CN108809627A - Round transformation multiplex circuit and AES decrypt circuit - Google Patents

Round transformation multiplex circuit and AES decrypt circuit Download PDF

Info

Publication number
CN108809627A
CN108809627A CN201810597055.3A CN201810597055A CN108809627A CN 108809627 A CN108809627 A CN 108809627A CN 201810597055 A CN201810597055 A CN 201810597055A CN 108809627 A CN108809627 A CN 108809627A
Authority
CN
China
Prior art keywords
register
round transformation
input terminal
circuit
composite matrix
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810597055.3A
Other languages
Chinese (zh)
Other versions
CN108809627B (en
Inventor
张肖强
郑辛星
梁广俊
王新航
王磊
孙忠先
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Polytechnic University
Original Assignee
Anhui Polytechnic University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Polytechnic University filed Critical Anhui Polytechnic University
Priority to CN201810597055.3A priority Critical patent/CN108809627B/en
Publication of CN108809627A publication Critical patent/CN108809627A/en
Application granted granted Critical
Publication of CN108809627B publication Critical patent/CN108809627B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/06Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
    • H04L9/0618Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
    • H04L9/0631Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • H04L2209/122Hardware reduction or efficient architectures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/12Details relating to cryptographic hardware or logic circuitry
    • H04L2209/125Parallelization or pipelining, e.g. for accelerating processing of cryptographic operations

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention relates to cryptochannel technical fields, provide a kind of round transformation multiplex circuit and AES encryption circuit, merging and synthesis operation of the round transformation multiplex circuit provided by the invention by constant matrices, all linear transformation operations in AES decipherment algorithms are combined into two composite matrix, composite matrixWith composite matrixThe critical path of circuit is decrypted so as to shorten AES, while being reduced AES decryption circuits and being realized area.

Description

Round transformation multiplex circuit and AES decrypt circuit
Technical field
The present invention relates to cryptochannel technical fields more particularly to a kind of round transformation multiplex circuit and AES to decrypt circuit.
Background technology
AES (Advanced Encryption Standard, Advanced Encryption Standard) is by American National Standard and technology A new generation's grouping symmetric cryptographic algorithm that research institute formulates for 2001, for replacing original DES (Data Encryption Standard, data encryption standards).Currently, AES cryptographic algorithms are used by multiple International Standards Organization, it is to make at present With widest block cipher.
The data packet length of AES cryptographic algorithms is 128 bits, and key length has three kinds of 128,192 and 256 bit, point Also known as it is AES-128, AES-192, AES-256.Aes algorithm is an iterative algorithm, each iteration is properly termed as round transformation, Key length is different, and round transformation quantity is also different, AES-128, AES-192, the round transformation quantity N of AES-256rRespectively 10, 12,14.AES encryption flow is as shown in Fig. 1, carries out first run transformation, N successivelyrThe common round transformation of -1 wheel and last round transformation, the first run Transformation carries out key and adds operation and byte replacement operation successively;Common round transformation is in order into every trade displacement, row mixing and key Add and byte replaces four operations;First run transformation adds operation into every trade displacement and key in order.AES decrypts flow An opposite process of process, as shown in Fig. 2, and carrying out first run transformation, N successivelyrThe common round transformation of -1 wheel and last round transformation, The first run is transformed in encryption flow the inverse operation of last round transformation, carries out key successively and adds and Retrograde transposition operation, common round transformation Add, against row mixing, Retrograde transposition operation for the inverse operation of common round transformation in encryption flow, including the replacement of inverse byte, key, it is last Wheel variation is the inverse operation that the first run converts in encryption flow, and the inverse byte of progress is replaced successively and key adds operation, wherein inverse row mix It closes, Retrograde transposition and inverse byte replace the inverse operation that mixing, row displacement and byte replacement are arranged in respectively encryption flow.
Each operation in isolated operation decrypting process successively, not only wastes circuit resource, and critical path is longer, therefore, Adjacent several arithmetic elements an arithmetic element is merged by composite matrix to realize.T boxes are achieved in that at present Round transformation circuit most common arithmetic element merging realization method in realizing, T boxes, which are realized, is moved S boxes, row by precomputation mode The operation result of the operations such as position and row mixing, which prestores one, to be stored in arithmetic element, realizes S boxes, row displacement in a look-up table Union operation function is mixed with row.T boxes realize the critical path for reducing entire ordinary wheel translation circuit, therefore T boxes realization side Formula is mainly used in high speed AES circuit designs, although T boxes realization method can accelerate data processing speed, also increases Circuit area is added, as Rach et al. will be based on afterbody GF (2 in compositum S boxes/inverse S boxes4) multiplier, mapping matrix/ Inverse mapping operation, affine/inverse Affine arithmetic, row mixing/inverse row hybrid operation and key add five operations such as operation to be merged into one A arithmetic element, union operation unit shortens critical path, but also considerably increases circuit area simultaneously, existing based on conjunction The round transformation circuit of union is all that critical path depth is optimized as cost using increasing circuit area.
Invention content
The embodiment of the present invention provides a kind of AES decryption circuit, it is intended to the existing round transformation circuit based on union operation is solved, Be to increase circuit area it is cost come the problem of being optimized to critical path depth.
The invention is realized in this way a kind of round transformation multiplex circuit, the round transformation multiplex circuit include:
Composite matrix multiplying unit 1, constant add arithmetic element, compositum inverse of multiplication unit, selector S1, close At matrix multiplication operation unit 2 and selector S2, wherein the input terminal and feedback data of composite matrix multiplying unit 1 are defeated Inbound port connects, and output end adds the input terminal of arithmetic element to connect with constant, and constant adds the output end and compositum of arithmetic element The input terminal of inverse of multiplication unit connects, and the output end of compositum inverse of multiplication unit connects with an input terminal of selector S1 It connects, another input terminal of selector S1 is connect with ciphertext data-in port, the output end and key input mouth of selector S1 Connect with the input terminal of composite matrix multiplying unit 2, two output ends of composite matrix multiplying unit 2 respectively with choosing Two input terminals connection of device S2 is selected, third output end is connect with clear data output port;
Composite matrix multiplying unit 1, by composite matrixWith the column vector inputted from feedback data input terminalMultiplying is carried out, by operation resultIt is output to constant and adds operation list The expression formula of member, composite matrix is specific as follows shown:
Constant adds arithmetic element, will be vectorialWith constant vector, that is, Ωλ=[ωλλλλ]T Sum operation, by operation resultIt is output in compositum inverse of multiplication unit;
Compositum inverse of multiplication unit, will be vectorialIn each byte carry out compositum multiplication Inverse operation, by operation resultIt is output to composite matrix multiplying unit 2;
When carrying out first run transformation, selector S1 selects the data that will be inputted from ciphertext input port It is output to composite matrix multiplying unit 2, when carrying out common round transformation and last round transformation, selector S1 is selected compositum Inverse of multiplication resultIt is output to composite matrix multiplying unit 2;
Composite matrix multiplying unit 2, the data vector that selector S1 is exportedWith it is close Key vectorIt is combined into a column vectorKey vectorWith the key vector K in ciphering processvIt is identical, by composite matrixWith column vectorCarry out multiplying, composite matrix Expression formula it is specific as follows shown in:
The vector that the first row of operation result to fourth line is formedWith fifth line to handle The vector of row compositionIt is respectively outputted to selector S2, operation result the 9th row to the 12nd row group At vectorIt is exported from plaintext output port;
When carrying out first run transformation, selector S2 selections will be vectorialIt is defeated to feed back to feedback data Inbound port, when carrying out common round transformation, selector S2 selections will be vectorialFeed back to feedback coefficient According to output port.
The invention is realized in this way a kind of AES based on round transformation multiplex circuit decrypts circuit, AES decrypts circuit packet It includes:
One multiplexing round transformation circuit, register 1 and register 2, the feedback data output port of round transformation multiplex circuit Connect with the input terminal of register 1, the output end of register 1 is connect with the input terminal of register 2, the output end of register 2 with The feedback data input terminal of round transformation multiplex circuit connects;
The data bit width of register 1 and register 2 is 16 bytes.
The invention is realized in this way a kind of AES based on round transformation multiplex circuit decrypts circuit, AES decrypts circuit packet It includes:
Two multiplexing round transformation circuits, register 1 and register 2, the feedback data output of two round transformation multiplex circuits Port is connect with the input terminal of register 1, and the output end of register 1 is connect with the input terminal of register 2, the output of register 2 End is connect with the feedback data input terminal of two round transformation multiplex circuits;
The data bit width of register 1 and register 2 is 16 bytes.
The invention is realized in this way a kind of AES based on round transformation multiplex circuit decrypts circuit, AES decrypts circuit packet It includes:
Four multiplexing round transformation circuits and register, feedback data output port and the deposit of four round transformation multiplex circuits The input terminal of device connects, and the output end of register is connect with the feedback data input terminal of four round transformation multiplex circuits;
The data bit width of register is 16 bytes.
Merging and synthesis operation of the round transformation multiplex circuit proposed by the present invention by constant matrices, by AES decipherment algorithms In all linear transformation operations be combined into two composite matrix, composite matrixWith composite matrixIt is decrypted so as to shorten AES The critical path of circuit, while reducing AES decryption circuits and realizing area, research shows that circuit scale is bigger, circuit efficiency is higher, Therefore the present invention is merged by matrix is combined into large-scale linear operation with synthesis by several small-scale linear operation units, has Conducive to the raising of circuit optimization efficiency, reduces AES decryption circuits and realize area.
Description of the drawings
Fig. 1 is standard AES encryption flow chart provided in an embodiment of the present invention;
Fig. 2 is that standard AES provided in an embodiment of the present invention decrypts flow chart;
Fig. 3 is the round transformation multiplex circuit structural schematic diagram provided in an embodiment of the present invention for AES decryption;
Fig. 4 is that the AES that the embodiment of the present invention one provides decrypts electrical block diagram;
Fig. 5 is that AES provided by Embodiment 2 of the present invention decrypts electrical block diagram;
Fig. 6 is that the AES that the embodiment of the present invention three provides decrypts electrical block diagram.
Specific implementation mode
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, right The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and It is not used in the restriction present invention.
Existing arithmetic element generally includes:Inverse byte replacement operation unit, Retrograde transposition arithmetic element, inverse row mixing fortune It calculates unit and key adds arithmetic element, the operational formula of above-mentioned arithmetic element specific as follows:
AES round transformations are that progress map function, decipherment algorithm regard 128 bit packet datas of input in the matrix form Element for 4 × 4 byte matrixes, each matrix is 1 byte.It is 4 × 4 words that the intermediate result of round transformation, which is referred to as state matrix, Save matrix.Assuming that the state matrix of common round transformation input is:
Each operation in AES decrypting processes is described in detail as follows:
1. against byte replacement operation unit
Inverse byte replacement operation unit carries out inverse byte replacement operation, and inverse byte replacement operation is the inverse fortune that byte is replaced It calculates, also referred to as against S box operations.Inverse S boxes operation is equally that each byte in state matrix is inverse according to byte substitution table progress Replacement operation.Assuming that the state matrix after inverse S boxes operation is:
Then it can be expressed as against S box operations:
WhereinFor inverse S boxes operation function.Inverse S box operations are unique non-linear fortune in four operations of common round transformation Calculation and the highest operation of computational complexity, therefore inverse S box computing circuits occupy the overwhelming majority of entire AES decryption circuit Circuit area and power consumption.
In inverse S boxes operation, input byte carries out an inverse Affine arithmetic first, and inverse Affine arithmetic is that encryption S boxes are affine Then the inverse operation of operation carries out a finite field gf (28) domain comultiplication inverse operation, expression formula is:
Wherein x is input byte, and ω is byte constant, and τ ' is 8 × 8bit constant matrices, is constant matrices τ in encryption S boxes Inverse matrix, τ ' and ω are for completing inverse Affine arithmetic, ()A -1For GF (28) inverse of multiplication on domain.It is according to the present invention GF(28) domain is GF (2 specified in AES cryptographic algorithms8) domain, irreducible function is
F (x)=x8+x4+x3+x+1
In numerous S boxes realization methods, the S boxes based on compositum are realized with minimum circuit area.Compositum S boxes are logical Mathematic(al) manipulation is crossed by major calculations unit-GF (2 in S boxes8) domain inverse of multiplication unit is mapped in compositum and realizes.It is multiple GF (2 will be far smaller than by closing the computation complexity of domain inverse of multiplication8) the inverse computation complexity of domain multiplication, thus can subtract significantly The hardware complexity that few S box circuits are realized.
Inverse S boxes operation expression based on compositum is:
Wherein ()C -1For the inverse of multiplication on compositum, compositum be arbitrarily with GF (28) domain isomorphism compositum, δ is 8 × 8bit mapping matrixes, effect is will to input byte x from GF (28) for domain mapping to compositum, δ ' is δ inverse matrixs, effect It is that compositum inverse of multiplication result is mapped back into GF (2 from compositum8) domain.
In finite field, add operation is position XOR logic operation.According to Therefore, constant adds operation+ω in hardware realization, adds 0 operation that can directly dispense, and add-one operation can be used Two methods replace XOR logic operation:1. the XOR logic of any two variable uses same or logic to replace;2. any two The use XOR logic of variable+negate logic realization.Since the circuit area and delay of same or logic gate and exclusive or logic gate are several It is identical, while can ignore compared to exclusive or logic gate, the circuit area of reverse logic door and delay, it is therefore, hard in inverse S boxes When part is realized, constant adds operation+ω circuit areas and delay can be ignored.
2. key adds arithmetic element
Key adds arithmetic element progress key to add operation, key that operation is added to add operation identical with the key in encryption flow. Assuming that the state matrix after key adds operation is:
Key adds the operation expression to be:
Wherein matrixIt for sub-key matrix, is generated by key schedule, sub-key matrix uses sequence and encryption Flow neutron cipher key matrix uses sequence opposite.
3. against row hybrid operation unit
Inverse row hybrid operation unit carries out inverse row hybrid operation, and inverse row hybrid operation is the mixed inverse operation of row, equally may be used To be considered as each in state matrix arrange with a constant multinomial in ringOn product.Assuming that after inverse row hybrid operation State matrix is:
The expression formula of inverse row hybrid operation is:
Wherein matrixFor row mixed constant matrix, constant matricesInRespectively GF (28) Multiplying constant × { 09 } on domain16、×{0b}16、×{0d}16、×{0e}16Matrix form, the present invention in { }16Indicate the ten of constant Senary form.
4. Retrograde transposition arithmetic element
Retrograde transposition arithmetic element carries out Retrograde transposition operation, and Retrograde transposition operation is the inverse operation of row displacement, i.e. state The first row of matrix does not convert, and second, three, four rows distinguish one byte of right shift, two bytes and three bytes.Assuming that State matrix after Retrograde transposition operation is:
State matrix after Retrograde transposition can be expressed as:
Retrograde transposition operation need not also consume any logic circuit resource in hardware realization, only need to adjust bus location ?.
5. ordinary wheel transformation for mula
Four arithmetic elements in common round transformation can be implemented separately, and can also merge adjacent several arithmetic elements It is realized at an arithmetic element.The round transformation circuit that arithmetic element is implemented separately not only wastes circuit resource, and critical path Diameter is longer.The present invention is according to decryption ordinary wheel transformation for mula, by merging and the synthesis operation of constant matrices, to decrypting ordinary wheel Linear operation in transformation merges.According to each sub- operational formula in round transformation among the above, it can be deduced that decryption is common Round transformation formula is:
WhereinFor constant matricesIn row vector,WithThe data matrix respectively inputtedAnd cipher key matrixIn column vector, i.e.,:
By the output variable r with identical input in above-mentioned formulax,yOne group is divided, four groupings can be divided into altogether.This Four groupings have identical operation operation, and the circuit computing unit having the same in hardware realization.Each grouping output becomes Amount can be expressed as linear equation form:
Input variable and output variable in the above formula corresponding variable in each grouping is:
Group I:Group II:
Group III:Group IV:
Area is realized in order to reduce circuit, and the present invention is further by the GF (2 in inverse S boxes8) multiplication inverse mapping is to compositum In, the common round transformation grouping formula after mapping is:
6. first run transformation for mula
According to above-mentioned each sub- operational formula, it can equally show that first run transformation for mula is:
It is grouped according to common round transformation, above-mentioned first run transformation for mula can also be divided into four groupings, first run transformation grouping Formula is:
Input variable and output variable corresponding variable and ordinary wheel in each grouping in first run transformation grouping formula It converts identical.
7. last round transformation formula
According to above-mentioned each sub- operational formula, it can equally show that last round transformation formula is:
Last round transformation formula equally can also be divided into four groupings, last round transformation grouping formula is:
Input variable and output variable in the above formula corresponding variable in each grouping is:
Group I:Group II:
Group III:Group IV:
In above-mentioned grouping, output variableCorresponding variable is different from common round transformation in each grouping, and input becomes AmountWithCorresponding variable is identical as common round transformation in each grouping.By the inverse S boxes operation in last round transformation It is mapped in compositum, then last round transformation grouping formula is:
Merging and synthesis operation of the round transformation multiplex circuit proposed by constant matrices are invented, it will be in AES decipherment algorithms All linear transformation operations be combined into two composite matrix, composite matrixWith composite matrixCipher telegram is solved so as to shorten AES The critical path on road reduces AES decryption circuits and realizes area.
Fig. 3 is that multiplexing round transformation electrical block diagram provided in an embodiment of the present invention is only illustrated in for convenience of description The part that the embodiment of the present invention is first closed.
The multiplexing round transformation circuit decrypts operation for realizing the AES of 4 bytes, including:
Composite matrix multiplying unit 1, constant add arithmetic element, compositum inverse of multiplication unit, selector S1, close At matrix multiplication operation unit 2 and selector S2;
The input terminal of composite matrix multiplying unit 1 is connect with feedback data input port, and output end adds fortune with constant The input terminal connection of unit is calculated, constant adds the output end of arithmetic element to be connect with the input terminal of compositum inverse of multiplication unit, The output end of compositum inverse of multiplication unit is connect with an input terminal of selector S1, another input terminal of selector S1 with it is close The connection of literary data-in port, the output end and key input mouth of selector S1 with composite matrix multiplying unit 2 Input terminal connects, and two output ends of composite matrix multiplying unit 2 are connect with two input terminals of selector S2 respectively, third A output end is connect with clear data output port.
Composite matrix multiplying unit 1, by composite matrixWith column vectorCarry out multiplication Operation,It is the column vector inputted from feedback data input terminal, the expression formula of composite matrix is specific as follows shown:
Wherein, composite matrixBy four constant matricesIt is composed, constant matricesFor constant matrices δ and constant square The product of battle array τ ', i.e.,Constant matrices δ is mapping matrix, and effect is by GF (28) element on domain be mapped to it is compound On domain.Constant matrices τ ' is the constant matrices specified by inverse Affine arithmetic in inverse S boxes operation.Composite matrix multiplying unit 1 It can be expressed as with specific formula:
Operation resultIt is further output to constant and adds arithmetic element.
Constant adds arithmetic element, will be vectorialWith constant vector ΩλSum operation, constant vector Ωλ By four constant ωλIt is composed, i.e. Ωλ=[ωλλλλ]T, wherein constant ωλFor constant matrices δ, constant matrices The product of τ ' and constant ω, i.e. ωλ=δ × τ ' × ω, constant ω are that the byte in inverse S boxes operation specified by inverse Affine arithmetic is normal Number.Constant adds the form that embodies of arithmetic element to be:
Operation resultIt is further output in compositum inverse of multiplication unit.
Compositum inverse of multiplication unit, will be vectorialIn each byte carry out compositum multiplication Inverse operation, compositum here be arbitrarily with GF (28) domain isomorphism compositum.The specific table of compositum inverse of multiplication unit It is up to form:
Operation resultFurther it is output to composite matrix multiplying unit 2.
Selector S1, when carrying out first run transformation, according to selection signal s1=0, selection will be inputted from ciphertext input port DataIt is output to composite matrix multiplying unit 2, when carrying out common round transformation and last round transformation, According to selection signal s1=1, it selects compositum inverse of multiplication resultIt is output to composite matrix multiplication Arithmetic element 2, output signal areThe form that embodies of alternative selector 2 is:
Composite matrix multiplying unit 2, by data vectorWith key vector It is combined into a column vectorKey vectorWith ciphering process In key vector KvIt is identical, by composite matrixWith column vectorCarry out multiplying, composite matrixExpression formula it is specific As follows:
Wherein, composite matrixBy constant matricesδ ' is combined It forms, constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesRespectively GF (28) multiplying constant × { 01 } on domain16、×{09}16、×{0b}16、×{0d}16、× {0e}16Matrix form;Constant matrices δ ' is mapping matrix, and effect is that the element on compositum is mapped to GF (28) domain On.Composite matrix multiplying unit 2 can be expressed as with specific formula:
The vector that the first row of operation result is formed to fourth lineWith fifth line to row The vector of compositionIt is respectively outputted to selector S2, operation result the 9th row to the 12nd row forms VectorIt is exported from plaintext output port.
Selector S2, when carrying out first run transformation, according to selection signal s2=1, selection will be vectorial Feedback data input port is fed back to, when carrying out common round transformation, according to selection signal s2=1, selection will be vectorialFeedback data output port is fed back to, output signal is Alternative The form that embodies of selector 2 is:
Merging and synthesis operation of the round transformation multiplex circuit proposed by the present invention by constant matrices, by AES decipherment algorithms In all linear transformation operations be combined into two composite matrix, composite matrixWith composite matrixIt is decrypted so as to shorten AES The critical path of circuit, while reducing AES decryption circuits and realizing area, research shows that circuit scale is bigger, circuit efficiency is higher, Therefore the present invention is merged by matrix is combined into large-scale linear operation with synthesis by several small-scale linear operation units, has Conducive to the raising of circuit optimization efficiency, reduces AES decryption circuits and realize area;And by being multiplexed composite matrix multiplying unit 1, compositum inverse of multiplication unit, composite matrix multiplying unit 2 and constant add arithmetic element build the first run transformation/it is general Logical round transformation/end round transformation multiplex circuit, saves a large amount of circuit resources.
Serial structure and loop structure are two kinds of basic structures that AES decryption circuits are realized, based on the round transformation proposed The AES that multiplex circuit constitutes serial structure using parallel processing manner decrypts circuit, either using time-sharing multiplex processing mode Time-sharing multiplex decrypts circuit with the mode that parallel processing is combined to constitute the AES of loop structure.
Fig. 4 is that the structural schematic diagram for the AES decryption circuits that the embodiment of the present invention one provides only is shown for convenience of description In the relevant part of the embodiment of the present invention.
The AES decrypts circuit:
The data bit width of one multiplexing round transformation circuit, register 1 and register 2, register 1 and register 2 is 16 words Section, the feedback data output port of round transformation multiplex circuit connect with the input terminal of register 1, the output end of register 1 with post The input terminal of storage 2 connects, and the output end of register 2 is connect with the feedback data input terminal of round transformation multiplex circuit;
The decryption method for the AES decryption circuits that embodiment one provides includes the following steps:
S1, preceding 4 operations constitute first run transformation, and first run transformation refers to the ciphertext data from four groups of nybbles respectively from ciphertext Data-in port inputs round transformation multiplex circuit, and selector S2 is by the first row of round transformation multiplex circuit operation result to the 4th The vector of row compositionOutput is to register 1, after being stored with the data of 16 bytes in register 1, by the data transmission of storage Into register 2;
S2, the 5~4N for being multiplexed round transformation circuitrSecondary operation constitutes (Nr- 1) general wheel leads to round transformation, and register 2 is defeated every time Go out the data of 4 bytes to the feedback data input terminal of round transformation multiplex circuit, the operation through round transformation multiplex circuit, selector S2 The vector that the fifth line of operation result is formed to the 8th row vectorOutput is to register 1, and round transformation multiplex circuit is per operation After four times, the data transmission of storage to register 2 is carried out next round ordinary wheel transform operation, carries out (N altogether by register 1r-1) Take turns ordinary wheel transform operation;
The S3, (4N for being multiplexed round transformation circuitr+ 1)~4 (Nr+ 1) secondary operation constitutes last round transformation, and register 2 is defeated every time Go out the data of 4 bytes to the feedback data input terminal of round transformation multiplex circuit, the operation through round transformation multiplex circuit takes (4Nr + 1)~4 (Nr+ 1) the secondary data exported from clear data port are as in plain text.
Fig. 5 is that the structural schematic diagram of AES provided by Embodiment 2 of the present invention decryption circuits is only shown for convenience of description In the relevant part of the embodiment of the present invention.
The AES decrypts circuit:
The data bit width of two multiplexing round transformation circuits, register 1 and register 2, register 1 and register 2 is 16 words Section, the feedback data output port of two round transformation multiplex circuits are connect with the input terminal of register 1, the output end of register 1 It is connect with the input terminal of register 2, the feedback data input terminal of the output end of register 2 and two round transformation multiplex circuits connects It connects.
The decryption method for the AES decryption circuits that embodiment two provides includes the following steps:
S1, preceding 2 operations constitute first run transformation, and first run transformation refers to that the ciphertext data of nybble are defeated from ciphertext data respectively Inbound port inputs two round transformation multiplex circuits, and selector S2 is by the first row of round transformation multiplex circuit operation result to fourth line The vector of compositionOutput is to register 1, after being stored with the data of 16 bytes in register 1, extremely by the data transmission of storage In register 2;
S2, the 3~2N for being multiplexed round transformation circuitrSecondary operation constitutes (Nr- 1) general wheel leads to round transformation, and register 2 is defeated every time The data for going out two group of 4 byte are transmitted separately to the feedback data input terminal of two round transformation multiplex circuits, and electricity is multiplexed through round transformation The operation on road, the vector that selector S2 forms the fifth line of operation result to the 8th row vectorOutput is taken turns to register 1 After multiplex circuit is converted per operation twice, the data transmission of storage to register 2 is carried out next round ordinary wheel change by register 1 Operation is changed, carries out (N altogetherr- 1) ordinary wheel transform operation is taken turns;
The S3, (2N for being multiplexed round transformation circuitr+ 1)~2 (Nr+ 1) secondary operation constitutes last round transformation, and register 2 is defeated every time The data for going out two group of 4 byte are transmitted separately to the feedback data input terminal of two round transformation multiplex circuits, and electricity is multiplexed through round transformation The operation on road, takes (2Nr+ 1)~2 (Nr+ 1) the secondary data exported from clear data port are as in plain text.
Fig. 6 is that the structural schematic diagram for the AES decryption circuits that the embodiment of the present invention three provides only is shown for convenience of description In the relevant part of the embodiment of the present invention.
The AES decrypts circuit:
The data bit width of four multiplexing round transformation circuits and register, register is 16 bytes, four round transformation multiplexing electricity The input terminal of the feedback data output port on road and register connects, the output end of register and four round transformation multiplex circuits Feedback data input terminal connects.
The decryption method for the AES decryption circuits that embodiment three provides includes the following steps:
S1, first time operation constitute first run transformation, and first run transformation refers to the ciphertext data of four groups of nybbles respectively from ciphertext Data-in port input four round transformation multiplex circuits, selector S2 by the first row of round transformation multiplex circuit operation result extremely The vector of fourth line compositionIt exports to register;
S2, the 2~N for being multiplexed round transformation circuitrSecondary operation constitutes (Nr- 1) general wheel leads to round transformation, and register exports every time The data of four group of 4 byte are transmitted separately to the feedback data input terminal of four round transformation multiplex circuits, through round transformation multiplex circuit Operation, the vector that selector S2 forms the fifth line of operation result to the 8th row vectorOutput carries out down to register One wheel ordinary wheel transform operation, carries out (N altogetherr- 1) ordinary wheel transform operation is taken turns;
The S3, (N for being multiplexed round transformation circuitr+ 1) secondary operation constitutes last round transformation, and register exports four group of 4 byte every time Data, be transmitted separately to the feedback data input terminal of four round transformation multiplex circuits, the operation through round transformation multiplex circuit takes (Nr+ 1) the secondary data exported from clear data port are as in plain text.
For the AES of serial structure decryption circuits, circuit area subtracts the AES decryption circuits of loop structure significantly It is small, therefore suitable for the data processing circuit that area is limited;But the AES decryption circuits of serial structure can using pipelining To greatly improve processing of circuit speed, suitable for high-speed data processing circuit, therefore ordinary wheel can be designed according to actual demand The structure of translation circuit;
AES decryption circuit proposed by the present invention is constituted based on round transformation multiplex circuit, and round transformation multiplex circuit passes through All linear transformation operations in AES decipherment algorithms are combined into two composite matrix by the merging of constant matrices and synthesis operation, Composite matrixWith composite matrixThe critical path of circuit is decrypted so as to shorten AES, is reduced AES decryption circuits and is realized area, Research shows that circuit scale is bigger, circuit efficiency is higher, therefore the present invention is merged by matrix and synthesized several small-scale lines Property arithmetic element be combined into large-scale linear operation, be conducive to the raising of circuit optimization efficiency, reduce circuit and realize area;
And by being multiplexed composite matrix multiplying unit 1, compositum inverse of multiplication unit, composite matrix multiplying Unit 2 and constant add arithmetic element to build first run transformation/common round transformation/end round transformation multiplex circuit, save a large amount of circuits Resource.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art Member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications also should be regarded as Protection scope of the present invention.

Claims (4)

1. a kind of round transformation multiplex circuit, which is characterized in that the round transformation multiplex circuit includes:
Composite matrix multiplying unit 1, constant add arithmetic element, compositum inverse of multiplication unit, selector S1, synthesis square Battle array multiplying unit 2 and selector S2, wherein the input terminal of composite matrix multiplying unit 1 and feedback data input terminal Mouth connection, output end add the input terminal of arithmetic element to connect with constant, and constant adds the output end and compositum multiplication of arithmetic element The input terminal of inverse operation unit connects, and the output end of compositum inverse of multiplication unit is connect with an input terminal of selector S1, Another input terminal of selector S1 is connect with ciphertext data-in port, the output end and key input mouth of selector S1 with The input terminal of composite matrix multiplying unit 2 connects, two output ends of composite matrix multiplying unit 2 respectively with selector Two input terminals of S2 connect, and third output end is connect with clear data output port;
Composite matrix multiplying unit 1, by composite matrixWith the column vector inputted from feedback data input terminalMultiplying is carried out, by operation resultIt is output to constant and adds operation list The expression formula of member, composite matrix is specific as follows shown:
Constant adds arithmetic element, will be vectorialWith constant vector, that is, Ωλ=[ωλλλλ]TIt is added Operation, by operation resultIt is output in compositum inverse of multiplication unit;
Compositum inverse of multiplication unit, will be vectorialIn each byte carry out the inverse fortune of compositum multiplication It calculates, by operation resultIt is output to composite matrix multiplying unit 2;
When carrying out first run transformation, selector S1 selects the data that will be inputted from ciphertext input portOutput To composite matrix multiplying unit 2, when carrying out common round transformation and last round transformation, selector S1 is selected compositum multiplication Inverse operation resultIt is output to composite matrix multiplying unit 2;
Composite matrix multiplying unit 2, the data vector that selector S1 is exportedWith key vectorIt is combined into a column vectorKey vectorWith add Key vector K during closevIt is identical, by composite matrixWith column vectorCarry out multiplying, composite matrixExpression Shown in formula is specific as follows:
The vector that the first row of operation result to fourth line is formedIt is formed to row with fifth line VectorBe respectively outputted to selector S2, operation result the 9th row to the 12nd row form to AmountIt is exported from plaintext output port;
When carrying out first run transformation, selector S2 selections will be vectorialFeed back to feedback data input terminal Mouthful, when carrying out common round transformation, selector S2 selections will be vectorialIt is defeated to feed back to feedback data Exit port.
2. a kind of AES based on round transformation multiplex circuit as described in claim 1 decrypts circuit, which is characterized in that the AES solutions Cipher telegram road includes:
One multiplexing round transformation circuit, register 1 and register 2, the feedback data output port of round transformation multiplex circuit with post The input terminal of storage 1 connects, and the output end of register 1 is connect with the input terminal of register 2, and output end and the wheel of register 2 become Change the feedback data input terminal connection of multiplex circuit;
The data bit width of register 1 and register 2 is 16 bytes.
3. a kind of AES based on round transformation multiplex circuit as described in claim 1 decrypts circuit, which is characterized in that the AES solutions Cipher telegram road includes:
Two multiplexing round transformation circuits, register 1 and register 2, the feedback data output port of two round transformation multiplex circuits Connect with the input terminal of register 1, the output end of register 1 is connect with the input terminal of register 2, the output end of register 2 with The feedback data input terminal connection of two round transformation multiplex circuits;
The data bit width of register 1 and register 2 is 16 bytes.
4. a kind of AES based on round transformation multiplex circuit as described in claim 1 decrypts circuit, which is characterized in that the AES solutions Cipher telegram road includes:
Four multiplexing round transformation circuits and register, the feedback data output ports of four round transformation multiplex circuits and register Input terminal connects, and the output end of register is connect with the feedback data input terminal of four round transformation multiplex circuits;
The data bit width of register is 16 bytes.
CN201810597055.3A 2018-06-11 2018-06-11 Round conversion multiplexing circuit and AES decryption circuit Active CN108809627B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810597055.3A CN108809627B (en) 2018-06-11 2018-06-11 Round conversion multiplexing circuit and AES decryption circuit

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810597055.3A CN108809627B (en) 2018-06-11 2018-06-11 Round conversion multiplexing circuit and AES decryption circuit

Publications (2)

Publication Number Publication Date
CN108809627A true CN108809627A (en) 2018-11-13
CN108809627B CN108809627B (en) 2021-03-05

Family

ID=64089039

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810597055.3A Active CN108809627B (en) 2018-06-11 2018-06-11 Round conversion multiplexing circuit and AES decryption circuit

Country Status (1)

Country Link
CN (1) CN108809627B (en)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639408A (en) * 2019-01-25 2019-04-16 芜湖职业技术学院 A kind of AES decryption multiplexing round transformation circuit structure
CN109660333A (en) * 2019-01-25 2019-04-19 芜湖职业技术学院 AES decryption multiplexing round transformation arithmetic element structure

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102780557A (en) * 2012-07-10 2012-11-14 记忆科技(深圳)有限公司 Method and device for AES (advanced encryption standard) encryption/decryption with selection gate optimization
CN103516512A (en) * 2013-10-21 2014-01-15 深圳市芯通信息科技有限公司 Encryption and decryption method and encryption and decryption device based on AES (advanced encryption standard) algorithm
CN106921487A (en) * 2017-03-01 2017-07-04 芜湖职业技术学院 Reconfigurable S-box circuit structure
CN106992852A (en) * 2017-05-08 2017-07-28 芜湖职业技术学院 Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms
CN107181586A (en) * 2017-05-22 2017-09-19 芜湖职业技术学院 reconfigurable S-box circuit structure
CN206585573U (en) * 2017-03-01 2017-10-24 芜湖职业技术学院 reconfigurable S-box circuit structure

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102780557A (en) * 2012-07-10 2012-11-14 记忆科技(深圳)有限公司 Method and device for AES (advanced encryption standard) encryption/decryption with selection gate optimization
CN103516512A (en) * 2013-10-21 2014-01-15 深圳市芯通信息科技有限公司 Encryption and decryption method and encryption and decryption device based on AES (advanced encryption standard) algorithm
CN106921487A (en) * 2017-03-01 2017-07-04 芜湖职业技术学院 Reconfigurable S-box circuit structure
CN206585573U (en) * 2017-03-01 2017-10-24 芜湖职业技术学院 reconfigurable S-box circuit structure
CN106992852A (en) * 2017-05-08 2017-07-28 芜湖职业技术学院 Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms
CN107181586A (en) * 2017-05-22 2017-09-19 芜湖职业技术学院 reconfigurable S-box circuit structure

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
YAOPING LIU等: "A Compact Implementation of AES S-Box Using Evolutionary Algorithm", 《IEEE》 *
张肖强: "基于复合域运算的AES密码电路优化设计方法研究", 《中国博士学位论文全文数据库(信息科技辑)》 *

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109639408A (en) * 2019-01-25 2019-04-16 芜湖职业技术学院 A kind of AES decryption multiplexing round transformation circuit structure
CN109660333A (en) * 2019-01-25 2019-04-19 芜湖职业技术学院 AES decryption multiplexing round transformation arithmetic element structure

Also Published As

Publication number Publication date
CN108809627B (en) 2021-03-05

Similar Documents

Publication Publication Date Title
CN1921382B (en) Encrypting-decrypting method based on AES algorithm and encrypting-decrypting device
CN106921487A (en) Reconfigurable S-box circuit structure
CN104639314A (en) Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method
CN109033892A (en) Round transformation multiplex circuit and AES based on composite matrix decrypt circuit
CN104852798B (en) A kind of data encrypting and deciphering system and method
CN207184503U (en) reconfigurable S-box circuit structure
CN106992852A (en) Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms
CN109150495A (en) A kind of round transformation multiplex circuit and its AES decrypt circuit
CN107181586A (en) reconfigurable S-box circuit structure
CN108933652A (en) A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit
CN108809627A (en) Round transformation multiplex circuit and AES decrypt circuit
CN109039583A (en) It is multiplexed round transformation circuit, AES encryption circuit and encryption method
CN106982116A (en) A kind of local file encryption method of the AES based on reversible logic circuits
CN206585573U (en) reconfigurable S-box circuit structure
CN109150497A (en) A kind of XTS-SM4 encrypted circuit of high-performance small area
CN109033847A (en) AES encryption arithmetic element, AES encryption circuit and its encryption method
CN109033893A (en) AES encryption unit, AES encryption circuit and its encryption method based on composite matrix
CN108566271A (en) It is multiplexed round transformation circuit, AES encryption circuit and its encryption method
CN207010694U (en) Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms
CN109639408A (en) A kind of AES decryption multiplexing round transformation circuit structure
CN108964875B (en) Ordinary round conversion arithmetic unit, ordinary round conversion circuit and AES decryption circuit
CN109033023A (en) A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit
CN108989018B (en) AES encryption unit, AES encryption circuit and encryption method
CN109660333A (en) AES decryption multiplexing round transformation arithmetic element structure
CN109936440A (en) AES decrypts multiplexing round transformation arithmetic element structure and construction method in circuit

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant