CN111092718A - Encryption method and device and electronic equipment - Google Patents
Encryption method and device and electronic equipment Download PDFInfo
- Publication number
- CN111092718A CN111092718A CN201911362811.5A CN201911362811A CN111092718A CN 111092718 A CN111092718 A CN 111092718A CN 201911362811 A CN201911362811 A CN 201911362811A CN 111092718 A CN111092718 A CN 111092718A
- Authority
- CN
- China
- Prior art keywords
- data
- domain
- encrypted
- encryption key
- data blocks
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 64
- 230000009466 transformation Effects 0.000 claims abstract description 43
- 238000012545 processing Methods 0.000 claims abstract description 25
- 238000000354 decomposition reaction Methods 0.000 claims abstract description 16
- 230000008859 change Effects 0.000 claims abstract description 8
- 238000004590 computer program Methods 0.000 claims description 8
- 238000006243 chemical reaction Methods 0.000 claims description 4
- 230000001131 transforming effect Effects 0.000 claims description 3
- 238000004422 calculation algorithm Methods 0.000 description 29
- 238000004364 calculation method Methods 0.000 description 22
- 230000006870 function Effects 0.000 description 13
- 238000007792 addition Methods 0.000 description 12
- 238000010586 diagram Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 8
- 230000002093 peripheral effect Effects 0.000 description 4
- 230000009471 action Effects 0.000 description 3
- 238000009795 derivation Methods 0.000 description 3
- 230000004048 modification Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 238000006467 substitution reaction Methods 0.000 description 2
- 230000005540 biological transmission Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000006872 improvement Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000007620 mathematical function Methods 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 238000011160 research Methods 0.000 description 1
- 239000000126 substance Substances 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/30—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
- H04L9/3006—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters
- H04L9/3033—Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy underlying computational problems or public-key parameters details relating to pseudo-prime or prime number generation, e.g. primality test
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The application provides an encryption method, an encryption device and electronic equipment, wherein the method comprises the following steps: according to the modulus value in the encryption key, performing domain transformation and decomposition processing on the data to be encrypted to obtain a plurality of data blocks in the specified domain; performing modular multiplication operation on the plurality of data blocks by using the power value of the encryption key to obtain corresponding modular multiplication data blocks; and carrying out standard domain change on the modular multiplication data block to obtain corresponding encrypted data.
Description
Technical Field
The present application relates to the field of computer technologies, and in particular, to an encryption method, an encryption device, and an electronic device.
Background
The public key cryptographic algorithm is different from the traditional symmetric cryptographic algorithm, the algorithm is based on mathematical function rather than substitution and replacement, and belongs to the asymmetric cryptographic system. The public key cryptographic algorithm can realize the encryption and decryption of information, can also be used in aspects of digital signature, key management, identity authentication and the like, and is widely adopted in the field of information security. However, when a large number of operations exist in the encryption process, the longer the key length is, the slower the calculation speed is, and great pressure and challenge are brought to the traditional software calculation mode.
Disclosure of Invention
In view of the above, an object of the present invention is to provide an encryption method, an encryption device and an electronic device. The effect of improving the configuration of data that can be operated for each user can be achieved.
In a first aspect, an embodiment of the present application provides an encryption method, including:
according to the modulus value in the encryption key, performing domain transformation and decomposition processing on the data to be encrypted to obtain a plurality of data blocks in a specified domain;
performing modular multiplication operation on the plurality of data blocks by using the power value of the encryption key to obtain corresponding modular multiplication data blocks;
and carrying out standard domain change on the modular multiplication data block to obtain corresponding encrypted data.
In an optional implementation manner, the step of performing domain transformation and decomposition processing on the data to be encrypted according to a modulus value in the encryption key to obtain a plurality of data blocks in a specified domain includes:
according to the modulus value in the encryption key, performing domain transformation on the data to be encrypted to obtain domain data in the designated domain;
the domain data is decomposed into a set number of data blocks.
In an optional implementation manner, the step of performing domain transformation and decomposition processing on the data to be encrypted according to a modulus value in the encryption key to obtain a plurality of data blocks in a specified domain includes:
decomposing data to be encrypted into a plurality of initial data blocks with a set number;
and performing domain transformation on the plurality of initial data blocks according to the modulus values in the encryption key to obtain a plurality of domain data under the appointed domain.
According to the encryption method provided by the embodiment of the application, the data is divided into a plurality of data blocks, so that multiplication of a large number can be converted into multiplication among a plurality of small numbers, the calculation amount can be reduced, and the encryption speed is increased.
In an optional embodiment, the step of performing domain transformation on the data to be encrypted according to a modulus value in the encryption key to obtain domain data in a specified domain includes:
and according to the modulus value in the encryption key, carrying out domain transformation on the data to be encrypted by using the Montgomery domain to obtain domain data under the Montgomery domain.
In an optional embodiment, the domain transformation of the data to be encrypted using the montgomery domain according to the modulus value in the encryption key to obtain the domain data in the montgomery domain is implemented by:
m_mon=(m*R)mod n;
wherein m represents the data to be encrypted, R represents the smallest power of two greater than m, m _ mon represents the domain data in the montgomery domain, and n represents the modulus value in the encryption key.
According to the encryption method provided by the embodiment of the application, the data in the Montgomery domain is calculated firstly, and then the data in the Montgomery domain is subjected to multiplication calculation, so that the encryption calculation speed can be improved.
In an optional embodiment, the step of performing modular multiplication operation on the plurality of data blocks by using the power value of the encryption key to obtain corresponding modular multiplied data blocks includes:
and performing modular multiplication operation on the plurality of data blocks by using Montgomery multiplication and the encryption key to obtain corresponding modular multiplication data blocks.
According to the encryption method provided by the embodiment of the application, the Montgomery multiplication is used for converting the exponentiation into the multiplication, so that the operation speed can be improved.
In an optional embodiment, the step of performing standard domain transformation on the modular multiplication data block to obtain corresponding encrypted data includes:
and carrying out transformation processing from the Montgomery domain to the standard domain on the modular multiplication data block to obtain corresponding encrypted data.
In an optional embodiment, the transforming the data in the montgomery domain into the standard domain is performed on the modular multiplication data block to obtain corresponding encrypted data, and the method includes:
m2i=(m1i*R-1)mod n;
wherein m represents the data to be encrypted, m2 represents an encrypted data block corresponding to the data m to be encrypted, m1 represents a modular data block corresponding to the data block m, R represents the smallest power of two greater than m, and n represents a modular value in the encryption key.
The encryption method provided by the embodiment of the application adopts standard domain processing, and can effectively obtain the required encrypted data.
In a second aspect, an embodiment of the present application provides an encryption apparatus, including:
the processing module is used for carrying out domain transformation and decomposition processing on the data to be encrypted according to the modulus value in the encryption key to obtain a plurality of data blocks under the specified domain;
the encryption module is used for performing modular multiplication operation on the plurality of data blocks by using the power value of the encryption key to obtain corresponding modular multiplication data blocks;
and the transformation module is used for carrying out standard domain change on the modular multiplication data block to obtain corresponding encrypted data.
In a third aspect, an embodiment of the present application further provides an electronic device, including: a processor, a memory storing machine readable functions executable by the processor, the machine readable functions when executed by the processor performing the steps of the method of the first aspect described above, or any possible implementation of the first aspect, when the electronic device is in operation.
In a fourth aspect, this embodiment of the present application further provides a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, performs the steps of the method in the first aspect described above or any one of the possible implementation manners of the first aspect.
According to the encryption method, the encryption device and the electronic equipment, data are divided into a plurality of pieces of data, so that large-number modular exponentiation can be converted into smaller-number modular multiplication operation of the data, the operation speed can be increased, and the encryption efficiency can be improved.
In order to make the aforementioned objects, features and advantages of the present application more comprehensible, embodiments accompanied with figures are described in detail below.
Drawings
In order to more clearly illustrate the technical solutions of the embodiments of the present application, the drawings that are required to be used in the embodiments will be briefly described below, it should be understood that the following drawings only illustrate some embodiments of the present application and therefore should not be considered as limiting the scope, and for those skilled in the art, other related drawings can be obtained from the drawings without inventive effort.
Fig. 1 is a block diagram of an electronic device according to an embodiment of the present disclosure.
Fig. 2 is a flowchart of an encryption method according to an embodiment of the present application.
Fig. 3 is a schematic diagram of functional modules of an encryption apparatus according to an embodiment of the present application.
Detailed Description
The technical solution in the embodiments of the present application will be described below with reference to the drawings in the embodiments of the present application.
It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures. Meanwhile, in the description of the present application, the terms "first", "second", and the like are used only for distinguishing the description, and are not to be construed as indicating or implying relative importance.
Example one
To facilitate understanding of the present embodiment, first, an electronic device executing the encryption method disclosed in the embodiments of the present application will be described in detail.
As shown in fig. 1, is a block schematic diagram of an electronic device. The electronic device 100 may include a memory 111, a memory controller 112, a processor 113, a peripheral interface 114, and an input-output unit 115. It will be understood by those of ordinary skill in the art that the structure shown in fig. 1 is merely exemplary and is not intended to limit the structure of the electronic device 100. For example, electronic device 100 may also include more or fewer components than shown in FIG. 1, or have a different configuration than shown in FIG. 1.
The above-mentioned elements of the memory 111, the memory controller 112, the processor 113, the peripheral interface 114 and the input/output unit 115 are electrically connected to each other directly or indirectly to realize data transmission or interaction. For example, the components may be electrically connected to each other via one or more communication buses or signal lines. The processor 113 is used to execute the executable modules stored in the memory.
The Memory 111 may be, but is not limited to, a Random Access Memory (RAM), a Read Only Memory (ROM), a Programmable Read-Only Memory (PROM), an Erasable Read-Only Memory (EPROM), an electrically Erasable Read-Only Memory (EEPROM), and the like. The memory 111 is configured to store a program, and the processor 113 executes the program after receiving the execution function, and the method executed by the electronic device 100 defined by the process disclosed in any embodiment of the present application may be applied to the processor 113, or implemented by the processor 113.
The processor 113 may be an integrated circuit chip having signal processing capability. The Processor 113 may be a general-purpose Processor, and includes a Central Processing Unit (CPU), a Network Processor (NP), and the like; the Integrated Circuit may also be a Digital Signal Processor (DSP), an Application Specific Integrated Circuit (ASIC), a Field Programmable Gate Array (FPGA) or other programmable logic device, a discrete gate or transistor logic device, or a discrete hardware component. The various methods, steps and logic block diagrams disclosed in the embodiments of the present application may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like.
The peripheral interface 114 couples various input/output devices to the processor 113 and memory 111. In some embodiments, the peripheral interface 114, the processor 113, and the memory controller 112 may be implemented in a single chip. In other examples, they may be implemented separately from the individual chips.
The input/output unit 115 is used to provide input data to the user. The input/output unit 115 may be, but is not limited to, a mouse, a keyboard, and the like.
The electronic device 100 in this embodiment may be configured to perform each step in each method provided in this embodiment. The implementation of the encryption method is described in detail below by several embodiments.
The encryption method used in the embodiment of the present application may be an RSA algorithm. The core of the RSA algorithm is a modular exponentiation, which is usually a conversion of a modular exponentiation into a modular multiplication. The main implementation method of modular multiplication operation is Montgomery (Montgomery) algorithm. The Montgomery algorithm needs to make 3 times of large number multiplication of n x n bits, and also needs to make addition of n x n bits, and may introduce an unnecessary parameter, and in order to eliminate the influence of this parameter on the final result, it needs to make an additional modular multiplication after each modular multiplication to correct the result. At present, there is a method that introduces the concept of residue field in the Montgomery algorithm, and eliminates the influence caused by this unnecessary parameter through the SRT algorithm. Based on the above research, the embodiment of the present application provides an encryption method based on RSA modular exponentiation, which adopts an optimized Montgomery algorithm to reduce the operation time when a large number is subjected to modular exponentiation, and simultaneously supports concurrent operation, thereby improving the operation performance of the RSA algorithm. The encryption method according to the embodiment of the present application is described in detail below by way of an embodiment.
Example two
Please refer to fig. 2, which is a flowchart illustrating an encryption method according to an embodiment of the present application. The specific process shown in fig. 2 will be described in detail below.
Optionally, an encryption key may be selected before encryption. In this embodiment, asymmetric encryption may be used, and the asymmetric encryption key may include a private key and a public key. The public key is used as a key for encrypting data, and the private key is used as a key for decrypting data.
Alternatively, the generation of the public key and the private key may be performed in the following manner: 1) two large prime numbers are randomly generated and denoted by p and q. In this embodiment, the two prime numbers p and q have N/2 bits. 2) N-p-q is calculated. 3) Calculating the number of the n-prime and less than n, which can be Euler function
4) Selecting an encryption key e to
And are connected with
Are relatively prime. 5) Calculating a decryption key d using a Euclid (Euclidean) algorithm; d is satisfied
Finally, (e, n) may be published as a public key and (d, n) as a private key. Wherein, the modulus N in the key is an N-bit positive integer.
The encryption method in this embodiment may use the public key (e, n) described above for encryption. In the above example, e in the public key represents a power value and n in the public key represents a modulus value.
In this embodiment, the execution order of the domain transformation and the decomposition of the data may not be limited.
In one embodiment, the data to be encrypted may be decomposed prior to domain transformation. Illustratively, step 201 may include the following steps.
In step 2011, the data to be encrypted is divided into a plurality of initial data blocks of a set number.
Illustratively, the data to be encrypted may be broken up into multiple shares. For example, the data m to be encrypted may be equally divided into K shares, denoted as m1, m2, m3, … …, mk, each share of data block having the same length. For example, data to be encrypted is 1024-bit data, and the data is divided into two equal parts, so that the data can be divided into two 512-bit data.
Step 2012, performing domain transformation on the plurality of initial data blocks according to the modulus values in the encryption key to obtain a plurality of domain data in the specified domain.
Illustratively, this is achieved by:
mi_mon=(mi*Ri)mod n;
where mi represents the ith initial data block after the data to be encrypted is decomposed, Ri represents the minimum power of two greater than mi, mi _ mon represents the domain data in the montgomery domain, and n represents the modulus value in the encryption key.
In another embodiment, the data to be encrypted may be domain transformed before being decomposed. Step 201 may include the following steps.
And 2013, according to the modulus value in the encryption key, performing domain transformation on the data to be encrypted to obtain domain data in the specified domain.
Step 2013 may include: and according to the modulus value in the encryption key, carrying out domain transformation on the data to be encrypted by using the Montgomery domain to obtain domain data under the Montgomery domain.
Illustratively, this is achieved by:
m_mon=(m*R)mod n;
wherein m represents the data to be encrypted, R represents the smallest power of two greater than m, m _ mon represents the domain data in the montgomery domain, and n represents the modulus value in the encryption key.
Illustratively, if n is 512 bits of data, there is 2511<m<2512Let R be the smallest power of 2 greater than P, then R is 2512. For a data m of the one or more data m,m should satisfy 0<=m<N-1, there is a value of m _ mon ═ (m × R) mod n in the montgomery domain.
In this embodiment, the conversion of data into a numerical value in the montgomery domain may be implemented on an FPGA (field programmable Gate Array) chip.
Illustratively, the algorithm that can be implemented by hardware can be expressed as the following, which is described by taking the number of bits of the modulus value as 512 as an example:
initialization:
i is 512, x is m (x is 512bit, and is expanded to 513bit during calculation);
when i >0, loop:
1) if x > n, then x ═ x-n;
2) x 2(x is shifted left by 1 bit and the last bit is complemented by 0);
3)i=i–1;
finally, the value of x [512:1] is returned.
Through the calculation process, the Montgomery domain transformation algorithm can be divided into a plurality of sets of modular subtraction algorithms, and the calculation speed can be greatly improved.
At step 2014, the domain data is decomposed into a plurality of data blocks with a set number.
Cyclically, step 202 may be implemented as: and performing modular multiplication operation on the plurality of data blocks by using Montgomery multiplication and the encryption key to obtain corresponding modular multiplication data blocks.
For example, if the plurality of data blocks include K data blocks, the K data blocks are data blocks with the same length. Further, performing two-by-two combinatorial multiplication on K data blocks requires K × K multiplications. For example, the plurality of data may include two data blocks, and then may be split into four multiplication operations. Illustratively, taking M as a data block, a total of K data blocks may be included, which respectively represent M1, M2, M3, …, and Mk, and the first M1 data block is used to calculate a multiplicative combination of all M1, and a total of K multiplicative combinations is included as a result of the first operation. Illustratively, left shifting the product of Mi × Mj by (K-i) × (K-j) × L terms, where L represents the length of the N data blocks, results in the actual value for the product. The multiplication result of the second M2 data block and all the data blocks at the later stage is subjected to shift processing to obtain a second operation result; and shifting the multiplication result of the third M3 data block and all the data blocks at the later stage to obtain a third operation result, repeating the steps to obtain K operation results, and combining and summing the K operation results to obtain the product of the original data and the original data corresponding to the K data blocks.
In this embodiment, a predetermined number of registers may be provided, and the plurality of registers are respectively used for temporarily storing each data block as a multiplier when calculating multiplication. For example, K × K multiplications may be divided into a plurality of cycles to be calculated respectively, and the sum of the number of multiplications calculated for all cycles is equal to K × K. Taking M1, M2, M3, … and Mk as arithmetic units, randomly selecting a preset number of the arithmetic units from the arithmetic units to store in a register, calculating multiplication among the arithmetic units stored in the register, and performing bitwise AND on the result obtained by calculation to obtain an actual calculation result; and calculating to obtain the calculation results corresponding to the K times of multiplication. And adding the results of the multiple period calculations to obtain the final result corresponding to the multiple data blocks.
The multiplication calculation performed by splitting the above-described block into a plurality of blocks is described below by way of specific examples.
For example, if the length of any data is 512 bits. Exemplarily, the data blocks are represented as m1 and m2, respectively, and the calculation result can be represented as: m1 m1, m1 m2, m2 m1 and m2 m 2. The calculation result m1 m1 can be shifted to the left by 1024 bits, which results in m1 m1 m21024. The results m1 m2 and m2 m1 were left shifted by 512 bits, which resulted in m1 m2 m2512And m2 m 12512The calculation result m2 × m2 does not need to be moved. The calculation results shifted by the number of bits may be added to obtain the final calculation result of the large number.
For another example, taking 512-bit data multiplied by 512-bit data as an example, the 512-bit data can be divided into eight equal-length data blocks. 8 x 8 multiplications are required. For example, fourteen multiplications may be performed in the first cycle, thirteen multiplications may be performed in the second cycle and the third cycle, nine multiplications may be performed in the fourth cycle, seven multiplications may be performed in the fifth cycle, five multiplications may be performed in the sixth cycle, and three multiplications may be performed in the seventh cycle. In each period, the multiplication result is spliced into integral multiple of the original data source, and the sum and carry bit is obtained through a half adder. Finally, the sum is added to the carry bit to obtain the final result. Since the final addition is the addition of two numbers which are integral multiples of the data source, and the lower bits of the tail are all 0 except the lower bits of the data block multiplied by the value, the addition can be regarded as the addition of two numbers which are 960 bits. Considering that the carry chain of the 960bit addition is too long, it is broken into twenty-one 46bit additions. Illustratively, a 46-bit adder is the widest bit that a DSP unit can handle.
The following is an exemplary description of the computation of a Montgomery multiplication.
For data a _ mon, b _ mon of Montgomery domain, MonPro (a _ mon, b _ mon) is solved. The description will be given taking an example where a _ mon and b _ mon are 512bit data. An algorithm to compute a Montgomery multiplication of a _ mon and b _ mon:
1) t is a _ mon b _ mon; (a _ mon and b _ mon are both 512bit data, so t is 1024bit data)
u ═ t + (t × P _ BAR mod R) × P)/R; (R is a power of 2, so mod R takes 512 bits low,/R takes 512 bits high, P _ BAR is a parameter P stored in the backup address register)
If u > -P, return u-P, otherwise return u.
In this embodiment, the montgomery multiplication may be implemented on an FPGA chip. The hardware algorithm may be expressed as:
step 1: calculating t ═ a × b (storing t [1023:512] and t [511:0] in registers, respectively)
Step 2: calculate temp1 ═ t [511:0 ]. P _ BAR
Step 3: calculate temp2 (temp 1P)
Step 4: calculate temp3 ═ R1[511:0] + R2[511:0] + R1[512]
Step 5: calculating temp4 ═ R1[512:0] -P
As a result: if R1[512] is 1, return temp4[511:0 ];
otherwise, if temp4[512] is 1, returning R1[511:0 ];
otherwise temp4 is returned 511: 0.
Wherein R1[511:0] and R2[511:0] represent data in two registers, respectively, into which intermediate results or variables obtained by calculation are placed, and P represents a modulus value in this operation.
As can be known from the algorithm, Montgomery multiplication can be divided into 3 multiplications with 512 bits, one modular addition with 512 bits and one modular subtraction with 512 bits, so that the calculation amount can be reduced.
And 203, performing standard domain change on the modular multiplication data block to obtain corresponding encrypted data.
For example, the modular multiplication data block may be transformed from a montgomery domain to a standard domain to obtain corresponding encrypted data.
Optionally, the modular multiplication data block is transformed from the data in the montgomery domain to the standard domain, and the corresponding encrypted data is obtained by:
m2i=(m1i*R-1)mod n;
wherein m represents the data to be encrypted, m2 represents an encrypted data block corresponding to the data m to be encrypted, m1 represents a modular data block corresponding to the data block m, R represents the smallest power of two greater than m, and n represents a modular value in the encryption key.
Illustratively, the derivation process of the above formula may be:
for a known parameter R, its inverse R-1mod n is desirable. For the modulo inversion algorithm there is R-1-n ═ 1. For a montgomery domain transform, there is m _ mon ═ (m × R) mod n. Multiplying both sides by R by Montgomery domain transform-1mod P, then (m _ mon R)-1)mod n=(m*R*R-1)mod n =(a*(1+n*n’))mod n=m mod n. Then we have, for the standard domain transform, m ═ (m _ mon R)-1)mod P。
In this embodiment, the conversion of data into values in the standard domain may be implemented on an FPGA chip.
Illustratively, the algorithm that the hardware can implement can be expressed as follows:
initialization:
i is 512, x is m _ mon R _ BAR (x is 1024 bits, and is expanded to 1025 bits during calculation);
when i >0, loop:
1) if x [1025:512] > P, then x-P;
2) x 2(x is shifted left by 1 bit and the last bit is complemented by 0);
3)i=i–1;
the value of x [1025:512] is returned.
Where R _ BAR represents the known parameter R stored in the backup address register.
The operation of the standard domain transformation can be decomposed into a set of multiplication operation and a plurality of modular subtraction operations of 512 bits by the algorithm.
The method can be realized through the FPGA, an optimized Montgomery algorithm is used, the operation time of large numbers in modular exponentiation is reduced, concurrent operation is supported, and the operation performance of an RSA algorithm is improved.
The embodiment of the application adopts the FPGA chip to realize the cipher encryption function of RSA, and adopts logic hardware to realize algorithm operation, the operation speed is higher than that of CPU software, and a large amount of operation work of the CPU can be released, thereby saving the resources of the CPU.
The embodiment of the application is optimized on the basis of the design of the current RSA algorithm, and the hardware implementation of the large number addition is completed through formula derivation and simplification of Montgomery multiplication, so that the time consumption of Montgomery multiplication operation is reduced, and the operation rate is improved.
In the aspect of resource utilization, the occupancy rate of a DSP (digital signal processing) multiplier can be greatly reduced by combining and multiplying a large number after division. For example, when the bit width of RSA is 2048bits, 2048 × 2048 multiplication may be split into four 1024 × 1024 multiplications, and the RSA algorithm core module may be called repeatedly. The multi-core CPU can independently schedule the RSA algorithm core module through a corresponding DMA (direct Memory access) queue channel, thereby realizing multi-core concurrent operation.
The method has the advantages that a large number addition is carried out in the calculation of the Montgomery algorithm, the large number addition uses the ultra-long carry chain, the Montgomery multiplication calculation speed is reduced, the addition operation of the large number can be simplified into at least half bit wide data budget through formula derivation, the use of the ultra-long carry chain is avoided, and the operation rate is improved.
Furthermore, a plurality of small data can be obtained by equally dividing the data, so that large number multiplication is converted into a combination of a plurality of small number multiplication, the operation priority of the plurality of multiplication combinations can be unified by using the parameter search of the low-order multiplication combination, the instantiation of the multiplier is completed according to the number of the multiplication combinations on the priority, the operation rate is improved, and the occupancy rate of operation resources is reduced.
EXAMPLE III
Based on the same application concept, an encryption device corresponding to the encryption method is further provided in the embodiment of the present application, and since the principle of solving the problem of the device in the embodiment of the present application is similar to that of the encryption method in the embodiment of the present application, the implementation of the device in the embodiment of the present application may refer to the description in the embodiment of the method, and repeated details are not described again.
Please refer to fig. 3, which is a schematic diagram of functional modules of an encryption apparatus according to an embodiment of the present application. Each module in the encryption device in this embodiment is configured to perform each step in the above method embodiment. The encryption device includes: a processing module 301, an encryption module 302 and a transformation module 303. Wherein the content of the first and second substances,
the processing module 301 is configured to perform domain transformation and decomposition processing on data to be encrypted according to a modulus value in the encryption key to obtain a plurality of data blocks in an assigned domain;
an encryption module 302, configured to perform modular multiplication on the multiple data blocks by using the power value of the encryption key to obtain corresponding modular multiplication data blocks;
and the transformation module 303 is configured to perform standard domain change on the modular multiplication data block to obtain corresponding encrypted data.
In one possible implementation, the processing module 301 includes: a first domain transform unit and a first decomposition unit;
the first domain transformation unit is used for carrying out domain transformation on the data to be encrypted according to the modulus value in the encryption key to obtain domain data under the specified domain;
and the first decomposition unit is used for decomposing the domain data into a plurality of data blocks with set number.
In one possible implementation, the processing module 301 includes: a second domain transform unit and a second decomposition unit;
the second decomposition unit is used for decomposing the data to be encrypted into a plurality of initial data blocks with set quantity;
and the second domain transformation unit is used for performing domain transformation on the plurality of initial data blocks according to the modulus value in the encryption key to obtain a plurality of domain data under the specified domain.
In one possible embodiment, the first domain transforming unit is configured to:
and according to the modulus value in the encryption key, carrying out domain transformation on the data to be encrypted by using the Montgomery domain to obtain domain data under the Montgomery domain.
In one possible embodiment, the first domain transformation unit is implemented by:
m_mon=(m*R)mod n;
wherein m represents the data to be encrypted, R represents the smallest power of two greater than m, m _ mon represents the domain data in the montgomery domain, and n represents the modulus value in the encryption key.
In a possible implementation manner, the encryption module 302 is configured to perform a modular multiplication operation on the plurality of data blocks by using montgomery multiplication and the encryption key to obtain corresponding modular multiplication data blocks.
In a possible implementation manner, the transformation module 303 is configured to perform transformation processing on the modular multiplication data block from a montgomery domain to a standard domain to obtain corresponding encrypted data.
In one possible implementation, the transformation module 303 is implemented by:
m2=(m1*R-1)mod n;
wherein m represents the data to be encrypted, m2 represents an encrypted data block corresponding to the data m to be encrypted, m1 represents a modular data block corresponding to the data block m, R represents the smallest power of two greater than m, and n represents a modular value in the encryption key.
In addition, an embodiment of the present application further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the computer program performs the steps of the encryption method described in the above method embodiment.
The computer program product of the encryption method provided in the embodiment of the present application includes a computer-readable storage medium storing a program code, where functions included in the program code may be used to execute the steps of the encryption method described in the above method embodiment, which may be specifically referred to in the above method embodiment and will not be described herein again.
In the embodiments provided in the present application, it should be understood that the disclosed apparatus and method can be implemented in other ways. The apparatus embodiments described above are merely illustrative, and for example, the flowchart and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of apparatus, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, a program segment, or a portion of code, which comprises one or more executable functions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer functions.
In addition, the functional modules in the embodiments of the present application may be integrated together to form an independent part, or each module may exist separately, or two or more modules may be integrated to form an independent part.
The functions, if implemented in the form of software functional modules and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solutions of the present application may be essentially implemented or contributed to by the parts of the prior art, or the parts of the technical solutions may be embodied in a software product, which is stored in a storage medium and includes several functions for enabling a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method described in the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk, an optical disk, or other various media capable of storing program codes. It is noted that, herein, relational terms such as first and second, and the like may be used solely to distinguish one entity or action from another entity or action without necessarily requiring or implying any actual such relationship or order between such entities or actions. Also, the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising … …" does not exclude the presence of other identical elements in a process, method, article, or apparatus that comprises the element.
The above description is only a preferred embodiment of the present application and is not intended to limit the present application, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, improvement and the like made within the spirit and principle of the present application shall be included in the protection scope of the present application. It should be noted that: like reference numbers and letters refer to like items in the following figures, and thus, once an item is defined in one figure, it need not be further defined and explained in subsequent figures.
The above description is only for the specific embodiments of the present application, but the scope of the present application is not limited thereto, and any person skilled in the art can easily conceive of the changes or substitutions within the technical scope of the present application, and shall be covered by the scope of the present application. Therefore, the protection scope of the present application shall be subject to the protection scope of the claims.
Claims (11)
1. An encryption method, comprising:
according to the modulus value in the encryption key, performing domain transformation and decomposition processing on the data to be encrypted to obtain a plurality of data blocks in the specified domain;
performing modular multiplication operation on the plurality of data blocks by using the power value of the encryption key to obtain corresponding modular multiplication data blocks;
and carrying out standard domain change on the modular multiplication data block to obtain corresponding encrypted data.
2. The method according to claim 1, wherein the step of performing domain transformation and decomposition processing on the data to be encrypted according to the modulus value in the encryption key to obtain a plurality of data blocks under the specified domain comprises:
decomposing data to be encrypted into a plurality of initial data blocks with a set number;
and performing domain transformation on the plurality of initial data blocks according to the modulus values in the encryption key to obtain a plurality of domain data under the appointed domain.
3. The method according to claim 1, wherein the step of performing domain transformation and decomposition processing on the data to be encrypted according to the modulus value in the encryption key to obtain a plurality of data blocks under the specified domain comprises:
performing domain transformation on data to be encrypted according to a modulus value in the encryption key to obtain domain data in an appointed domain;
the domain data is decomposed into a set number of data blocks.
4. The method according to claim 3, wherein the step of performing domain transformation on the data to be encrypted according to the modulus value in the encryption key to obtain domain data under the specified domain comprises:
and according to the modulus value in the encryption key, carrying out domain transformation on the data to be encrypted by using the Montgomery domain to obtain domain data under the Montgomery domain.
5. The method according to claim 4, wherein the domain transformation of the data to be encrypted using the Montgomery domain according to the modulus value in the encryption key is performed to obtain the domain data in the Montgomery domain by:
m_mon=(m*R)mod n;
wherein m represents the data to be encrypted, R represents the smallest power of two greater than m, m _ mon represents the domain data in the montgomery domain, and n represents the modulus value in the encryption key.
6. The method of claim 1, wherein the step of performing a modular multiplication operation on the plurality of data blocks using the power value of the encryption key to obtain corresponding modular multiplied data blocks comprises:
and performing modular multiplication operation on the plurality of data blocks by using Montgomery multiplication and the encryption key to obtain corresponding modular multiplication data blocks.
7. The method of claim 1, wherein the step of performing a standard domain change on the modular multiplication data block to obtain corresponding encrypted data comprises:
and carrying out conversion processing from the Montgomery domain to the standard domain on the modular multiplication data block to obtain corresponding encrypted data.
8. The method according to claim 7, wherein the transforming the modular multiplication data block from the data of the montgomery domain to the standard domain to obtain the corresponding encrypted data is implemented as follows:
m2=(m1*R-1)mod n;
wherein m represents the data to be encrypted, m2 represents an encrypted data block corresponding to the data m to be encrypted, m1 represents a modular data block corresponding to the data block m, R represents the smallest power of two greater than m, and n represents a modular value in the encryption key.
9. An encryption apparatus, comprising:
the processing module is used for carrying out domain transformation and decomposition processing on the data to be encrypted according to the modulus value in the encryption key to obtain a plurality of data blocks under the specified domain;
the encryption module is used for performing modular multiplication operation on the plurality of data blocks by using the power value of the encryption key to obtain corresponding modular multiplication data blocks;
and the transformation module is used for carrying out standard domain change on the modular multiplication data block to obtain corresponding encrypted data.
10. An electronic device, comprising: a processor, a memory storing machine-readable instructions executable by the processor, the machine-readable instructions when executed by the processor performing the steps of the method of any of claims 1 to 8 when the electronic device is run.
11. A computer-readable storage medium, having stored thereon a computer program which, when being executed by a processor, is adapted to carry out the steps of the method according to any one of claims 1 to 8.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911362811.5A CN111092718A (en) | 2019-12-25 | 2019-12-25 | Encryption method and device and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911362811.5A CN111092718A (en) | 2019-12-25 | 2019-12-25 | Encryption method and device and electronic equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111092718A true CN111092718A (en) | 2020-05-01 |
Family
ID=70398134
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911362811.5A Pending CN111092718A (en) | 2019-12-25 | 2019-12-25 | Encryption method and device and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111092718A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112199707A (en) * | 2020-10-28 | 2021-01-08 | 支付宝(杭州)信息技术有限公司 | Data processing method, device and equipment in homomorphic encryption |
| CN112434317A (en) * | 2020-11-24 | 2021-03-02 | 深圳前海微众银行股份有限公司 | Data processing method, device, equipment and storage medium |
| CN112487448A (en) * | 2020-11-27 | 2021-03-12 | 珠海零边界集成电路有限公司 | Encrypted information processing device and method and computer equipment |
| CN112733161A (en) * | 2020-12-30 | 2021-04-30 | 深圳致星科技有限公司 | Device and method for federated learning ciphertext operation |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006145852A (en) * | 2004-11-19 | 2006-06-08 | Toshiba Corp | Montgomery conversion apparatus, arithmetic unit, ic card, encryption apparatus, decoding apparatus and program |
| CN109039640A (en) * | 2018-08-03 | 2018-12-18 | 广东工业大学 | A kind of encryption and decryption hardware system and method based on rsa cryptosystem algorithm |
| CN110049013A (en) * | 2019-03-14 | 2019-07-23 | 广东工业大学 | A kind of encrypting and deciphering system and working method based on SM2 and RSA cryptographic algorithms |
| CN110336658A (en) * | 2019-07-01 | 2019-10-15 | 武汉能钠智能装备技术股份有限公司 | Encryption method, user equipment, storage medium and device based on aes algorithm |
-
2019
- 2019-12-25 CN CN201911362811.5A patent/CN111092718A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| JP2006145852A (en) * | 2004-11-19 | 2006-06-08 | Toshiba Corp | Montgomery conversion apparatus, arithmetic unit, ic card, encryption apparatus, decoding apparatus and program |
| CN109039640A (en) * | 2018-08-03 | 2018-12-18 | 广东工业大学 | A kind of encryption and decryption hardware system and method based on rsa cryptosystem algorithm |
| CN110049013A (en) * | 2019-03-14 | 2019-07-23 | 广东工业大学 | A kind of encrypting and deciphering system and working method based on SM2 and RSA cryptographic algorithms |
| CN110336658A (en) * | 2019-07-01 | 2019-10-15 | 武汉能钠智能装备技术股份有限公司 | Encryption method, user equipment, storage medium and device based on aes algorithm |
Cited By (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112199707A (en) * | 2020-10-28 | 2021-01-08 | 支付宝(杭州)信息技术有限公司 | Data processing method, device and equipment in homomorphic encryption |
| CN112434317A (en) * | 2020-11-24 | 2021-03-02 | 深圳前海微众银行股份有限公司 | Data processing method, device, equipment and storage medium |
| CN112487448A (en) * | 2020-11-27 | 2021-03-12 | 珠海零边界集成电路有限公司 | Encrypted information processing device and method and computer equipment |
| CN112487448B (en) * | 2020-11-27 | 2024-05-03 | 珠海零边界集成电路有限公司 | Encryption information processing device, method and computer equipment |
| CN112733161A (en) * | 2020-12-30 | 2021-04-30 | 深圳致星科技有限公司 | Device and method for federated learning ciphertext operation |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111092718A (en) | Encryption method and device and electronic equipment | |
| US7904498B2 (en) | Modular multiplication processing apparatus | |
| CN103942031B (en) | Elliptic domain curve operations method | |
| US20090136025A1 (en) | Method for scalarly multiplying points on an elliptic curve | |
| JP5182364B2 (en) | Cryptographic processing method with tamper resistance against side channel attack | |
| Großschädl | A bit-serial unified multiplier architecture for finite fields GF (p) and GF (2 m) | |
| CN113783702A (en) | Hardware implementation method and system for elliptic curve digital signature and signature verification | |
| Gutub et al. | Scalable VLSI architecture for GF (p) Montgomery modular inverse computation | |
| JP4351987B2 (en) | Montgomery conversion device, arithmetic device, IC card, encryption device, decryption device, and program | |
| Pajuelo-Holguera et al. | Fast montgomery modular multiplier using FPGAs | |
| CN114895870A (en) | Efficient reconfigurable SM2 dot product method and system based on FPGA | |
| Ding et al. | A reconfigurable high-speed ECC processor over NIST primes | |
| JP7173170B2 (en) | Information processing device, secure calculation method and program | |
| TWI630545B (en) | Non-modular multiplier, method for non-modular multiplication and computational device | |
| Gokul et al. | Performance comparison of multipliers based on Square and Multiply and montgomery algorithms | |
| Urbano-Molano et al. | Design of an elliptic curve cryptoprocessor using optimal normal basis over gf (2 233) | |
| US10318245B2 (en) | Device and method for determining an inverse of a value related to a modulus | |
| Smyth et al. | An adaptable and scalable asymmetric cryptographic processor | |
| Lim et al. | Elliptic curve digital signature algorithm over GF (p) on a residue number system enabled microprocessor | |
| JP5179933B2 (en) | Data processing device | |
| KR102348797B1 (en) | RSA circuit module of RSA encryption system | |
| Leelavathi et al. | Elliptic Curve Crypto Processor on FPGA using Montgomery Multiplication with Vedic and Encoded Multiplier over GF (2 m) for Nodes in Wireless Sensor Networks | |
| KR101423947B1 (en) | Modular multiplication and modular exponentiation using extended NIST prime | |
| Huzaifa et al. | Low latency Montgomery multiplier for cryptographic applications | |
| Poomagal et al. | Modular multiplication algorithm in cryptographic processor: A review and future directions |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20200501 |
|
| RJ01 | Rejection of invention patent application after publication |