CN109446829A - Realize the encryption and decryption IP kernel and data high-speed encryption and decryption method of data high-speed encryption - Google Patents
Realize the encryption and decryption IP kernel and data high-speed encryption and decryption method of data high-speed encryption Download PDFInfo
- Publication number
- CN109446829A CN109446829A CN201811333056.3A CN201811333056A CN109446829A CN 109446829 A CN109446829 A CN 109446829A CN 201811333056 A CN201811333056 A CN 201811333056A CN 109446829 A CN109446829 A CN 109446829A
- Authority
- CN
- China
- Prior art keywords
- data
- encryption
- register
- system bus
- register group
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Withdrawn
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F15/00—Digital computers in general; Data processing equipment in general
- G06F15/76—Architectures of general purpose stored program computers
- G06F15/78—Architectures of general purpose stored program computers comprising a single central processing unit
- G06F15/7867—Architectures of general purpose stored program computers comprising a single central processing unit with reconfigurable architecture
- G06F15/7871—Reconfiguration support, e.g. configuration loading, configuration switching, or hardware OS
- G06F15/7878—Reconfiguration support, e.g. configuration loading, configuration switching, or hardware OS for pipeline reconfiguration
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
The present disclosure discloses a kind of IP kernels and data high-speed encryption and decryption method for realizing data high-speed encryption and decryption, comprising: encryption or decryption process unit, storage register group group and control register;Encryption or decryption process unit is connect with storage register group;Control register is connect with encryption or decryption process unit and storage register group respectively;By the change to IP kernel internal structure, directly transfer data to encryption perhaps decrypt IP kernel without waiting for data storage it is enough it is a certain amount of after carry out the encryption or decryption of data again, improve the efficiency of data ciphering and deciphering.
Description
Technical field
This disclosure relates to encryption technology correlative technology field, in particular to realizing that adding for data high-speed encryption solves
Close IP kernel and data high-speed encryption and decryption method.
Background technique
Only there is provided background technical informations relevant to the disclosure for the statement of this part, it is not necessary to so constitute first skill
Art.
The bit wide of system bus refers to the digit for the binary data that bus can transmit simultaneously or the position of data/address bus
Number, i.e., the concept of the highway widths such as 32,64.The bit wide of bus is wider, and the data bits of single transmission is more but total line width
It is more expensive to spend the bigger physical circuit more multivalence lattice for needing to connect.Encrypting and decrypting system transfers data to encryption by system bus
IP kernel is decrypted, data length of the bit wide of system bus generally with encrypting and decrypting IP kernel data ciphering and deciphering is different, and is such as
System bus bit wide is 32bit, and for the IP kernel based on SM4 algorithm of 128bit input, 4 clock signals just gather enough one
A complete input, if data are continuous, such IP kernel pipeline processes are not in junk data, but centre one
There is the case where data cutout in denier, and the output of assembly line will appear junk data.The general upper layer storage of traditional processing method is enough
A certain amount of data issue encrypting and decrypting core again, guarantee data stream transmitting, it is unnecessary that this way will cause to a certain extent
Time waste, reduce encrypting and decrypting IP kernel processing data efficiency.
Summary of the invention
The disclosure to solve the above-mentioned problems, proposes a kind of IP kernel for realizing data high-speed encryption and decryption and data high-speed adds
Decryption method is directly transferred data to encryption or decryption IP kernel, is withouted waiting for by the change to IP kernel internal structure
Data storage it is enough it is a certain amount of after carry out the encryption or decryption of data again, improve the efficiency of data ciphering and deciphering.
To achieve the goals above, the disclosure adopts the following technical scheme that
A kind of or multiple embodiments provide a kind of IP kernel for realizing data high-speed encryption and decryption, comprising: at encryption or decryption
Manage unit, storage register group and control register;Encryption or decryption process unit is connect with storage register group;Control deposit
Device is connect with encryption or decryption process unit and storage register group respectively;
Encryption or decryption process unit: clear data encryption for that will input or by the encrypted ciphertext number of input
According to decryption;
Storage register group;For storing the clear data inputted by system bus or ciphertext data;Each deposit
The data of device storage system bus single transmission;
Control register: for reaching the data length of encryption or decryption process unit single treatment when the data of transmission
When, control storage register group sends data to encryption or decryption process unit.
Further, storage register group includes first order register group that register number is N and register number is
The second level register group of N-1, the second level register group are separately connected system bus, encryption or decryption process unit and
Level-one register group;First order register group connects encryption or decryption process unit;It further include first data transmission line, described
One data line is separately connected system bus, second level register group and encryption or decryption process unit;
N is the data for the data length that system bus continuous data transfer reaches encryption or decryption process unit single treatment
The number of transmissions.
Further, the number of the control register storage time wheel wheel number label and system bus transmission data, root
Number according to system bus transmission data judges whether the data of transmission reach the number of encryption or decryption process unit single treatment
According to length, encryption or decryption process is transferred to according to the data length whether time wheel wheel number marker for judgment is up to single treatment
Unit.
Further, when system bus bit wide be 32bit, IP kernel use the digit of SM4 algorithm single treatment data for
When 128bit, N 4, the register number of first order register group is 4, and the quantity of second level register group is 3, and the second level is posted
3 registers of storage group are correspondingly connected with 3 registers in first order register group, and the 4th of second level register group
Register connects first data transmission line.
Further, when system bus bit wide be 32bit, IP kernel use the digit of SM4 algorithm single treatment data for
When 128bit, the time wheel wheel number label is~3.
Based on a kind of data high-speed encryption and decryption method of above-mentioned IP kernel for realizing data high-speed encryption and decryption, including following step
It is rapid:
Step 1, initialization control register, time wheel wheel number round=0, setting time wheel wheel number label is~N-1,
Every to pass through a system clock cycle, time wheel takes turns number round=round+1, as round=N-1, following clock cycle
It is 0 that round, which overflows, i.e. round=0;The number count=0 of system bus transmission data is initialized, first order register group has
Register number be it is N number of, the register number of second level register group is N-1;The length of register storing data is that system is total
The data length of line single transmission is identical;N is that system bus continuous data transfer reaches at encryption or decryption process unit single
The data transmission times of the data length of reason;
Step 2, the data of system bus transmission are successively stored to each register of second level register group, and system bus is every
Transmission primaries data update count=count+1;When register group each register in the second level stores data, judgement
Whether system bus transmits data in following clock cycle, if so, judge whether round is 0, if round=0,
Count numerical value is the integral multiple of N, and present clock system bus is transmitted to the data markers of data and the storage of second level register group
For valid data and it is transmitted to encryption or decryption process unit, repeats this step 2;If not, performing the next step;
The data of step 3, the data that present clock system bus is transmitted and the storage of second level register group, are transmitted to the
The corresponding register of one register group loops to determine whether round is 0, if round=0, count numerical value are the integer of N
Times, it is valid data by the data markers that first order register group stores and is transmitted to encryption or decryption process unit;
Step 4, circulation execute step 2- step 3, the total data until having handled encryption or decryption.
Further, when system bus bit wide be 32bit, IP kernel use the digit of SM4 algorithm single treatment data for
When 128bit, N=4, steps are as follows:
Step 1, initialization control register, time wheel wheel number round=0, setting time wheel wheel number label is~3, often
By a system clock cycle, time wheel takes turns number round=round+1, as round=3, following clock cycle round
Overflowing is 0, i.e. round=0;System bus transmits the number count=0 of data, and first order register group has register number
It is 4, the register number of second level register group is 3;The length of register storing data is system bus single transmission
Data length is identical;
Step 2, the data of system bus transmission are successively stored to each register of second level register group, and system bus is every
Transmission primaries data update count=count+1;When register group each register in the second level stores data, judgement
Whether system bus transmits data in following clock cycle, if so, judge whether round is 0, if round=0,
Present clock system bus is transmitted the data markers of data and the storage of second level register group by the integral multiple that count numerical value is 4
For valid data and it is transmitted to encryption or decryption process unit, repeats this step 2;If not, performing the next step;
The data of step 3, the data that present clock system bus is transmitted and the storage of second level register group, are transmitted to the
The corresponding register of one register group loops to determine whether round is 0, if the integer that round=0, count numerical value are 4
Times, it is valid data by the data markers that first order register group stores and is transmitted to encryption or decryption process unit;
Step 4, circulation execute step 2- step 3, the total data until having handled encryption or decryption.
Compared with prior art, the disclosure has the beneficial effect that
The disclosure is directly transferred data to encryption or decryption IP kernel, is not required to by the change to IP kernel internal structure
Wait pending datas storage it is enough it is a certain amount of after carry out the encryption or decryption of data again, improve the efficiency of data ciphering and deciphering.
Detailed description of the invention
The accompanying drawings constituting a part of this application is used to provide further understanding of the present application, and the application's shows
Meaning property embodiment and its explanation do not constitute the restriction to the application for explaining the application.
Fig. 1 is the block diagram of the IP kernel of the embodiment of the present disclosure;
The wheel number for the time wheel that Fig. 2 is marks schematic diagram.
Specific embodiment:
The disclosure is described further with embodiment with reference to the accompanying drawing.
It is noted that described further below be all exemplary, it is intended to provide further instruction to the application.Unless another
It indicates, all technical and scientific terms used herein has usual with the application person of an ordinary skill in the technical field
The identical meanings of understanding.
It should be noted that term used herein above is merely to describe specific embodiment, and be not intended to restricted root
According to the illustrative embodiments of the application.As used herein, unless the context clearly indicates otherwise, otherwise singular
Also it is intended to include plural form, additionally, it should be understood that, when in the present specification using term "comprising" and/or " packet
Include " when, indicate existing characteristics, step, operation, device, component and/or their combination.
In the technical solution disclosed in one or more embodiments, a kind of IP kernel for realizing data high-speed encryption and decryption,
Including encryption or decryption process unit, storage register group group and control register;Encryption or decryption process unit is posted with storage
The connection of storage group;Control register is connect with encryption or decryption process unit and storage register group respectively;
Encryption or decryption process unit: clear data encryption for that will input or by the encrypted ciphertext number of input
According to decryption;
Storage register group;For storing the clear data inputted by system bus or ciphertext data;Each deposit
The data of device storage system bus single transmission;
Control register: for reaching the data length of encryption or decryption process unit single treatment when the data of transmission
When, control storage register group sends data to encryption or decryption process unit;
Storage register group includes the first order register group that register number is N and register number is the second of N-1
Grade register group, the second level register group are separately connected system bus, encryption or decryption process unit and first order deposit
Device group;First order register group connects encryption or decryption process unit;It further include first data transmission line, first data pass
Defeated line is separately connected system bus, second level register group and encryption or decryption process unit.
N is the data for the data length that system bus continuous data transfer reaches encryption or decryption process unit single treatment
The number of transmissions.
The number of the control register storage time wheel wheel number label and system bus transmission data, according to system bus
The number of transmission data judges whether the data of transmission reach the data length of encryption or decryption process unit single treatment, according to
The data length whether time wheel wheel number marker for judgment is up to single treatment is transferred to encryption or decryption process unit.
If it is continuous, system bus is primary in each clock signal transmission for data transmission, is denoted as system bus transmission
The number of data, data/address bus each system clock transmission primaries when carrying out data transmission, transmission data length are system bus
Bit wide, such as 32 system bus, the data that the data of each clock cycle transmission are 32.System bus is every to carry out once
Data transmission, system bus transmit the number cumulative 1 of data.The number of the system bus transmission data of the disclosure can not be set
The upper limit, until encryption or decryption process terminates to reset.The upper limit can also be set and be such as set as N, the present embodiment is using the setting upper limit
For the method for counting of N, if count value is that N illustrates that the data of transmission reach the data of encryption or decryption process unit single treatment
Length, when system bus is transmitted next time, data transmission times are updated to 1, then carry out data transmission the cumulative straight of number
To for N, so circulation terminates until encrypting and decrypting process.The data that transmission is represented when data transmission times are N reach encryption
Or the data length of decryption processing unit single treatment, it can carry out sending data to encryption or decryption process unit.
The disclosure carries out wheel number label, can using time wheel label, time wheel as shown in Fig. 2, each timing arrives,
Pointer in figure is mobile primary, if it is 0~n wheel number label, can be divided into n+1 grid, be marked since round=0
Note, pointer, which passes through n+1 movement, will be returned to 0, and corresponding task is directed toward corresponding wheel number and is marked, and take turns number label when reaching this
When, execute task.Corresponding task can be executed when taking turns number and being arbitrary value.It is set respectively in figure when being discussed as 1,3,6
Task executes indicating in corresponding box for task when pointer points to corresponding wheel number.0~N-1 of the disclosure takes turns number label, N
Reach the data transmission times of the data length of encryption or decryption process unit single treatment for system bus continuous data transfer,
As round=0 and when data transmission times are the integral multiple of N, the data of storage register group are transmitted to encryption or solution
Close processing unit.When system bus bit wide is 32bit, when IP kernel uses the digit of SM4 algorithm single treatment data as 128bit,
The time wheel wheel number label is~3.The application can initialize round=0, can set every by a clock cycle
Round=round+1, time wheel wheel number variation is that 0-1-2-3-0-1-2-3-0 ... is so recycled.
When system bus bit wide is 32bit, when IP kernel uses the digit of SM4 algorithm single treatment data as 128bit, N is
4, the register number of first order register group is 4, and the quantity of second level register group is 3, and 3 of second level register group post
Storage is correspondingly connected with 3 registers in first order register group, the 4th register connection first of second level register group
Data line.As shown in Figure 1, the register tagging of second level register group is reg0~reg2, first order register group
Register tagging is reg3~reg6, and the register of second level register group and first order register is sequentially connected in order.
Based on a kind of data high-speed encryption and decryption method of above-mentioned IP kernel for realizing data high-speed encryption and decryption, including following step
It is rapid:
Step 1, initialization control register, time wheel wheel number round=0, setting time wheel wheel number label is~N-1,
Every to pass through a system clock cycle, time wheel takes turns number round=round+1, as round=N-1, following clock cycle
It is 0 that round, which overflows, i.e. round=0;System bus transmits the number count=0 of data, and first order register group has register
Quantity be it is N number of, the register number of second level register group is N-1;The length of register storing data is system bus single
The data length of transmission is identical;N is the number that system bus continuous data transfer reaches encryption or decryption process unit single treatment
According to the data transmission times of length;
Step 2, the data of system bus transmission are successively stored to each register of second level register group, and system bus is every
Transmission primaries data update count=count+1;When register group each register in the second level stores data, judgement
Whether system bus transmits data in following clock cycle, if so, judge whether round is 0, if round=0,
Count numerical value is the integral multiple of N, and present clock system bus is transmitted to the data markers of data and the storage of second level register group
For valid data and it is transmitted to encryption or decryption process unit, executes step 2;If not, performing the next step;
The data of step 3, the data that present clock system bus is transmitted and the storage of second level register group, are transmitted to the
The corresponding register of one register group loops to determine whether round is 0, if round=0, count numerical value are the integer of N
Times, it is valid data by the data markers that first order register group stores and is transmitted to encryption or decryption process unit;
Step 4, circulation execute step 2- step 3, the total data until having handled encryption or decryption.
It is below 32bit with system bus bit wide, IP kernel uses the digit of SM4 algorithm single treatment data for 128bit's
The explanation for the method that encryption or decryption system are encrypted or decrypted, when system bus bit wide is 32bit, each clock cycle is passed
Defeated data length is 32bit, for the SM4 core of 128bit input, 4 always the period just gather enough one it is complete defeated
Enter, N=4, by taking encryption as an example, cryptographic processing unit is the data of 8 level production line each round in every level-one cryptographic processing unit
It calculates to export again for four times and gives next stage cryptographic processing unit.Every level-one cryptographic processing unit is First in Fig. 1, at the last one
Reason unit is Last.If such pipeline processes are not in junk data if data are continuous, but centre is once
There is the case where data cutout, the output of assembly line will appear junk data.The general upper layer storage enough one of traditional processing method
Quantitative data issue encryption kernel again, guarantee data stream transmitting, and this way will cause the unnecessary time to a certain extent
Waste reduces the efficiency of encryption kernel processing data.The disclosure passes through front-end processing and mark before data are encrypted or are decrypted
Label two ways solves the above problems jointly.
Assembly line (pipeline) refers to a kind of quasi- parallel processing that a plurality of effects of overlapping is operated when program executes
Realization technology.Assembly line is that Intel begins to use in 486 chips for the first time.The working method of assembly line is just as industrial production
On assembling line.An instruction processing pipeline is formed by the circuit unit of 5-6 different function in CPU, then will
One X86 instruction is divided into after 5-6 steps to be executed by these circuit units respectively again, is can be achieved in this way a cpu clock period
An instruction is completed, therefore improves the arithmetic speed of CPU.Every integer assembly line of classical Pentium is all divided into level Four flowing water, that is, refers to
Order prefetches, decodes, executing, write-back result, and floating-point flowing water is divided into eight grades of flowing water again.The encryption of the application or secret processing unit
Using the pipeline design, 8 level production lines can be used, enter second processing when the first data has been handled in first processing units
Unit, while the second data enters first processing units, first while the second processing unit handles the first data at
Reason unit also handles the second data.
The specific method and step for encrypting or decrypting is as follows:
Step 1, initialization control register, time wheel wheel number round=0, setting time wheel wheel number label is~3, often
By a system clock cycle, time wheel takes turns number round=round+1, as round=3, following clock cycle round
Overflowing is 0, i.e. round=0;System bus transmits the number count=0 of data, and first order register group has register number
It is 4, the register number of second level register group is 3;The length of register storing data is system bus single transmission
Data length is identical;
Step 2, the data of system bus transmission are successively stored to each register of second level register group, and system bus is every
Transmission primaries data update count=count+1;When register group each register in the second level stores data, judgement
Whether system bus transmits data in following clock cycle, if so, judge whether round is 0, if round=0,
Present clock system bus is transmitted the data markers of data and the storage of second level register group by the integral multiple that count numerical value is 4
For valid data and be transmitted to encryption or decryption process unit, if data transmission be it is continuous, circulation executes step 2, can be with
Data are successively inputted to encryption or decryption process unit;If data are not continuously, there is cutout in centre, when data are transferred to
Round not necessarily 0, round is not 0 execution step 3 when accessible length.
When system bus transmission data, second level register group reg0~reg2 is sequentially stored according to the sequence of label and is posted
Storage indicates that all registers of second level register group all store data when register reg2 also stores data, at this time
Judge whether following clock cycle has data transmission, if data continuously transmit, when the 4th bus data transfer comes
It waits, the data that the data of this periodic transfer and second level register group store is transmitted at encryption or decryption process unit
Reason.If it is cutout data, first by register reg0~reg2 storing data of the second register group, when reg2 stores number
According to, judge whether following clock cycle has data transmission at this time, if without data transmission if wait, when have next time data biography
It is defeated and when to judge round not be 0, the data of reg0~reg2 are transmitted to reg3~reg5, and the data that this is transmitted
It is transmitted to reg6 by the first data line, executes step 3.The condition of encryption or decryption process unit can be transmitted to by, which reaching, to count
According to being marked as valid data and be transmitted to encryption or decryption process unit.
The data of step 3, the data that present clock system bus is transmitted and the storage of second level register group, are transmitted to the
The corresponding register of one register group loops to determine whether round is 0, if the integer that round=0, count numerical value are 4
Times, it is valid data by the data markers that first order register group stores and is transmitted to encryption or decryption process unit;Execute sheet
When step one clock cycle round of every mistake add up 1, round be added to 0 during if there is data transmission will be stored to the
Two-stage register group.
Step 4, circulation execute step 2- step 3, the valid data of the data handled are marked removal, until having handled
The total data of encryption or decryption.
The present embodiment of the disclosure increases by 7 registers to cache the data of input, for continuous defeated inside IP kernel
Entering only can be applied to the register of front three, and the data of the 4th clock cycle can be along with the value one of these three registers
It rises and is input in first encryption unit;It is possible to that four registers next can be applied to store if cutout occurs for data
The value of first three register can be assigned to 3~5 registers, the 4th value storage when the 4th valid data come by data
Into register 6, when waiting round=0, then collected data are input to first encryption unit.
Data cutout when by setting transmission time wheel label, realize the waiting of data, when data gather enough one it is complete
Encryption or ciphertext data processing unit are sent data to after whole input again, avoids the generation of junk data, and is not required to
It to be encrypted or decrypted after the front end of IP kernel is by the enough certain quantity of data storage, improved the efficiency of system, save
Processing time.
The foregoing is merely preferred embodiment of the present application, are not intended to limit this application, for the skill of this field
For art personnel, various changes and changes are possible in this application.Within the spirit and principles of this application, made any to repair
Change, equivalent replacement, improvement etc., should be included within the scope of protection of this application.
Although above-mentioned be described in conjunction with specific embodiment of the attached drawing to the disclosure, model not is protected to the disclosure
The limitation enclosed, those skilled in the art should understand that, on the basis of the technical solution of the disclosure, those skilled in the art are not
Need to make the creative labor the various modifications or changes that can be made still within the protection scope of the disclosure.
Claims (7)
1. a kind of IP kernel for realizing data high-speed encryption and decryption, characterized in that include: encryption or decryption process unit, storage deposit
Device group and control register;Encryption or decryption process unit is connect with storage register group;Control register respectively with encryption or
Decryption processing unit is connected with storage register group;
Encryption or decryption process unit: clear data encryption for that will input or by the encrypted ciphertext data solution of input
It is close;
Storage register group;For storing the clear data inputted by system bus or ciphertext data;Each register is deposited
The data of storage system bus single transmission;
Control register: when reaching the data length of encryption or decryption process unit single treatment for the data when transmission, control
Storage register group processed sends data to encryption or decryption process unit.
2. a kind of IP kernel for realizing data high-speed encryption and decryption as described in claim 1, it is characterized in that: storage register group includes
The second level register group that the first order register group and register number that register number is N are N-1, the second level deposit
Device group is separately connected system bus, encryption or decryption process unit and first order register group;The connection of first order register group adds
Close or decryption processing unit;It further include first data transmission line, the first data transmission line is separately connected system bus, second
Grade register group and encryption or decryption process unit;
N is the data transmission for the data length that system bus continuous data transfer reaches encryption or decryption process unit single treatment
Number.
3. a kind of IP kernel for realizing data high-speed encryption and decryption as described in claim 1, it is characterized in that: the control register is deposited
The number for storing up time wheel wheel number label and system bus transmission data transmits the number judgement transmission of data according to system bus
Whether whether data reach the data length of encryption or decryption process unit single treatment, take turns wheel number marker for judgment according to the time and will
The data length for reaching single treatment is transferred to encryption or decryption process unit.
4. a kind of IP kernel for realizing data high-speed encryption and decryption as claimed in claim 2, it is characterized in that: when system bus bit wide is
32bit, when IP kernel uses the digit of SM4 algorithm single treatment data as 128bit, N 4, the register of first order register group
Quantity is 4, and the quantity of second level register group is 3, in 3 registers and first order register group of second level register group
3 registers are correspondingly connected with, and the 4th register of second level register group connects first data transmission line.
5. a kind of IP kernel for realizing data high-speed encryption and decryption as claimed in claim 3, it is characterized in that: when system bus bit wide is
32bit, when IP kernel uses the digit of SM4 algorithm single treatment data as 128bit, the time wheel wheel number label is~3.
6. based on a kind of described in any item data high-speed encryption and decryptions for the IP kernel for realizing data high-speed encryption and decryption of claim 1-5
Method, characterized in that the following steps are included:
Step 1, initialization control register, time wheel wheel number round=0, setting time wheel wheel number label is~N-1, every warp
A system clock cycle is crossed, time wheel takes turns number round=round+1, as round=N-1, following clock cycle round
Overflowing is 0, i.e. round=0;The number count=0 of system bus transmission data is initialized, first order register group has deposit
Device quantity be it is N number of, the register number of second level register group is N-1;The length of register storing data is system bus list
The data length of secondary transmission is identical;N is that system bus continuous data transfer reaches encryption or decryption process unit single treatment
The data transmission times of data length;
Step 2, the data of system bus transmission are successively stored to each register of second level register group, the every transmission of system bus
One time data update count=count+1;When register group each register in the second level stores data, system is judged
Whether bus transmits data in following clock cycle, if so, judging whether round is 0, if round=0, count number
Value is the integral multiple of N, is effective by the data markers that present clock system bus transmits data and the storage of second level register group
Data are simultaneously transmitted to encryption or decryption process unit, repeat this step 2;If not, performing the next step;
The data of step 3, the data that present clock system bus is transmitted and the storage of second level register group, are transmitted to first and post
The corresponding register of storage group loops to determine whether round is 0, if round=0, count numerical value are the integral multiple of N,
It is valid data by the data markers that first order register group stores and is transmitted to encryption or decryption process unit;
Step 4, circulation execute step 2- step 3, the total data until having handled encryption or decryption.
7. data high-speed encryption and decryption method as claimed in claim 6, characterized in that when system bus bit wide is 32bit, IP kernel
When using the digit of SM4 algorithm single treatment data as 128bit, N=4, steps are as follows:
Step 1, initialization control register, time wheel wheel number round=0, setting time wheel wheel number label is~3, every process
One system clock cycle, time wheel wheel number round=round+1, as round=3, following clock cycle round overflows
It is 0, i.e. round=0;System bus transmits the number count=0 of data, and it is 4 that first order register group, which has register number,
A, the register number of second level register group is 3;The length of register storing data is the data of system bus single transmission
Length is identical;
Step 2, the data of system bus transmission are successively stored to each register of second level register group, the every transmission of system bus
One time data update count=count+1;When register group each register in the second level stores data, system is judged
Whether bus transmits data in following clock cycle, if so, judging whether round is 0, if round=0, count number
The data markers that present clock system bus transmits data and the storage of second level register group are effective by the integral multiple that value is 4
Data are simultaneously transmitted to encryption or decryption process unit, repeat this step 2;If not, performing the next step;
The data of step 3, the data that present clock system bus is transmitted and the storage of second level register group, are transmitted to first and post
The corresponding register of storage group loops to determine whether round is 0, if the integral multiple that round=0, count numerical value are 4,
It is valid data by the data markers that first order register group stores and is transmitted to encryption or decryption process unit;
Step 4, circulation execute step 2- step 3, the total data until having handled encryption or decryption.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811333056.3A CN109446829A (en) | 2018-11-09 | 2018-11-09 | Realize the encryption and decryption IP kernel and data high-speed encryption and decryption method of data high-speed encryption |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201811333056.3A CN109446829A (en) | 2018-11-09 | 2018-11-09 | Realize the encryption and decryption IP kernel and data high-speed encryption and decryption method of data high-speed encryption |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109446829A true CN109446829A (en) | 2019-03-08 |
Family
ID=65551777
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201811333056.3A Withdrawn CN109446829A (en) | 2018-11-09 | 2018-11-09 | Realize the encryption and decryption IP kernel and data high-speed encryption and decryption method of data high-speed encryption |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109446829A (en) |
Cited By (1)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110034918A (en) * | 2019-03-15 | 2019-07-19 | 深圳市纽创信安科技开发有限公司 | A kind of SM4 acceleration method and device |
-
2018
- 2018-11-09 CN CN201811333056.3A patent/CN109446829A/en not_active Withdrawn
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN110034918A (en) * | 2019-03-15 | 2019-07-19 | 深圳市纽创信安科技开发有限公司 | A kind of SM4 acceleration method and device |
CN110034918B (en) * | 2019-03-15 | 2023-10-20 | 深圳市纽创信安科技开发有限公司 | SM4 acceleration method and device |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN1655496B (en) | Apparatus and method for providing configurable cryptographic key size | |
CN101083525B (en) | Cryptography processing units and multiplier | |
CN105530263B (en) | A kind of extra lightweight RFID mutual authentication methods based on tag ID | |
CN104620254B (en) | Counter for the parallelization of the memory Replay Protection of low overhead is climbed the tree | |
CN104202161B (en) | A kind of SoC crypto chips | |
CN109597646A (en) | Processor, method and system with configurable space accelerator | |
CN104933008B (en) | Reconfigurable system and reconfigurable array structure and its application | |
CN101588233B (en) | Module multiplexing method for AES coprocessor in wireless sensor network node application | |
CN102841777B (en) | Branch target buffer addressing in data processor | |
CN105049194B (en) | A kind of SM4 algorithms of pipeline organization realize system | |
DE112017001766T5 (en) | POWER SIDE CHANNEL ATTACK RESISTANT ADVANCED ENCRYPTION STANDARD ACCELERATION PROCESSOR | |
EP2947841A1 (en) | Encryption device and method of defending against differential power analysis attack | |
CN110321162A (en) | PRESENT Encryption Algorithm realization method and system based on coarseness Reconfigurable Computation unit | |
CN105207772B (en) | It safely exchanges the encryption method of message and realizes the equipment and system of this method | |
CN101751243A (en) | Methods and devices for instruction level software encryption | |
CN109359069A (en) | A kind of data transmission method and device | |
CN105631013B (en) | The device and method for generating cryptographic Hash | |
CN105871725B (en) | A kind of message diversion method and device | |
JP2002032018A (en) | Ciphering device using standard algorithm for ciphering data | |
CN102664729A (en) | Field programmable gate array (FPGA)-based advanced encryption standard (AES) encryption and decryption network communication device and implementation method thereof | |
CN109190413B (en) | Serial communication system based on FPGA and MD5 encryption | |
CN101827107A (en) | IEEE802.1AE protocol-based GCM high-speed encryption and decryption equipment | |
CN109446829A (en) | Realize the encryption and decryption IP kernel and data high-speed encryption and decryption method of data high-speed encryption | |
CN105577363A (en) | Extensible pipelined circuit aiming at SM4 cryptographic algorithm and implementation method thereof | |
Reinbrecht et al. | Earthquake—A NoC-based optimized differential cache-collision attack for MPSoCs |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
WW01 | Invention patent application withdrawn after publication |
Application publication date: 20190308 |
|
WW01 | Invention patent application withdrawn after publication |