES encryption unit (AES1) to the first XOR unit (101);
XOR is done in output of the second XOR unit (102) to the second AES encryption unit (AES1) and modular multiplication unit;Wherein work as processing The S of data cellmDuring the stage, the output of the second XOR unit is cached with data buffer storage unit, the data block cached includes number According to block CmWith data block CpTwo parts;By the stage S of the second XOR cell processing data cell1To stage Sm-1Output as institute State the 1st to the m-1 output that XTS-AES encrypted circuits handle the data cell;Buffer unit caching is used for the number According to the data block C of unitmThe m+1 output during the data cell is handled as the XTS-AES encrypted circuits;
Data buffer storage unit also receives in plain text, and data buffer storage unit is by data block PmWith data block CpMerge;
3rd ciphering unit (AES2) is coupled to data buffer storage unit, the P cached to data buffer storage unitmWith CpAfter merging Data are encrypted with the XOR result of the output of modular multiplication unit;
XOR is done in output of the 3rd XOR unit (103) to the 3rd ciphering unit (AES2) and the output of modular multiplication unit, by the 3rd M-th output of the output of XOR unit (103) as the XTS-AES encrypted circuits processing data cell.
9. a kind of XTS-AES decrypts circuit, for being decrypted according to XTS-AES agreements to data cell, it is characterised in that data sheet Member includes m+1 data block C0~Cm, m is positive integer, and the processing to data cell includes corresponding to data block C0~Cm's M+1 stage Q1~Qm+1
The XTS-AES decryption circuit includes:First ciphering unit (AES0), the second decryption unit (AES1), the 3rd decryption are single First (AES2), modular multiplication unit, the first XOR unit (101), the second XOR unit (102), the 3rd XOR unit (103) and data Buffer unit;
In the processing stage Q of processing data unit1, adjusted value encryption of the first ciphering unit (AES0) to data cell, it is exported It is coupled to modular multiplication unit;
Input of the output coupling of modular multiplication unit to the first XOR unit (101) and modular multiplication unit;
First XOR unit (101) is used for the Q to modular multiplication unit1-Qm-2Stage exports and the Q corresponding to data cell1-Qm-2Rank Data block (the C of section0-Cm-2) XOR is done, and for the Q to modular multiplication unitmThe output in stage and the Q of data cellm-1Stage Data block (Cm-1) do XOR;
Output decryption of the 2nd AES decryption units (AES1) to the first XOR unit (101);
XOR is done in output of the second XOR unit (102) to the 2nd AES decryption units (AES1) and the output of modular multiplication unit;Wherein As the Q of processing data unitmDuring the stage, data buffer storage unit caches the output of the second XOR unit (102), the data cached Block includes data block PmWith data block PpTwo parts;By the stage Q of second XOR unit (102) processing data unit1To the stage Qm-1Output exported as the 1st to the m-1 of data cell described in XTS-AES decryption processing of circuit;Buffer unit delays The data block P for the data cell depositedmAs the m+ described in the XTS-AES decryption processing of circuit during data cell 1 output;
Data buffer storage unit also receives ciphertext, and data buffer storage unit is by data block CmWith data block PpMerge;
3rd decryption unit (AES2) is coupled to data buffer storage unit, the C cached to data buffer storage unitmWith PpAfter merging Data are decrypted with the XOR result of the output of modular multiplication unit;
XOR is done in output of the 3rd XOR unit (103) to the 3rd decryption unit (AES2) and the output of modular multiplication unit, by the 3rd M-th output of the output of XOR unit (103) as data cell described in XTS-AES decryption processing of circuit.
10. XTS-AES as claimed in claim 9 decrypts circuit, it is characterised in that
The modular multiplication unit includes multiple caching parts, for caching each modular multiplication result for multiple data cells, with And when handling the stage of the first data cell, using the modular multiplication result of the first data cell of caching as the defeated of modular multiplication unit Go out, and update with next output of the modular multiplication unit modular multiplication result of the first data cell of the caching.
CN201610867007.2A 2016-09-29 2016-09-29 XTS AES encryptions circuit, decryption circuit and its method Pending CN107888373A (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201910576163.7A CN110276208B (en) 2016-09-29 2016-09-29 Encryption circuit, decryption circuit and method thereof
CN201610867007.2A CN107888373A (en) 2016-09-29 2016-09-29 XTS AES encryptions circuit, decryption circuit and its method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201610867007.2A CN107888373A (en) 2016-09-29 2016-09-29 XTS AES encryptions circuit, decryption circuit and its method

Related Child Applications (1)

Application Number Title Priority Date Filing Date
CN201910576163.7A Division CN110276208B (en) 2016-09-29 2016-09-29 Encryption circuit, decryption circuit and method thereof

Publications (1)

Publication Number Publication Date
CN107888373A true CN107888373A (en) 2018-04-06

Family

ID=61769040

Family Applications (2)

Application Number Title Priority Date Filing Date
CN201910576163.7A Active CN110276208B (en) 2016-09-29 2016-09-29 Encryption circuit, decryption circuit and method thereof
CN201610867007.2A Pending CN107888373A (en) 2016-09-29 2016-09-29 XTS AES encryptions circuit, decryption circuit and its method

Family Applications Before (1)

Application Number Title Priority Date Filing Date
CN201910576163.7A Active CN110276208B (en) 2016-09-29 2016-09-29 Encryption circuit, decryption circuit and method thereof

Country Status (1)

Country Link
CN (2) CN110276208B (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109150497A (en) * 2018-07-26 2019-01-04 南京航空航天大学 A kind of XTS-SM4 encrypted circuit of high-performance small area
US11301153B2 (en) 2020-06-12 2022-04-12 Western Digital Technologies, Inc. High-throughput out-of-order cipher text stealing
US20230080104A1 (en) * 2021-08-25 2023-03-16 International Business Machines Corporation Bulk data transfers via transport layer security protocol

Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110123020A1 (en) * 2009-11-26 2011-05-26 Samsung Electronics Co., Ltd. Endecryptor capable of performing parallel processing and encryption/decryption method thereof
US20110255689A1 (en) * 2010-04-15 2011-10-20 Lsi Corporation Multiple-mode cryptographic module usable with memory controllers
CN102411694A (en) * 2010-09-22 2012-04-11 株式会社东芝 Cryptographic apparatus and memory system
US20140044262A1 (en) * 2012-08-09 2014-02-13 Cisco Technology, Inc. Low Latency Encryption and Authentication in Optical Transport Networks
CN104852798A (en) * 2015-05-11 2015-08-19 清华大学深圳研究生院 Data encryption and decryption system and method thereof
CN105243344A (en) * 2015-11-02 2016-01-13 上海兆芯集成电路有限公司 Chipset with hard disk encryption function and host computer controller
CN105354503A (en) * 2015-11-02 2016-02-24 上海兆芯集成电路有限公司 Data encryption/decryption method for storage apparatus

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR100574965B1 (en) * 2004-01-19 2006-05-02 삼성전자주식회사 Finite field multiplier
CN102025484B (en) * 2010-12-17 2012-07-04 北京航空航天大学 Block cipher encryption and decryption method
US20150058639A1 (en) * 2013-08-23 2015-02-26 Kabushiki Kaisha Toshiba Encryption processing device and storage device
JP6552184B2 (en) * 2014-01-14 2019-07-31 キヤノン株式会社 INFORMATION PROCESSING APPARATUS AND METHOD THEREOF
US9485088B2 (en) * 2014-10-31 2016-11-01 Combined Conditional Access Development And Support, Llc Systems and methods for dynamic data masking

Patent Citations (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20110123020A1 (en) * 2009-11-26 2011-05-26 Samsung Electronics Co., Ltd. Endecryptor capable of performing parallel processing and encryption/decryption method thereof
US20110255689A1 (en) * 2010-04-15 2011-10-20 Lsi Corporation Multiple-mode cryptographic module usable with memory controllers
CN102411694A (en) * 2010-09-22 2012-04-11 株式会社东芝 Cryptographic apparatus and memory system
US20140044262A1 (en) * 2012-08-09 2014-02-13 Cisco Technology, Inc. Low Latency Encryption and Authentication in Optical Transport Networks
CN104852798A (en) * 2015-05-11 2015-08-19 清华大学深圳研究生院 Data encryption and decryption system and method thereof
CN105243344A (en) * 2015-11-02 2016-01-13 上海兆芯集成电路有限公司 Chipset with hard disk encryption function and host computer controller
CN105354503A (en) * 2015-11-02 2016-02-24 上海兆芯集成电路有限公司 Data encryption/decryption method for storage apparatus

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
李子磊: "高吞吐率XTS-AES加密算法的硬件实现", 《中国优秀硕士学位论文全文数据库 信息科技辑》 *

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109150497A (en) * 2018-07-26 2019-01-04 南京航空航天大学 A kind of XTS-SM4 encrypted circuit of high-performance small area
CN109150497B (en) * 2018-07-26 2020-07-24 南京航空航天大学 XTS-SM4 encryption circuit with high performance and small area
US11301153B2 (en) 2020-06-12 2022-04-12 Western Digital Technologies, Inc. High-throughput out-of-order cipher text stealing
US20230080104A1 (en) * 2021-08-25 2023-03-16 International Business Machines Corporation Bulk data transfers via transport layer security protocol

Also Published As

Publication number Publication date
CN110276208A (en) 2019-09-24
CN110276208B (en) 2022-06-17

Similar Documents

Publication Publication Date Title
Zhang et al. Implementation approaches for the advanced encryption standard algorithm
CN101350714B (en) Efficient advanced encryption standard (AES) data path using hybrid RIJNDAEL S-BOX
US7508937B2 (en) Programmable data encryption engine for advanced encryption standard algorithm
US8411853B2 (en) Alternate galois field advanced encryption standard round
CN104639314A (en) Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method
CN104852798B (en) A kind of data encrypting and deciphering system and method
CN113078996B (en) FPGA (field programmable Gate array) optimization realization method, system and application of SM4 cryptographic algorithm
CN107888373A (en) XTS AES encryptions circuit, decryption circuit and its method
US10237066B1 (en) Multi-channel encryption and authentication
CN104219045B (en) RC4 stream cipher generators
EP1456994B1 (en) Programmable data encryption engine for advanced encryption standard algorithm
CN108933652A (en) A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit
CN109150495A (en) A kind of round transformation multiplex circuit and its AES decrypt circuit
CN107888374A (en) XTS AES encryptions/decryption streamline
Buell Modern symmetric ciphers—Des and Aes
CN110266481A (en) Rear quantum Encrypt and Decrypt method and decryption device based on matrix
Mahmoud et al. A Metamorphic-Key-Hopping GOST Cipher and Its FPGA Implementation
Rachh et al. Efficient implementations of S-box and inverse S-box for AES algorithm
CN102780557B (en) Method and device for AES (advanced encryption standard) encryption/decryption with selection gate optimization
CN109033893A (en) AES encryption unit, AES encryption circuit and its encryption method based on composite matrix
CN108809627A (en) Round transformation multiplex circuit and AES decrypt circuit
CN108989018B (en) AES encryption unit, AES encryption circuit and encryption method
CN109639408A (en) A kind of AES decryption multiplexing round transformation circuit structure
Miroshnik Implementation of cryptographic algorithms on FPGA-based digital distributed systems
Kumar et al. FPGA Implementation of High Performance Hybrid Encryption Standard

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20180406