CN109150495A - A kind of round transformation multiplex circuit and its AES decrypt circuit - Google Patents
A kind of round transformation multiplex circuit and its AES decrypt circuit Download PDFInfo
- Publication number
- CN109150495A CN109150495A CN201810596246.8A CN201810596246A CN109150495A CN 109150495 A CN109150495 A CN 109150495A CN 201810596246 A CN201810596246 A CN 201810596246A CN 109150495 A CN109150495 A CN 109150495A
- Authority
- CN
- China
- Prior art keywords
- circuit
- round transformation
- register
- output end
- input terminal
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Complex Calculations (AREA)
Abstract
The present invention relates to cryptochannel technical fields, provide a kind of round transformation multiplex circuit and its AES decryption circuit, the merging and synthesis operation that round transformation multiplex circuit provided by the invention passes through constant matrices, all linear transformation operations of round transformation common in AES decipherment algorithm and last round transformation are combined into two composite matrix, composite matrixWith composite matrixSo as to shorten the critical path of AES decryption circuit, it reduces AES decryption circuit and realizes area, research shows that circuit scale is bigger, circuit efficiency is higher, therefore the present invention is merged by matrix is combined into large-scale linear operation for several small-scale linear operation units with synthesis, the raising for being conducive to circuit optimization efficiency reduces the realization area of circuit.
Description
Technical field
The present invention relates to cryptochannel technical fields more particularly to a kind of round transformation multiplex circuit and its AES to decrypt circuit.
Background technique
AES (Advanced Encryption Standard, Advanced Encryption Standard) is by American National Standard and technology
A new generation's grouping symmetric cryptographic algorithm that research institute formulates for 2001, for replacing original DES (Data Encryption
Standard, data encryption standards).Currently, AES cryptographic algorithm is used by multiple International Standards Organization, it is to make at present
With widest block cipher.
The data packet length of AES cryptographic algorithm is 128 bits, and key length has three kinds of 128,192 and 256 bit, point
It is also known as AES-128, AES-192, AES-256.Aes algorithm is an iterative algorithm, each iteration is properly termed as round transformation,
Key length is different, and round transformation quantity is also different, AES-128, AES-192, the round transformation quantity N of AES-256rRespectively 10,
12,14.AES encryption process is as shown in Fig. 1, successively carries out first run transformation, NrThe common round transformation of -1 wheel and last round transformation, the first run
Transformation successively carries out key and adds operation and byte replacement operation;Common round transformation carries out capable displacement, column mixing and key in order
Add and byte replaces four operations;First run transformation carries out capable displacement in order and key adds operation.AES decrypts process
An opposite process of process, as shown in Fig. 2, and successively progress first run transformation, NrThe common round transformation of -1 wheel and last round transformation,
The first run is transformed in encryption flow the inverse operation of last round transformation, successively carries out key and adds and Retrograde transposition operation, common round transformation
Add, for the inverse operation of round transformation common in encryption flow, including the replacement of inverse byte, key against column mixing, Retrograde transposition operation, it is last
Wheel variation is the inverse operation of first run transformation in encryption flow, successively carries out inverse byte replacement and key adds operation, wherein inverse column are mixed
It closes, Retrograde transposition and inverse byte replacement are respectively that the inverse operation of mixing, row displacement and byte replacement is arranged in encryption flow.
Successively the ordinary wheel translation circuit of independent operation and last round transformation circuit not only waste circuit resource, and critical path
It is longer, therefore, adjacent several arithmetic elements are merged by an arithmetic element by composite matrix and are realized.T box is realized
Mode is that most common arithmetic element merges implementation during current round transformation circuit is realized, the realization of T box passes through precomputation mode
The operation result of the operations such as S box, row displacement and column mixing is prestored in a storage arithmetic element, is realized in a look-up table
S box, row displacement and column mixing union operation function.T box realizes the critical path for reducing entire ordinary wheel translation circuit, therefore
T box implementation is mainly used in high speed AES circuit design, although T box implementation can accelerate data processing speed,
Also circuit area is considerably increased, as Rach et al. will be based on afterbody GF (2 in compositum S box/inverse S box4) multiplier, reflect
Penetrating matrix/inverse mapping operation, affine/inverse Affine arithmetic, column mixing/inverse column hybrid operation and key adds five operations such as operation to close
And at an arithmetic element, union operation unit shortens critical path, but also considerably increases circuit area simultaneously, existing
Round transformation circuit based on union operation is all that critical path depth is optimized as cost using increasing circuit area.
Summary of the invention
The embodiment of the present invention provides a kind of AES decryption circuit, it is intended to the existing round transformation circuit based on union operation is solved,
It is to increase circuit area is cost come the problem of being optimized to critical path depth.
The invention is realized in this way a kind of round transformation multiplex circuit, round transformation multiplex circuit include:
Composite matrix multiplying unit 1, constant add arithmetic element, compositum inverse of multiplication unit, composite matrix to multiply
The input terminal of method arithmetic element 2, composite matrix multiplying unit 1 is connect with data input pin, and output end and constant add operation
The input terminal of unit connects, and constant adds the output end of arithmetic element and the input terminal of compositum inverse of multiplication unit to connect, multiple
The output end for closing domain inverse of multiplication unit is connect with the input terminal of composite matrix multiplying unit 2, composite matrix multiplication fortune
The output end for calculating unit 2 is connect with feedback data output port and clear data output port respectively;
Composite matrix multiplying unit 1, by composite matrixWith the column vector inputted from data-in portCarry out multiplying, composite matrixExpression formula it is as follows:
By operation resultIt is output to constant and adds arithmetic element;
Constant adds arithmetic element, by data vectorWith constant vector Ωλ=[ωλ,ωλ,ωλ,
ωλ]TSum operation, by operation resultIt is output to compositum inverse of multiplication unit;
Compositum inverse of multiplication unit, by data vectorIn each byte carry out compositum
Inverse of multiplication, by operation resultIt is output to composite matrix multiplying unit 2;
Composite matrix multiplying unit 2, by data vectorWith key vector It is combined into a column vectorKey vectorIt is transported with encryption
Key vector K in calculationvIt is identical, by composite matrixWith column vectorCarry out multiplying, composite matrixExpression formula such as
Shown in lower:
The vector that the first row of operation result is formed to fourth lineFrom feedback data output port
Output, the vector that the fifth line of operation result is formed to the 8th rowFrom clear data output port
Output.
The invention is realized in this way a kind of AES based on round transformation multiplex circuit decrypts circuit, AES decrypts circuit packet
It includes:
First run translation circuit, round transformation multiplex circuit and the circulation feed circuit for recycling round transformation multiplex circuit,
Middle circulation feed circuit is made of selector, register 1 and register 2, an input terminal and the first run translation circuit of selector
Output end connection, another input terminal are connect with the feedback data output port of round transformation multiplex circuit, output end and register 1
Input terminal connection, the output end of register 1 are connect with the input terminal of register 2, output end and round transformation the multiplexing electricity of register 2
The data-in port on road connects.
The invention is realized in this way a kind of AES based on round transformation multiplex circuit decrypts circuit, AES decrypts circuit packet
It includes:
First run translation circuit, two round transformation multiplex circuits and circulation for recycling two round transformation multiplex circuits are anti-
Current feed circuit, wherein circulation feed circuit is made of selector, register 1 and register 2, an input terminal and the first run for selector becomes
The output end connection of circuit is changed, another input terminal connect with the feedback data output port of two round transformation multiplex circuits, exports
End is connect with the input terminal of register 1, and the output end of register 1 is connect with the input terminal of register 2, the output end of register 2
It is connect with the data-in port of two round transformation multiplex circuits.
The invention is realized in this way a kind of AES based on round transformation multiplex circuit decrypts circuit, AES decrypts circuit packet
It includes:
First run translation circuit, four round transformation multiplex circuits and circulation for recycling four round transformation multiplex circuits are anti-
Current feed circuit, wherein circulation feed circuit is by selector and register group at the data bit width of register is 16 bytes, selector
One input terminal is connect with the output end of first run translation circuit, and the feedback data of another input terminal and four round transformation multiplex circuits is defeated
The input terminal of exit port connection, output end and register connects, the number of the output end of register and four round transformation multiplex circuits
It is connected according to input port.
Round transformation multiplex circuit passes through the merging and synthesis operation of constant matrices, by round transformation common in AES decipherment algorithm
And all linear transformation operations in round transformation are not combined into two composite matrix, composite matrixWith composite matrixTo
The critical path for shortening AES decryption circuit reduces AES decryption circuit and realizes area, research shows that circuit scale is bigger, circuit effect
Rate is higher, therefore the present invention is merged by matrix and several small-scale linear operation units are combined on a large scale linearly by synthesis
Operation is conducive to the raising of circuit optimization efficiency, reduces the realization area of circuit.
Detailed description of the invention
Fig. 1 is standard AES encryption flow chart provided in an embodiment of the present invention;
Fig. 2 is that standard AES provided in an embodiment of the present invention decrypts flow chart;
Fig. 3 is the round transformation multiplex circuit structural schematic diagram provided in an embodiment of the present invention for AES decryption;
Fig. 4 is that the AES that the embodiment of the present invention one provides decrypts electrical block diagram;
Fig. 5 is that AES provided by Embodiment 2 of the present invention decrypts electrical block diagram;
Fig. 6 is that the AES that the embodiment of the present invention three provides decrypts electrical block diagram.
Specific embodiment
In order to make the objectives, technical solutions, and advantages of the present invention clearer, with reference to the accompanying drawings and embodiments, right
The present invention is further elaborated.It should be appreciated that the specific embodiments described herein are merely illustrative of the present invention, and
It is not used in the restriction present invention.
Existing arithmetic element generally includes: inverse byte replacement operation unit, Retrograde transposition arithmetic element, inverse column mixing fortune
It calculates unit and key adds arithmetic element, the operational formula of above-mentioned arithmetic element is specific as follows:
AES round transformation is progress map function in the matrix form, and decipherment algorithm regards 128 bit packet datas of input
For 4 × 4 byte matrixes, the element of each matrix is 1 byte.It is 4 × 4 words that the intermediate result of round transformation, which is referred to as state matrix,
Save matrix.Assuming that the state matrix of common round transformation input are as follows:
Each operation in AES decrypting process is described in detail as follows:
1. inverse byte replacement operation unit
Inverse byte replacement operation unit carries out inverse byte replacement operation, and inverse byte replacement operation is the inverse fortune of byte replacement
It calculates, also referred to as against S box operation.Inverse S box operation is equally that each byte in state matrix is inverse according to byte substitution table progress
Replacement operation.Assuming that the state matrix after inverse S box operation are as follows:
Then it can be expressed as against S box operation:
WhereinFor inverse S box operation function.Inverse S box operation is unique non-linear fortune in four operations of common round transformation
Calculation and the highest operation of computational complexity, therefore inverse S box computing circuit occupies the overwhelming majority of entire AES decryption circuit
Circuit area and power consumption.
In inverse S box operation, input byte carries out an inverse Affine arithmetic first, and inverse Affine arithmetic is that encryption S box is affine
Then the inverse operation of operation carries out a finite field gf (28) domain comultiplication inverse operation, expression formula are as follows:
Wherein x is input byte, and it is constant matrices τ in encryption S box that ω, which is byte constant, and τ ' is 8 × 8bit constant matrices
Inverse matrix, τ ' and ω are for completing inverse Affine arithmetic, ()A -1For GF (28) inverse of multiplication on domain.It is according to the present invention
GF(28) domain is GF (2 specified in AES cryptographic algorithm8) domain, irreducible function is
F (x)=x8+x4+x3+x+1
In numerous S box implementations, the S box based on compositum, which is realized, has the smallest circuit area.Compositum S box is logical
Mathematic(al) manipulation is crossed by major calculations unit-GF (2 in S box8) domain inverse of multiplication unit is mapped in compositum and realizes.It is multiple
The computation complexity for closing domain inverse of multiplication will be far smaller than GF (28) the inverse computation complexity of domain multiplication, thus can subtract significantly
The hardware complexity that few S box circuit is realized.
Inverse S box operation expression based on compositum are as follows:
Wherein ()C -1For the inverse of multiplication on compositum, compositum be arbitrarily with GF (28) domain isomorphism compositum, δ is
8 × 8bit mapping matrix, effect is will to input byte x from GF (28) for domain mapping to compositum, δ ' is δ inverse matrix, effect
It is that compositum inverse of multiplication result is mapped back into GF (2 from compositum8) domain.
In finite field, add operation is the operation of position XOR logic.According to Therefore, constant adds operation+ω in hardware realization, adds 0 operation that can directly dispense, and add-one operation can be used
Two methods replace XOR logic operation: the XOR logic of 1. any two variables uses same or logic to replace;2. any two
The use XOR logic of variable+negate logic realization.Since the circuit area and delay of same or logic gate and exclusive or logic gate are several
It is identical, while can ignore compared to exclusive or logic gate, the circuit area of reverse logic door and delay, it is therefore, hard in inverse S box
When part is realized, constant adds operation+ω circuit area and delay can be ignored.
2. key adds arithmetic element
Key adds arithmetic element to carry out key and adds operation, and key adds operation to add operation identical with the key in encryption flow.
Assuming that the state matrix after key adds operation are as follows:
Key adds operation expression are as follows:
Wherein matrixIt for sub-key matrix, is generated by key schedule, sub-key matrix uses sequence and encryption
Process neutron cipher key matrix uses sequence opposite.
3. against column hybrid operation unit
Inverse column hybrid operation unit carries out inverse column hybrid operation, and inverse column hybrid operation is the mixed inverse operation of column, equally may be used
To be considered as each in state matrix arrange with a constant multinomial in ringOn product.Assuming that after inverse column hybrid operation
State matrix are as follows:
The expression formula of inverse column hybrid operation are as follows:
Wherein matrixFor column mixed constant matrix, constant matricesInRespectively GF (28)
Multiplying constant × { 09 } on domain16、×{0b}16、×{0d}16、×{0e}16Matrix form, the present invention in { }16Indicate the ten of constant
Senary form.
4. Retrograde transposition arithmetic element
Retrograde transposition arithmetic element carries out Retrograde transposition operation, and Retrograde transposition operation is the inverse operation of row displacement, i.e. state
The first row of matrix does not convert, and second, three, four rows distinguish one byte of right shift, two bytes and three bytes.Assuming that
State matrix after Retrograde transposition operation are as follows:
State matrix after Retrograde transposition can be expressed as:
Retrograde transposition operation does not need to consume any logic circuit resource in hardware realization yet, need to only adjust bus location
?.
5. ordinary wheel transformation for mula
Four arithmetic elements in common round transformation can be implemented separately, and adjacent several arithmetic elements can also be merged
It is realized at an arithmetic element.The round transformation circuit that arithmetic element is implemented separately not only wastes circuit resource, and critical path
Diameter is longer.The present invention is according to decryption ordinary wheel transformation for mula, by the merging and synthesis operation of constant matrices, to decryption ordinary wheel
Linear operation in transformation merges.According to each sub- operational formula in round transformation among the above, it can be deduced that decryption is common
Round transformation formula are as follows:
WhereinFor constant matricesIn row vector,WithThe data matrix respectively inputtedAnd cipher key matrixIn column vector, it may be assumed that
To there is the output variable r of identical input in above-mentioned formulax,yOne group is divided, four groupings can be divided into altogether.This
Four groupings have identical operation operation, and the circuit computing unit having the same in hardware realization.Each grouping output becomes
Amount can be expressed as linear equation form:
Input variable and output variable in the above formula corresponding variable in each grouping are as follows:
Group I:Group II:
Group III:Group IV:
Area is realized in order to reduce circuit, and the present invention is further by the GF (2 in inverse S box8) multiplication inverse mapping is to compositum
In, the common round transformation after mapping is grouped formula are as follows:
6. first run transformation for mula
According to above-mentioned each sub- operational formula, equally it can be concluded that first run transformation for mula are as follows:
It is grouped according to common round transformation, above-mentioned first run transformation for mula is also segmented into four groupings, first run transformation grouping
Formula are as follows:
Input variable and output variable corresponding variable and ordinary wheel in each grouping in first run transformation grouping formula
It converts identical.
7. last round transformation formula
It is same it can be concluded that last round transformation formula according to above-mentioned each sub- operational formula are as follows:
Last round transformation formula is also equally segmented into four groupings, last round transformation is grouped formula are as follows:
Input variable and output variable in the above formula corresponding variable in each grouping are as follows:
Group I:Group II:
Group III:Group IV:
In above-mentioned grouping, output variableCorresponding variable is different from common round transformation in each grouping, and input becomes
AmountWithCorresponding variable is identical as common round transformation in each grouping.By the inverse S box operation in last round transformation
It is mapped in compositum, then last round transformation is grouped formula are as follows:
Round transformation multiplex circuit proposed by the present invention passes through the merging and synthesis operation of constant matrices, by AES decipherment algorithm
In all linear transformation operations in common round transformation and last round transformation be combined into two composite matrix, composite matrixWith synthesis
MatrixSo as to shorten the critical path of AES decryption circuit, the realization area of AES decryption circuit is reduced, in addition, by wheel
The multiplexing of multiplex circuit is converted to realize common round transformation and last round transformation, further saves AES decryption circuit resource.
Fig. 3 is that the structural schematic diagram of multiplexing round transformation circuit provided in an embodiment of the present invention is only shown for ease of description
In the relevant part of the embodiment of the present invention.
The round transformation multiplex circuit, for realizing the common round transformation or last round transformation in AES decryption, comprising:
Composite matrix multiplying unit 1, constant add arithmetic element, compositum inverse of multiplication unit, composite matrix to multiply
The input terminal of method arithmetic element 2, composite matrix multiplying unit 1 is connect with data input pin, and output end and constant add operation
The input terminal of unit connects, and constant adds the output end of arithmetic element and the input terminal of compositum inverse of multiplication unit to connect, multiple
The output end for closing domain inverse of multiplication unit is connect with the input terminal of composite matrix multiplying unit 2, composite matrix multiplication fortune
The output end for calculating unit 2 is connect with feedback data output port and clear data output port respectively;
The data bit width of composite matrix multiplying unit 1, input terminal and output end is 4 bytes, will synthesize square
Battle arrayWith the column vector inputted from data-in portMultiplying is carried out,Headed by round transformation
The either transformed column vector of ordinary wheel of column vector afterwards, composite matrixExpression formula it is as follows:
Wherein, composite matrixBy four constant matricesIt is composed, constant matricesFor constant matrices δ and constant square
The product of battle array τ ', i.e.,Constant matrices δ is mapping matrix, and effect is by GF (28) element on domain be mapped to it is compound
On domain, constant matrices τ ' is constant matrices specified by inverse Affine arithmetic in inverse S box operation.Composite matrix multiplying unit 1
It can be expressed with specific formula are as follows:
By operation resultIt is further output to constant and adds arithmetic element.
Constant adds arithmetic element, by data vectorWith constant vector Ωλ=[ωλ,ωλ,ωλ,
ωλ]TSum operation, constant vector ΩλBy four constant ωλIt is composed, wherein constant ωλFor constant matrices δ, constant matrices
The product of τ ' and constant ω, i.e. ωλ=δ × τ ' × ω, constant ω are that byte specified by inverse Affine arithmetic is normal in inverse S box operation
Number.What constant added arithmetic element embodies form are as follows:
By operation resultIt is further output in compositum inverse of multiplication unit.
Compositum inverse of multiplication unit, by data vectorIn each byte carry out compositum
Inverse of multiplication, compositum here be arbitrarily with GF (28) domain isomorphism compositum.The tool of compositum inverse of multiplication unit
Body expression-form are as follows:
By operation resultFurther it is output to composite matrix multiplying unit 2.
Composite matrix multiplying unit 2, by data vectorWith key vector It is combined into a column vectorKey vectorIt is transported with encryption
Key vector K in calculationvIt is identical, by composite matrixWith column vectorCarry out multiplying, composite matrixExpression formula such as
Shown in lower: by constant matricesδ ' is composed:
Wherein, composite matrixBy constant matricesδ ' combination and
At constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesFor constant matricesWith the product of constant matrices δ ', i.e.,Constant matricesRespectively GF (28) multiplying constant × { 01 } on domain16、×{09}16、×{0b}16、×{0d}16、×
{0e}16Matrix form;Constant matrices δ ' is mapping matrix, and effect is that the element on compositum is mapped to GF (28) domain
On.Composite matrix multiplying unit 2 can be expressed with specific formula are as follows:
The vector that the first row of operation result is formed to fourth lineFrom feedback data output end
Mouth output, the vector that the fifth line of operation result is formed to the 8th rowFrom clear data output end
Mouth output.
Round transformation multiplex circuit passes through the merging and synthesis operation of constant matrices, by round transformation common in AES decipherment algorithm
And all linear transformation operations in last round transformation are combined into two composite matrix, composite matrixWith composite matrixFrom
And the critical path of AES decryption circuit, it reduces AES decryption circuit and realizes area, research shows that circuit scale is bigger, circuit efficiency
It is higher, therefore several small-scale linear operation units are combined into linear on a large scale transport with synthesis by matrix merging by the present invention
It calculates, is conducive to the raising of circuit optimization efficiency, reduce the area that circuit is realized, in addition, passing through multiplexing ordinary wheel translation circuit energy
It realizes common round transformation and last round transformation, further saves the circuit resource and circuit area of AES decryption circuit.
Serial structure and loop structure are two kinds of basic structures that AES decryption circuit is realized, based on the round transformation proposed
Multiplex circuit decrypts circuit using the AES that parallel processing manner constitutes serial structure, either using time-sharing multiplex processing mode
The mode that time-sharing multiplex is combined with parallel processing decrypts circuit to constitute the AES of loop structure.
Fig. 4 is that the AES decryption electrical block diagram that the embodiment of the present invention one provides only is illustrated in for ease of description
The relevant part of the embodiment of the present invention.
The AES decrypts circuit
First run translation circuit, round transformation multiplex circuit and the circulation feed circuit for recycling round transformation multiplex circuit,
Middle circulation feed circuit is made of selector, register 1 and register 2, and the data bit width of register 1 and register 2 is 16 words
Section, an input terminal of selector are connect with the output end of first run translation circuit, and another input terminal is anti-with round transformation multiplex circuit
Data-out port connection is presented, output end is connect with the input terminal of register 1, the input of the output end and register 2 of register 1
End connection, the output end of register 2 are connect with the data-in port of round transformation multiplex circuit;
First run translation circuit be it is existing, the data bit width of input terminal and output end is 4 bytes.
Included the following steps: based on the AES that embodiment one the provides decryption method for decrypting circuit
Preceding four operations of S1, first run translation circuit constitute first run transformation, input of the ciphertext data from first run translation circuit
End input, through the transformed data vector of the first run, chosen device input register 1, when register 1 store 16 bytes data,
Then by the data transmission of storage to register 2;
S2, the 1st~4 (N for being multiplexed round transformation circuitr- 1) secondary operation constitutes (Nr- 1) common round transformation is taken turns, register 2 is every
The secondary data by 4 bytes are transmitted to the data-in port of round transformation multiplex circuit, the data after wheel becomes multiplex circuit operation
Vector is from feedback data output port input selector, and chosen device input register 1, round transformation multiplex circuit is every to be run 4 times
Afterwards, 16 byte datas of storage are transmitted in register 2 by register 1, are carried out ordinary wheel next time and are become operation, carry out 4 altogether
(Nr- 1) secondary;
(the 4N of S3, round transformation multiplex circuitr- 3)~(4Nr) secondary operation composition end round transformation, register 2 is every time by 4 words
The data of section are transmitted to the data-in port of round transformation multiplex circuit, and the data vector after wheel becomes multiplex circuit operation is from bright
Literary data-out port output, (4Nr- 3)~(4Nr) secondary operation result and constitute in plain text.
Fig. 5 is that AES provided by Embodiment 2 of the present invention decryption electrical block diagram is only illustrated in for ease of description
The relevant part of the embodiment of the present invention.
The AES decrypts circuit
First run translation circuit, two round transformation multiplex circuits and circulation for recycling two round transformation multiplex circuits are anti-
Current feed circuit, wherein circulation feed circuit is made of selector, register 1 and register 2, the data bit of register 1 and register 2
Width is 16 bytes, and an input terminal of selector is connect with the output end of first run translation circuit, another input terminal and two round transformations
The feedback data output port of multiplex circuit connects, and output end is connect with the input terminal of register 1, the output end of register 1 and
The input terminal of register 2 connects, and the output end of register 2 is connect with the data-in port of two round transformation multiplex circuits;
First run translation circuit be it is existing, the data bit width of input terminal and output end is 4 bytes.
Included the following steps: based on the AES that embodiment two the provides decryption method for decrypting circuit
The preceding operation twice of S1, first run translation circuit constitute first run transformation, input of the ciphertext data from first run translation circuit
End input, through the transformed data vector of the first run, chosen device input register 1, when register 1 store 16 bytes data,
Then by the data transmission of storage to register 2;
The 1st~2 (N of S2, round transformation multiplex circuitr- 1) secondary operation constitutes (Nr- 1) common round transformation is taken turns, register 2 is every
The secondary data by two group of 4 byte are transmitted to the data-in port of two round transformation multiplex circuits, become multiplex circuit operation through wheel
Data vector afterwards is from feedback data output port input selector, chosen device input register 1, round transformation multiplex circuit
After every operation 2 times, 16 byte datas of storage are transmitted in register 2 by register 1, are carried out ordinary wheel next time and are become operation,
2 (N are carried out altogetherr- 1) secondary;
(the 2N of S3, AES decryption circuitr- 1)~(2Nr) secondary operation composition end round transformation, register 2 is every time by two group 4
The data of byte are transmitted to the data-in port of two round transformation multiplex circuits, through wheel become multiplex circuit operation after data to
Amount is exported from clear data output port, (2Nr- 1)~(2Nr) secondary operation result and constitute in plain text.
Fig. 6 is that the AES decryption electrical block diagram that the embodiment of the present invention three provides only is illustrated in for ease of description
The relevant part of the embodiment of the present invention.
The AES decrypts circuit
First run translation circuit, four round transformation multiplex circuits and circulation for recycling four round transformation multiplex circuits are anti-
Current feed circuit, wherein circulation feed circuit is by selector and register group at the data bit width of register is 16 bytes, selector
One input terminal is connect with the output end of first run translation circuit, and the feedback data of another input terminal and four round transformation multiplex circuits is defeated
The input terminal of exit port connection, output end and register connects, the number of the output end of register and four round transformation multiplex circuits
It is connected according to input port;
First run translation circuit be it is existing, the data bit width of input terminal and output end is 4 bytes.
Included the following steps: based on the AES that embodiment three the provides decryption method for decrypting circuit
Preceding four operations of S1, first run translation circuit constitute first run transformation, and the ciphertext data of four group of 4 byte are respectively from the first run
The input terminal of translation circuit inputs, through the transformed data vector of the first run, chosen device input register;
The 1st~(N of S2, round transformation multiplex circuitr- 1) secondary operation constitutes (Nr- 1) common round transformation is taken turns, register is each
The data of four group of 4 byte are transmitted to the data-in port of four round transformation multiplex circuits, after wheel becomes multiplex circuit operation
Data vector from feedback data output port input selector, chosen device input register carries out ordinary wheel next time
Become operation, carries out (N altogetherr- 1) secondary;
The N of S3, round transformation multiplex circuitrSecondary operation constitutes last round transformation, and register is every time by the data of four group of 4 byte
It is transmitted to the data-in port of four round transformation multiplex circuits, the data vector after wheel becomes multiplex circuit operation is from plaintext number
It is exported according to output port, NrSecondary operation result and composition are in plain text.
For the AES of serial structure decrypts circuit, circuit area subtracts the AES decryption circuit of loop structure significantly
It is small, therefore suitable for the data processing circuit that area is limited;But the AES decryption circuit of serial structure can using pipelining
To greatly improve processing of circuit speed, suitable for high-speed data processing circuit, therefore ordinary wheel can be designed according to actual needs
The structure of translation circuit;
AES decryption circuit proposed by the present invention is constituted based on round transformation multiplex circuit, and round transformation multiplex circuit passes through
The merging and synthesis operation of constant matrices, by all linear transformations in round transformation common in AES decipherment algorithm and last round transformation
Operation is combined into two composite matrix, composite matrixWith composite matrixThe critical path of circuit is decrypted so as to shorten AES,
It reduces AES decryption circuit and realizes area, research shows that circuit scale is bigger, circuit efficiency is higher, therefore the present invention passes through matrix
Merge and several small-scale linear operation units are combined into large-scale linear operation with synthesis, is conducive to circuit optimization efficiency
It improves, reduces circuit and realize area;
And pass through multiplexing composite matrix multiplying unit 1, compositum inverse of multiplication unit, composite matrix multiplying
Unit 2 and constant add arithmetic element to construct common round transformation and last round transformation multiplex circuit, save a large amount of circuit resources.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
Member, various improvements and modifications may be made without departing from the principle of the present invention, these improvements and modifications also should be regarded as
Protection scope of the present invention.
Claims (4)
1. a kind of round transformation multiplex circuit, which is characterized in that multiple for carrying out round transformation described in common round transformation or last round transformation
Include: with circuit
Composite matrix multiplying unit 1, constant add arithmetic element, compositum inverse of multiplication unit, composite matrix multiplication fortune
Unit 2 is calculated, the input terminal of composite matrix multiplying unit 1 is connect with data input pin, and output end and constant add arithmetic element
Input terminal connection, constant adds the output end of arithmetic element and the input terminal of compositum inverse of multiplication unit to connect, compositum
The output end of inverse of multiplication unit is connect with the input terminal of composite matrix multiplying unit 2, composite matrix multiplying list
The output end of member 2 is connect with feedback data output port and clear data output port respectively;
Composite matrix multiplying unit 1, by composite matrixWith the column vector inputted from data-in portCarry out multiplying, composite matrixExpression formula it is as follows:
By operation resultIt is output to constant and adds arithmetic element;
Constant adds arithmetic element, by data vectorWith constant vector Ωλ=[ωλ,ωλ,ωλ,ωλ]T
Sum operation, by operation resultIt is output to compositum inverse of multiplication unit;
Compositum inverse of multiplication unit, by data vectorIn each byte carry out compositum multiplication
Inverse operation, by operation resultIt is output to composite matrix multiplying unit 2;
Composite matrix multiplying unit 2, by data vectorWith key vector It is combined into a column vectorKey vectorIt is transported with encryption
Key vector K in calculationvIt is identical, by composite matrixWith column vectorCarry out multiplying, composite matrixExpression formula such as
Shown in lower:
The vector that the first row of operation result is formed to fourth lineIt is defeated from feedback data output port
Out, the vector that the fifth line of operation result is formed to the 8th rowIt is defeated from clear data output port
Out.
2. a kind of AES based on round transformation multiplex circuit described in claim 1 decrypts circuit, which is characterized in that the AES decryption
Circuit includes:
First run translation circuit, round transformation multiplex circuit and the circulation feed circuit for recycling round transformation multiplex circuit, wherein following
Ring feed circuit is made of selector, register 1 and register 2, the output of the input terminal and first run translation circuit of selector
End connection, another input terminal are connect with the feedback data output port of round transformation multiplex circuit, the input of output end and register 1
End connection, the output end of register 1 are connect with the input terminal of register 2, output end and the round transformation multiplex circuit of register 2
Data-in port connection.
3. a kind of AES based on round transformation multiplex circuit described in claim 1 decrypts circuit, which is characterized in that the AES decryption
Circuit includes:
First run translation circuit, two round transformation multiplex circuits and the circulation for recycling two round transformation multiplex circuits feed back electricity
Road, wherein circulation feed circuit is made of selector, register 1 and register 2, an input terminal and the first run transformation electricity of selector
The output end on road connects, and another input terminal is connect with the feedback data output port of two round transformation multiplex circuits, output end and
The input terminal of register 1 connects, and the output end of register 1 is connect with the input terminal of register 2, the output end of register 2 and two
The data-in port of a round transformation multiplex circuit connects.
4. a kind of AES based on round transformation multiplex circuit described in claim 1 decrypts circuit, which is characterized in that the AES decryption
Circuit includes:
First run translation circuit, four round transformation multiplex circuits and the circulation for recycling four round transformation multiplex circuits feed back electricity
Road, wherein circulation feed circuit is by selector and register group at the data bit width of register is 16 bytes, and the one of selector is defeated
Enter end to connect with the output end of first run translation circuit, the feedback data output end of another input terminal and four round transformation multiplex circuits
The input terminal of mouth connection, output end and register connects, and the output end of register and the data of four round transformation multiplex circuits are defeated
Inbound port connection.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810596246.8A CN109150495B (en) | 2018-06-11 | 2018-06-11 | Round conversion multiplexing circuit and AES decryption circuit thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201810596246.8A CN109150495B (en) | 2018-06-11 | 2018-06-11 | Round conversion multiplexing circuit and AES decryption circuit thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109150495A true CN109150495A (en) | 2019-01-04 |
| CN109150495B CN109150495B (en) | 2021-06-22 |
Family
ID=64801829
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201810596246.8A Active CN109150495B (en) | 2018-06-11 | 2018-06-11 | Round conversion multiplexing circuit and AES decryption circuit thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109150495B (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109660333A (en) * | 2019-01-25 | 2019-04-19 | 芜湖职业技术学院 | AES decryption multiplexing round transformation arithmetic element structure |
| CN111600867A (en) * | 2020-05-12 | 2020-08-28 | 腾讯科技(深圳)有限公司 | Data encryption method and related equipment |
| CN111901115A (en) * | 2020-07-27 | 2020-11-06 | 合肥工业大学 | SIMON algorithm encryption circuit in multi-configuration mode |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102035641A (en) * | 2009-09-24 | 2011-04-27 | 中兴通讯股份有限公司 | Device and method for implementing AES encryption and decryption |
| CN103516512A (en) * | 2013-10-21 | 2014-01-15 | 深圳市芯通信息科技有限公司 | Encryption and decryption method and encryption and decryption device based on AES (advanced encryption standard) algorithm |
| US20170118011A1 (en) * | 2014-03-28 | 2017-04-27 | Sony Corporation | Encryption processing device, encryption processing method, and program |
-
2018
- 2018-06-11 CN CN201810596246.8A patent/CN109150495B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102035641A (en) * | 2009-09-24 | 2011-04-27 | 中兴通讯股份有限公司 | Device and method for implementing AES encryption and decryption |
| CN103516512A (en) * | 2013-10-21 | 2014-01-15 | 深圳市芯通信息科技有限公司 | Encryption and decryption method and encryption and decryption device based on AES (advanced encryption standard) algorithm |
| US20170118011A1 (en) * | 2014-03-28 | 2017-04-27 | Sony Corporation | Encryption processing device, encryption processing method, and program |
Non-Patent Citations (1)
| Title |
|---|
| 张肖强: "基于复合域运算的AES密码电路优化设计方法研究", 《中国博士学位论文全文数据库 信息科技辑》 * |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109660333A (en) * | 2019-01-25 | 2019-04-19 | 芜湖职业技术学院 | AES decryption multiplexing round transformation arithmetic element structure |
| CN111600867A (en) * | 2020-05-12 | 2020-08-28 | 腾讯科技(深圳)有限公司 | Data encryption method and related equipment |
| CN111901115A (en) * | 2020-07-27 | 2020-11-06 | 合肥工业大学 | SIMON algorithm encryption circuit in multi-configuration mode |
Also Published As
| Publication number | Publication date |
|---|---|
| CN109150495B (en) | 2021-06-22 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Zhang et al. | Implementation approaches for the advanced encryption standard algorithm | |
| CN1921382B (en) | Encrypting-decrypting method based on AES algorithm and encrypting-decrypting device | |
| CA2244337C (en) | Encryption processor with shared memory interconnect | |
| CN104639314A (en) | Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method | |
| CN109033892A (en) | Round transformation multiplex circuit and AES based on composite matrix decrypt circuit | |
| Mane et al. | High speed area efficient FPGA implementation of AES algorithm | |
| CN106921487A (en) | Reconfigurable S-box circuit structure | |
| Ueno et al. | A High Throughput/Gate AES Hardware Architecture by Compressing Encryption and Decryption Datapaths: —Toward Efficient CBC-Mode Implementation | |
| CN104852798B (en) | A kind of data encrypting and deciphering system and method | |
| CN109150495A (en) | A kind of round transformation multiplex circuit and its AES decrypt circuit | |
| Drimer et al. | DSPs, BRAMs, and a pinch of logic: Extended recipes for AES on FPGAs | |
| CN108933652A (en) | A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit | |
| CN109039583A (en) | It is multiplexed round transformation circuit, AES encryption circuit and encryption method | |
| CN106982116A (en) | A kind of local file encryption method of the AES based on reversible logic circuits | |
| CN108809627A (en) | Round transformation multiplex circuit and AES decrypt circuit | |
| CN109033847A (en) | AES encryption arithmetic element, AES encryption circuit and its encryption method | |
| CN109033893A (en) | AES encryption unit, AES encryption circuit and its encryption method based on composite matrix | |
| CN108566271A (en) | It is multiplexed round transformation circuit, AES encryption circuit and its encryption method | |
| CN109639408A (en) | A kind of AES decryption multiplexing round transformation circuit structure | |
| CN108964875A (en) | Ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit | |
| CN102780557B (en) | Method and device for AES (advanced encryption standard) encryption/decryption with selection gate optimization | |
| CN108989018A (en) | A kind of AES encryption unit, AES encryption circuit and encryption method | |
| CN109033023A (en) | A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit | |
| CN109936440A (en) | AES decrypts multiplexing round transformation arithmetic element structure and construction method in circuit | |
| CN109660333A (en) | AES decryption multiplexing round transformation arithmetic element structure |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |