CN109033023A - A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit - Google Patents

A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit Download PDF

Info

Publication number
CN109033023A
CN109033023A CN201810597106.2A CN201810597106A CN109033023A CN 109033023 A CN109033023 A CN 109033023A CN 201810597106 A CN201810597106 A CN 201810597106A CN 109033023 A CN109033023 A CN 109033023A
Authority
CN
China
Prior art keywords
ordinary wheel
output end
circuit
constant
input terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN201810597106.2A
Other languages
Chinese (zh)
Other versions
CN109033023B (en
Inventor
张肖强
王宸宇
郑辛星
魏利胜
王广亮
王维
刘宇畅
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Anhui Polytechnic University
Original Assignee
Anhui Polytechnic University
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Anhui Polytechnic University filed Critical Anhui Polytechnic University
Priority to CN201810597106.2A priority Critical patent/CN109033023B/en
Publication of CN109033023A publication Critical patent/CN109033023A/en
Application granted granted Critical
Publication of CN109033023B publication Critical patent/CN109033023B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/10Complex mathematical operations
    • G06F17/14Fourier, Walsh or analogous domain transformations, e.g. Laplace, Hilbert, Karhunen-Loeve, transforms
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F17/00Digital computing or data processing equipment or methods, specially adapted for specific functions
    • G06F17/10Complex mathematical operations
    • G06F17/16Matrix or vector computation, e.g. matrix-matrix or matrix-vector multiplication, matrix factorization

Landscapes

  • Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Theoretical Computer Science (AREA)
  • Computational Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Data Mining & Analysis (AREA)
  • Algebra (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Databases & Information Systems (AREA)
  • Computing Systems (AREA)
  • Complex Calculations (AREA)

Abstract

The present invention is suitable for cryptochannel technical field, provide a kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit, the merging and synthesis operation that ordinary wheel transform operation unit passes through constant matrices, all linear transformation operations in ordinary wheel transform operation are combined into two composite matrix, composite matrix Δ and composite matrix Λ, so as to shorten ordinary wheel translation circuit critical path, while reducing ordinary wheel translation circuit and realizing area.

Description

A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit
Technical field
The invention belongs to encrypted circuit technical field, a kind of ordinary wheel transform operation unit, common round transformation electricity are provided Road and AES encryption circuit.
Background technique
AES (Advanced Encryption Standard, Advanced Encryption Standard) is by American National Standard and technology A new generation's grouping symmetric cryptographic algorithm that research institute formulates for 2001, for replacing original DES (Data Encryption Standard, data encryption standards).Currently, AES cryptographic algorithm is used by multiple International Standards Organization, it is to make at present With widest block cipher.
The data packet length of AES cryptographic algorithm is 128 bits, and key length has three kinds of 128,192 and 256 bit, point It is also known as AES-128, AES-192, AES-256, AES encryption algorithm is an iterative algorithm, each iteration is properly termed as taking turns Transformation, key length is different, and round transformation quantity is also different, AES-128, AES-192, the round transformation quantity Nr difference of AES-256 It is 10,12,14.
Existing AES encryption process is as shown in Fig. 1, and the clear data of input carries out first run transformation, Nr -1 wheel afterwards first Common round transformation, and last round transformation, common round transformation are the major calculations processes in AES encryption process, common round transformation according to Secondary completion row shift operation, column hybrid operation, key add operation and byte replacement operation, the fortune of each operation in common round transformation Calculating unit can be implemented separately, and the ordinary wheel translation circuit being implemented separately by each arithmetic element not only wastes circuit resource, and Critical path is longer.
Adjacent several arithmetic elements are merged into an arithmetic element to realize, T box is achieved in that common at present Most common arithmetic element merges implementation in the realization of round transformation circuit, and T box, which is realized, is moved S box, row by precomputation mode The operation result of the operations such as position and column mixing prestores in a storage arithmetic element, realizes S box, row displacement in a look-up table Union operation function is mixed with column.T box realizes the critical path for reducing entire round transformation circuit, therefore T box implementation master It applies in high speed AES circuit design.Although T box implementation can accelerate data processing speed, also considerably increase Circuit area, as Rach et al. will be based on afterbody GF (2 in compositum S box/inverse S box4) multiplier, mapping matrix/inverse reflect Penetrating operation, affine/inverse Affine arithmetic, column mixing/inverse column hybrid operation and key adds five operations such as operation to be merged into a fortune Unit is calculated, the merging of the arithmetic element shortens circuit critical path, but also considerably increases circuit area simultaneously.
Summary of the invention
The embodiment of the present invention provides a kind of ordinary wheel transform operation unit, it is intended to solve to transport in existing ordinary wheel translation circuit The merging for calculating unit is all to increase the problem of circuit area optimizes critical path depth as cost.
The invention is realized in this way a kind of ordinary wheel transform operation unit, which is characterized in that the common round transformation fortune Calculating unit includes:
The composite matrix multiplying unit 1 that input terminal is connect with data-in port and key input mouth, input terminal The compositum inverse of multiplication unit connecting with 1 output end of composite matrix multiplying unit, input terminal and compositum multiplication are inverse The composite matrix multiplying unit 2 of arithmetic element output end connection, input terminal and 2 output end of composite matrix multiplying unit The constant of connection adds arithmetic element, and constant adds arithmetic element output end to connect with data-out port, wherein
Composite matrix multiplying unit 1, the data vector D that will be inputted from data-in portv=[d0,d1,d2,d3]T With the key vector K inputted from key input mouthv=[k0,k1,k2,k3]TIt is combined into a column vector PV=[d0,d1,d2,d3, k0,k1,k2,k3]T, composite matrix Δ and column vector PV are subjected to multiplying, by multiplication result LV=[l0,l1,l2,l3]T It is output to compositum inverse of multiplication unit, wherein composite matrix Δ is by constant matrices γ3、γ2、γ1, δ be composed, constant Matrix delta is by GF (28) element on domain is mapped to the mapping matrix on compositum, the expression formula of composite matrix Δ is as follows:
Wherein, constant matrices γ3For constant matrices δ and constant matricesProduct, i.e.,Constant matrices γ2For Constant matrices δ and constant matricesProduct, i.e.,Constant matrices γ1For constant matrices δ and constant matricesMultiply Product, i.e.,Constant matricesRespectively GF (28) multiplying constant × { 03 } on domain16、×{02}16、×{01}16's Matrix form;
Compositum inverse of multiplication unit, by Lv=[l0,l1,l2,l3]TIn each byte carry out the inverse fortune of compositum multiplication It calculates, by operation result Iv=[i0,i1,i2,i3]TIt is output to composite matrix multiplying unit 2, the compositum is arbitrarily and GF (28) domain isomorphism compositum;
Composite matrix multiplying unit 2, by composite matrix Λ and data vector Iv=[i0,i1,i2,i3]TCarry out multiplication Operation, by multiplication result Qv=[q0,q1,q2,q3]TIt is output to constant and adds arithmetic element, composite matrix Λ is by four constants Matrix λ is composed, and the expression formula of composite matrix Λ is specific as follows:
Wherein, constant matrices λ is the product of constant matrices τ and constant matrices δ ', i.e. λ=τ × δ ', constant matrices τ are AES Constant matrices specified by Affine arithmetic in S box, constant matrices δ ' are that the element on compositum is mapped to GF (28) on domain Mapping matrix;
Constant adds arithmetic element, by vector Qv=[q0,q1,q2,q3]TWith constant vector Ωv=[ω, ω, ω, ω]TIt is added Operation, wherein constant ω is that byte constant specified by Affine arithmetic, constant add operation result R in AES S boxv=[r0,r1, r2,r3]TIt is exported from data-out port;
The composite matrix multiplying unit 1, compositum inverse of multiplication unit, composite matrix multiplying unit 2, And constant adds the data input pin of arithmetic element and the data bit width of data output end is four bytes, key input Data bit width is four bytes.
The present invention provides a kind of ordinary wheel translation circuit, and the ordinary wheel translation circuit is by 4 × (Nr- 1) a ordinary wheel becomes Change arithmetic element composition, wherein every 4 ordinary wheel transform operation units compose in parallel one for complete one take turns 16 bytes The ordinary wheel conversion module of ordinary wheel transform operation, (Nr- 1) a ordinary wheel conversion module is composed in series ordinary wheel translation circuit.
The present invention provides a kind of ordinary wheel translation circuit, and ordinary wheel translation circuit includes: an ordinary wheel transform operation list Member and for recycle 4 × (Nr- 1) the circulation feed circuit of the secondary ordinary wheel transform operation unit;
Wherein, the circulation feed circuit is made of selector, register 1 and register 2, the input of the register 1 End is connect with the output end of selector, and output end is connect with the input terminal of register 2, and the output end and ordinary wheel of register 2 become The data input pin connection of arithmetic element is changed, an input terminal of selector and the data output end of ordinary wheel transform operation unit connect It connects, another input terminal is connect with the output end of first run translation circuit, and the data output end connection of ordinary wheel transform operation unit is also It is connect with the input terminal of last round transformation circuit;
The data bit width of the register 1 and register 2 is 16 bytes.
The present invention provides a kind of ordinary wheel translation circuit, and ordinary wheel power transformation road includes: by two ordinary wheel transform operation lists The ordinary wheel conversion module that member composes in parallel, and circulation feed circuit, the circulation feed circuit are used for common round transformation mould Block carries out 2 (Nr- 1) secondary circulation;
Wherein, the circulation feed circuit is made of selector, register 1 and register 2, the input terminal of register 1 with The output end of selector connects, and output end is connect with the input terminal of register 2, the output end of register 2 and common round transformation mould The input terminal of block connects, and an input terminal of the selector is connect with the output end of first run translation circuit, another input terminal with it is general The output end connection of logical round transformation module, the output end of ordinary wheel conversion module are also connect with the input terminal of last round transformation circuit;
The data bit width of the register 1 and register 2 is 16 bytes.
A kind of logical round transformation circuit provided by the invention, ordinary wheel power transformation road include: by four common round transformation fortune The ordinary wheel conversion module that unit composes in parallel, and circulation feed circuit are calculated, the circulation feed circuit is used to become ordinary wheel It changes the mold block and carries out (Nr- 1) secondary circulation;
Wherein, the circulation feed circuit is by selector and register group at the output end and ordinary wheel of the register The input terminal of conversion module connects, and the output end of the register input terminal and selector connects, an input of the selector End is connect with the output end of first run translation circuit, and another input terminal is connect with the output end of ordinary wheel conversion module, and ordinary wheel becomes The output end of mold changing block is also connect with the input terminal of last round transformation circuit;
The data bit width of the register is 16 bytes.
A kind of AES encryption circuit provided by the invention, the AES encryption circuit include:
First run translation circuit, ordinary wheel translation circuit and the last round transformation circuit being sequentially connected in series.
Ordinary wheel transform operation unit provided in an embodiment of the present invention for AES encryption by the merging of constant matrices with Synthesize operation, all linear transformation operations in ordinary wheel transform operation be combined into two composite matrix, composite matrix Δ with Composite matrix Λ so as to shorten ordinary wheel translation circuit critical path, while reducing ordinary wheel translation circuit and realizing area.
Detailed description of the invention
Fig. 1 is existing AES encryption flow chart provided in an embodiment of the present invention;
Fig. 2 is the structural schematic diagram of ordinary wheel transform operation unit provided in an embodiment of the present invention;
Fig. 3 is the structural schematic diagram for the ordinary wheel translation circuit that the embodiment of the present invention one provides;
Fig. 4 is the structural schematic diagram of ordinary wheel translation circuit provided by Embodiment 2 of the present invention;
Fig. 5 is the structural schematic diagram for the ordinary wheel translation circuit that the embodiment of the present invention three provides;
Fig. 6 is the structural schematic diagram for the ordinary wheel translation circuit that the embodiment of the present invention four provides.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and It is not used in the restriction present invention.
In the embodiment of the present invention, existing arithmetic element includes: row shift operation unit, column hybrid operation unit, key Add arithmetic element, byte replacement operation unit, the operation method of above-mentioned arithmetic element is as described below:
1. row shift operation unit
Row shift operation unit carries out row shift operation, is a simple calculations, in this operation, state matrix The first row does not convert, and second, three, four rows distinguish one byte of shifted left, two bytes and three bytes.Assuming that through space State matrix after shift operation are as follows:
State matrix after row displacement can be expressed as:
E=ShiftRows (D):
In hardware realization, row shift operation does not need to consume any logic circuit resource, only need to adjust bus location i.e. Row shift operation can be achieved.
2. column hybrid operation unit
Column hybrid operation unit carries out mixing column operations, and in column hybrid operation, each column of state matrix can be considered as A cubic polynomial on ring R, then column hybrid operation be defined as state matrix each column multinomial and a constant it is multinomial Product of the formula on ring R.Assuming that the state matrix after column hybrid operation are as follows:
The expression formula of column hybrid operation are as follows:
F=MixColumns (E)=Φ E:
Wherein matrix Φ is column mixed constant matrix, in constant matrices ΦRespectively GF (28) domain is superior Constant × { 03 }16、×{02}16、×{01}16Matrix form, the present invention in { }16Indicate the Hexadecimal form of constant.
3. key adds arithmetic element
Key adds arithmetic element to carry out key and adds operation, is a very simple calculations, and key adds operation definition to be state Matrix adds sub-key matrix, and add operation here is GF (2) domain add operation, XOR operation of ascending the throne.Assuming that by key State matrix after adding operation are as follows:
Key adds operation expression are as follows:
G=AddRoundKey (F)=F+K:
Wherein matrix K is sub-key matrix, and sub-key matrix is generated by the primary key inputted by key schedule, Sub-key matrix is also 4 × 4 byte matrixes.
4. byte replacement operation unit
Byte replacement operation unit carries out byte replacement operation, and commonly referred to as S box operation, S box operation is by state matrix In each byte operation is replaced according to byte substitution table.Assuming that the state matrix after S box operation are as follows:
Then the operation of S box can be expressed as:
R=SubBytes (G):
Wherein S () is S box operation function.S box operation is unique nonlinear operation in four operations of common round transformation, It is the highest operation of computational complexity, therefore S box circuit occupies the most areas and power consumption of entire AES circuit.
In AES S box operation, input byte carries out a finite field gf (2 first8) domain comultiplication inverse operation, then carry out One Affine arithmetic, expression formula are as follows:
Wherein x is input byte, ()A -1For GF (28) inverse of multiplication on domain, τ is 8 × 8bit constant matrices, and ω is Byte constant, τ and ω are used to complete the Affine arithmetic in S box.
GF (2 involved in the present invention8) domain is GF (2 specified in AES cryptographic algorithm8) domain, irreducible function is
F (x)=x8+x4+x3+x+1
Constant matrices τ and byte constant ω are respectively as follows:
In numerous S box implementations, the S box based on compositum, which is realized, has the smallest circuit area.Compositum S box is logical Mathematic(al) manipulation is crossed by major calculations unit-GF (2 in S box8) domain inverse of multiplication unit is mapped in compositum and realizes.It is multiple The computation complexity for closing domain inverse of multiplication will be far smaller than GF (28) the inverse computation complexity of domain multiplication, thus can subtract significantly The hardware complexity that few S box circuit is realized.
AES S box operation expression based on compositum are as follows:
Wherein ()C -1For the inverse of multiplication on compositum, compositum be arbitrarily with GF (28) domain isomorphism compositum, δ is 8 × 8bit mapping matrix, effect is will to input byte x from GF (28) for domain mapping to compositum, δ ' is δ inverse matrix, effect It is that compositum inverse of multiplication result is mapped back into GF (2 from compositum8) domain.
In finite field, add operation is the operation of position XOR logic.According to Therefore, constant adds operation+ω in hardware realization, adds 0 operation that can directly dispense, and add-one operation can use two methods generation For XOR logic operation: the XOR logic of 1. any two variables uses same or logic to replace;2. the use of any two variable XOR logic+negate logic realization.Since same or logic gate is almost the same with the circuit area of exclusive or logic gate and delay, simultaneously Compared to exclusive or logic gate, the circuit area of reverse logic door and delay can be ignored, therefore, in S box hardware realization, constant Operation+ω circuit area and delay is added to can be ignored.
Ordinary wheel transform operation
The present invention is according to ordinary wheel transformation for mula, by the merging and synthesis operation of constant matrices, in common round transformation Linear operation merge.According to each sub- operational formula in round transformation among the above, it can be deduced that ordinary wheel transformation for mula Are as follows:
R=Round (D):
Wherein Φ03For the row vector in constant matrices Φ, Dn0:Dn3For the data matrix D after row displacementnIn column to Amount, it may be assumed that
To there is the output variable r of identical input in above-mentioned formulax,yOne group is divided, then each column output variable can group At one group, above-mentioned formula can be divided into four groupings altogether.This four groupings have identical operation operation, and in hardware realization Circuit computing unit having the same.Each grouping output variable can be expressed as linear equation form:
Input variable and output variable in the above formula corresponding variable in each grouping are as follows:
Group I:Group II:
Group III:Group IV:
Area is realized in order to reduce circuit, and the present invention is further by the GF (2 in S box8) multiplication inverse mapping into compositum, Common round transformation after mapping is grouped formula are as follows:
Ordinary wheel transform operation unit provided in an embodiment of the present invention for AES encryption by the merging of constant matrices with Synthesize operation, all linear transformation operations in ordinary wheel transform operation be combined into two composite matrix, composite matrix Δ with Composite matrix Λ so as to shorten ordinary wheel translation circuit critical path, while reducing ordinary wheel translation circuit and realizing area.
Fig. 2 is the structural schematic diagram of ordinary wheel transform operation unit provided in an embodiment of the present invention, for ease of description, only Part related to the embodiment of the present invention is shown.
The ordinary wheel transform operation unit, for realizing the common round transformation in AES encryption, comprising:
The composite matrix multiplying unit 1 that input terminal is connected with data-in port and key input mouth, input Hold the compositum inverse of multiplication unit connecting with 1 output end of composite matrix multiplying unit, input terminal and compositum multiplication The composite matrix multiplying unit 2 of inverse operation unit output end connection, input terminal and composite matrix multiplying unit 2 export The constant of end connection adds arithmetic element, and constant adds arithmetic element output end to be connected with data-out port, wherein
The data bit width of composite matrix multiplying unit 1, data-in port and output end, key input is all Four bytes, the data vector D that will be inputted from data-in portv=[d0,d1,d2,d3]TWith input from key input mouth Key vector Kv=[k0,k1,k2,k3]TIt is combined into a column vector Pv=[d0,d1,d2,d3,k0,k1,k2,k3]T, square will be synthesized Battle array Δ and column vector PvCarry out multiplying, i.e. Lv=Δ × Pv, multiplication result Lv=[l0,l1,l2,l3]TIt is output to compound Domain inverse of multiplication unit, wherein composite matrix Δ is by constant matrices γ3、γ2、γ1, δ be composed, the table of composite matrix Δ It is as follows up to formula:
Wherein, constant matrices γ3For constant matrices δ and constant matricesProduct, i.e.,Constant matrices γ2For Constant matrices δ and constant matricesProduct, i.e.,Constant matrices γ1For constant matrices δ and constant matricesMultiply Product, i.e.,Constant matricesRespectively GF (28) multiplying constant × { 03 } on domain16、×{02}16、×{01}16's Matrix form, GF (28) domain be AES cryptographic algorithm in specify GF (28) domain, therefore, the tool of composite matrix multiplying unit 1 Body expression formula are as follows:
Further, by operation result Lv=[l0,l1,l2,l3]TIt exports to compositum inverse of multiplication unit;
The data bit width of compositum inverse of multiplication unit, input terminal and output end is four bytes, and compositum multiplies Method inverse operation unit is by Lv=[l0,l1,l2,l3]TIn each byte carry out compositum inverse of multiplication, compositum here is Arbitrarily with GF (28) domain isomorphism compositum, compositum inverse of multiplication unit embodies form are as follows:
Operation result Iv=[i0,i1,i2,i3]TFurther it is output to composite matrix multiplying unit 2.
The data bit width of composite matrix multiplying unit 2, input terminal and output end is four bytes, will synthesize square Battle array Λ and data vector Iv=[i0,i1,i2,i3]TMultiplying is carried out, composite matrix Λ is composed of four constant matrices λ, The expression formula of composite matrix Λ is specific as follows:
Wherein constant matrices λ is the product of constant matrices τ and constant matrices δ ', i.e. λ=τ × δ '.Constant matrices τ is AES Constant matrices specified by Affine arithmetic in S box.Constant matrices δ ' is mapping matrix, and effect is to reflect the element on compositum It is mapped to GF (28) on domain, can be expressed with specific formula at matrix multiplication operation unit 2 are as follows:
Operation result Qv=[q0,q1,q2,q3]TConstant is further output to add in arithmetic element.
Constant adds arithmetic element, and the data bit width of input terminal and output end is four bytes, by vector Qv=[q0, q1,q2,q3]TWith constant vector Ωv=[ω, ω, ω, ω]TSum operation, wherein constant ω is Affine arithmetic institute in AES S box Specified byte constant, what constant added arithmetic element embodies form are as follows:
Operation result Rv=[r0,r1,r2,r3]TFurther it is output to data-out port.
Ordinary wheel transform operation unit provided by the invention passes through composite matrix Δ and composite matrix Λ for AES cryptographic algorithm In compositum mapping operations, Affine arithmetic, column hybrid operation and key add operation to merge, in hardware realization, significantly Reduce the critical path depth for realizing ordinary wheel translation circuit.In addition, the present invention is merged by matrix and is synthesized several small rule Loft arithmetic element is combined into large-scale linear operation, is conducive to the raising of optimization efficiency, reduces and realizes common round transformation The realization area of circuit.
Serial structure and loop structure are two kinds of basic structures that ordinary wheel translation circuit is realized, common based on what is proposed Round transformation arithmetic element constitutes serial structure ordinary wheel translation circuit using parallel processing manner, using time-sharing multiplex processing mode The either time-sharing multiplex mode that combines with parallel processing constitutes loop structure ordinary wheel translation circuit.
Fig. 3 is that the structural schematic diagram for the ordinary wheel translation circuit that the embodiment of the present invention one provides only shows for ease of description Part related to the embodiment of the present invention out.
The ordinary wheel translation circuit includes:
4(Nr- 1) a ordinary wheel transform operation unit, wherein every 4 ordinary wheels transform operation unit composes in parallel one Ordinary wheel conversion module, (Nr- 1) a ordinary wheel conversion module is composed in series ordinary wheel translation circuit, each common round transformation mould The cryptographic calculation of 128 bits (16 byte) data can be completed for completing a complete ordinary wheel transform operation of wheel in block.
Fig. 4 is that the structural schematic diagram of ordinary wheel translation circuit provided by Embodiment 2 of the present invention only shows for ease of description Part related to the embodiment of the present invention out.
The ordinary wheel translation circuit is used for AES encryption, comprising:
One ordinary wheel transform operation unit and for recycle 4 × (Nr- 1) the secondary ordinary wheel transform operation unit Recycle feed circuit;
Wherein, circulation feed circuit is made of alternative selector, register 1 and register 2, register 1 and register 2 Data bit width be 16 bytes, the input terminal of register 1 and the output end of selector connect, and output end is defeated with register 2 Enter end connection, the output end of register 2 is connect with the data input pin of ordinary wheel transform operation unit, an input terminal of selector It is connect with the data output end of ordinary wheel transform operation unit, another input terminal is connect with the output end of first run translation circuit, general The output end connection of logical round transformation arithmetic element is also connect with the input terminal of last round transformation circuit;
The data output end of ordinary wheel transform operation unit exports the operation result after each circulation respectively to selector And last round transformation circuit, selector is by preceding 4 (Nr- 2) secondary operation result is fed back in register 1, and ordinary wheel converter unit is each The ordinary wheel transform operation for completing 4 bytes completes one and takes turns complete (16 byte) by recycling four circulations of feed circuit AES ordinary wheel transform operation, after complete AES ordinary wheel transform operation is taken turns in completion one, register 1 exports the data of storage Into register 2, register 2 exports the data of nybble every time, as the input data of ordinary wheel transform operation unit, carries out Next round ordinary wheel transform operation carries out 4 × (N altogetherr- 2) secondary ordinary wheel transform operation, last round transformation circuit is by (4Nr- 7)~ (4Nr- 4) secondary operation result, i.e. (Nr- 1) input data of the wheel ordinary wheel transform operation result as last round transformation circuit, into Row end round transformation.
Fig. 5 is that the structural schematic diagram for the ordinary wheel translation circuit that the embodiment of the present invention three provides only shows for ease of description For the relevant part of the embodiment of the present invention.
The ordinary wheel translation circuit is used for AES encryption, comprising:
The ordinary wheel conversion module composed in parallel by two ordinary wheel transform operation units, and circulation feed circuit, circulation Feed circuit is used to carry out 2 (N to ordinary wheel conversion moduler- 1) secondary circulation;
Wherein, circulation feed circuit is made of alternative selector, register 1 and register 2, register 1 and register 2 Data bit width be 16 bytes, the output end of the input terminal of register 1 and selector connects, the input of output end and register 2 End connection, the output end of register 2 are connect with the input terminal of ordinary wheel conversion module, and an input terminal and the first run for selector converts The output end of circuit connects, and another input terminal is connect with the output end of ordinary wheel conversion module, the output of ordinary wheel conversion module End is also connect with the input terminal of last round transformation circuit, the input terminal of ordinary wheel conversion module and two ordinary wheel transform operation units Data input pin connection, the output end of ordinary wheel conversion module are connect with the data output end of two ordinary wheel transform operation units;
The output end of ordinary wheel transform operation module exports the operation result of two ordinary wheel transform operation units respectively To selector and last round transformation circuit, selector is by preceding 2 (Nr- 2) secondary operation result is fed back in register 1, common round transformation Module completes the ordinary wheel transform operation of 8 bytes every time, by recycling the circulation twice of feed circuit, ordinary wheel conversion module An AES ordinary wheel transform operation for taking turns complete (16 byte) is completed, when the AES ordinary wheel transform operation for completing one group of 16 byte Afterwards, the data of storage are output in register 2 by register 1, and the data of the two groups of nybbles every time of register 2 are exported respectively to general Two ordinary wheel transform operation units of logical round transformation computing module, carry out ordinary wheel round transformation operation next time, carry out 2 (N altogetherr- 1) secondary ordinary wheel transform operation, last round transformation circuit is by (2Nr- 3)~(2Nr- 2) secondary operation result, i.e. (Nr- 1) wheel is common Input data of the round transformation operation result as last round transformation circuit, carries out last round transformation.
Fig. 6 is that the structural schematic diagram for the ordinary wheel translation circuit that the embodiment of the present invention four provides only shows for ease of description For the relevant part of the embodiment of the present invention.
The ordinary wheel translation circuit is used for AES encryption, comprising:
The ordinary wheel conversion module composed in parallel by four ordinary wheel transform operation units, and circulation feed circuit, circulation Feed circuit is used to carry out (N to ordinary wheel conversion moduler- 1) secondary circulation;
Wherein, circulation feed circuit is by selector and register group at the data bit width of register is 16 bytes, wherein The output end of register is connect with the input terminal of ordinary wheel conversion module, the output end connection of register input terminal and selector, One input terminal of selector is connect with the output end of first run translation circuit, the output end of another input terminal and ordinary wheel conversion module Connection, the output end of ordinary wheel conversion module are also connect with the input terminal of last round transformation circuit, the input of ordinary wheel conversion module End is connect with the data input pin of four ordinary wheel transform operation units, the output end of ordinary wheel conversion module and four common round transformations The data output end of arithmetic element connects.
Ordinary wheel conversion module completes the ordinary wheel transform operation of a wheel complete (16 byte), common round transformation mould every time Block output end exports four ordinary wheel transform operation unitary operation results respectively to selector and last round transformation circuit, selector (the N by beforer- 2) secondary operation result feeds back to the input terminal of ordinary wheel conversion module, and last round transformation circuit is by (Nr- 1) secondary operation As a result the input data as last round transformation circuit carries out last round transformation operation.
The ordinary wheel translation circuit of loop structure is for the ordinary wheel translation circuit of serial structure, circuit area It greatly reduces, therefore suitable for the data processing circuit that area is limited;But the ordinary wheel translation circuit of serial structure is using stream Waterline technology can greatly improve processing of circuit speed, suitable for high-speed data processing circuit, therefore can be according to actual needs Design the structure of ordinary wheel translation circuit.
In addition, based on the common transform circuit that ordinary wheel transform operation unit noted earlier is constituted, due to common round transformation Arithmetic element passes through composite matrix Δ and composite matrix Λ for the compositum mapping operations in AES cryptographic algorithm, Affine arithmetic, column Hybrid operation adds operation to merge with key, in hardware realization, is constituted based on the ordinary wheel transform operation unit common Round transformation circuit can greatly reduce the critical path depth of circuit.Public keys elimination algorithm is that linear operation unit is most effective Circuit optimization method, research shows that circuit scale is bigger, circuit efficiency is higher, therefore the present invention is merged by matrix and synthesis will Several small-scale linear operation units are combined into large-scale linear operation, are conducive to the raising of circuit optimization efficiency, reduce general The realization area of logical round transformation circuit.
A kind of AES encryption circuit is also provided in embodiments of the present invention, which includes: to be sequentially connected in series First run translation circuit, ordinary wheel translation circuit and last round transformation circuit, the ordinary wheel translation circuit is using embodiment one, real The ordinary wheel translation circuit that example two, embodiment three and example IV provide is applied, and first run translation circuit and last round transformation circuit are equal Using existing structure.
AES encryption circuit provided in an embodiment of the present invention is constituted based on ordinary wheel power transformation noted earlier road, and common Round transformation circuit is constituted based on ordinary wheel transform operation unit, since ordinary wheel transform operation unit passes through composite matrix Δ With composite matrix Λ by compositum mapping operations, Affine arithmetic, column hybrid operation and the key in AES cryptographic algorithm add operation into Row merges, and in hardware realization, which greatly reduces the critical path depth of circuit.Public keys elimination algorithm It is the most effective circuit optimization method of linear operation unit, research shows that circuit scale is bigger, circuit efficiency is higher, therefore this hair It is bright that several small-scale linear operation units are combined into synthesis by large-scale linear operation by matrix merging, be conducive to circuit The raising of optimization efficiency reduces the realization area of AES encryption circuit.
The foregoing is merely illustrative of the preferred embodiments of the present invention, is not intended to limit the invention, all in essence of the invention Made any modifications, equivalent replacements, and improvements etc., should all be included in the protection scope of the present invention within mind and principle.

Claims (6)

1. a kind of ordinary wheel transform operation unit, which is characterized in that the ordinary wheel transform operation unit includes:
The composite matrix multiplying unit 1 that input terminal is connect with data-in port and key input mouth, input terminal and conjunction At the compositum inverse of multiplication unit that 1 output end of matrix multiplication operation unit connects, input terminal and compositum inverse of multiplication The composite matrix multiplying unit 2 of unit output end connection, input terminal are connect with 2 output end of composite matrix multiplying unit Constant add arithmetic element, constant adds arithmetic element output end to connect with data-out port, wherein
Composite matrix multiplying unit 1, the data vector D that will be inputted from data-in portv=[d0,d1,d2,d3]TWith from The key vector K of key input mouth inputv=[k0,k1,k2,k3]TIt is combined into a column vector PV=[d0,d1,d2,d3,k0, k1,k2,k3]T, by composite matrix Δ and column vector PVMultiplying is carried out, by multiplication result LV=[l0,l1,l2,l3]TIt is defeated Compositum inverse of multiplication unit is arrived out, wherein composite matrix Δ is by constant matrices γ3、γ2、γ1, δ be composed, constant square Battle array δ is by GF (28) element on domain is mapped to the mapping matrix on compositum, the expression formula of composite matrix Δ is as follows:
Wherein, constant matrices γ3For constant matrices δ and constant matricesProduct, i.e.,Constant matrices γ2For constant square Battle array δ and constant matricesProduct, i.e.,Constant matrices γ1For constant matrices δ and constant matricesProduct, i.e.,Constant matricesRespectively GF (28) multiplying constant × { 03 } on domain16、×{02}16、×{01}16Rectangular Formula;
Compositum inverse of multiplication unit, by Lv=[l0,l1,l2,l3]TIn each byte carry out compositum inverse of multiplication, By operation result Iv=[i0,i1,i2,i3]TIt is output to composite matrix multiplying unit 2, the compositum is arbitrarily and GF (28) domain isomorphism compositum;
Composite matrix multiplying unit 2, by composite matrix Λ and data vector Iv=[i0,i1,i2,i3]TMultiplying is carried out, By multiplication result Qv=[q0,q1,q2,q3]TIt is output to constant and adds arithmetic element, composite matrix Λ is by four constant matrices λ It is composed, the expression formula of composite matrix Λ is specific as follows:
Wherein, constant matrices λ is the product of constant matrices τ and constant matrices δ ', i.e. λ=τ × δ ', constant matrices τ are AES S box Constant matrices specified by middle Affine arithmetic, constant matrices δ ' are that the element on compositum is mapped to GF (28) mapping on domain Matrix;
Constant adds arithmetic element, by vector Qv=[q0,q1,q2,q3]TWith constant vector Ωv=[ω, ω, ω, ω]TIt is added fortune It calculates, wherein constant ω is that byte constant specified by Affine arithmetic, constant add operation result R in AES S boxv=[r0,r1,r2, r3]TIt is exported from data-out port;
The composite matrix multiplying unit 1, compositum inverse of multiplication unit, composite matrix multiplying unit 2 and Constant adds the data input pin of arithmetic element and the data bit width of data output end is four bytes, the data of key input Bit wide is four bytes.
2. a kind of ordinary wheel translation circuit, which is characterized in that the ordinary wheel translation circuit is by 4 × (Nr- 1) a such as claim 1 The ordinary wheel transform operation unit composition,
Wherein, the every 4 ordinary wheel transform operation units compose in parallel one for complete one take turns the common round transformation of 16 bytes The ordinary wheel conversion module of operation, (Nr- 1) a ordinary wheel conversion module is composed in series ordinary wheel translation circuit.
3. a kind of ordinary wheel translation circuit, which is characterized in that the ordinary wheel translation circuit includes: such as claim 1 institute The ordinary wheel transform operation unit stated and for recycling 4 × (Nr- 1) the circulation feedback of the secondary ordinary wheel transform operation unit Circuit;
Wherein, the circulation feed circuit is made of selector, register 1 and register 2, the input terminal of the register 1 with The output end of selector connects, and output end is connect with the input terminal of register 2, and the output end of register 2 and common round transformation are transported The data input pin connection of unit is calculated, an input terminal of selector is connect with the data output end of ordinary wheel transform operation unit, Another input terminal is connect with the output end of first run translation circuit, the connection of the data output end of ordinary wheel transform operation unit also with end The input terminal of round transformation circuit connects;
The data bit width of the register 1 and register 2 is 16 bytes.
4. a kind of ordinary wheel translation circuit, which is characterized in that ordinary wheel power transformation road includes: by two such as claim 1 institutes The ordinary wheel conversion module that the ordinary wheel transform operation unit stated composes in parallel, and circulation feed circuit, the circulation feedback electricity Road is used to carry out 2 (N to ordinary wheel conversion moduler- 1) secondary circulation;
Wherein, the circulation feed circuit is made of selector, register 1 and register 2, the input terminal of register 1 and selection The output end of device connects, and output end is connect with the input terminal of register 2, output end and the ordinary wheel conversion module of register 2 Input terminal connection, an input terminal of the selector are connect with the output end of first run translation circuit, another input terminal and ordinary wheel The output end of conversion module connects, and the output end of ordinary wheel conversion module is also connect with the input terminal of last round transformation circuit;
The data bit width of the register 1 and register 2 is 16 bytes.
5. a kind of ordinary wheel translation circuit, which is characterized in that ordinary wheel power transformation road includes: by four such as claim 1 institutes The ordinary wheel conversion module that the ordinary wheel transform operation unit stated composes in parallel, and circulation feed circuit, the circulation feedback electricity Road is used to carry out (N to ordinary wheel conversion moduler- 1) secondary circulation;
Wherein, the circulation feed circuit is by selector and register group at the output end of the register and common round transformation The input terminal of module connects, and the output end of the register input terminal and selector connects, an input terminal of the selector with The output end of first run translation circuit connects, and another input terminal is connect with the output end of ordinary wheel conversion module, common round transformation mould The output end of block is also connect with the input terminal of last round transformation circuit;
The data bit width of the register is 16 bytes.
6. a kind of AES encryption circuit, which is characterized in that the AES encryption circuit includes:
The first run translation circuit that is sequentially connected in series, as described in claim 2 to 5 any claim ordinary wheel translation circuit, And last round transformation circuit.
CN201810597106.2A 2018-06-11 2018-06-11 Ordinary round conversion operation unit, ordinary round conversion circuit and AES encryption circuit Active CN109033023B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201810597106.2A CN109033023B (en) 2018-06-11 2018-06-11 Ordinary round conversion operation unit, ordinary round conversion circuit and AES encryption circuit

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201810597106.2A CN109033023B (en) 2018-06-11 2018-06-11 Ordinary round conversion operation unit, ordinary round conversion circuit and AES encryption circuit

Publications (2)

Publication Number Publication Date
CN109033023A true CN109033023A (en) 2018-12-18
CN109033023B CN109033023B (en) 2022-01-04

Family

ID=64612692

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201810597106.2A Active CN109033023B (en) 2018-06-11 2018-06-11 Ordinary round conversion operation unit, ordinary round conversion circuit and AES encryption circuit

Country Status (1)

Country Link
CN (1) CN109033023B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109660333A (en) * 2019-01-25 2019-04-19 芜湖职业技术学院 AES decryption multiplexing round transformation arithmetic element structure

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101588234A (en) * 2008-05-19 2009-11-25 北京大学深圳研究生院 Encryption and decryption multiplexing method of row mixing conversion module in AES
CN101626289A (en) * 2009-07-14 2010-01-13 青岛科技大学 Design method of AES encryption chip and computer encryptor
CN101782956A (en) * 2010-02-09 2010-07-21 杭州晟元芯片技术有限公司 Method and device for protecting data on basis of AES real-time encryption
CN106921487A (en) * 2017-03-01 2017-07-04 芜湖职业技术学院 Reconfigurable S-box circuit structure
CN107181586A (en) * 2017-05-22 2017-09-19 芜湖职业技术学院 reconfigurable S-box circuit structure
CN206585573U (en) * 2017-03-01 2017-10-24 芜湖职业技术学院 reconfigurable S-box circuit structure

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101588234A (en) * 2008-05-19 2009-11-25 北京大学深圳研究生院 Encryption and decryption multiplexing method of row mixing conversion module in AES
CN101626289A (en) * 2009-07-14 2010-01-13 青岛科技大学 Design method of AES encryption chip and computer encryptor
CN101782956A (en) * 2010-02-09 2010-07-21 杭州晟元芯片技术有限公司 Method and device for protecting data on basis of AES real-time encryption
CN106921487A (en) * 2017-03-01 2017-07-04 芜湖职业技术学院 Reconfigurable S-box circuit structure
CN206585573U (en) * 2017-03-01 2017-10-24 芜湖职业技术学院 reconfigurable S-box circuit structure
CN107181586A (en) * 2017-05-22 2017-09-19 芜湖职业技术学院 reconfigurable S-box circuit structure

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109660333A (en) * 2019-01-25 2019-04-19 芜湖职业技术学院 AES decryption multiplexing round transformation arithmetic element structure

Also Published As

Publication number Publication date
CN109033023B (en) 2022-01-04

Similar Documents

Publication Publication Date Title
Satoh et al. A compact Rijndael hardware architecture with S-box optimization
CN104852798B (en) A kind of data encrypting and deciphering system and method
CN109033892A (en) Round transformation multiplex circuit and AES based on composite matrix decrypt circuit
CN103684749B (en) A kind of KLEIN encryption implementation method optimized with performance balance based on area
Sornalatha et al. FPGA implementation of protected compact AES S–box using CQCG for embedded applications
CN109039583B (en) Multiplexing round conversion circuit, AES encryption circuit and encryption method
CN109150495B (en) Round conversion multiplexing circuit and AES decryption circuit thereof
CN108933652A (en) A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit
CN109033893A (en) AES encryption unit, AES encryption circuit and its encryption method based on composite matrix
CN109033847B (en) AES encryption operation unit, AES encryption circuit and encryption method thereof
CN108566271A (en) It is multiplexed round transformation circuit, AES encryption circuit and its encryption method
CN108809627B (en) Round conversion multiplexing circuit and AES decryption circuit
CN109033023A (en) A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit
CN114615069B (en) Quartet lightweight encryption algorithm implementation device and method
CN108989018B (en) AES encryption unit, AES encryption circuit and encryption method
CN108964875B (en) Ordinary round conversion arithmetic unit, ordinary round conversion circuit and AES decryption circuit
CN109639408A (en) A kind of AES decryption multiplexing round transformation circuit structure
CN109033894A (en) Ordinary wheel transform operation unit, ordinary wheel translation circuit and its AES encryption circuit
Marmolejo-Tejada et al. Hardware implementation of grain-128, mickey-128, decim-128 and trivium
CN108964876A (en) Ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit
CN109150496A (en) AES encryption arithmetic element, AES encryption circuit and encryption method
CN109936440A (en) AES decrypts multiplexing round transformation arithmetic element structure and construction method in circuit
CN109660333A (en) AES decryption multiplexing round transformation arithmetic element structure
Abebe Lightweight and Efficient Architecture for AES Algorithm based on FPGA
Hieu et al. New primitives of controlled elements F2/4 for block ciphers

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant