CN108900307A - FPGA (field programmable Gate array) implementation method for PGP (packet data protocol) key management authentication password recovery algorithm - Google Patents
FPGA (field programmable Gate array) implementation method for PGP (packet data protocol) key management authentication password recovery algorithm Download PDFInfo
- Publication number
- CN108900307A CN108900307A CN201810734669.1A CN201810734669A CN108900307A CN 108900307 A CN108900307 A CN 108900307A CN 201810734669 A CN201810734669 A CN 201810734669A CN 108900307 A CN108900307 A CN 108900307A
- Authority
- CN
- China
- Prior art keywords
- module
- fpga
- authentication password
- control module
- pgp
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3236—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
- H04L9/3239—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0863—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving passwords or one-time passwords
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0894—Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3226—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using a predetermined code, e.g. password, passphrase or PIN
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Abstract
the FPGA implementation method of PGP key management authentication password recovery algorithm, aiming at the encryption combination of Twofish-256 algorithm and S2K algorithm in PGP key management authentication, utilizes a programmable logic circuit part in the FPGA to implement PGP authentication password recovery circuit, and utilizes a processor part in the FPGA to implement the scheduling of the whole password recovery system. P L part is composed of modules of control, authentication password generation, S2K function, counter, symmetric key selection, Twofish-256 decryption, SHA-1 inspection and the like.PS part is a processor module in the FPGA, and the PS part is connected with P L part by an AXI bus inside the FPGA to implement the control and data interaction on the PGP authentication password recovery circuit.
Description
Technical field
The present invention relates to information securities, restore special chip electricity particularly with regard to a kind of high speed password based on FPGA
The key management authentication password recovery system for being directed to PGP encryption software is realized on road using FPGA, is directed to Twofish- based on FPGA
256 with the PGP key management authentication password algorithm of S2K (SHA-1) algorithm combination carry out password recovery special circuit system and
The FPGA implementation method of its PGP key management authentication password recovery algorithms realized.
Background technique
Field programmable gate array (Field-Programmable Gate Array, FPGA) is a kind of electricity of semi-custom
Road chip has Resources on Chip abundant for exploitation, and design method is flexible and convenient, has both solved what custom circuit can not upgrade
Deficiency, and overcome the limited disadvantage of conventional programmable device gate circuit number.FPGA is in calculated performance than CPU (Central
Processing Unit) by force, then smaller than GPU (Graphic Processing Unit) in power consumption, this makes FPGA more suitable
It closes and carries out this calculating work for continuing high intensity of password recovery.It not only include traditional programmable patrol in modern FPGA device
It collects circuit PL (Programmable logic), is also added into piece inner treater system PS (Processing System).The portion PL
Divide and is mainly made of programmable circuit logic unit, and the part PS is made of arm processor, is connect between two parts by bus
Mouth carries out data interaction.During password recovery algorithm based on FPGA is realized, high performance password recovery counting circuit is in the part PL
It realizes, PS is responsible for part the work of control and driving counting circuit, and the part PL together constitutes password recovery algorithm with the part PS
Special circuit system.
PGP (Pretty GoodPrivacy) is a kind of encryption software, is widely used in email encryption, file encryption and hard
The security systems such as disk encryption.PGP will be generated a session key at random, be encrypted using session key when encrypting user data
User data, and session key will be saved after public key encryption;When decrypted user data, system will first use private key decrypted session
The ciphertext of key obtains session key, then the ciphertext with session key decrypted user data.The private key of PGP is typically stored at SKR
(Secret Key Ring) file, and protected by cryptographic authentication mechanisms, which is exactly the PGP of the invention referred to close
Key administrative authentication password.SKR file is the private key ring file of PGP encryption software, is not only stored in this document by PGP key pipe
The encrypted private key of authentication password is managed, further includes the various parameters information used when encryption.SKR file has stringent storage lattice
Formula can accurately obtain the parameter information in ciphering process by parsing SKR file, it will be able to attempt to carry out PGP key management
The recovery of authentication password.PGP key management authentication password will cause the private key that can not be obtained for encryption data once losing,
Cause the data encrypted that can not read.Restore the PGP key pipe of loss or forgetting therefore, it is necessary to a kind of password recovery method
Manage authentication password.
Similar research at present for PGP key management authentication password restoration methods and realization is as follows, (the Wu Hua such as Wu Hua
Deng, PGP privacy enhanced mail breaking techniques are studied, information security and communication security, and 2014,12:It is proposed that one kind is directed in 116-119)
The PGP key management authentication password crack method of AES-256 and SHA-1 algorithm combination, but the document provides only one kind and cracks
Method is not directed to this method in the specific implementation of associated computing platform.(Deng Huijie, the PGP based on pass-phrase are cracked Deng Huijie
Research and realize, Shanghai Communications University, 2011,9, master thesis) in propose for AES-256 and S2K (SHA-256)
The PGP key management authentication password restoration methods of algorithm combination, this method is realized on CPU platform.Koichi
Shimizu etc. (Koichi Shimizu etc., High-speed search system for PGPpassphrases,
Cryptology and Network Security, CANS2008 proceeding, 2008,332-348) it proposes for AES
With the PGP key management authentication password restoration methods of S2K (SHA-256) algorithm combination, and algorithm is completed in FPGA platform
Realization.
So far there are no report relevant to PGP key management authentication password recovery.
Summary of the invention
The purpose of the present invention is to provide a kind of PGP keys for being directed to Twofish-256 and S2K (SHA-1) algorithm combination
The FPGA implementation method of administrative authentication password recovery algorithm.With traditional method phase for carrying out password recovery by software mode
Than realizing that password recovery algorithm has the characteristics that high speed and low-power consumption based on FPGA.
The present invention includes the following steps:
1) user is on console by the way that in network connection to FPGA piece inner treater, the SKR PGP software to be decrypted is literary
Part is sent in FPGA piece inner treater, and sends sign on to FPGA piece inner treater;
2) after FPGA piece inner treater receives SKR file and sign on, which is parsed with fixed format,
The data that password recovery needs are obtained, these data are stored in FPGA piece inner treater;The number that the password recovery needs
According to including the number of iterations, initial vector, salt figure, private key ciphertext and private key hashed value ciphertext etc.;
3) SKR file is after the completion of FPGA piece inner treater is parsed and stored, FPGA piece inner treater by AXI bus to
Control module sends reset signal, resets control module and sends reset signal from control module to other each modules, makes to own
Module is all reset to original state;
4) after each module resets to original state, FPGA piece inner treater passes through number needed for decryption of the AXI bus by storage
It is believed that breath is transmitted in the corresponding registers of control module;
5) after the corresponding registers of control module receive data information, FPGA piece inner treater passes through AXI bus to control
Module sends commencing signal, and control module is started to work, while control module guides other modules to start to work;
6) start to restore PGP key management authentication password:It is close that authentication password generation module generates PGP key management certification
Code;PGP key management authentication password enters S2K function module and generates symmetric key;Symmetric key is input to Twofish-256 solution
In close module, and ciphertext and other relevant informations are obtained from control module, symmetrically decrypted, to SHA-1 after decryption completion
The inspection module output private key decrypted and the hashed value decrypted, SHA-1 inspection module calculate hashed value according to private key,
Calculated hashed value is compared with the hashed value decrypted, comparing result is sent into control module;
7) after control module receives comparing result, judge comparing result, if comparison is correct, enter step 8);Otherwise
Step 6) is returned to, whether correct continues to verify next PGP key management authentication password;
8) after control module judgement comparison is correct, which is sent in piece by control module
It manages in device, and sends reset signal to other modules of FPGA password recovery counting circuit, make FPGA password recovery counting circuit
It stops working;
9) user sees the PGP key management authentication password recovered, PGP key management authentication password on console
Recovery terminates.
Realization of the PGP key management authentication password recovery algorithms on FPGA is made of PS and PL two parts.
The present invention realizes FPGA piece inner treater using the part piece inner treater PS in FPGA, and the part is for parsing
SKR file parses the hashed value ciphertext of the number of iterations, salt figure, initial vector, private key ciphertext and private key.In addition, FPGA piece
Inner treater is also integrated with the function that PGP key management certification FPGA password recovery counting circuit is driven and encapsulated, and mentions
Console where enabling user for interface goes to debug and the PGP key management is called to authenticate FPGA password by network
Restore counting circuit.FPGA piece inner treater is also responsible for some miscellaneous functions, including sends reset signal to control module, starts
Signal, the time of record PGP key management certification FPGA password recovery counting circuit work, the current number for having examined password of record
Amount, output operation information etc..
Realize that PGP key management FPGA authentication password restores to calculate electricity using the part programmable logic circuit PL in FPGA
Road is made of 16 circuit modules, including:Control module, authentication password generation module, 10 S2K function modules, counter mould
Block, symmetric key selecting module, the symmetrical deciphering module of Twofish-256, SHA-1 inspection module.In control module and FPGA piece
The controls such as processor is interconnected by AXI bus, and FPGA piece inner treater module sends beginning to control module and resets refer to
It enables, further includes the information such as the SKR file salt figure of parsing.The control module at the end PL sends current to the FPGA piece inner treater at the end PS
The status information of password recovery.The output of control module is connected with the input of authentication password generation module, generates to authentication password
Module exports the enabling signal of PGP key management certification FPGA password recovery counting circuit.The input of control module and certification are close
The output of code generation module is connected, for receiving correct PGP key management from authentication password generation module in successful decryption
Authentication password;The output of authentication password generation module is connect with the input of 10 S2K function modules, to 10 S2K function modules
Export PGP key management authentication password.The input of 10 S2K function modules is connected with the output of control module, from control module
The information such as salt figure, the number of iterations needed for obtaining S2K function.The output of 10 S2K function modules all with key selecting module
Input connection exports 10 groups of symmetric keys to symmetric key selecting module;The input of counter module and the output of control module
It is connected, receives the control signal that control module is sent;The output of counter module is connect with the input of key selecting module, Xiang Mi
The output order of key selecting module output symmetric key.The input of the another output link control module of counter module, to
Control module exports location order of the current PGP key management authentication password in epicycle password authentification;Key selecting module
Output is connect with the input of Twofish-256 deciphering module, exports a symmetric key to Twofish-256 deciphering module;
The output of the input link control module of the symmetrical deciphering module of Twofish-256 receives the cipher-text information sent from control module
With initial vector information.The input of the output connection key SHA-1 inspection module of the symmetrical deciphering module of Twofish-256, to
The SHA-1 inspection module output private key decrypted and the hashed value decrypted;The output connection control mould of SHA-1 inspection module
Block exports comparing result to control module.
The function corresponding function of each module is as follows in the PGP key management certification FPGA password recovery counting circuit:
Control module, control module dispatch PGP key pipe for other coupled modules of the part PL to be monitored and controlled
It manages authentication password and restores function, while control module and FPGA piece inner treater carry out data communication, obtain PGP key management and recognize
Initialization data and configuration data needed for demonstrate,proving password recovery.
Authentication password generation module traverses the password in password space, generates PGP key management authentication password.
10 S2K function modules, using authentication password generation module generate user password and control module in store
Configuration data generate 10 groups of Twofish-256 decryption needed for symmetric keys;Such Parallel Design is solved from system architecture
The shortcomings that S2K function operation overlong time of having determined, Twofish-256 deciphering module 7 is allowed continuously to obtain input key value,
It the time to be entered such as substantially reduces, improves the working efficiency of PGP key management authentication password recovery system.Symmetric key
Selecting module stores this 10 groups of symmetric keys;Counting module count down to 10 under the control of control module, from 1, symmetric key choosing
It selects module and 10 groups of Twofish symmetric keys is selected according to the count value, one corresponding symmetric key of output arrives
In Twofish-256 deciphering module;Twofish-256 deciphering module by control module obtain SKR file cipher-text information with
And initial vector information, symmetric key is obtained by symmetric key selecting module, using symmetric key to ciphertext under CFB mode
Information carries out Twofish-256 decryption, the private key decrypted and the hashed value decrypted, and they are sent into SHA-1 inspection
It tests in module;SHA-1 inspection module obtains the private key of Twofish-256 deciphering module output, by private key hash is calculated
Value, while the hashed value decrypted in Twofish-256 deciphering module is obtained, the hashed value being calculated is dissipated with what is decrypted
Train value is compared, and comparison result is sent into control module;Control module decides whether to continue PGP key management according to comparison result
Authentication password recovery process.
Encrypted set of the present invention for Twofish-256 algorithm and S2K (SHA-1) algorithm in PGP key management certification
It closes, PGP authentication password restoring circuit is realized using the programmable logic circuit part (PL) in FPGA, using handling in FPGA piece
Realize the scheduling of entire password recovery system in device part (PS).The part PL mainly by being formed with lower module, including:Control module,
Authentication password generation module, S2K function module, counter module, symmetric key selecting module, Twofish-256 deciphering module,
SHA-1 inspection module.The part PS is mainly FPGA piece inner treater module.The part PS passes through AXI bus inside FPGA and the portion PL
Divide connection, realizes control and data interaction to PGP authentication password restoring circuit.The PGP key management that the present invention finally realizes
Authentication password restores special circuit, password recovery speed and lower power consumption with high speed, while having both flexibility, practical
Property and specific aim, PGP software code restore related fields application value with higher.
Detailed description of the invention
Fig. 1 is the FPGA implementation flow chart of PGP key management authentication password recovery algorithms of the present invention.
Fig. 2 is that the FPGA of PGP key management authentication password recovery algorithms of the present invention realizes block diagram.
Specific embodiment
Present invention will now be described in further detail with reference to the embodiments and the accompanying drawings.
As shown in Figure 1, the embodiment of the present invention includes following steps:
1) user is on console by the way that in network connection to FPGA piece inner treater, the SKR PGP software to be decrypted is literary
Part is sent in FPGA piece inner treater, and sends sign on to FPGA piece inner treater;
2) after FPGA piece inner treater receives SKR file and sign on, which is parsed with fixed format,
The data that password recovery needs are obtained, these data are stored in FPGA piece inner treater;The number that the password recovery needs
According to including the number of iterations, initial vector, salt figure, private key ciphertext and private key hashed value ciphertext etc.;
3) SKR file is after the completion of FPGA piece inner treater is parsed and stored, FPGA piece inner treater by AXI bus to
Control module sends reset signal, resets control module and sends reset signal from control module to other each modules, makes to own
Module is all reset to original state;
4) after each module resets to original state, FPGA piece inner treater passes through number needed for decryption of the AXI bus by storage
It is believed that breath is transmitted in the corresponding registers of control module;
5) after the corresponding registers of control module receive data information, FPGA piece inner treater passes through AXI bus to control
Module sends commencing signal, and control module is started to work, while control module guides other modules to start to work;
6) start to restore PGP key management authentication password:It is close that authentication password generation module generates PGP key management certification
Code;PGP key management authentication password enters S2K function module and generates symmetric key;Symmetric key is input to Twofish-256 solution
In close module, and ciphertext and other relevant informations are obtained from control module, symmetrically decrypted, to SHA-1 after decryption completion
The inspection module output private key decrypted and the hashed value decrypted, SHA-1 inspection module calculate hashed value according to private key,
Calculated hashed value is compared with the hashed value decrypted, comparing result is sent into control module;
7) after control module receives comparing result, judge comparing result, if comparison is correct, enter step 8);Otherwise
Step 6) is returned to, whether correct continues to verify next PGP key management authentication password;
8) after control module judgement comparison is correct, which is sent in piece by control module
It manages in device, and sends reset signal to other modules of FPGA password recovery counting circuit, make FPGA password recovery counting circuit
It stops working;
9) user sees the PGP key management authentication password recovered, PGP key management authentication password on console
Recovery terminates.
As shown in Fig. 2, a SKR file of PGP encryption software is input into FPGA piece inner treater 1, by SKR file
In private key ciphertext, private key hashed value ciphertext, the salt figure of S2K function and the number of iterations parse, and pass through AXI bus transfer
Into the register in control module 2, while FPGA piece inner treater 1 sends the letter started to work to control module 2 by AXI
Number;After control module 2 receives the signal of start-up operation, sign on is sent to authentication password generation module 3;Authentication password is raw
After receiving sign at module 3, starts to construct key management authentication password, generate 10 groups of authentication passwords every time, and every time will
The PGP key management authentication password correspondence of 10 groups of constructions is input in 10 S2K function modules 41~410;10 S2K Function Modules
Block 41~410 receives the PGP key management authentication password of construction, while the salt of S2K function needs is obtained from control module 2
The parameters such as value, the number of iterations generate 10 groups of symmetric keys, are input in symmetric key selecting module 6;Counter module 5 generates
One count value, the count value indicate that symmetric key selecting module currently exports position of the key in 10 keys of epicycle;It is right
Claim the output of key selecting module 6 to connect with Twofish-256 deciphering module 7, enters the key into Twofish-256 decryption
In module 7, meanwhile, Twofish-256 deciphering module 7 obtains private key ciphertext and private key hashed value ciphertext from control module 2, and
Initial vector, the Twofish-256 decryption by CFB mode calculate the private key that output decrypts and the hashed value decrypted, and
The private key decrypted and the hashed value decrypted are output in SHA-1 inspection module 8;SHA-1 inspection module 8 obtains private key,
The hashed value of private key is calculated, the hashed value decrypted exported in Twofish-256 deciphering module 7 and SHA-1 are examined
The hashed value being calculated in module 8 compares, if the two is different, issues and instructs to control module 2, continue this wheel
The verifying of remaining symmetric key in 10 symmetric keys;If it is identical to authenticate to the two, issues and instruct to control module 2, from meter
Number device module 5 obtains current count value, is assured that correct PGP key management authentication password is close in certification according to count value
The position stored in code generation module 3, at this point, the PGP key management authentication password is just output to by authentication password generation module 3
In control module 2, this correct PGP key management authentication password is output to FPGA piece by AXI bus again by control module 2
In inner treater 1.The information and the PGP key management recovered that FPGA piece inner treater 1 is successfully recovered to console output
Authentication password.
The specific working mode of counter module 5 is as follows:
The output valve of counter module 5 respectively corresponds 10 groups pairs of the output of S2K function module 41~410 between 0~9
Claim the order of key.In PGP key management authentication password recovery process, if it is wrong for demonstrating symmetric key in control module 2
Accidentally, the count value of counter module 5 adds 1, and sends count value in symmetric key selecting module 6, keeps its output next
A symmetric key;If it is wrong, the clearing of counter module 5, the sending of control module 2 that this 10 groups of symmetric keys, which are all verified,
Instruction makes authentication password generation module 3 construct 10 groups of new PGP key management authentication passwords;If control module 2 authenticates to
Correct symmetric key, then counter module just recognizes the symmetric key and corresponding PGP key management according to count value
Card password is output in control module 2.
Claims (10)
- The FPGA implementation method of 1.PGP key management authentication password recovery algorithms, it is characterised in that include the following steps:1) user passes through network connection to FPGA piece inner treater, the SKR file quilt of PGP software to be decrypted on console It is sent in FPGA piece inner treater, and sends sign on to FPGA piece inner treater;2) after FPGA piece inner treater receives SKR file and sign on, which is parsed with fixed format, is obtained The data that password recovery needs, these data are stored in FPGA piece inner treater;The data packet that the password recovery needs Include the number of iterations, initial vector, salt figure, private key ciphertext and private key hashed value ciphertext;3) for SKR file after the completion of FPGA piece inner treater is parsed and stored, FPGA piece inner treater passes through AXI bus to control Module sends reset signal, resets control module and sends reset signal from control module to other each modules, makes all modules All it is reset to original state;4) after each module resets to original state, data needed for FPGA piece inner treater passes through decryption of the AXI bus by storage are believed Breath is transmitted in the corresponding registers of control module;5) after the corresponding registers of control module receive data information, FPGA piece inner treater passes through AXI bus to control module Commencing signal is sent, control module is started to work, while control module guides other modules to start to work;6) start to restore PGP key management authentication password:Authentication password generation module generates PGP key management authentication password;PGP Key management authentication password enters S2K function module and generates symmetric key;Symmetric key is input to Twofish-256 deciphering module In, and ciphertext and other relevant informations are obtained from control module, it is symmetrically decrypted, examines mould to SHA-1 after decryption completion The block output private key decrypted and the hashed value decrypted, SHA-1 inspection module calculate hashed value according to private key, will calculate Hashed value out is compared with the hashed value decrypted, and comparing result is sent into control module;7) after control module receives comparing result, judge comparing result, if comparison is correct, enter step 8);Otherwise it returns to Whether step 6) continues to verify next PGP key management authentication password correct;8) after control module judgement comparison is correct, which is sent to piece inner treater by control module In, reset signal is sent to other modules of FPGA password recovery counting circuit, FPGA password recovery counting circuit is made to stop work Make;9) user sees that the PGP key management authentication password recovered, PGP key management authentication password restore on console Terminate.
- 2. the FPGA implementation method of PGP key management authentication password recovery algorithms as described in claim 1, it is characterised in that described Realization of the PGP key management authentication password recovery algorithms on FPGA is made of PS and PL two parts.
- 3. the FPGA implementation method of PGP key management authentication password recovery algorithms as described in claim 1, it is characterised in that described FPGA piece inner treater includes that reset signal, commencing signal, record PGP key management certification FPGA password are sent to control module Restore the time of counting circuit work, record has currently examined the quantity of password, output operation information.
- 4. the FPGA implementation method of PGP key management authentication password recovery algorithms as described in claim 1, it is characterised in that PGP Key management FPGA authentication password restores counting circuit, is made of 16 circuit modules, including:Control module, authentication password are raw At module, 10 S2K function modules, counter module, symmetric key selecting module, the symmetrical deciphering module of Twofish-256, SHA-1 inspection module.
- 5. the FPGA implementation method of PGP key management authentication password recovery algorithms as claimed in claim 4, it is characterised in that described Control module is interconnected with FPGA piece inner treater by AXI bus, and FPGA piece inner treater module is sent to control module Start and reset control instruction, further includes the SKR file salt value information of parsing, the control module at the end PL is into the FPGA piece at the end PS Processor sends the status information that current password restores, and the output of control module is connected with the input of authentication password generation module, To the enabling signal of authentication password generation module output PGP key management certification FPGA password recovery counting circuit, control module Input be connected with the output of authentication password generation module, it is correct for being received in successful decryption from authentication password generation module PGP key management authentication password.
- 6. the FPGA implementation method of PGP key management authentication password recovery algorithms as claimed in claim 4, it is characterised in that described The output of authentication password generation module is connect with the input of 10 S2K function modules, close to 10 S2K function module output PGP Key administrative authentication password.
- 7. the FPGA implementation method of PGP key management authentication password recovery algorithms as claimed in claim 4, it is characterised in that described The input of 10 S2K function modules is connected with the output of control module, from salt figure needed for control module acquisition S2K function, repeatedly For number information;The output of 10 S2K function modules is connect with the input of key selecting module, defeated to symmetric key selecting module 10 groups of symmetric keys out.
- 8. the FPGA implementation method of PGP key management authentication password recovery algorithms as claimed in claim 4, it is characterised in that described The input of counter module is connected with the output of control module, receives the control signal that control module is sent;Counter module Output is connect with the input of key selecting module, to the output order of key selecting module output symmetric key;Counter module Another output link control module input, it is close in epicycle to export current PGP key management authentication password to control module Location order in code verifying.
- 9. the FPGA implementation method of PGP key management authentication password recovery algorithms as claimed in claim 4, it is characterised in that described The output of symmetric key selecting module is connect with the input of Twofish-256 deciphering module, defeated to Twofish-256 deciphering module A symmetric key out.
- 10. the FPGA implementation method of PGP key management authentication password recovery algorithms as claimed in claim 4, it is characterised in that institute The output of the input link control module of the symmetrical deciphering module of Twofish-256 is stated, the ciphertext letter sent from control module is received Breath and initial vector information;The input of the output connection key SHA-1 inspection module of the symmetrical deciphering module of Twofish-256, to The SHA-1 inspection module output private key decrypted and the hashed value decrypted;The output connection control mould of SHA-1 inspection module Block exports comparing result to control module.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810734669.1A CN108900307B (en) | 2018-07-06 | 2018-07-06 | FPGA (field programmable Gate array) implementation method for PGP (packet data protocol) key management authentication password recovery algorithm |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201810734669.1A CN108900307B (en) | 2018-07-06 | 2018-07-06 | FPGA (field programmable Gate array) implementation method for PGP (packet data protocol) key management authentication password recovery algorithm |
Publications (2)
Publication Number | Publication Date |
---|---|
CN108900307A true CN108900307A (en) | 2018-11-27 |
CN108900307B CN108900307B (en) | 2020-03-24 |
Family
ID=64348508
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201810734669.1A Active CN108900307B (en) | 2018-07-06 | 2018-07-06 | FPGA (field programmable Gate array) implementation method for PGP (packet data protocol) key management authentication password recovery algorithm |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN108900307B (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110516809A (en) * | 2019-08-22 | 2019-11-29 | 山东浪潮人工智能研究院有限公司 | A kind of realization device of the privacy interpolator arithmetic based on FPGA+RISC-V |
Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070074045A1 (en) * | 2002-09-30 | 2007-03-29 | Van Essen Brian C | Method of securing programmable logic configuration data |
WO2011089143A1 (en) * | 2010-01-20 | 2011-07-28 | Intrinsic Id B.V. | Device and method for obtaining a cryptographic key |
CN106027261A (en) * | 2016-05-18 | 2016-10-12 | 厦门大学 | FPGA (field programmable Gate array) -based LUKS (Luk authentication and Key recovery) chip circuit and password recovery method thereof |
CN107291898A (en) * | 2017-06-22 | 2017-10-24 | 厦门大学 | MySQL authentication password recovery system based on FPGA and method thereof |
-
2018
- 2018-07-06 CN CN201810734669.1A patent/CN108900307B/en active Active
Patent Citations (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20070074045A1 (en) * | 2002-09-30 | 2007-03-29 | Van Essen Brian C | Method of securing programmable logic configuration data |
WO2011089143A1 (en) * | 2010-01-20 | 2011-07-28 | Intrinsic Id B.V. | Device and method for obtaining a cryptographic key |
CN106027261A (en) * | 2016-05-18 | 2016-10-12 | 厦门大学 | FPGA (field programmable Gate array) -based LUKS (Luk authentication and Key recovery) chip circuit and password recovery method thereof |
CN107291898A (en) * | 2017-06-22 | 2017-10-24 | 厦门大学 | MySQL authentication password recovery system based on FPGA and method thereof |
Non-Patent Citations (1)
Title |
---|
KOICHI SHIMIZU: "High-Speed Search System for PGP Passphrases", 《CRYPTOLOGY AND NETWORK SECURITY, CANS2008》 * |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110516809A (en) * | 2019-08-22 | 2019-11-29 | 山东浪潮人工智能研究院有限公司 | A kind of realization device of the privacy interpolator arithmetic based on FPGA+RISC-V |
CN110516809B (en) * | 2019-08-22 | 2022-05-24 | 山东浪潮科学研究院有限公司 | Implementation device of privacy amplification algorithm based on FPGA + RISC-V |
Also Published As
Publication number | Publication date |
---|---|
CN108900307B (en) | 2020-03-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US8516268B2 (en) | Secure field-programmable gate array (FPGA) architecture | |
CN101854243B (en) | Circuit system design encryption circuit and encryption method thereof | |
CN104618338B (en) | A kind of Industrial Ethernet encryption of communicated data transparent transmission module | |
CN104579679B (en) | Wireless public network data forwarding method for agriculture distribution communication equipment | |
CN105357218B (en) | A kind of router and its encipher-decipher method having hardware enciphering and deciphering function | |
CN101478548B (en) | Data transmission ciphering and integrity checking method | |
CN107678763A (en) | Electric energy meter upgrade method and system based on digital signature technology | |
CN105790927B (en) | A kind of bus graded encryption system | |
CN104253694A (en) | Encrypting method for network data transmission | |
CN113346995B (en) | Method and system for preventing falsification in mail transmission process based on quantum security key | |
WO2023005734A1 (en) | Vehicle data uploading method and apparatus, and vehicle, system and storage medium | |
CN104901935A (en) | Bilateral authentication and data interaction security protection method based on CPK (Combined Public Key Cryptosystem) | |
CN100440775C (en) | Encryption communication method and device | |
CN110958219A (en) | SM2 proxy re-encryption method and device for medical cloud shared data | |
CN109586920A (en) | A kind of trust authentication method and device | |
CN113452687B (en) | Method and system for encrypting sent mail based on quantum security key | |
CN210955077U (en) | Bus encryption and decryption device based on state cryptographic algorithm and PUF | |
CN113312608A (en) | Electric power metering terminal identity authentication method and system based on timestamp | |
KR100986758B1 (en) | Security dedicated device for securities of communication apparatus | |
CN114499857A (en) | Method for realizing data correctness and consistency in big data quantum encryption and decryption | |
CN114598533A (en) | Block chain side chain cross-chain identity trusted authentication and data encryption transmission method | |
CN109995785A (en) | File security unlocking method in local area network based on quantum cryptography | |
CN103873257A (en) | Secrete key updating, digital signature and signature verification method and device | |
CN109413644B (en) | LoRa encryption authentication communication method, storage medium and electronic terminal | |
CN108900307A (en) | FPGA (field programmable Gate array) implementation method for PGP (packet data protocol) key management authentication password recovery algorithm |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant | ||
TR01 | Transfer of patent right |
Effective date of registration: 20220512 Address after: 710000 A201, zero one Plaza, Xi'an Software Park, No. 72, Keji Second Road, high tech Zone, Xi'an, Shaanxi Patentee after: Tuoer Microelectronics Co.,Ltd. Address before: Xiamen City, Fujian Province, 361005 South Siming Road No. 422 Patentee before: XIAMEN University |
|
TR01 | Transfer of patent right |