CN111079934B - Number theory transformation unit and method applied to error learning encryption algorithm on ring domain - Google Patents
Number theory transformation unit and method applied to error learning encryption algorithm on ring domain Download PDFInfo
- Publication number
- CN111079934B CN111079934B CN201911132437.XA CN201911132437A CN111079934B CN 111079934 B CN111079934 B CN 111079934B CN 201911132437 A CN201911132437 A CN 201911132437A CN 111079934 B CN111079934 B CN 111079934B
- Authority
- CN
- China
- Prior art keywords
- input
- output
- register
- read
- butterfly operation
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06N—COMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
- G06N10/00—Quantum computing, i.e. information processing based on quantum-mechanical phenomena
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F7/00—Methods or arrangements for processing data by operating upon the order or content of the data handled
- G06F7/38—Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
- G06F7/48—Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices
- G06F7/50—Adding; Subtracting
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0852—Quantum cryptography
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D30/00—Reducing energy consumption in communication networks
- Y02D30/50—Reducing energy consumption in communication networks in wire-line communication networks, e.g. low power modes or reduced link rate
Abstract
The invention discloses a number theory transformation unit and a number theory transformation method applied to an error learning encryption algorithm in a loop domain, and belongs to the field of circuit implementation of an information security algorithm. The number theory transformation unit comprises: the device comprises an input/output controller, a butterfly operation unit, an address generator and a finite state machine; the input/output controller controls the read-write design and data output with the external memory; the butterfly operation unit realizes basic number theory transformation butterfly operation; the address generator generates a data address and a corresponding twiddle factor; the finite state machine controls the working process of the whole butterfly operation unit. The invention adopts a fast modular multiplication circuit based on distributed storage, thereby reducing a large amount of time brought by modular operation in butterfly operation; under the condition of less circuit resource consumption, the number theory transformation can be quickly completed, the operation efficiency of the circuit is greatly improved, and the purpose of high-speed encryption and decryption of the error learning encryption algorithm on the ring domain is achieved.
Description
Technical Field
The invention belongs to the field of circuit realization of information security algorithms, and particularly relates to a number theory transformation unit and a number theory transformation method applied to an error learning encryption algorithm on a ring domain.
Background
With the advent of quantum computers and the development of cryptographic cracking technology, conventional public key encryption schemes, such as rsa (rivest Shamir adleman) based on large integer decomposition and Elliptic Curve Cryptography (ECC) based on discrete logarithm problem, no longer have sufficient security. In the current post-quantum encryption scheme, the encryption scheme based on lattice theory has the advantages of high encryption efficiency, simple hardware implementation and the like and has great potential compared with other schemes. There are three current encryption schemes based on lattice theory: a polynomial Ring based encryption scheme (NTRU), an error learning problem based encryption scheme (LWE), and an error learning problem over the Ring domain encryption scheme (Ring-LWE).
The Ring-LWE encryption scheme is an evolution of the LWE encryption scheme over the Ring domain (Ring). Compared with the other two schemes, the method has the advantages of lower error rate, smaller public key length and higher operation speed, and therefore, the method has more potential to be applied to the fields of Internet of things, cloud computing, 5G communication and the like. In the encryption and decryption process of the current Ring-LWE encryption scheme, multiple polynomial multiplication calculations occupy most of the calculation time. Among the many Ring-LWE encryption schemes that exist, computing polynomial multiplication using number-theoretic transforms (NTTs) is a versatile and efficient method. Therefore, the research on the number theory transformation unit applied to the error learning encryption algorithm on the Ring domain to improve the operation speed and reduce the calculation time of polynomial multiplication has important significance for the practical application of the Ring-LWE encryption scheme.
Disclosure of Invention
Aiming at the defects of the prior art, the invention provides a number theory transformation unit and a number theory transformation method applied to an error learning encryption algorithm on a Ring domain, and aims to realize the rapid number theory transformation in a Ring-LWE encryption scheme so as to complete high-speed polynomial operation, reduce the operation time of the whole encryption and decryption process and further improve the operation efficiency of a circuit.
In order to achieve the above object, the present invention provides a number theory transformation unit applied to an error learning encryption algorithm in a ring domain, comprising a first dual-port random access memory, an input/output controller, a butterfly operation unit, a second dual-port random access memory, an address generator and a finite state machine;
the finite state machine is used for controlling the operation sequence and the input-output relation of the butterfly operation unit, the address generator is used for generating a data address and providing a twiddle factor for the butterfly operation unit, and the input-output controller is used for realizing the control of the first double-port random access memory and the second double-port random access memory, the output of corresponding addresses and the input and output of data;
and the first dual-port random access memory and the second dual-port random access memory alternately perform read-write operation.
Further, the butterfly operation unit comprises a register group, a modular multiplication operation unit, a third modular adder and a modular subtracter;
the modular multiplication operation unit comprises a multiplier, a first read-only memory, a second read-only memory, a modular duplicator, a first modular adder and a second modular adder; the two inputs of the multiplier are respectively connected with the second input end and the third input end of the butterfly operation unit, the binary output of the multiplier is divided into three paths according to high, middle and low bits and respectively connected with the input ends of the first read-only memory, the second read-only memory and the modular approximation device; two inputs of the first modulo adder are respectively connected with output ends of the first read-only memory and the second read-only memory, and two inputs of the second modulo adder are respectively connected with output ends of the first modulo adder and the second modulo adder;
and the division results are stored in the first read-only memory and the second read-only memory in advance.
Furthermore, a first output end, a second output end and a third output end of the finite-state machine are respectively connected with the input ends of the input-output controller, the address generator and the butterfly operation unit;
the first output end and the second output end of the address generator are respectively connected with the input/output controller and the input end of the butterfly operation unit;
the input and output controller is connected with the butterfly operation unit, the first dual-port random access memory and the second dual-port random access memory.
Further, the register group comprises a first register, a second register, a third register and a fourth register;
the input end of the first register is connected with the first input end of the butterfly operation unit, the first register, the second register and the third register are sequentially connected, and the output of the third register is simultaneously connected with the input ends of the third modulus adder and the first modulus subtractor; and the input end of the fourth register is connected with the output end of the second modulo adder, and the output end of the fourth register is simultaneously connected with the input ends of the third modulo adder and the first modulo subtracter.
Further, the modulus approximator comprises a data comparator, a subtracter and a two-way selector; and directly outputting when the input data is smaller than the modulus q, and outputting after subtracting the q when the input data is larger than or equal to the modulus q.
The invention also provides an operation method based on the number theory transformation unit, which comprises the following steps:
the method comprises the following steps: storing data to be converted into a first double-port random access memory, and obtaining an enabling signal by a butterfly operation unit to start running;
step two: the finite state machine starts working, judges whether the number theory transformation is positive transformation or inverse transformation, and sends corresponding control signals to the input and output controller and the address generator;
step three: the address generator generates a corresponding address after obtaining the signal and outputs the address to the input and output controller, and generates a corresponding twiddle factor and sends the twiddle factor to the butterfly operation unit; the input/output controller selects the corresponding double-port random access memory to read data or write data according to a signal provided by the finite state machine, provides the data read from the double-port random access memory to the butterfly operation unit, and stores the operation result of the butterfly operation unit into the other double-port random access memory;
step four: the finite state machine judges that the butterfly operation of the round is finished and judges whether the whole butterfly operation part is finished or not; if not, controlling the input/output controller to exchange the read-write control of the two double-port random access memories, and returning to the step three; if yes, entering step five;
step five: if the number theory transformation is positive transformation, the whole operation is finished, and a completion signal is output; if the data is the inverse transformation of the number theory transformation, the finite state machine enables the input/output controller to control one of two ports of the second double-port random access memory to read data and the other to write data;
step six: the input/output controller reads data from the second dual-port random access memory and transmits the data to the butterfly operation unit to perform inverse dot multiplication operation; and storing the result calculated by the butterfly operation unit back to the second double-port random access memory until all data are processed.
Further, the operating method of the butterfly operation unit includes the following steps:
the first data a _ in participating in butterfly operation is stored in a first register, each clock period is sequentially transmitted to a second register and a third register at the later stage, and the second data b _ in participating in butterfly operation and a twiddle factor wn are directly input into a multiplier;
the binary result of the multiplier is divided into three parts according to high, middle and low bits, the high bit part and the middle bit part are respectively used as the address input of the first read-only memory and the second read-only memory, and the output results of the first read-only memory and the second read-only memory are added through a first modulus adder; inputting the low-order part into a modular adder, performing modular addition operation on output results of the first modular adder and the modular adder through a second modular adder, and storing the output results into a fourth register;
and inputting the values of the third register and the fourth register into a third modulo adder and a modulo subtracter to obtain a calculation result a _ out and a calculation result b _ out respectively.
In general, compared with the prior art, the above technical solution contemplated by the present invention can achieve the following beneficial effects:
(1) the number theory conversion unit of the invention adopts a fast modular multiplication circuit based on distributed storage and is used for reducing a large amount of time and resource consumption brought by modular operation in butterfly operation. Compared with the traditional number theory transformation butterfly operation unit, the method can save a large amount of time, greatly accelerate the operation speed of Ring-LWE encryption and decryption, and enable the Ring-LWE encryption scheme to be widely applied to various scenes.
(2) And in the operation process of the number theory conversion unit, the two double-port random access memories are used for alternately performing read-write operation, so that the operation efficiency is further improved.
(3) The data pre-stored in the read-only memory of the number theory transformation unit can be modified and can be matched with the Ring-LWE encryption scheme under different parameters, thereby meeting the requirements of low cost and reconfigurability in various different applications.
Drawings
FIG. 1 is a diagram of a number theory transformation unit applied to an error learning encryption algorithm in a ring domain;
fig. 2 is a circuit diagram of a butterfly operation unit related to a number theory transformation unit applied to an error learning encryption algorithm in a ring domain.
Detailed Description
In order to make the objects, technical solutions and advantages of the present invention more apparent, the present invention is described in further detail below with reference to the accompanying drawings and embodiments. It should be understood that the specific embodiments described herein are merely illustrative of the invention and are not intended to limit the invention.
Fig. 1 is a block diagram of a number theory transformation unit applied to an error learning encryption algorithm in a ring domain according to an embodiment of the present invention, where the unit includes a first dual-port random access memory 101, an input/output controller 102, a butterfly unit 103, a second dual-port random access memory 104, an address generator 105, and a finite state machine 106.
A first output end of the finite-state machine 106 is connected with an input end of the input-output controller 102, and is used for setting input-output directions of the input-output controller to the two external random access memories; a second output terminal of the finite-state machine 106 is connected to an input terminal of the address generator 105 for controlling the operating state of the address generator; a third output terminal of the finite state machine 106 is connected to the input terminal of the butterfly operation unit 103 for controlling the operating state of the butterfly operation unit.
A first output terminal of the address generator 105 is connected to an input terminal of the input/output controller 102, and is configured to provide a data address for the input/output controller; a second output end of the address generator 105 is connected to an input end of the butterfly operation unit 103, and is used for realizing transmission of twiddle factors; the butterfly operation unit 103 is connected to the input/output controller 102 for implementing transmission of data to be operated and operation result data.
The input/output controller 102 is connected to the input ends of the two external dual-port random access memories 101 and 104, and is used for reading and writing data of the two dual-port random access memories.
The number theory conversion unit of the invention controls the operation sequence and the input-output relation of the whole butterfly operation unit through a finite state machine 106, an address generator 105 generates a data address and provides a twiddle factor for the butterfly operation unit 103, and an input-output controller 102 realizes the control of two external random access memories, the output of corresponding addresses and the input-output of data.
The arithmetic method of the number theory transformation unit is as follows:
the method comprises the following steps: storing data to be transformed into a first double-port random access memory (101), and starting operation by a butterfly operation unit after obtaining an enable signal;
step two: the finite-state machine 106 starts to work, judges whether the number-theory transformation is positive transformation or inverse transformation, and sends corresponding control signals to the input-output controller 102 and the address generator 105;
step three: the address generator 105 generates a corresponding address to output to the input/output controller 102 after obtaining the signal, and generates a corresponding twiddle factor to send to the butterfly operation unit 103; the input/output controller 102 selects corresponding dual-port random access memory to read data or write data according to a signal provided by the finite state machine 106, provides the data read from the dual-port random access memory to the butterfly operation unit 103, and stores the operation result of the butterfly operation unit 103 into the other dual-port random access memory;
step four: the finite state machine 106 judges that the butterfly operation of the round is finished and judges whether the whole butterfly operation part is finished or not; if not, controlling the input/output controller 102 to exchange the read-write control of the two double-port random access memories, and returning to the step three; if yes, entering step five;
step five: if the number theory transformation is positive transformation, the whole operation is finished, and a completion signal is output; if the number-theoretic transformation is inverse transformation, the finite-state machine 106 enables the input-output controller 102 to control one of the two ports of the second dual-port random access memory 104 to read data and the other to write data;
step six: the input/output controller 102 reads data from the second dual-port random access memory 104 and transmits the data to the butterfly operation unit 103 to perform inverse dot product operation; the result calculated by the butterfly operation unit 103 is stored back to the second dual-port random access memory 104 until all data processing is completed.
And finishing the whole operation after the processing is finished, and outputting a finished signal. In the operation process, the first dual-port random access memory 101 and the second dual-port random access memory 104 alternately perform read-write operation, so that the operation efficiency is improved.
In order to meet the requirements of high speed and real time of an error learning encryption algorithm on a ring domain, the invention designs a butterfly operation unit. Fig. 2 is a structural diagram of a butterfly operation unit according to an embodiment of the invention. The butterfly operation unit comprises a register bank, a modular multiplication operation unit, a third modular adder 204 and a modular subtracter 212, wherein the register bank comprises a first register 201, a second register 202, a third register 203 and a fourth register 211, and the modular multiplication operation unit comprises a multiplier 205, a first read only memory 206, a second read only memory 208, a modular approximator 209, a first modular adder 207 and a second modular adder 210.
The input end of the first register 201 is connected with the first input end of the butterfly operation unit, the output end of the first register 201 is connected with the input end of the second register 202, and the output end of the second register 202 is connected with the input end of the third register 203, so that the pipeline is used for storing data, and the final operation is participated after the operation of the other path of data is completed.
The two inputs of the multiplier 205 are connected to the second input terminal and the third input terminal of the butterfly unit, respectively. The binary output of the multiplier 205 is divided into three paths according to high, middle and low bits, and the three paths are respectively connected with the input ends of the first read-only memory 206, the second read-only memory 208 and the modulus reducer 209, so as to realize multiplication and distributed division of data.
The input terminal of the first modulo adder 207 is connected to the output terminal of the first rom 206 and the output terminal of the second rom 208, respectively, the input terminal of the second modulo adder 210 is connected to the output terminal of the first modulo adder 207 and the output terminal of the modulo adder 209, respectively, and the output terminal of the second modulo adder 210 is connected to the input terminal of the fourth register.
The output end of the third register 203 and the output end of the fourth register 211 are both connected with the input end of the third modulo adder 204 and the input end of the first modulo subtracter 212, so as to realize the acquisition of the final result of the butterfly operation.
The modulo device 209 includes a data comparator, a subtractor, and a two-way selector. When the input data is less than the modulus q, the output is directly output, and when the input data is greater than or equal to the modulus q, the output is obtained after q is subtracted, wherein the subtracter is a common subtracter.
The working process of the butterfly operation unit is as follows: the first data a _ in participating in the butterfly operation is stored in the first register 201, and is sequentially transmitted to the second register 202 and the third register 203 of the subsequent stage every clock cycle. The second data b _ in of the butterfly and the twiddle factor wn are input directly to the multiplier 205. The binary result of the multiplier 205 is divided into three parts according to high, middle and low bits, and is transmitted to the first rom 206, the second rom 208 and the modulus multiplier 209 respectively. The output results of the first rom 206, the second rom 208 and the modulus interpolator 209 are then modulo-added by the modulus adders 207 and 210 in sequence and stored in the fourth register 211. When the operation result is stored in the fourth register 211, the corresponding first data a _ in is also stored in the third register 203, and the values of the third and fourth registers 211 are input to the modulo adder 204 and the modulo subtracter 212, resulting in a _ out and b _ out, respectively.
The invention is specially designed aiming at the problem that the existing number theory transformation unit can not meet the requirements of various fields on the high speed and the real-time performance of Ring-LWE. The division result is stored in the read-only memory in advance, so that the calculation process of a hardware circuit is omitted, and the result is directly obtained, thereby greatly accelerating the operation speed. Meanwhile, by adopting a flow line design, each link is not influenced mutually, new data are input in each period, new results are generated, and high-speed number theory transformation butterfly operation is realized.
A preferred embodiment of the present invention will be described below by taking 12286-bit modulo q, 14-bit arithmetic data as an example. First, data to be processed a _ in [13:0], b _ in [13:0], wn _ in [13:0] are input from the outside. The data input a _ in [13:0] is stored in the first register 201, the next clock cycle is transferred to the second register 202, and the next clock cycle is transferred to the third register 203. b _ in [13:0] and wn _ in [13:0] are passed to the multiplier 205 for multiplication, resulting in a product of 28 bits of data.
The 28 bits are integrated into three parts: high 7 bits (27: 21), low 7 bits (20: 14) and low 14 bits (13: 0). The high 7 bits and the low 7 bits are respectively used as the address input of the first rom 206 and the second rom 208, the division result is stored in the first rom 206 and the second rom 208 in advance, and the output results are added by the modulo adder 207. The lower 14 bits of data may be larger than the modulo q of 12286, and cannot directly participate in the modulo addition operation, so the modulo addition unit 209 restricts the value size thereof within the range of 0 to q, and then the outputs of the modulo addition unit 209 and the modulo addition unit 207 are sent to the modulo addition unit 210, and the result of the modulo addition unit 210 is stored in the fourth register 211, thereby completing the division operation. Finally, the final result output is calculated by the modulo adder 204 and the modulo subtracter 212.
The circuit structure designed by the invention is a fast modular multiplication circuit based on distributed storage, and a large amount of time and resource consumption brought by modular operation in butterfly operation are reduced. The result of the multiplier is input to the read-only memory and the modular approximation device in a bit-dividing mode, and then the output of the read-only memory and the modular approximation device is subjected to modular addition, so that the modular result can be quickly obtained, and the structure meets the requirements of low cost and reconfigurability.
It will be understood by those skilled in the art that the foregoing is only a preferred embodiment of the present invention, and is not intended to limit the invention, and that any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the scope of the present invention.
Claims (6)
1. The number theory transformation unit is applied to an error learning encryption algorithm on a ring domain and is characterized by comprising a first double-port random access memory (101), an input-output controller (102), a butterfly operation unit (103), a second double-port random access memory (104), an address generator (105) and a finite state machine (106);
the finite state machine (106) is used for controlling the operation sequence and the input-output relation of the butterfly operation unit, the address generator (105) is used for generating data addresses and providing twiddle factors for the butterfly operation unit (103), and the input-output controller (102) is used for realizing the control of the first dual-port random access memory (101) and the second dual-port random access memory (104), the output of corresponding addresses and the input-output of data; the first dual-port random access memory (101) and the second dual-port random access memory (104) alternately perform read-write operation; a first output end, a second output end and a third output end of the finite-state machine (106) are respectively connected with input ends of the input-output controller (102), the address generator (105) and the butterfly operation unit (103); a first output end and a second output end of the address generator (105) are respectively connected with input ends of the input-output controller (102) and the butterfly operation unit (103); the input/output controller (102) is connected with the butterfly operation unit (103), the first dual-port random access memory (101) and the second dual-port random access memory (104).
2. The number-theoretic transform unit according to claim 1, wherein the butterfly unit comprises a register set, a modular multiplication unit, a third modulo adder (204) and a modulo subtracter (212);
the modular multiplication operation unit comprises a multiplier (205), a first read only memory (206), a second read only memory (208), a modular duplicator (209), a first modular adder (207) and a second modular adder (210); the two inputs of the multiplier (205) are respectively connected with the second input end and the third input end of the butterfly operation unit, the binary output of the multiplier (205) is divided into three paths according to high, middle and low bits and is respectively connected with the input ends of the first read-only memory (206), the second read-only memory (208) and the modulus reducer (209); two inputs of the first modulo adder (207) are respectively connected with output ends of the first read-only memory (206) and the second read-only memory (208), and two inputs of the second modulo adder (210) are respectively connected with output ends of the first modulo adder (207) and the modulo adder (209);
the division result is stored in advance in the first read-only memory (206) and the second read-only memory (208).
3. A number theory transformation unit according to claim 2, characterized in that the register set comprises a first register (201), a second register (202), a third register (203) and a fourth register (211);
the input end of the first register (201) is connected with the first input end of a butterfly operation unit, the first register (201), the second register (202) and the third register (203) are sequentially connected, and the output of the third register (203) is simultaneously connected with the input ends of the third modulus adder (204) and the first modulus reducer (212); the input end of the fourth register (211) is connected with the output end of the second modulo adder (210), and the output end of the fourth register (211) is simultaneously connected with the input ends of the third modulo adder (204) and the first modulo subtracter (212).
4. A number theory transformation unit according to claim 3, characterized in that the modulus multiplier (209) comprises a data comparator, a subtractor and a two-way selector; and directly outputting when the input data is smaller than the modulus q, and outputting after subtracting the q when the input data is larger than or equal to the modulus q.
5. An operation method based on the number theory transformation unit of any one of claims 1 to 4, characterized by comprising the steps of:
the method comprises the following steps: the data to be transformed is stored in a first double-port random access memory (101), and a butterfly operation unit (103) obtains an enable signal to start running;
step two: the finite-state machine (106) starts to work, judges whether the number-theory transformation is positive transformation or inverse transformation, and sends corresponding control signals to the input-output controller (102) and the address generator (105);
step three: the address generator (105) generates a corresponding address to be output to the input/output controller (102) after obtaining the signal, and generates a corresponding twiddle factor to be sent to the butterfly operation unit (103); the input/output controller (102) selects corresponding double-port random access memory to read data or write data according to signals provided by the finite state machine (106), provides the data read from the double-port random access memory to the butterfly operation unit (103), and stores the operation result of the butterfly operation unit (103) into the other double-port random access memory;
step four: the finite state machine (106) judges that the butterfly operation of the round is finished and judges whether the whole butterfly operation part is finished or not; if not, controlling the input/output controller (102) to exchange the read-write control of the two double-port random access memories, and returning to the step three; if yes, entering step five;
step five: if the number theory transformation is positive transformation, the whole operation is finished, and a completion signal is output; if the number-theory transformation is inverse transformation, the finite-state machine (106) enables the input-output controller (102) to control two ports of the second dual-port random access memory (104) to read data from one port and write data from the other port;
step six: the input/output controller (102) reads data from the second dual-port random access memory (104) and transmits the data to the butterfly operation unit (103) to perform inverse dot multiplication operation; the result calculated by the butterfly operation unit (103) is stored back into the second dual-port RAM (104) until all data is processed.
6. The method of claim 5, wherein said butterfly unit is operable by:
the first data a _ in participating in butterfly operation is stored in a first register (201), each clock cycle is sequentially transmitted to a second register (202) and a third register (203) at the later stage, and the second data b _ in participating in butterfly operation and a twiddle factor wn are directly input into a multiplier (205);
the binary result of the multiplier (205) is divided into three parts according to high, middle and low bits, the high bit part and the middle bit part are respectively used as the address input of a first read-only memory (206) and a second read-only memory (208), and the results output by the first read-only memory (206) and the second read-only memory (208) are added by a first modulo adder (207); inputting the low-order part into a modulus adder (209), and performing modulus addition operation on the output results of the first modulus adder (207) and the modulus adder (209) through a second modulus adder (210) and storing the output results into a fourth register (211);
the values of the third register (203) and the fourth register (211) are input into a third modulo adder (204) and a modulo subtracter (212) to obtain the calculation results a _ out and b _ out, respectively.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911132437.XA CN111079934B (en) | 2019-11-18 | 2019-11-18 | Number theory transformation unit and method applied to error learning encryption algorithm on ring domain |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911132437.XA CN111079934B (en) | 2019-11-18 | 2019-11-18 | Number theory transformation unit and method applied to error learning encryption algorithm on ring domain |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111079934A CN111079934A (en) | 2020-04-28 |
| CN111079934B true CN111079934B (en) | 2022-09-27 |
Family
ID=70311025
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911132437.XA Active CN111079934B (en) | 2019-11-18 | 2019-11-18 | Number theory transformation unit and method applied to error learning encryption algorithm on ring domain |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111079934B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111694542B (en) * | 2020-05-06 | 2021-12-07 | 常熟理工学院 | Base 16 arithmetic circuit for number theory conversion multiplication |
| CN112346703B (en) * | 2020-11-24 | 2021-10-22 | 华中科技大学 | Global average pooling circuit for convolutional neural network calculation |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1696894A (en) * | 2004-05-10 | 2005-11-16 | 华为技术有限公司 | Multiplier calculating modular multiplicatin of large numbers |
| CN104065478A (en) * | 2014-06-18 | 2014-09-24 | 天津大学 | Polynomial modular multiplication coprocessor based on lattice-based cryptosystem |
| CN106685663A (en) * | 2017-02-15 | 2017-05-17 | 华中科技大学 | Encryption method for error learning problem in ring domain and circuit |
| CN109412786A (en) * | 2018-11-14 | 2019-03-01 | 沈阳航空航天大学 | A kind of integer ciphertext arithmetic operation method based on homomorphic cryptography |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP3656087A4 (en) * | 2017-07-17 | 2021-04-07 | HRL Laboratories, LLC | Practical reusable fuzzy extractor based on the learning-with-error assumption and random oracle |
-
2019
- 2019-11-18 CN CN201911132437.XA patent/CN111079934B/en active Active
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1696894A (en) * | 2004-05-10 | 2005-11-16 | 华为技术有限公司 | Multiplier calculating modular multiplicatin of large numbers |
| CN104065478A (en) * | 2014-06-18 | 2014-09-24 | 天津大学 | Polynomial modular multiplication coprocessor based on lattice-based cryptosystem |
| CN106685663A (en) * | 2017-02-15 | 2017-05-17 | 华中科技大学 | Encryption method for error learning problem in ring domain and circuit |
| CN109412786A (en) * | 2018-11-14 | 2019-03-01 | 沈阳航空航天大学 | A kind of integer ciphertext arithmetic operation method based on homomorphic cryptography |
Non-Patent Citations (2)
| Title |
|---|
| "A Resource-Efficient and Side-Channel Secure Hardware Implementation of Ring-LWE Cryptographic Processor";Dongsheng Liu et al.;《IEEE TRANSACTIONS ON CIRCUITS AND SYSTEMS–I: REGULAR PAPERS》;20190430;第1474-1483页 * |
| "一种高性能R-LWE格加密算法的电路结构及其FPGA实现";芮康康 等;《数据采集与处理》;20190731;第689-696页 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111079934A (en) | 2020-04-28 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112865954B (en) | Accelerator, chip and system for Paillier decryption | |
| CN112070222B (en) | Processing device, accelerator and method for federal learning | |
| CN111832050B (en) | Paillier encryption scheme based on FPGA chip implementation for federal learning | |
| CN111079934B (en) | Number theory transformation unit and method applied to error learning encryption algorithm on ring domain | |
| CN113628094B (en) | High-throughput SM2 digital signature computing system and method based on GPU | |
| CN106685663A (en) | Encryption method for error learning problem in ring domain and circuit | |
| CN114297571A (en) | Polynomial multiplication hardware implementation system suitable for lattice cipher algorithm | |
| CN115344237A (en) | Data processing method combining Karatsuba and Montgomery modular multiplication | |
| CN114021734B (en) | Parameter calculation device, system and method for federal learning and privacy calculation | |
| CN110704109B (en) | Elliptic curve password coprocessor | |
| CN114138235A (en) | Soft and hard cooperative segmented scanning Montgomery modular exponentiation computing system and readable storage medium | |
| CN110990767B (en) | Reconfigurable number theory transformation unit and method applied to lattice cryptosystem | |
| Liu et al. | Efficient digit-serial KA-based multiplier over binary extension fields using block recombination approach | |
| CN101819519B (en) | Multifunctional digital signing circuit | |
| CN116561819A (en) | Encryption and decryption method based on from-Cook on-loop polynomial multiplication and on-loop polynomial multiplier | |
| CN114238205B (en) | High-performance ECC coprocessor system for resisting power attack | |
| CN113342310A (en) | Serial parameter configurable fast number theory transformation hardware accelerator applied to lattice password | |
| CN111814680B (en) | Control method of multi-channel AXI bus based on FPGA | |
| CN116820397B (en) | Rapid number theory conversion circuit based on CRYSTALS-Kyber | |
| CN116820394B (en) | Scalar multiplication circuit oriented to elliptic curve encryption algorithm | |
| CN114239818B (en) | Memory computing architecture neural network accelerator based on TCAM and LUT | |
| CN107977194A (en) | Polynomial basis GF (2^226) high speed modular inversion device based on AOP | |
| CN116886274B (en) | High-efficiency application type polynomial operation circuit applied to CRYSTALS-Kyber | |
| TWI406548B (en) | An elliptic curve cryptography operation circuit | |
| CN115600056A (en) | FFT system and FFT method for highly compressing time sequence |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |