CN108809627A - Round transformation multiplex circuit and AES decrypt circuit - Google Patents
Round transformation multiplex circuit and AES decrypt circuit Download PDFInfo
- Publication number
- CN108809627A CN108809627A CN201810597055.3A CN201810597055A CN108809627A CN 108809627 A CN108809627 A CN 108809627A CN 201810597055 A CN201810597055 A CN 201810597055A CN 108809627 A CN108809627 A CN 108809627A
- Authority
- CN
- China
- Prior art keywords
- register
- round transformation
- input terminal
- circuit
- composite matrix
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/122—Hardware reduction or efficient architectures
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/125—Parallelization or pipelining, e.g. for accelerating processing of cryptographic operations
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to cryptochannel technical fields, provide a kind of round transformation multiplex circuit and AES encryption circuit, merging and synthesis operation of the round transformation multiplex circuit provided by the invention by constant matrices, all linear transformation operations in AES decipherment algorithms are combined into two composite matrix, composite matrixWith composite matrixThe critical path of circuit is decrypted so as to shorten AES, while being reduced AES decryption circuits and being realized area.
Description
Technical field
The present invention relates to cryptochannel technical fields more particularly to a kind of round transformation multiplex circuit and AES to decrypt circuit.
Background technology
AES (Advanced Encryption Standard, Advanced Encryption Standard) is by American National Standard and technology
A new generation's grouping symmetric cryptographic algorithm that research institute formulates for 2001, for replacing original DES (Data Encryption
Standard, data encryption standards).Currently, AES cryptographic algorithms are used by multiple International Standards Organization, it is to make at present
With widest block cipher.
The data packet length of AES cryptographic algorithms is 128 bits, and key length has three kinds of 128,192 and 256 bit, point
Also known as it is AES-128, AES-192, AES-256.Aes algorithm is an iterative algorithm, each iteration is properly termed as round transformation,
Key length is different, and round transformation quantity is also different, AES-128, AES-192, the round transformation quantity N of AES-256rRespectively 10,
12,14.AES encryption flow is as shown in Fig. 1, carries out first run transformation, N successivelyrThe common round transformation of -1 wheel and last round transformation, the first run
Transformation carries out key and adds operation and byte replacement operation successively;Common round transformation is in order into every trade displacement, row mixing and key
Add and byte replaces four operations;First run transformation adds operation into every trade displacement and key in order.AES decrypts flow
An opposite process of process, as shown in Fig. 2, and carrying out first run transformation, N successivelyrThe common round transformation of -1 wheel and last round transformation,
The first run is transformed in encryption flow the inverse operation of last round transformation, carries out key successively and adds and Retrograde transposition operation, common round transformation
Add, against row mixing, Retrograde transposition operation for the inverse operation of common round transformation in encryption flow, including the replacement of inverse byte, key, it is last
Wheel variation is the inverse operation that the first run converts in encryption flow, and the inverse byte of progress is replaced successively and key adds operation, wherein inverse row mix
It closes, Retrograde transposition and inverse byte replace the inverse operation that mixing, row displacement and byte replacement are arranged in respectively encryption flow.
Each operation in isolated operation decrypting process successively, not only wastes circuit resource, and critical path is longer, therefore,
Adjacent several arithmetic elements an arithmetic element is merged by composite matrix to realize.T boxes are achieved in that at present
Round transformation circuit most common arithmetic element merging realization method in realizing, T boxes, which are realized, is moved S boxes, row by precomputation mode
The operation result of the operations such as position and row mixing, which prestores one, to be stored in arithmetic element, realizes S boxes, row displacement in a look-up table
Union operation function is mixed with row.T boxes realize the critical path for reducing entire ordinary wheel translation circuit, therefore T boxes realization side
Formula is mainly used in high speed AES circuit designs, although T boxes realization method can accelerate data processing speed, also increases
Circuit area is added, as Rach et al. will be based on afterbody GF (2 in compositum S boxes/inverse S boxes4) multiplier, mapping matrix/
Inverse mapping operation, affine/inverse Affine arithmetic, row mixing/inverse row hybrid operation and key add five operations such as operation to be merged into one
A arithmetic element, union operation unit shortens critical path, but also considerably increases circuit area simultaneously, existing based on conjunction
The round transformation circuit of union is all that critical path depth is optimized as cost using increasing circuit area.
Invention content
The embodiment of the present invention provides a kind of AES decryption circuit, it is intended to the existing round transformation circuit based on union operation is solved,
Be to increase circuit area it is cost come the problem of being optimized to critical path depth.
The invention is realized in this way a kind of round transformation multiplex circuit, the round transformation multiplex circuit include:
Composite matrix multiplying unit 1, constant add arithmetic element, compositum inverse of multiplication unit, selector S1, close
At matrix multiplication operation unit 2 and selector S2, wherein the input terminal and feedback data of composite matrix multiplying unit 1 are defeated
Inbound port connects, and output end adds the input terminal of arithmetic element to connect with constant, and constant adds the output end and compositum of arithmetic element
The input terminal of inverse of multiplication unit connects, and the output end of compositum inverse of multiplication unit connects with an input terminal of selector S1
It connects, another input terminal of selector S1 is connect with ciphertext data-in port, the output end and key input mouth of selector S1
Connect with the input terminal of composite matrix multiplying unit 2, two output ends of composite matrix multiplying unit 2 respectively with choosing
Two input terminals connection of device S2 is selected, third output end is connect with clear data output port;
Composite matrix multiplying unit 1, by composite matrixWith the column vector inputted from feedback data input terminalMultiplying is carried out, by operation resultIt is output to constant and adds operation list
The expression formula of member, composite matrix is specific as follows shown:
Constant adds arithmetic element, will be vectorialWith constant vector, that is, Ωλ=[ωλ,ωλ,ωλ,ωλ]T
Sum operation, by operation resultIt is output in compositum inverse of multiplication unit;
Compositum inverse of multiplication unit, will be vectorialIn each byte carry out compositum multiplication
Inverse operation, by operation resultIt is output to composite matrix multiplying unit 2;
When carrying out first run transformation, selector S1 selects the data that will be inputted from ciphertext input port
It is output to composite matrix multiplying unit 2, when carrying out common round transformation and last round transformation, selector S1 is selected compositum
Inverse of multiplication resultIt is output to composite matrix multiplying unit 2;
Composite matrix multiplying unit 2, the data vector that selector S1 is exportedWith it is close
Key vectorIt is combined into a column vectorKey vectorWith the key vector K in ciphering processvIt is identical, by composite matrixWith column vectorCarry out multiplying, composite matrix
Expression formula it is specific as follows shown in:
The vector that the first row of operation result to fourth line is formedWith fifth line to handle
The vector of row compositionIt is respectively outputted to selector S2, operation result the 9th row to the 12nd row group
At vectorIt is exported from plaintext output port;
When carrying out first run transformation, selector S2 selections will be vectorialIt is defeated to feed back to feedback data
Inbound port, when carrying out common round transformation, selector S2 selections will be vectorialFeed back to feedback coefficient
According to output port.
The invention is realized in this way a kind of AES based on round transformation multiplex circuit decrypts circuit, AES decrypts circuit packet
It includes:
One multiplexing round transformation circuit, register 1 and register 2, the feedback data output port of round transformation multiplex circuit
Connect with the input terminal of register 1, the output end of register 1 is connect with the input terminal of register 2, the output end of register 2 with
The feedback data input terminal of round transformation multiplex circuit connects;
The data bit width of register 1 and register 2 is 16 bytes.
The invention is realized in this way a kind of AES based on round transformation multiplex circuit decrypts circuit, AES decrypts circuit packet
It includes:
Two multiplexing round transformation circuits, register 1 and register 2, the feedback data output of two round transformation multiplex circuits
Port is connect with the input terminal of register 1, and the output end of register 1 is connect with the input terminal of register 2, the output of register 2
End is connect with the feedback data input terminal of two round transformation multiplex circuits;
The data bit width of register 1 and register 2 is 16 bytes.
The invention is realized in this way a kind of AES based on round transformation multiplex circuit decrypts circuit, AES decrypts circuit packet
It includes:
Four multiplexing round transformation circuits and register, feedback data output port and the deposit of four round transformation multiplex circuits
The input terminal of device connects, and the output end of register is connect with the feedback data input terminal of four round transformation multiplex circuits;
The data bit width of register is 16 bytes.
Merging and synthesis operation of the round transformation multiplex circuit proposed by the present invention by constant matrices, by AES decipherment algorithms
In all linear transformation operations be combined into two composite matrix, composite matrixWith composite matrixIt is decrypted so as to shorten AES
The critical path of circuit, while reducing AES decryption circuits and realizing area, research shows that circuit scale is bigger, circuit efficiency is higher,
Therefore the present invention is merged by matrix is combined into large-scale linear operation with synthesis by several small-scale linear operation units, has
Conducive to the raising of circuit optimization efficiency, reduces AES decryption circuits and realize area.
Description of the drawings
Fig. 1 is standard AES encryption flow chart provided in an embodiment of the present invention;
Fig. 2 is that standard AES provided in an embodiment of the present invention decrypts flow chart;
Fig. 3 is the round transformation multiplex circuit structural schematic diagram provided in an embodiment of the present invention for AES decryption;
Fig. 4 is that the AES that the embodiment of the present invention one provides decrypts electrical block diagram;
Fig. 5 is that AES provided by Embodiment 2 of the present invention decrypts electrical block diagram;
Fig. 6 is that the AES that the embodiment of the present invention three provides decrypts electrical block diagram.
Specific implementation mode
In order to make the purpose , technical scheme and advantage of the present invention be clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
Existing arithmetic element generally includes:Inverse byte replacement operation unit, Retrograde transposition arithmetic element, inverse row mixing fortune
It calculates unit and key adds arithmetic element, the operational formula of above-mentioned arithmetic element specific as follows:
AES round transformations are that progress map function, decipherment algorithm regard 128 bit packet datas of input in the matrix form
Element for 4 × 4 byte matrixes, each matrix is 1 byte.It is 4 × 4 words that the intermediate result of round transformation, which is referred to as state matrix,
Save matrix.Assuming that the state matrix of common round transformation input is:
Each operation in AES decrypting processes is described in detail as follows:
1. against byte replacement operation unit
Inverse byte replacement operation unit carries out inverse byte replacement operation, and inverse byte replacement operation is the inverse fortune that byte is replaced
It calculates, also referred to as against S box operations.Inverse S boxes operation is equally that each byte in state matrix is inverse according to byte substitution table progress
Replacement operation.Assuming that the state matrix after inverse S boxes operation is:
Then it can be expressed as against S box operations:
WhereinFor inverse S boxes operation function.Inverse S box operations are unique non-linear fortune in four operations of common round transformation
Calculation and the highest operation of computational complexity, therefore inverse S box computing circuits occupy the overwhelming majority of entire AES decryption circuit
Circuit area and power consumption.
In inverse S boxes operation, input byte carries out an inverse Affine arithmetic first, and inverse Affine arithmetic is that encryption S boxes are affine
Then the inverse operation of operation carries out a finite field gf (28) domain comultiplication inverse operation, expression formula is:
Wherein x is input byte, and ω is byte constant, and τ ' is 8 × 8bit constant matrices, is constant matrices τ in encryption S boxes
Inverse matrix, τ ' and ω are for completing inverse Affine arithmetic, ()A -1For GF (28) inverse of multiplication on domain.It is according to the present invention
GF(28) domain is GF (2 specified in AES cryptographic algorithms8) domain, irreducible function is
F (x)=x8+x4+x3+x+1
In numerous S boxes realization methods, the S boxes based on compositum are realized with minimum circuit area.Compositum S boxes are logical
Mathematic(al) manipulation is crossed by major calculations unit-GF (2 in S boxes8) domain inverse of multiplication unit is mapped in compositum and realizes.It is multiple
GF (2 will be far smaller than by closing the computation complexity of domain inverse of multiplication8) the inverse computation complexity of domain multiplication, thus can subtract significantly
The hardware complexity that few S box circuits are realized.
Inverse S boxes operation expression based on compositum is:
Wherein ()C -1For the inverse of multiplication on compositum, compositum be arbitrarily with GF (28) domain isomorphism compositum, δ is
8 × 8bit mapping matrixes, effect is will to input byte x from GF (28) for domain mapping to compositum, δ ' is δ inverse matrixs, effect
It is that compositum inverse of multiplication result is mapped back into GF (2 from compositum8) domain.
In finite field, add operation is position XOR logic operation.According to Therefore, constant adds operation+ω in hardware realization, adds 0 operation that can directly dispense, and add-one operation can be used
Two methods replace XOR logic operation:1. the XOR logic of any two variable uses same or logic to replace;2. any two
The use XOR logic of variable+negate logic realization.Since the circuit area and delay of same or logic gate and exclusive or logic gate are several
It is identical, while can ignore compared to exclusive or logic gate, the circuit area of reverse logic door and delay, it is therefore, hard in inverse S boxes
When part is realized, constant adds operation+ω circuit areas and delay can be ignored.
2. key adds arithmetic element
Key adds arithmetic element progress key to add operation, key that operation is added to add operation identical with the key in encryption flow.
Assuming that the state matrix after key adds operation is:
Key adds the operation expression to be:
Wherein matrixIt for sub-key matrix, is generated by key schedule, sub-key matrix uses sequence and encryption
Flow neutron cipher key matrix uses sequence opposite.
3. against row hybrid operation unit
Inverse row hybrid operation unit carries out inverse row hybrid operation, and inverse row hybrid operation is the mixed inverse operation of row, equally may be used
To be considered as each in state matrix arrange with a constant multinomial in ringOn product.Assuming that after inverse row hybrid operation
State matrix is:
The expression formula of inverse row hybrid operation is:
Wherein matrixFor row mixed constant matrix, constant matricesInRespectively GF (28)
Multiplying constant × { 09 } on domain16、×{0b}16、×{0d}16、×{0e}16Matrix form, the present invention in { }16Indicate the ten of constant
Senary form.
4. Retrograde transposition arithmetic element
Retrograde transposition arithmetic element carries out Retrograde transposition operation, and Retrograde transposition operation is the inverse operation of row displacement, i.e. state
The first row of matrix does not convert, and second, three, four rows distinguish one byte of right shift, two bytes and three bytes.Assuming that
State matrix after Retrograde transposition operation is:
State matrix after Retrograde transposition can be expressed as:
Retrograde transposition operation need not also consume any logic circuit resource in hardware realization, only need to adjust bus location
?.
5. ordinary wheel transformation for mula
Four arithmetic elements in common round transformation can be implemented separately, and can also merge adjacent several arithmetic elements
It is realized at an arithmetic element.The round transformation circuit that arithmetic element is implemented separately not only wastes circuit resource, and critical path
Diameter is longer.The present invention is according to decryption ordinary wheel transformation for mula, by merging and the synthesis operation of constant matrices, to decrypting ordinary wheel
Linear operation in transformation merges.According to each sub- operational formula in round transformation among the above, it can be deduced that decryption is common
Round transformation formula is:
WhereinFor constant matricesIn row vector,WithThe data matrix respectively inputtedAnd cipher key matrixIn column vector, i.e.,:
By the output variable r with identical input in above-mentioned formulax,yOne group is divided, four groupings can be divided into altogether.This
Four groupings have identical operation operation, and the circuit computing unit having the same in hardware realization.Each grouping output becomes
Amount can be expressed as linear equation form:
Input variable and output variable in the above formula corresponding variable in each grouping is:
Group I:Group II:
Group III:Group IV:
Area is realized in order to reduce circuit, and the present invention is further by the GF (2 in inverse S boxes8) multiplication inverse mapping is to compositum
In, the common round transformation grouping formula after mapping is:
6. first run transformation for mula
According to above-mentioned each sub- operational formula, it can equally show that first run transformation for mula is:
It is grouped according to common round transformation, above-mentioned first run transformation for mula can also be divided into four groupings, first run transformation grouping
Formula is:
Input variable and output variable corresponding variable and ordinary wheel in each grouping in first run transformation grouping formula
It converts identical.
7. last round transformation formula
According to above-mentioned each sub- operational formula, it can equally show that last round transformation formula is:
Last round transformation formula equally can also be divided into four groupings, last round transformation grouping formula is:
Input variable and output variable in the above formula corresponding variable in each grouping is:
Group I:Group II:
Group III:Group IV:
In above-mentioned grouping, output variableCorresponding variable is different from common round transformation in each grouping, and input becomes
AmountWithCorresponding variable is identical as common round transformation in each grouping.By the inverse S boxes operation in last round transformation
It is mapped in compositum, then last round transformation grouping formula is:
Merging and synthesis operation of the round transformation multiplex circuit proposed by constant matrices are invented, it will be in AES decipherment algorithms
All linear transformation operations be combined into two composite matrix, composite matrixWith composite matrixCipher telegram is solved so as to shorten AES
The critical path on road reduces AES decryption circuits and realizes area.
Fig. 3 is that multiplexing round transformation electrical block diagram provided in an embodiment of the present invention is only illustrated in for convenience of description
The part that the embodiment of the present invention is first closed.
The multiplexing round transformation circuit decrypts operation for realizing the AES of 4 bytes, including:
Composite matrix multiplying unit 1, constant add arithmetic element, compositum inverse of multiplication unit, selector S1, close
At matrix multiplication operation unit 2 and selector S2;
The input terminal of composite matrix multiplying unit 1 is connect with feedback data input port, and output end adds fortune with constant
The input terminal connection of unit is calculated, constant adds the output end of arithmetic element to be connect with the input terminal of compositum inverse of multiplication unit,
The output end of compositum inverse of multiplication unit is connect with an input terminal of selector S1, another input terminal of selector S1 with it is close
The connection of literary data-in port, the output end and key input mouth of selector S1 with composite matrix multiplying unit 2
Input terminal connects, and two output ends of composite matrix multiplying unit 2 are connect with two input terminals of selector S2 respectively, third
A output end is connect with clear data output port.
Composite matrix multiplying unit 1, by composite matrixWith column vectorCarry out multiplication
Operation,It is the column vector inputted from feedback data input terminal, the expression formula of composite matrix is specific as follows shown:
Wherein, composite matrixBy four constant matricesIt is composed, constant matricesFor constant matrices δ and constant square
The product of battle array τ ', i.e.,Constant matrices δ is mapping matrix, and effect is by GF (28) element on domain be mapped to it is compound
On domain.Constant matrices τ ' is the constant matrices specified by inverse Affine arithmetic in inverse S boxes operation.Composite matrix multiplying unit 1
It can be expressed as with specific formula:
Operation resultIt is further output to constant and adds arithmetic element.
Constant adds arithmetic element, will be vectorialWith constant vector ΩλSum operation, constant vector Ωλ
By four constant ωλIt is composed, i.e. Ωλ=[ωλ,ωλ,ωλ,ωλ]T, wherein constant ωλFor constant matrices δ, constant matrices
The product of τ ' and constant ω, i.e. ωλ=δ × τ ' × ω, constant ω are that the byte in inverse S boxes operation specified by inverse Affine arithmetic is normal
Number.Constant adds the form that embodies of arithmetic element to be:
Operation resultIt is further output in compositum inverse of multiplication unit.
Compositum inverse of multiplication unit, will be vectorialIn each byte carry out compositum multiplication
Inverse operation, compositum here be arbitrarily with GF (28) domain isomorphism compositum.The specific table of compositum inverse of multiplication unit
It is up to form:
Operation resultFurther it is output to composite matrix multiplying unit 2.
Selector S1, when carrying out first run transformation, according to selection signal s1=0, selection will be inputted from ciphertext input port
DataIt is output to composite matrix multiplying unit 2, when carrying out common round transformation and last round transformation,
According to selection signal s1=1, it selects compositum inverse of multiplication resultIt is output to composite matrix multiplication
Arithmetic element 2, output signal areThe form that embodies of alternative selector 2 is:
Composite matrix multiplying unit 2, by data vectorWith key vector It is combined into a column vectorKey vectorWith ciphering process
In key vector KvIt is identical, by composite matrixWith column vectorCarry out multiplying, composite matrixExpression formula it is specific
As follows:
Wherein, composite matrixBy constant matricesδ ' is combined
It forms, constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesRespectively GF (28) multiplying constant × { 01 } on domain16、×{09}16、×{0b}16、×{0d}16、×
{0e}16Matrix form;Constant matrices δ ' is mapping matrix, and effect is that the element on compositum is mapped to GF (28) domain
On.Composite matrix multiplying unit 2 can be expressed as with specific formula:
The vector that the first row of operation result is formed to fourth lineWith fifth line to row
The vector of compositionIt is respectively outputted to selector S2, operation result the 9th row to the 12nd row forms
VectorIt is exported from plaintext output port.
Selector S2, when carrying out first run transformation, according to selection signal s2=1, selection will be vectorial Feedback data input port is fed back to, when carrying out common round transformation, according to selection signal s2=1, selection will be vectorialFeedback data output port is fed back to, output signal is Alternative
The form that embodies of selector 2 is:
Merging and synthesis operation of the round transformation multiplex circuit proposed by the present invention by constant matrices, by AES decipherment algorithms
In all linear transformation operations be combined into two composite matrix, composite matrixWith composite matrixIt is decrypted so as to shorten AES
The critical path of circuit, while reducing AES decryption circuits and realizing area, research shows that circuit scale is bigger, circuit efficiency is higher,
Therefore the present invention is merged by matrix is combined into large-scale linear operation with synthesis by several small-scale linear operation units, has
Conducive to the raising of circuit optimization efficiency, reduces AES decryption circuits and realize area;And by being multiplexed composite matrix multiplying unit
1, compositum inverse of multiplication unit, composite matrix multiplying unit 2 and constant add arithmetic element build the first run transformation/it is general
Logical round transformation/end round transformation multiplex circuit, saves a large amount of circuit resources.
Serial structure and loop structure are two kinds of basic structures that AES decryption circuits are realized, based on the round transformation proposed
The AES that multiplex circuit constitutes serial structure using parallel processing manner decrypts circuit, either using time-sharing multiplex processing mode
Time-sharing multiplex decrypts circuit with the mode that parallel processing is combined to constitute the AES of loop structure.
Fig. 4 is that the structural schematic diagram for the AES decryption circuits that the embodiment of the present invention one provides only is shown for convenience of description
In the relevant part of the embodiment of the present invention.
The AES decrypts circuit:
The data bit width of one multiplexing round transformation circuit, register 1 and register 2, register 1 and register 2 is 16 words
Section, the feedback data output port of round transformation multiplex circuit connect with the input terminal of register 1, the output end of register 1 with post
The input terminal of storage 2 connects, and the output end of register 2 is connect with the feedback data input terminal of round transformation multiplex circuit;
The decryption method for the AES decryption circuits that embodiment one provides includes the following steps:
S1, preceding 4 operations constitute first run transformation, and first run transformation refers to the ciphertext data from four groups of nybbles respectively from ciphertext
Data-in port inputs round transformation multiplex circuit, and selector S2 is by the first row of round transformation multiplex circuit operation result to the 4th
The vector of row compositionOutput is to register 1, after being stored with the data of 16 bytes in register 1, by the data transmission of storage
Into register 2;
S2, the 5~4N for being multiplexed round transformation circuitrSecondary operation constitutes (Nr- 1) general wheel leads to round transformation, and register 2 is defeated every time
Go out the data of 4 bytes to the feedback data input terminal of round transformation multiplex circuit, the operation through round transformation multiplex circuit, selector S2
The vector that the fifth line of operation result is formed to the 8th row vectorOutput is to register 1, and round transformation multiplex circuit is per operation
After four times, the data transmission of storage to register 2 is carried out next round ordinary wheel transform operation, carries out (N altogether by register 1r-1)
Take turns ordinary wheel transform operation;
The S3, (4N for being multiplexed round transformation circuitr+ 1)~4 (Nr+ 1) secondary operation constitutes last round transformation, and register 2 is defeated every time
Go out the data of 4 bytes to the feedback data input terminal of round transformation multiplex circuit, the operation through round transformation multiplex circuit takes (4Nr
+ 1)~4 (Nr+ 1) the secondary data exported from clear data port are as in plain text.
Fig. 5 is that the structural schematic diagram of AES provided by Embodiment 2 of the present invention decryption circuits is only shown for convenience of description
In the relevant part of the embodiment of the present invention.
The AES decrypts circuit:
The data bit width of two multiplexing round transformation circuits, register 1 and register 2, register 1 and register 2 is 16 words
Section, the feedback data output port of two round transformation multiplex circuits are connect with the input terminal of register 1, the output end of register 1
It is connect with the input terminal of register 2, the feedback data input terminal of the output end of register 2 and two round transformation multiplex circuits connects
It connects.
The decryption method for the AES decryption circuits that embodiment two provides includes the following steps:
S1, preceding 2 operations constitute first run transformation, and first run transformation refers to that the ciphertext data of nybble are defeated from ciphertext data respectively
Inbound port inputs two round transformation multiplex circuits, and selector S2 is by the first row of round transformation multiplex circuit operation result to fourth line
The vector of compositionOutput is to register 1, after being stored with the data of 16 bytes in register 1, extremely by the data transmission of storage
In register 2;
S2, the 3~2N for being multiplexed round transformation circuitrSecondary operation constitutes (Nr- 1) general wheel leads to round transformation, and register 2 is defeated every time
The data for going out two group of 4 byte are transmitted separately to the feedback data input terminal of two round transformation multiplex circuits, and electricity is multiplexed through round transformation
The operation on road, the vector that selector S2 forms the fifth line of operation result to the 8th row vectorOutput is taken turns to register 1
After multiplex circuit is converted per operation twice, the data transmission of storage to register 2 is carried out next round ordinary wheel change by register 1
Operation is changed, carries out (N altogetherr- 1) ordinary wheel transform operation is taken turns;
The S3, (2N for being multiplexed round transformation circuitr+ 1)~2 (Nr+ 1) secondary operation constitutes last round transformation, and register 2 is defeated every time
The data for going out two group of 4 byte are transmitted separately to the feedback data input terminal of two round transformation multiplex circuits, and electricity is multiplexed through round transformation
The operation on road, takes (2Nr+ 1)~2 (Nr+ 1) the secondary data exported from clear data port are as in plain text.
Fig. 6 is that the structural schematic diagram for the AES decryption circuits that the embodiment of the present invention three provides only is shown for convenience of description
In the relevant part of the embodiment of the present invention.
The AES decrypts circuit:
The data bit width of four multiplexing round transformation circuits and register, register is 16 bytes, four round transformation multiplexing electricity
The input terminal of the feedback data output port on road and register connects, the output end of register and four round transformation multiplex circuits
Feedback data input terminal connects.
The decryption method for the AES decryption circuits that embodiment three provides includes the following steps:
S1, first time operation constitute first run transformation, and first run transformation refers to the ciphertext data of four groups of nybbles respectively from ciphertext
Data-in port input four round transformation multiplex circuits, selector S2 by the first row of round transformation multiplex circuit operation result extremely
The vector of fourth line compositionIt exports to register;
S2, the 2~N for being multiplexed round transformation circuitrSecondary operation constitutes (Nr- 1) general wheel leads to round transformation, and register exports every time
The data of four group of 4 byte are transmitted separately to the feedback data input terminal of four round transformation multiplex circuits, through round transformation multiplex circuit
Operation, the vector that selector S2 forms the fifth line of operation result to the 8th row vectorOutput carries out down to register
One wheel ordinary wheel transform operation, carries out (N altogetherr- 1) ordinary wheel transform operation is taken turns;
The S3, (N for being multiplexed round transformation circuitr+ 1) secondary operation constitutes last round transformation, and register exports four group of 4 byte every time
Data, be transmitted separately to the feedback data input terminal of four round transformation multiplex circuits, the operation through round transformation multiplex circuit takes
(Nr+ 1) the secondary data exported from clear data port are as in plain text.
For the AES of serial structure decryption circuits, circuit area subtracts the AES decryption circuits of loop structure significantly
It is small, therefore suitable for the data processing circuit that area is limited;But the AES decryption circuits of serial structure can using pipelining
To greatly improve processing of circuit speed, suitable for high-speed data processing circuit, therefore ordinary wheel can be designed according to actual demand
The structure of translation circuit;
AES decryption circuit proposed by the present invention is constituted based on round transformation multiplex circuit, and round transformation multiplex circuit passes through
All linear transformation operations in AES decipherment algorithms are combined into two composite matrix by the merging of constant matrices and synthesis operation,
Composite matrixWith composite matrixThe critical path of circuit is decrypted so as to shorten AES, is reduced AES decryption circuits and is realized area,
Research shows that circuit scale is bigger, circuit efficiency is higher, therefore the present invention is merged by matrix and synthesized several small-scale lines
Property arithmetic element be combined into large-scale linear operation, be conducive to the raising of circuit optimization efficiency, reduce circuit and realize area;
And by being multiplexed composite matrix multiplying unit 1, compositum inverse of multiplication unit, composite matrix multiplying
Unit 2 and constant add arithmetic element to build first run transformation/common round transformation/end round transformation multiplex circuit, save a large amount of circuits
Resource.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
Member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications also should be regarded as
Protection scope of the present invention.
Claims (4)
1. a kind of round transformation multiplex circuit, which is characterized in that the round transformation multiplex circuit includes:
Composite matrix multiplying unit 1, constant add arithmetic element, compositum inverse of multiplication unit, selector S1, synthesis square
Battle array multiplying unit 2 and selector S2, wherein the input terminal of composite matrix multiplying unit 1 and feedback data input terminal
Mouth connection, output end add the input terminal of arithmetic element to connect with constant, and constant adds the output end and compositum multiplication of arithmetic element
The input terminal of inverse operation unit connects, and the output end of compositum inverse of multiplication unit is connect with an input terminal of selector S1,
Another input terminal of selector S1 is connect with ciphertext data-in port, the output end and key input mouth of selector S1 with
The input terminal of composite matrix multiplying unit 2 connects, two output ends of composite matrix multiplying unit 2 respectively with selector
Two input terminals of S2 connect, and third output end is connect with clear data output port;
Composite matrix multiplying unit 1, by composite matrixWith the column vector inputted from feedback data input terminalMultiplying is carried out, by operation resultIt is output to constant and adds operation list
The expression formula of member, composite matrix is specific as follows shown:
Constant adds arithmetic element, will be vectorialWith constant vector, that is, Ωλ=[ωλ,ωλ,ωλ,ωλ]TIt is added
Operation, by operation resultIt is output in compositum inverse of multiplication unit;
Compositum inverse of multiplication unit, will be vectorialIn each byte carry out the inverse fortune of compositum multiplication
It calculates, by operation resultIt is output to composite matrix multiplying unit 2;
When carrying out first run transformation, selector S1 selects the data that will be inputted from ciphertext input portOutput
To composite matrix multiplying unit 2, when carrying out common round transformation and last round transformation, selector S1 is selected compositum multiplication
Inverse operation resultIt is output to composite matrix multiplying unit 2;
Composite matrix multiplying unit 2, the data vector that selector S1 is exportedWith key vectorIt is combined into a column vectorKey vectorWith add
Key vector K during closevIt is identical, by composite matrixWith column vectorCarry out multiplying, composite matrixExpression
Shown in formula is specific as follows:
The vector that the first row of operation result to fourth line is formedIt is formed to row with fifth line
VectorBe respectively outputted to selector S2, operation result the 9th row to the 12nd row form to
AmountIt is exported from plaintext output port;
When carrying out first run transformation, selector S2 selections will be vectorialFeed back to feedback data input terminal
Mouthful, when carrying out common round transformation, selector S2 selections will be vectorialIt is defeated to feed back to feedback data
Exit port.
2. a kind of AES based on round transformation multiplex circuit as described in claim 1 decrypts circuit, which is characterized in that the AES solutions
Cipher telegram road includes:
One multiplexing round transformation circuit, register 1 and register 2, the feedback data output port of round transformation multiplex circuit with post
The input terminal of storage 1 connects, and the output end of register 1 is connect with the input terminal of register 2, and output end and the wheel of register 2 become
Change the feedback data input terminal connection of multiplex circuit;
The data bit width of register 1 and register 2 is 16 bytes.
3. a kind of AES based on round transformation multiplex circuit as described in claim 1 decrypts circuit, which is characterized in that the AES solutions
Cipher telegram road includes:
Two multiplexing round transformation circuits, register 1 and register 2, the feedback data output port of two round transformation multiplex circuits
Connect with the input terminal of register 1, the output end of register 1 is connect with the input terminal of register 2, the output end of register 2 with
The feedback data input terminal connection of two round transformation multiplex circuits;
The data bit width of register 1 and register 2 is 16 bytes.
4. a kind of AES based on round transformation multiplex circuit as described in claim 1 decrypts circuit, which is characterized in that the AES solutions
Cipher telegram road includes:
Four multiplexing round transformation circuits and register, the feedback data output ports of four round transformation multiplex circuits and register
Input terminal connects, and the output end of register is connect with the feedback data input terminal of four round transformation multiplex circuits;
The data bit width of register is 16 bytes.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810597055.3A CN108809627B (en) | 2018-06-11 | 2018-06-11 | Round conversion multiplexing circuit and AES decryption circuit |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810597055.3A CN108809627B (en) | 2018-06-11 | 2018-06-11 | Round conversion multiplexing circuit and AES decryption circuit |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108809627A true CN108809627A (en) | 2018-11-13 |
CN108809627B CN108809627B (en) | 2021-03-05 |
Family
ID=64089039
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810597055.3A Active CN108809627B (en) | 2018-06-11 | 2018-06-11 | Round conversion multiplexing circuit and AES decryption circuit |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108809627B (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109639408A (en) * | 2019-01-25 | 2019-04-16 | 芜湖职业技术学院 | A kind of AES decryption multiplexing round transformation circuit structure |
CN109660333A (en) * | 2019-01-25 | 2019-04-19 | 芜湖职业技术学院 | AES decryption multiplexing round transformation arithmetic element structure |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102780557A (en) * | 2012-07-10 | 2012-11-14 | 记忆科技(深圳)有限公司 | Method and device for AES (advanced encryption standard) encryption/decryption with selection gate optimization |
CN103516512A (en) * | 2013-10-21 | 2014-01-15 | 深圳市芯通信息科技有限公司 | Encryption and decryption method and encryption and decryption device based on AES (advanced encryption standard) algorithm |
CN106921487A (en) * | 2017-03-01 | 2017-07-04 | 芜湖职业技术学院 | Reconfigurable S-box circuit structure |
CN106992852A (en) * | 2017-05-08 | 2017-07-28 | 芜湖职业技术学院 | Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms |
CN107181586A (en) * | 2017-05-22 | 2017-09-19 | 芜湖职业技术学院 | reconfigurable S-box circuit structure |
CN206585573U (en) * | 2017-03-01 | 2017-10-24 | 芜湖职业技术学院 | reconfigurable S-box circuit structure |
-
2018
- 2018-06-11 CN CN201810597055.3A patent/CN108809627B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102780557A (en) * | 2012-07-10 | 2012-11-14 | 记忆科技(深圳)有限公司 | Method and device for AES (advanced encryption standard) encryption/decryption with selection gate optimization |
CN103516512A (en) * | 2013-10-21 | 2014-01-15 | 深圳市芯通信息科技有限公司 | Encryption and decryption method and encryption and decryption device based on AES (advanced encryption standard) algorithm |
CN106921487A (en) * | 2017-03-01 | 2017-07-04 | 芜湖职业技术学院 | Reconfigurable S-box circuit structure |
CN206585573U (en) * | 2017-03-01 | 2017-10-24 | 芜湖职业技术学院 | reconfigurable S-box circuit structure |
CN106992852A (en) * | 2017-05-08 | 2017-07-28 | 芜湖职业技术学院 | Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms |
CN107181586A (en) * | 2017-05-22 | 2017-09-19 | 芜湖职业技术学院 | reconfigurable S-box circuit structure |
Non-Patent Citations (2)
Title |
---|
YAOPING LIU等: "A Compact Implementation of AES S-Box Using Evolutionary Algorithm", 《IEEE》 * |
张肖强: "基于复合域运算的AES密码电路优化设计方法研究", 《中国博士学位论文全文数据库(信息科技辑)》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN109639408A (en) * | 2019-01-25 | 2019-04-16 | 芜湖职业技术学院 | A kind of AES decryption multiplexing round transformation circuit structure |
CN109660333A (en) * | 2019-01-25 | 2019-04-19 | 芜湖职业技术学院 | AES decryption multiplexing round transformation arithmetic element structure |
Also Published As
Publication number | Publication date |
---|---|
CN108809627B (en) | 2021-03-05 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1921382B (en) | Encrypting-decrypting method based on AES algorithm and encrypting-decrypting device | |
CN106921487A (en) | Reconfigurable S-box circuit structure | |
CN104639314A (en) | Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method | |
CN109033892A (en) | Round transformation multiplex circuit and AES based on composite matrix decrypt circuit | |
CN104852798B (en) | A kind of data encrypting and deciphering system and method | |
CN207184503U (en) | reconfigurable S-box circuit structure | |
CN106992852A (en) | Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms | |
CN109150495A (en) | A kind of round transformation multiplex circuit and its AES decrypt circuit | |
CN107181586A (en) | reconfigurable S-box circuit structure | |
CN108933652A (en) | A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit | |
CN108809627A (en) | Round transformation multiplex circuit and AES decrypt circuit | |
CN109039583A (en) | It is multiplexed round transformation circuit, AES encryption circuit and encryption method | |
CN106982116A (en) | A kind of local file encryption method of the AES based on reversible logic circuits | |
CN206585573U (en) | reconfigurable S-box circuit structure | |
CN109150497A (en) | A kind of XTS-SM4 encrypted circuit of high-performance small area | |
CN109033847A (en) | AES encryption arithmetic element, AES encryption circuit and its encryption method | |
CN109033893A (en) | AES encryption unit, AES encryption circuit and its encryption method based on composite matrix | |
CN108566271A (en) | It is multiplexed round transformation circuit, AES encryption circuit and its encryption method | |
CN207010694U (en) | Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms | |
CN109639408A (en) | A kind of AES decryption multiplexing round transformation circuit structure | |
CN108964875B (en) | Ordinary round conversion arithmetic unit, ordinary round conversion circuit and AES decryption circuit | |
CN109033023A (en) | A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit | |
CN108989018B (en) | AES encryption unit, AES encryption circuit and encryption method | |
CN109660333A (en) | AES decryption multiplexing round transformation arithmetic element structure | |
CN109936440A (en) | AES decrypts multiplexing round transformation arithmetic element structure and construction method in circuit |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |