CN109936439A - AES decrypts ordinary wheel translation circuit structure and round transformation construction method - Google Patents
AES decrypts ordinary wheel translation circuit structure and round transformation construction method Download PDFInfo
- Publication number
- CN109936439A CN109936439A CN201910073439.XA CN201910073439A CN109936439A CN 109936439 A CN109936439 A CN 109936439A CN 201910073439 A CN201910073439 A CN 201910073439A CN 109936439 A CN109936439 A CN 109936439A
- Authority
- CN
- China
- Prior art keywords
- constant
- inverse
- constant matrices
- matrices
- matrix
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Complex Calculations (AREA)
Abstract
The invention discloses the ordinary wheel transform operation cellular constructions in a kind of AES decryption circuit, it is characterized in that, the ordinary wheel transform operation cellular construction includes: that sequentially connected data-in port, the first composite matrix multiplying unit, constant add arithmetic element, compositum inverse of multiplication unit, the second composite matrix multiplying unit and data-out port, is also connected with key input mouth on the second composite matrix multiplying unit.The ordinary wheel transform operation cellular construction overcomes the circuit critical path path length of AES decryption round translation circuit structure in the prior art, and circuit realizes that area is big, and circuit is caused to realize the big problem of difficulty.
Description
Technical field
The present invention relates to cryptochannels to realize technical field, decrypts ordinary wheel translation circuit knot more particularly to a kind of AES
Structure and round transformation construction method.
Background technique
AES (Advanced Encryption Standard, Advanced Encryption Standard) is by American National Standard and technology
A new generation's grouping symmetric cryptographic algorithm that research institute formulates for 2001, for replacing original DES (Data Encryption
Standard, data encryption standards).Currently, AES cryptographic algorithm is used by multiple International Standards Organization, it is to make at present
With widest block cipher.
The data packet length of AES cryptographic algorithm is 128 bits, and key length has three kinds of 128,192 and 256 bit, point
It is also known as AES-128, AES-192, AES-256.Aes algorithm is an iterative algorithm, each iteration is properly termed as wheel and becomes
It changes, key length is different, and round transformation quantity is also different, AES-128, AES-192, and the round transformation quantity Nr of AES-256 is respectively
10,12,14.As shown in Fig. 1, in AES encryption process, the clear data inputted first carries out key first and adds operation;Then it passes through
Cross Nr- 1 common round transformation of wheel carries out byte replacement, row displacement, column mixing and key in order in each common round transformation
Add four sub- operations;Last round transformation finally is taken turns by one, last round transformation carries out byte replacement, row displacement and key in order and adds
Three sub- operations.As shown in Fig. 2, AES decryption process is a process opposite with ciphering process, the ciphertext data of input are first
First carrying out a wheel first run transformation, the first run is transformed in encryption flow the inverse operation of last round transformation, including key plus Retrograde transposition,
Inverse byte replaces three sub- operations;Then N is carried outr- 1 common round transformation of wheel, ordinary wheel are transformed to ordinary wheel in encryption flow and become
The inverse operation changed, including key plus inverse column mixing, Retrograde transposition and inverse byte are replaced;It finally carries out a key and adds operation.
Inverse column mixing, Retrograde transposition and inverse byte replacement are respectively the inverse fortune of column mixing, row displacement and byte replacement in encryption flow
It calculates.
The circuit critical path path length of AES decryption round translation circuit structure in the prior art, circuit realize that area is big,
Circuit is caused to realize that difficulty is big.
Therefore it provides a kind of merging by constant matrices and synthesis operation, by the linear transformation operation group in round transformation
Synthesize two composite matrix, i.e. composite matrixWith composite matrixAES decryption round translation circuit structure based on composite matrix
Circuit critical path can not only be shortened, additionally it is possible to reduce circuit and realize area, consequently facilitating the AES decryption that circuit is realized is general
The problem of logical round transformation circuit structure is urgent need to resolve of the present invention.
Summary of the invention
In view of the above technical problems, the purpose of the present invention is overcome AES decryption round translation circuit structure in the prior art
Circuit critical path path length, circuit realizes that area is big, circuit is caused to realize the big problem of difficulty, to provide a kind of by normal
The merging and synthesis operation of matrix number, are combined into two composite matrix, i.e. composite matrix for the linear transformation operation in round transformationWith composite matrixAES decryption round translation circuit structure based on composite matrix can not only shorten circuit critical path, also
Circuit can be reduced and realize area, consequently facilitating the AES that circuit is realized decrypts ordinary wheel translation circuit structure.
To achieve the goals above, the present invention provides a kind of AES to decrypt ordinary wheel translation circuit structure, the AES solution
Close ordinary wheel translation circuit structure include: sequentially connected data-in port, the first composite matrix multiplying unit, often
Number plus arithmetic element, compositum inverse of multiplication unit, the second composite matrix multiplying unit and data-out port, institute
It states and is also connected with key input mouth on the second composite matrix multiplying unit.
Preferably, the data bit width of the data-in port, the key input mouth and the data-out port
It is all four bytes.
Preferably, the first composite matrix multiplying unit includes an input terminal and an output end, input terminal
It is connected with data-in port, output end adds the input terminal of arithmetic element to be connected with the constant;Wherein, described first
Composite matrix multiplying unit is by the one group of column vector being made of four byte datas and composite matrix of inputMultiplied
Method operation, the composite matrixBy four constant matricesIt is composed, wherein constant matricesIt is normal
Matrix number δ, constant matrices τ ' and constant matricesProduct.Constant matricesFor constant matrices δ, constant matrices τ ' and constant
MatrixProduct.Constant matricesFor constant matrices δ, constant matrices τ ' and constant matricesProduct.Constant matrices
For constant matrices δ, constant matrices τ ' and constant matricesProduct.For the product of constant matrices δ and constant matrices τ '.Often
Matrix number δ is mapping matrix, and effect is by GF (28) element on domain is mapped on compositum, constant matrices τ ' is inverse S box
Constant matrices specified by inverse Affine arithmetic in operation.Constant matricesRespectively GF (28) domain it is superior often
Number × { 09 }16、×{0b}16、×{0d}16、 ×{0e}16Matrix form,
Preferably, the constant adds arithmetic element to include an input terminal and an output end, input terminal and described first
The output end of composite matrix multiplying unit is connected, the input terminal of output end and the compositum inverse of multiplication unit
It is connected;Wherein, the constant adds the additive constant ω of four byte datas of arithmetic element realization inputλOperation, constant ωλFor
The product of constant matrices δ, constant matrices τ ' and constant ω, constant ω are byte specified by inverse Affine arithmetic in inverse S box operation
Constant.
Preferably, the compositum inverse of multiplication unit includes an input terminal and an output end, input terminal and institute
Stating constant adds the output end of arithmetic element to be connected, and one of output end and the second composite matrix multiplying unit is defeated
Enter end to be connected;Wherein, the compositum inverse of multiplication unit realizes four byte data multiplying on compositum of input
Method inverse operation.
Preferably, which is characterized in that the second composite matrix multiplying unit includes that two input terminals and one are defeated
Outlet, an input terminal in two input terminals is connected with the output end of the compositum inverse of multiplication unit, for inputting
Data, another input terminal is connected with institute's key input mouth, for inputting key;Wherein, the second composite matrix multiplication
The one group of column vector and composite matrix that arithmetic element forms four byte datas of input and four byte keysMultiplied
Method operation, the composite matrixBy constant matrices δ ' and constant matricesIt is composed, the constant matrices δ ' is mapping square
Battle array, effect is that the operation result on compositum is mapped back GF (28) on domain.
The progress of ordinary wheel transform operation cellular construction is provided with the claim 1-6 the present invention also provides a kind of
The construction method of AES decryption round transformation, which is characterized in that the round transformation construction method includes:
Step 1, a key is carried out first and adds operation, and the circuit implementing method that the key adds is conventional implementation method;
Step 2, a wheel first run transformation is then carried out, the circuit implementing method of the first run transformation is conventional implementation method;
Step 3, it finally carries out Nr -1 and takes turns common round transformation, the common round transformation utilizes the ordinary wheel transform operation
Cellular construction is realized.
Preferably, common round transformation described in the step 3 successively carries out: inverse column hybrid operation, Retrograde transposition operation,
Inverse byte replacement operation and key add operation.
According to the above technical scheme, AES provided by the invention decrypts the sequentially connected data of ordinary wheel translation circuit structure
Input port, the first composite matrix multiplying unit, constant add arithmetic element, compositum inverse of multiplication unit, second to close
At matrix multiplication operation unit and data-out port, key is also connected on the second composite matrix multiplying unit
Input port.Ordinary wheel transform operation cellular construction in AES decryption circuit provided by the invention overcomes in the prior art
The circuit critical path path length of AES decryption round translation circuit structure, circuit realize that area is big, cause circuit to realize that difficulty is big and ask
Topic.
Other features and advantages of the present invention will the following detailed description will be given in the detailed implementation section.
Detailed description of the invention
The drawings are intended to provide a further understanding of the invention, and constitutes part of specification, with following tool
Body embodiment is used to explain the present invention together, but is not construed as limiting the invention.In the accompanying drawings:
Fig. 1 is AES cipher algorithm encryption process;
Fig. 2 is that AES cryptographic algorithm decrypts process;
Fig. 3 is the process of the round transformation construction method of the AES decryption provided in a kind of preferred embodiment of the invention
Figure;
Fig. 4 is the knot of the AES decryption ordinary wheel translation circuit structure provided in a kind of preferred embodiment of the invention
Structure schematic diagram.
Specific embodiment
Below in conjunction with attached drawing, detailed description of the preferred embodiments.It should be understood that this place is retouched
The specific embodiment stated is merely to illustrate and explain the present invention, and is not intended to restrict the invention.
As shown in figure 3, AES decryption process carries out one first in decryption round transformation construction method proposed by the present invention
Key adds operation, then carries out a wheel first run transformation, finally carries out Nr- 1 common round transformation of wheel.First run transformation is sequentially completed inverse
Row shift operation, inverse byte replacement operation and key add operation, and common round transformation is sequentially completed inverse column hybrid operation, drives in the wrong direction and move
Bit arithmetic, inverse byte replacement operation and key add operation, and the operational formula of above-mentioned arithmetic element is specific as follows:
AES round transformation is progress map function in the matrix form, and decipherment algorithm is by 128 bit packet datas of input
It is considered as 4 × 4 byte matrixes, the element of each matrix is 1 byte.The intermediate result of round transformation be referred to as state matrix be 4 ×
4 byte matrixes.Assuming that the state matrix of common round transformation input are as follows:
Each operation in AES decrypting process is described in detail as follows:
1. against column hybrid operation
Inverse column hybrid operation is the mixed inverse operation of column, can equally be considered as each column and a constant in state matrix
Product of the multinomial on ring R.Assuming that the state matrix after inverse column hybrid operation are as follows:
The expression formula of inverse column hybrid operation are as follows:
Wherein matrixFor column mixed constant matrix, constant matricesInRespectively GF (28)
Multiplying constant × { 09 } on domain16、×{0b}16、×{0d}16、×{0e}16Matrix form, the present invention in { }16Indicate constant
Hexadecimal form.
2. Retrograde transposition operation
Retrograde transposition operation is the inverse operation of row displacement, i.e. the first row of state matrix does not convert, second, three, four rows point
One byte of other right shift, two bytes and three bytes.Assuming that the state matrix after Retrograde transposition operation are as follows:
State matrix after Retrograde transposition can be expressed as:
Retrograde transposition operation does not need to consume any logic circuit resource in hardware realization yet, need to only adjust bus position
It sets.
3. against byte replacement operation
Inverse byte replacement operation is the inverse operation of byte replacement, also referred to as against S box operation.Inverse S box operation is equally by shape
Each byte in state matrix carries out inverse replacement operation according to byte substitution table.Assuming that the state matrix after inverse S box operation
Are as follows:
Then it can be expressed as against S box operation:
WhereinFor inverse S box operation function.Inverse S box operation is unique nonlinear operation in four operations of round transformation,
It is also the highest operation of computational complexity, therefore inverse S box computing circuit occupies the overwhelming majority electricity of entire AES decryption circuit
Road surface product and power consumption.
In inverse S box operation, input byte carries out an inverse Affine arithmetic first, and inverse Affine arithmetic is that encryption S box is affine
Then the inverse operation of operation carries out a finite field gf (28) domain comultiplication inverse operation, expression formula are as follows:
Wherein x is input byte, and it is constant matrices in encryption S box that ω, which is byte constant, and τ ' is 8 × 8bit constant matrices
The inverse matrix of τ, τ ' and ω are for completing inverse Affine arithmetic, ()A -1For GF (28) inverse of multiplication on domain.It is involved in the present invention
GF (28) domain is GF (2 specified in AES cryptographic algorithm8) domain, irreducible function is
F (x)=x8+x4+x3+x+1
In numerous S box implementations, the S box based on compositum, which is realized, has the smallest circuit area.Compositum S box
By mathematic(al) manipulation by major calculations unit-GF (2 in S box8) domain inverse of multiplication unit is mapped in compositum and realizes.
The computation complexity of compositum inverse of multiplication will be far smaller than GF (28) the inverse computation complexity of domain multiplication, thus can be big
The big hardware complexity for reducing S box circuit and realizing.
Inverse S box operation expression based on compositum are as follows:
Wherein ()C -1For the inverse of multiplication on compositum, compositum be arbitrarily with GF (28) domain isomorphism compositum, δ
For 8 × 8bit mapping matrix, effect is will to input byte x from GF (28) for domain mapping to compositum, δ ' is δ inverse matrix, make
With being that compositum inverse of multiplication result is mapped back to GF (2 from compositum8) domain.
In finite field, add operation is the operation of position XOR logic.According to x ⊕ y ⊕ 0=x ⊕ y, x ⊕ y ⊕ 1=x ⊕ y
=x ⊙ y, therefore, constant adds operation+ω in hardware realization, adds 0 operation that can directly dispense, and add-one operation can use two
Kind method replaces XOR logic operation: the XOR logic of 1. any two variables uses same or logic to replace;2. any two become
The use XOR logic of amount+negate logic realization.Due to or logic gate and exclusive or logic gate circuit area and be delayed almost
It is identical, while can ignore compared to exclusive or logic gate, the circuit area of reverse logic door and delay, it is therefore, hard in inverse S box
When part is realized, constant adds operation+ω circuit area and delay can be ignored.
4. key adds operation
Key adds operation to add operation identical with the key in encryption flow.Assuming that the state square after key adds operation
Battle array are as follows:
Key adds operation expression are as follows:
Wherein matrixIt for sub-key matrix, is generated by key schedule, sub-key matrix uses sequence and encryption
Process neutron cipher key matrix uses sequence opposite.
5. ordinary wheel transformation for mula
Four arithmetic elements in round transformation can be implemented separately, and adjacent several arithmetic elements can also be merged into
One arithmetic element is realized.The round transformation circuit that arithmetic element is implemented separately not only wastes circuit resource, and critical path
It is longer.The present invention is according to ordinary wheel transformation for mula, by the merging and synthesis operation of constant matrices, in common round transformation
Linear operation merges.As shown in figure 4, common round transformation successively carries out inverse column mixing, Retrograde transposition, replaced against byte and
The operations such as key adds, according to each sub- operational formula in round transformation among the above, it can be deduced that ordinary wheel transformation for mula are as follows:
WhereinFor constant matricesIn row vector,WithRespectively data matrixWith
Cipher key matrixIn column vector, it may be assumed that
To there is the output variable r of identical input in above-mentioned formulax,yOne group is divided, four groupings can be divided into altogether.
This four groupings have identical operation operation, and the circuit computing unit having the same in hardware realization.Each grouping output
Variable can be expressed as linear equation form:
Input variable and output variable in the above formula corresponding variable in each grouping are as follows:
Group I:Group II:
Group III:Group IV:
Area is realized in order to reduce circuit, and the present invention is further by the GF (2 in inverse S box8) multiplication inverse mapping is to compositum
In, the common round transformation after mapping is grouped formula are as follows:
As shown in figure 4, the present invention provides a kind of AES to decrypt ordinary wheel translation circuit structure, the AES decryption is common
Round transformation circuit structure includes: that sequentially connected data-in port, the first composite matrix multiplying unit, constant add fortune
Calculation unit, compositum inverse of multiplication unit, the second composite matrix multiplying unit and data-out port, described second
Key input mouth is also connected on composite matrix multiplying unit.
According to the above technical scheme, AES provided by the invention decrypts the sequentially connected data of ordinary wheel translation circuit structure
Input port, the first composite matrix multiplying unit, constant add arithmetic element, compositum inverse of multiplication unit, second to close
At matrix multiplication operation unit and data-out port, key is also connected on the second composite matrix multiplying unit
Input port.Ordinary wheel transform operation cellular construction in AES decryption circuit provided by the invention overcomes in the prior art
The circuit critical path path length of AES decryption round translation circuit structure, circuit realize that area is big, cause circuit to realize that difficulty is big and ask
Topic.
In a preferred embodiment of the invention, the data-in port, the key input mouth and institute
The data bit width for stating data-out port is all four bytes.
In a preferred embodiment of the invention, the first composite matrix multiplying unit includes one
Input terminal and an output end, input terminal are connected with data-in port, and output end adds the defeated of arithmetic element with the constant
Enter end to be connected;Wherein, the first composite matrix multiplying unit is by one group be made of four byte datas of input
Column vector and composite matrixCarry out multiplying, the composite matrixBy four constant matricesGroup
It closes, wherein constant matricesFor constant matrices δ, constant matrices τ ' and constant matricesProduct.Constant matricesFor
Constant matrices δ, constant matrices τ ' and constant matricesProduct.Constant matricesFor constant matrices δ, constant matrices τ ' and often
Matrix numberProduct.Constant matricesFor constant matrices δ, constant matrices τ ' and constant matricesProduct.For constant
The product of matrix delta and constant matrices τ '.Constant matrices δ is mapping matrix, and effect is by GF (28) element on domain is mapped to
On compositum, constant matrices τ ' is constant matrices specified by inverse Affine arithmetic in inverse S box operation.Constant matricesRespectively GF (28) multiplying constant × { 09 } on domain16、×{0b}16、×{0d}16、×{0e}16Matrix
Form.
In a preferred embodiment of the invention, the constant adds arithmetic element to include an input terminal and one
A output end, input terminal are connected with the output end of the first composite matrix multiplying unit, output end with it is described compound
The input terminal of domain inverse of multiplication unit is connected;Wherein, the constant adds arithmetic element to realize four byte datas inputted
Additive constant ωλOperation, constant ωλFor the product of constant matrices δ, constant matrices τ ' and constant ω, constant ω is inverse S box operation
In byte constant specified by inverse Affine arithmetic.
In a preferred embodiment of the invention, the compositum inverse of multiplication unit includes an input
End and an output end, input terminal add the output end of arithmetic element to be connected with the constant, output end and second synthesis
One input terminal of matrix multiplication operation unit is connected;Wherein, the compositum inverse of multiplication unit realizes the four of input
Inverse of multiplication of a byte data on compositum.
In a preferred embodiment of the invention, the second composite matrix multiplying unit includes two
Input terminal and an output end, the output of an input terminal and the compositum inverse of multiplication unit in two input terminals
End is connected, and is used for input data, another input terminal is connected with institute's key input mouth, for inputting key;Wherein, described
One group of column vector that second composite matrix multiplying unit forms four byte datas of input and four byte keys with
Composite matrixCarry out multiplying, the composite matrixBy constant matrices δ ' and constant matricesIt is composed, it is described
Constant matrices δ ' is mapping matrix, and effect is that the operation result on compositum is mapped back GF (28) on domain.
To sum up, AES provided by the invention decrypts the mistake of data processing in the ordinary wheel transform operation cellular construction in circuit
Journey is as follows:
The first step, AES decryption round translation circuit input one group of data vector from data-in portIt is inputted from key
Port inputs a group key vectorVectorWithIt is all made of four bytes, is denoted as respectively
Second step, the first composite matrix multiplying unit is by column vectorWith composite matrixCarry out multiplication fortune
It calculates, i.e.,Operation resultIt is further output to constant and adds arithmetic element.
Composite matrixBy constant matricesIt is composed:
Wherein constant matricesFor constant matrices δ, constant matrices τ ' and constant matricesProduct.Constant matricesFor
Constant matrices δ, constant matrices τ ' and constant matricesProduct.Constant matricesFor constant matrices δ, constant matrices τ ' and often
Matrix numberProduct.Constant matricesFor constant matrices δ, constant matrices τ ' and constant matricesProduct.Constant matricesRespectively GF (28) multiplying constant × { 09 } on domain16、×{0b}16、×{0d}16、×{0e}16Matrix
Form.Composite matrix multiplying unit 1 can be expressed with specific formula are as follows:
Third step, constant add arithmetic element to realize vectorWith constant vector ΩλSum operation.Often
Number vector ΩλBy four constant ωλIt is composed, i.e. Ωλ=[ωλ,ωλ,ωλ,ωλ]T, wherein constant ωλFor constant matrices
The product of δ, constant matrices τ ' and constant ω, i.e. ωλ=δ × τ ' × ω, constant ω are Affine arithmetic institute inverse in inverse S box operation
Specified byte constant.What constant added arithmetic element embodies form are as follows:
Operation resultIt is further output in compositum inverse of multiplication unit.
4th step, compositum inverse of multiplication unit willCarry out compositum inverse of multiplication.This
In compositum be arbitrarily with GF (28) domain isomorphism compositum.Compositum inverse of multiplication unit embodies form are as follows:
Operation resultFurther it is output to composite matrix multiplying unit 2.
5th step, in composite matrix multiplying unit 2, data vectorWith key to
AmountIt is further combined into a column vector And with
Composite matrixCarry out multiplying, composite matrixBy constant matrices δ ',It is composed:
Constant matricesRespectively GF (28) multiplying constant × { 01 } on domain16Matrix form.Then composite matrix multiplying
The expression of unit 2 are as follows:
6th step, data-out port export ordinary wheel transform operation circuit computing result
Ordinary wheel transform operation cellular construction progress AES decryption round is provided with the present invention the present invention also provides a kind of
The construction method of transformation, the construction method include: step 1, carry out a key first and add operation;Step 2, it then carries out
One wheel first run transformation, the circuit of the first run transformation realize that structure is identical as the ordinary wheel transform operation cellular construction;Step
3, finally carry out Nr- 1 common round transformation of wheel, the common round transformation are realized using the ordinary wheel transform operation cellular construction.
In a preferred embodiment of the invention, first run transformation successively carries out in the step 2: Retrograde transposition
Operation, inverse byte replacement operation and key add operation.
In a preferred embodiment of the invention, common round transformation described in the step 3 successively carries out: inverse
Column hybrid operation, Retrograde transposition operation, inverse byte replacement operation and key add operation.
It is described the prefered embodiments of the present invention in detail above in conjunction with attached drawing, still, the present invention is not limited to above-mentioned realities
The detail in mode is applied, within the scope of the technical concept of the present invention, a variety of letters can be carried out to technical solution of the present invention
Monotropic type, these simple variants all belong to the scope of protection of the present invention.
It is further to note that specific technical features described in the above specific embodiments, in not lance
It in the case where shield, can be combined in any appropriate way, in order to avoid unnecessary repetition, the present invention is to various
No further explanation will be given for possible combination.
In addition, various embodiments of the present invention can be combined randomly, as long as it is without prejudice to originally
The thought of invention, it should also be regarded as the disclosure of the present invention.
Claims (8)
1. a kind of AES decrypts ordinary wheel translation circuit structure, which is characterized in that the AES decrypts ordinary wheel translation circuit structure
It include: that sequentially connected data-in port, the first composite matrix multiplying unit, constant add arithmetic element, compositum to multiply
Method inverse operation unit, the second composite matrix multiplying unit and data-out port, the second composite matrix multiplying
Key input mouth is also connected on unit.
2. AES according to claim 1 decrypts ordinary wheel translation circuit structure, which is characterized in that the data input pin
The data bit width of mouth, the key input mouth and the data-out port is all four bytes.
3. AES according to claim 1 decrypts ordinary wheel translation circuit structure, which is characterized in that the first synthesis square
Battle array multiplying unit includes that an input terminal and an output end, input terminal are connected with data-in port, output end and
The constant adds the input terminal of arithmetic element to be connected;Wherein,
The first composite matrix multiplying unit is by the one group of column vector of input being made of four byte datas and synthesizes
MatrixCarry out multiplying, the composite matrixBy four constant matrices It is composed, wherein constant
MatrixFor constant matrices δ, constant matrices τ ' and constant matricesProduct.Constant matricesFor constant matrices δ, constant square
Battle array τ ' and constant matricesProduct.Constant matricesFor constant matrices δ, constant matrices τ ' and constant matricesProduct.Often
Matrix numberFor constant matrices δ, constant matrices τ ' and constant matricesProduct;For constant matrices δ's and constant matrices τ '
Product;Constant matrices δ is mapping matrix, and effect is by GF (28) element on domain is mapped on compositum, constant matrices τ '
For constant matrices specified by Affine arithmetic inverse in inverse S box operation;Constant matrices Respectively GF (28) on domain
Multiplying constant × { 09 }16、×{0b}16、×{0d}16、×{0e}16Matrix form, the expression formula of the first composite matrix are as follows:
4. AES according to claim 3 decrypts ordinary wheel translation circuit structure, which is characterized in that the constant adds operation
Unit includes an input terminal and an output end, the output end phase of input terminal and the first composite matrix multiplying unit
Connection, output end are connected with the input terminal of the compositum inverse of multiplication unit;Wherein,
The constant adds the additive constant ω of four byte datas of arithmetic element realization inputλOperation, constant ωλFor constant matrices
The product of δ, constant matrices τ ' and constant ω, constant ω are byte constant specified by inverse Affine arithmetic in inverse S box operation.
5. AES according to claim 4 decrypts ordinary wheel translation circuit structure, which is characterized in that the compositum multiplication
Inverse operation unit includes that an input terminal and an output end, input terminal add the output end of arithmetic element to be connected with the constant
It connects, output end is connected with an input terminal of the second composite matrix multiplying unit;Wherein,
The compositum inverse of multiplication unit realizes inverse of multiplication of four byte datas of input on compositum.
6. AES according to claim 5 decrypts ordinary wheel translation circuit structure, which is characterized in that the second synthesis square
Battle array multiplying unit includes two input terminals and an output end, an input terminal and the compositum in two input terminals
The output end of inverse of multiplication unit is connected, and is used for input data, another input terminal is connected with institute's key input mouth, is used for
Input key;Wherein,
The second composite matrix multiplying unit form four byte datas of input and four byte keys one group
Column vector and composite matrixCarry out multiplying, the composite matrixBy constant matrices δ ' and constant matricesCombination and
At the constant matrices δ ' is mapping matrix, and effect is that the operation result on compositum is mapped back GF (28) on domain;Constant
MatrixRespectively GF (28) multiplying constant × { 01 } on domain16Matrix form, the expression formula of the second composite matrix are as follows:
7. a kind of provide the round transformation that AES decryption ordinary wheel translation circuit structure carries out AES decryption with the claim 1-6
Construction method, which is characterized in that the round transformation construction method includes:
Step 1, a key is carried out first and adds operation, and the circuit implementing method that the key adds is conventional implementation method;
Step 2, a wheel first run transformation is then carried out, the circuit implementing method of the first run transformation is conventional implementation method;
Step 3, it finally carries out Nr -1 and takes turns common round transformation, the common round transformation utilizes the ordinary wheel transform operation unit knot
Structure is realized.
8. the round transformation construction method of AES decryption according to claim 7, which is characterized in that general described in the step 3
Logical round transformation successively carries out: inverse column hybrid operation, Retrograde transposition operation, inverse byte replacement operation and key add operation.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910073439.XA CN109936439A (en) | 2019-01-25 | 2019-01-25 | AES decrypts ordinary wheel translation circuit structure and round transformation construction method |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910073439.XA CN109936439A (en) | 2019-01-25 | 2019-01-25 | AES decrypts ordinary wheel translation circuit structure and round transformation construction method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN109936439A true CN109936439A (en) | 2019-06-25 |
Family
ID=66985102
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910073439.XA Pending CN109936439A (en) | 2019-01-25 | 2019-01-25 | AES decrypts ordinary wheel translation circuit structure and round transformation construction method |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN109936439A (en) |
Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8300805B1 (en) * | 2007-01-04 | 2012-10-30 | Altera Corporation | AES core with independent inputs and outputs |
CN108933652A (en) * | 2018-06-11 | 2018-12-04 | 安徽工程大学 | A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit |
-
2019
- 2019-01-25 CN CN201910073439.XA patent/CN109936439A/en active Pending
Patent Citations (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8300805B1 (en) * | 2007-01-04 | 2012-10-30 | Altera Corporation | AES core with independent inputs and outputs |
CN108933652A (en) * | 2018-06-11 | 2018-12-04 | 安徽工程大学 | A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN107070630B (en) | A kind of fast and safely hardware configuration of aes algorithm | |
Moh'd et al. | AES-512: 512-bit Advanced Encryption Standard algorithm design and evaluation | |
CN104639314A (en) | Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method | |
JP4025722B2 (en) | Method and apparatus for data encryption | |
CN104852798B (en) | A kind of data encrypting and deciphering system and method | |
CN109033892B (en) | Round conversion multiplexing circuit based on synthetic matrix and AES decryption circuit | |
Caforio et al. | Melting SNOW-V: improved lightweight architectures | |
CN109150495A (en) | A kind of round transformation multiplex circuit and its AES decrypt circuit | |
CN108933652A (en) | A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit | |
CN106982116A (en) | A kind of local file encryption method of the AES based on reversible logic circuits | |
CN107171782B (en) | AES private log encryption method based on reversible logic circuit | |
CN109039583A (en) | It is multiplexed round transformation circuit, AES encryption circuit and encryption method | |
CN108566271A (en) | It is multiplexed round transformation circuit, AES encryption circuit and its encryption method | |
CN109033847B (en) | AES encryption operation unit, AES encryption circuit and encryption method thereof | |
CN108809627B (en) | Round conversion multiplexing circuit and AES decryption circuit | |
CN109033893A (en) | AES encryption unit, AES encryption circuit and its encryption method based on composite matrix | |
CN109936439A (en) | AES decrypts ordinary wheel translation circuit structure and round transformation construction method | |
CN109639408A (en) | A kind of AES decryption multiplexing round transformation circuit structure | |
CN108964875A (en) | Ordinary wheel transform operation unit, ordinary wheel translation circuit and AES decrypt circuit | |
Harshitha et al. | High performance advanced encryption standard system using secure double rate registers | |
Banik et al. | Efficient configurations for block ciphers with unified ENC/DEC paths | |
CN109033023A (en) | A kind of ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit | |
CN109936440A (en) | AES decrypts multiplexing round transformation arithmetic element structure and construction method in circuit | |
CN108989018A (en) | A kind of AES encryption unit, AES encryption circuit and encryption method | |
CN109660333A (en) | AES decryption multiplexing round transformation arithmetic element structure |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190625 |
|
RJ01 | Rejection of invention patent application after publication |