CN111143893B - Secure implementation method and device for Hash grouping calculation - Google Patents

Secure implementation method and device for Hash grouping calculation Download PDF

Info

Publication number
CN111143893B
CN111143893B CN201911302812.0A CN201911302812A CN111143893B CN 111143893 B CN111143893 B CN 111143893B CN 201911302812 A CN201911302812 A CN 201911302812A CN 111143893 B CN111143893 B CN 111143893B
Authority
CN
China
Prior art keywords
data
cache region
parameter
word
register
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201911302812.0A
Other languages
Chinese (zh)
Other versions
CN111143893A (en
Inventor
王亚伟
张贺
王磊
曹军
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Hongsi Electronic Technology Co ltd
Original Assignee
Beijing Hongsi Electronic Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Hongsi Electronic Technology Co ltd filed Critical Beijing Hongsi Electronic Technology Co ltd
Priority to CN201911302812.0A priority Critical patent/CN111143893B/en
Publication of CN111143893A publication Critical patent/CN111143893A/en
Application granted granted Critical
Publication of CN111143893B publication Critical patent/CN111143893B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30003Arrangements for executing specific machine instructions
    • G06F9/30007Arrangements for executing specific machine instructions to perform operations on data operands
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30098Register arrangements
    • G06F9/3012Organisation of register space, e.g. banked or distributed register file
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Abstract

The invention provides a secure implementation method and device for Hash grouping calculation, and belongs to the field of information security. The technical scheme of the invention performs mask calculation on the Hash grouped data, well protects the Hash data, has no clear text value in all Hash data and the middle process in the whole Hash process, well resists power consumption analysis such as energy and electromagnetism, judges whether to be attacked by errors or not after each grouping calculation, and reports errors when the attacks occur, thereby effectively preventing the attacks by errors.

Description

Secure implementation method and device for Hash grouping calculation
Technical Field
The invention relates to the field of information security, in particular to a secure implementation method and device for Hash grouping calculation.
Background
With the development of electronic and network technologies, security chips are becoming more and more important. The Hash algorithm is an important algorithm of a security chip, and particularly becomes a core of the algorithm in the process of calculating the Hash operation message authentication code and the asymmetric algorithm. The hash algorithm is to transform an input of arbitrary length into an output of fixed length by the hash algorithm. In the prior art, data used in a hash algorithm is plaintext data, and the hash algorithm in a chip is threatened due to the rise of energy attack and error attack, so that a secure hash algorithm needs to be provided urgently.
Disclosure of Invention
The invention aims to overcome the defects of the prior art and provides a secure implementation method and equipment for hash packet calculation.
The invention provides a secure implementation method of Hash grouping calculation, which comprises the following steps:
step S1: the CPU calculates the initial vector in the first cache region and the data on the high 8 words in the second cache region and stores the calculation result in the third cache region, and calculates the original data in the fourth cache region and the data on the low 16 words in the second cache region and stores the calculation result in the fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region; the size of the second cache region is 24 words; the size of the fifth cache region and the sixth cache region is 64 words;
step S2: the CPU calculates and generates a third numerical value and a third result according to the data in the fifth cache region and the data in the sixth cache region and stores the third numerical value and the third result in a seventh cache region and a seventeenth cache region respectively, calculates and stores the calculation results in the fifth cache region sequentially according to the data in the seventh cache region, the data in the seventeenth cache region and the data in the fifth cache region, calculates and stores the calculation results in the sixth cache region sequentially according to the data in the seventh cache region, the data in the seventeenth cache region and the data in the sixth cache region, calculates and obtains a first numerical value and a first result according to the data in the fifth cache region, the data in the sixth cache region, the data in the seventh cache region and the data in the seventeenth cache region and stores the first numerical value and the first result in an eighth cache region and an eighteenth cache region respectively, calculates and generates third data according to the data in the third cache region and stores the third numerical value and the first numerical value in the eighth cache region, and the eighth cache region calculates and generates third numerical value and stores the third numerical value and the eighth data in the seventeenth cache region, and stores the eighth cache region;
and step S3: the CPU updates third data in the seventh cache region by using the data in the third cache region, updates data in the seventeenth cache region by using the data in the second cache region, generates a second numerical value and a second result according to the data in the twenty-seventh cache region and the data in the seventeenth cache region, and respectively stores the second numerical value and the second result in a ninth cache region and a nineteenth cache region; updating the data in the seventh cache region and the data in the seventeenth cache region according to the data in the third cache region and the first random number in the second cache region; updating the data in the ninth cache area and the data in the nineteenth cache area according to the data in the seventeenth cache area and the data in the twenty-seventh cache area;
and step S4: the CPU updates the data in the third cache region according to the data in the eighth cache region, the data in the eighteenth cache region, the data in the ninth cache region, the data in the nineteenth cache region, the data in the seventh cache region and the data in the seventeenth cache region;
step S5: the CPU judges whether the length of the data in the fifth cache region and the length of the data in the sixth cache region are both 64 words, if so, the step S6 is executed, otherwise, the step S2 is executed;
step S6: and the CPU updates the data in the first cache region by using the data in the third cache region and the data on the high 8 words in the second cache region and takes the data in the first cache region as a Hash packet calculation result.
Further, step S1 is preceded by: the CPU judges whether the length of the input data is a preset length or not, if so, the input data is grouped according to the preset length and first grouped data is stored into the first cache region as an initial vector, otherwise, 0 is used for filling the input data to the preset length, then the filled input data is grouped according to the preset length and the first grouped data is stored into the first cache region as the initial vector.
Further, after the step S6, the method further includes: and judging whether all the grouped data of the input data are processed completely, if so, finishing, and if not, storing the next unprocessed grouped data as an initial vector into the first buffer area, and returning to the step S1.
Further, the step S1 includes: the CPU carries out XOR operation on the initial vector in the first cache region and the data on the high 8 words in the second cache region and stores the calculation result into a third cache region, and carries out modular subtraction operation on the original data in the fourth cache region and the data on the low 16 words in the second cache region and stores the calculation result into a fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region.
Further, step S1 is preceded by: and the CPU generates a first random number with the length of 24 words and stores the first random number into the second cache region.
Further, step S2 is preceded by: and the CPU takes the first idle word in the fifth cache region as the current position and takes the first idle word in the sixth cache region as the current position.
Further, the step S2 includes:
step S2-1: the CPU takes the data at the position 2 words ahead of the current position in the fifth cache region as a first parameter of a fifth function, and takes the data at the position 2 words ahead of the current position in the sixth cache region as a second parameter of the fifth function to call the fifth function to obtain an output result and store the output result in the seventh cache region;
step S2-2: the CPU uses the data in the seventh cache region as a parameter to call an output result obtained by a sixth function to update the data in the seventh cache region, and uses the data in the position of the current position in the sixth cache region which is 2 words ahead as the parameter to call the output result obtained by the sixth function to update the data in the seventeenth cache region;
step S2-3: the CPU takes the data at the position 15 words ahead of the current position in the fifth cache region as a first parameter, and the data at the position 15 words ahead of the current position in the sixth cache region as a second parameter to call a fifth function to obtain an output result and store the output result in a tenth cache region;
step S2-4: the CPU uses the data at the position of 15 words ahead of the current position in the fifth cache region as a parameter to call a seventh function to obtain an output result and updates the data in the tenth cache region, uses the data at the position of 15 words ahead of the current position in the sixth cache region as a parameter to call the seventh function to obtain an output result and stores the output result in a twentieth cache region;
step S2-5: the CPU takes the data in the seventh cache region and the data in the seventeenth cache region as a first parameter and a second parameter to call a fourth function to obtain an output result, takes the data in the tenth cache region and the data in the twentieth cache region as a first parameter and a second parameter to call a fourth function to obtain an output result, takes the data at the position of 7 words ahead of the current position in the fifth cache region and the data at the position of 16 words ahead of the current position in the fifth cache region to carry out modulo addition operation, and sequentially stores the modulo addition results into the fifth cache region;
step S2-6: the CPU performs modulo addition operation on the data in the seventeenth cache region, the data in the twentieth cache region, the data at the position 7 words ahead of the current position in the sixth cache region and the data at the position 16 words ahead of the current position in the sixth cache region, and stores the modulo addition results into the sixth cache region in sequence;
step S2-7: the CPU performs modulo addition operation on the data at the current position in the fifth cache region, a preset constant and the data on the 8 th word in the third cache region, and stores the modulo addition result into the eighth cache region;
step S2-8: the CPU carries out the modulo addition operation on the data at the current position in the sixth cache region and the number on the 8 th word in the second cache region and stores the modulo addition result into the eighth cache region;
step S2-9: the CPU uses the data on the 5 th word in the third cache region as a parameter to call an eighth function to obtain an output result and updates the data in the twenty-seventh cache region; using the data on the 5 th word in the second cache region as a parameter to call an eighth function to obtain an output result, and updating the data in the seventeenth cache region;
step S2-10: the CPU calls an output result obtained by a fourth function by using the data in the twenty-seventh cache region and the data in the seventeenth cache region as parameters and performs modulo addition operation on the data in the eighth cache region and updates the data in the eighth cache region by using the modulo addition result; updating the data in the eighth cache region by using a modulo addition operation result of the data in the eighteenth cache region and the data in the seventeenth cache region;
step S2-11: the CPU uses the data on the 5 th word, the data on the 6 th word, the data on the 7 th word in the third cache region and the data on the 5 th word, the data on the 6 th word and the data on the 7 th word in the second cache region as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter and a sixth parameter, calls an output result obtained by a third function to update the data in the twenty-seventh cache region, and uses the result of the XOR operation between the data on the 5 th word and the data on the 7 th word in the second cache region to update the data in the seventeenth cache region;
step S2-12: the CPU takes the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to call an output result obtained by a fourth function and the data in the eighth cache area to perform modulo addition on the output result and update the data in the eighth cache area by using the modulo addition result; and performing modulo addition operation on the data in the eighteenth cache region and the data in the seventeenth cache region and updating the data in the eighteenth cache region by using a modulo addition result.
Further, the fifth function is implemented as follows:
step a1: the CPU generates a second random number and stores the second random number in a first register, a result obtained by carrying out doubling operation on the second random number in the first register is stored in a second register, a result obtained by carrying out XOR operation on the data in the first register and a second parameter is stored in a third register, a result obtained by carrying out AND operation on the data in the first register and the data in the third register is stored in a fourth register, a result obtained by carrying out XOR operation on the data in the second register and a first parameter is stored in a fifth register, a result obtained by carrying out XOR operation on the data in the first register and the data in the fifth register is stored in a sixth register, a result obtained by carrying out AND operation on the data in the sixth register and the second parameter is stored in a seventh register, a result obtained by carrying out XOR operation on the data in the fourth register and the data in the seventh register is stored in an eighth register, a result obtained by carrying out XOR operation on the data in the second register and the second parameter is stored in a ninth register, and a ninth register;
step a2: the CPU performs AND operation on the data in the second register and the second parameter to obtain a result, and the result is stored in an eleventh register; updating the data in the eleventh register with the result of the exclusive-or operation of the data in the eleventh register and the data in the tenth register; updating the data in the second register by using the result of AND operation of the data in the second register and the first parameter; updating the data in the eleventh register with the result of the exclusive or operation of the data in the eleventh register and the data in the second register, and updating the data in the second register with the result of the doubling operation of the data in the eleventh register;
step a3: the CPU judges whether the cycle number is a preset value, if so, the step a4 is executed, otherwise, the cycle number is updated, and the step a2 is returned;
step a4: and the CPU takes the result of the exclusive OR operation of the data in the fifth register and the data in the second register as the output result of the fifth function.
Further, the sixth function is implemented as: and the CPU performs exclusive OR operation on the result of the parameter cyclic right shift by 17 bits, the result of the cyclic right shift by 19 bits and the result of the parameter cyclic right shift by 10 bits to obtain a result, and the result is used as an output result of the sixth function.
Further, the seventh function is implemented as: and the CPU performs exclusive OR operation on the result of circularly right shifting the parameter by 7 bits, the result of circularly right shifting the parameter by 18 bits and the result of right shifting the parameter by 3 bits to obtain a result which is used as an output result of the seventh function.
Further, the fourth function is realized by: the CPU generates a third random number and stores the third random number into a twelfth register, stores a result obtained by carrying out XOR operation on the first parameter and the random number in the twelfth register into the twelfth register, and stores a result obtained by carrying out non-operation on data in the twelfth register and data in the twelfth register into a thirteenth register; a result obtained by performing an exclusive or operation on the data in the thirteenth register and the data in the twelfth register is stored in a fourteenth register, a result obtained by performing an exclusive or operation on the data in the twelfth register and a second parameter is stored in a fifteenth register, a result obtained by performing an exclusive or operation on the first parameter and the data in the fifteenth register is stored in a sixteenth register, a result obtained by performing a non-operation on the data in the sixteenth register and the data in the fifteenth register is stored in a seventeenth register, and a result obtained by performing an exclusive or operation on the data in the seventeenth register and the data in the fourteenth register is used as an output result of a fourth function.
Further, the third function is implemented as: the CPU calls a first function according to the first parameter, the second parameter, the fourth parameter and the fifth parameter to obtain an output result, and the output result is stored in an eighteenth register; a result obtained by calling the first function according to the third parameter, the code reversal of the first parameter, the sixth parameter and the fourth parameter is stored in a nineteenth register; and taking a result obtained by performing exclusive or operation on the data in the eighteenth register and the data in the nineteenth register as an output result of a third function.
Further, the implementation process of the first function is specifically as follows: the CPU stores a result obtained by performing AND operation on the inverse code of the fourth parameter and the third parameter into a twentieth register, stores a result obtained by performing AND operation on the fourth parameter and the first parameter into a twenty-first register, stores a result obtained by performing OR operation on data in the twentieth register and data in the twenty-first register into a twenty-second register, and stores a result obtained by performing AND operation on the inverse code of the second parameter and data in the twenty-second register into a twenty-third register; storing a result obtained by performing an and operation on the fourth parameter and the third parameter into a twenty-fourth register, storing a result obtained by performing an and operation on an inverse code of the fourth parameter and the first parameter into a twenty-fifth register, storing a result obtained by performing an or operation on data in the twenty-fourth register and data in the twenty-fifth register into a twenty-sixth register, and storing a result obtained by performing an and operation on the second parameter and data in the twenty-sixth register into a twenty-seventh register; and taking the result obtained by performing OR operation on the data in the twenty-third register and the twenty-seventh register as the output result of the first function.
Further, the eighth function is implemented as: and the CPU performs exclusive OR operation on the result of the parameter cyclic right shift by 6 bits, the result of the cyclic right shift by 11 bits and the result of the cyclic right shift by 25 bits to obtain a result which is used as an output result of the eighth function.
Further, the step S3 includes:
step S3-1: the CPU uses the data on the 1 st word in the third cache region as a parameter to call a ninth function to obtain an output result and update the data in the twenty-seventh cache region; using data on the 1 st word in the second cache region as a parameter to call a ninth function to obtain an output result, and updating a third result in the seventeenth cache region;
step S3-2: the CPU uses the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to call a fourth function to obtain an output result, and the output result is used for updating the data in the ninth cache area; updating the data in the nineteenth cache with the data in the seventeenth cache;
step S3-3: the CPU uses the data on the 1 st word, the data on the 2 nd word, the data on the 3 rd word in a third cache region and the data on the 1 st word, the data on the 2 nd word and the data on the 3 rd word in a second cache region as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter and a sixth parameter to call an output result obtained by a second function to update the data in a twenty-seventh cache region, and uses the data on the 2 nd word in the second cache region to update the data in the seventeenth cache region;
step S3-4: the CPU uses the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to call an output result obtained by a fourth function to perform modular addition operation with the data in the ninth cache area and uses the modular addition result to update the data in the ninth cache area; performing modulo addition operation on the data in the nineteenth cache region and the data in the seventeenth cache region, and updating the data in the nineteenth cache region by using a modulo addition result;
step S3-5: the CPU updating the data on the 8 th word in the third cache region with the data on the 7 th word in the third cache region, updating the data on the 8 th word in the second cache region with the data on the 7 th word in the second cache region, updating the data on the 7 th word in the third cache region with the data on the 6 th word in the third cache region, updating the data on the 7 th word in the second cache region with the data on the 6 th word in the second cache region, updating the data on the 6 th word in the third cache region with the data on the 5 th word in the third cache region, and updating the data on the 6 th word in the second cache region with the data on the 5 th word in the second cache region;
step S3-6: the CPU uses the data on the 4 th word in the first cache region and the data on the 4 th word in the second cache region as a first parameter and a second parameter, calls an output result obtained by a fourth function to update the data in the seventh cache region, and uses the data on the 4 th word in the second cache region to update the data in the seventeenth cache region;
step S3-7: the CPU updates the data on the 5 th word in the third cache region by using the modulo addition operation result of the data in the seventh cache region and the data in the eighth cache region; updating the data on the 5 th word in the second cache region by using the result of the modulo addition operation of the data in the seventeenth cache region and the data in the eighteenth cache region;
step S3-8: and the CPU uses the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as the first parameter and the second parameter to call a fifth function to obtain an output result and update the data on the 5 th word in the third cache region.
Further, the ninth function is implemented as: and the CPU performs exclusive OR operation on the result of the parameter cyclic right shift by 2 bits, the result of the cyclic right shift by 13 bits and the result of the cyclic right shift by 22 bits to obtain a result which is used as an output result of the ninth function.
Further, the specific implementation process of the second function is as follows: the CPU calls a first function according to the first parameter, the second parameter, the third parameter and the fourth parameter to obtain an output result, and the output result is stored in a twenty-eighth register; calling a first function according to the first parameter, the third parameter, the fourth parameter and the sixth parameter to obtain an output result, and storing the output result in a twenty-ninth register; an output result obtained by calling the first function according to the second parameter, the third parameter, the fifth parameter and the sixth parameter is stored in a thirtieth register; and carrying out exclusive OR operation on the data in the twenty-eighth register, the data in the twenty-ninth register and the data in the thirtieth register to obtain an output result.
Further, the step S4 includes:
step S4-1: the CPU updates data on a4 th word in the third cache region with data on a3 rd word in the third cache region, updates data on a4 th word in the second cache region with data on a3 rd word in the second cache region, updates data on a3 rd word in the third cache region with data on a2 nd word in the third cache region, updates data on a3 rd word in the second cache region with data on a2 nd word in the second cache region, updates data on a2 nd word in the third cache region with data on a1 st word in the third cache region, and updates data on a2 nd word in the second cache region with data on a1 st word in the second cache region;
step S4-2: the CPU performs modular addition operation on the data in the eighth cache region and the data in the ninth cache region and updates the data on the 1 st word in the third cache region by using a modular addition result; performing modulo addition operation on the data in the eighteenth cache region and the data in the nineteenth cache region, and updating the data on the 1 st word in the second cache region by using a modulo addition result;
step S4-3: and the CPU uses the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as a first parameter and a second parameter to call a fifth function to obtain an output result and update the data on the 1 st word in the third cache region.
Further, the step S5 includes:
step S5-1: the CPU respectively judges whether the sum of the length and the free length of the data in the fifth cache region and the sixth cache region is 64 words, if so, the step S5-2 is executed, otherwise, an error is reported;
step S5-2: and the CPU judges whether the idle lengths in the fifth cache region and the sixth cache region are both 0, if so, the step S6 is executed, otherwise, the step S2 is returned.
Further, the updating the data in the first buffer area by the data in the third buffer area and the data on the upper 8 word in the second buffer area in the step S6 includes:
step Y: and the CPU sequentially takes each word in the third cache region as a first parameter, takes the data at the corresponding position in the second cache region as a second parameter, calls a fourth function to obtain an output result and stores the output result in a thirty-one register, performs modulo addition operation on the data in the thirty-one register and the data at the corresponding position in the first cache region, and updates the data at the corresponding position in the first cache region by using the modulo addition result.
Further, the step Y specifically includes: the CPU takes the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as a first parameter and a second parameter to call a fourth function to obtain an output result and stores the output result into a thirty-second register, and the data on the 1 st word in the first cache region is updated by using the result of performing modulo addition operation on the data in the thirty-second register and the data on the 1 st word in the first cache region; taking the data on the 2 nd word in the third cache region and the data on the 2 nd word in the second cache region as a first parameter and a second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-fourth register, and updating the data on the 2 nd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fourth register and the data on the 2 nd word in the first cache region; taking the data on the 3 rd word in the third cache region and the data on the 3 rd word in the second cache region as a first parameter and a second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-fifth register, and updating the data on the 3 rd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fifth register and the data on the 3 rd word in the first cache region; taking the data on the 4 th word in the third cache region and the data on the 4 th word in the second cache region as a first parameter and a second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-sixth register, and updating the data on the 4 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-sixth register and the data on the 4 th word in the first cache region; storing the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as the output result obtained by calling a fourth function by the first parameter and the second parameter into a thirty-seventh register, and updating the data on the 5 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-seventh register and the data on the 5 th word in the first cache region; taking the data on the 6 th word in the third cache region and the data on the 6 th word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-eighth register, and updating the data on the 6 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-eighth register and the data on the 6 th word in the first cache region; storing the data on the 7 th word in the third cache region and the data on the 7 th word in the second cache region as output results obtained by calling a fourth function by the first parameter and the second parameter into a thirty ninth register, and updating the data on the 7 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty ninth register and the data on the 7 th word in the first cache region; and storing the data on the 8 th word in the third cache region and the data on the 8 th word in the second cache region as output results obtained by calling a fourth function by using the first parameter and the second parameter into a fortieth register, and updating the data on the 8 th word in the first cache region by using the result of performing modulo addition operation on the data in the fortieth register and the data on the 8 th word in the first cache region.
The invention also provides a safety realization device for Hash grouping calculation, which comprises a CPU and a memory, wherein the memory comprises a first cache region, a second cache region, a third cache region, a fourth cache region, a fifth cache region, a sixth cache region, a seventh cache region, an eighth cache region, a ninth cache region, a seventeenth cache region, an eighteenth cache region, a nineteenth cache region and a twenty-seventh cache region;
the first calculation module is configured to calculate an initial vector in the first cache region and data on a high 8 word in the second cache region and store a calculation result in the third cache region, calculate original data in the fourth cache region and data on a low 16 word in the second cache region and store a calculation result in the fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region; the size of the second cache region is 24 words; the size of the fifth cache region and the sixth cache region is 64 words;
the second calculation module is configured to calculate and generate a third numerical value and a third result according to the data in the fifth cache area and the data in the sixth cache area, store the third numerical value and the third result in a seventh cache area and a seventeenth cache area respectively, calculate and store the calculation results in the fifth cache area sequentially according to the data in the seventh cache area, the data in the seventeenth cache area, and the data in the sixth cache area, calculate and store the calculation results in the sixth cache area sequentially according to the data in the seventh cache area, the data in the seventeenth cache area, and the data in the sixth cache area, calculate and obtain a first numerical value and a first result according to the data in the fifth cache area, the data in the sixth cache area, the data in the seventh cache area, and the data in the seventeenth cache area, and store the first numerical value and the first result in an eighth cache area and an eighteenth cache area respectively, calculate and generate third data according to the data in the third cache area, and store the third numerical value and the first result in the seventeenth cache area, and the eighth cache area, and the twenty-fourth cache area, and the eighth area;
the third calculation module is configured to update third data in the seventh cache area with data in the third cache area, update data in the seventeenth cache area with data in the second cache area, generate a second numerical value and a second result according to the data in the twenty seventh cache area and the data in the seventeenth cache area, and store the second numerical value and the second result in a ninth cache area and a nineteenth cache area, respectively; updating the data in the seventh cache region and the data in the seventeenth cache region according to the data in the third cache region and the first random number in the second cache region; updating the data in the ninth cache area and the data in the nineteenth cache area according to the data in the seventeenth cache area and the data in the twenty seventh cache area;
the fourth calculation module is configured to update the data in the third cache region according to the data in the eighth cache region, the data in the eighteenth cache region, the data in the ninth cache region, the data in the nineteenth cache region, the data in the seventh cache region, and the data in the seventeenth cache region;
the first judging module is configured to judge whether the length of the data in the fifth cache area and the length of the data in the sixth cache area are both 64 words, if yes, trigger the fifth calculating module, and otherwise trigger the second calculating module;
the fifth calculation module is configured to update the data in the first cache region with the data in the third cache region and the data on the high 8 word in the second cache region, and use the data in the first cache region as a hash packet calculation result.
Further, the CPU further includes a second determining module, configured to determine whether a length of input data is a preset length, and if so, group the input data according to the preset length and store a first grouped data as an initial vector in the first buffer, otherwise, fill the input data to the preset length by using 0, and then group the filled input data according to the preset length and store the first grouped data as the initial vector in the first buffer.
Further, the CPU further includes a third determining module, configured to determine whether all packet data of the input data are completely processed, if so, the processing is finished, otherwise, the next unprocessed packet data is stored as an initial vector in the first buffer, and the first calculating module is triggered.
Further, the first calculation module is specifically configured to perform an exclusive-or operation on the initial vector in the first cache region and the data on the high 8 word in the second cache region, store a calculation result in a third cache region, perform a modulo reduction operation on the original data in the fourth cache region and the data on the low 16 word in the second cache region, and store the calculation result in a fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region.
Further, the CPU further includes a generation storage module, configured to generate a first random number with a length of 24 words and store the first random number in the second cache region.
Further, the CPU further includes a module configured to use the first free word in the fifth cache area as the current location, and use the first free word in the sixth cache area as the current location.
Further, the memory further includes a tenth cache area and a twentieth cache area, the CPU further includes a first function module, a third function module, a fourth function module, a fifth function module, a sixth function module, a seventh function module, and an eighth function module, and the second calculation module includes:
the first calculation unit is used for calling a fifth function by taking data at a position, 2 words ahead of the current position, in the fifth cache region as a first parameter of the fifth function and taking data at a position, 2 words ahead of the current position, in the sixth cache region as a second parameter of the fifth function to obtain an output result, and storing the output result in the seventh cache region;
the second calculation unit is used for updating the data in the seventh cache region by using an output result obtained by calling a sixth function by using the data in the seventh cache region as a parameter, and updating the data in the seventeenth cache region by using the data in a position which is 2 words ahead of the current position in the sixth cache region as a parameter and calling the output result obtained by calling the sixth function;
a third calculating unit, configured to store, in a tenth cache area, an output result obtained by calling a fifth function with the data at the position of the 15 words ahead of the current position in the fifth cache area as a first parameter and the data at the position of the 15 words ahead of the current position in the sixth cache area as a second parameter;
a fourth calculating unit, configured to update the data in the tenth cache region with an output result obtained by calling a seventh function with data at a position 15 words ahead of the current position in the fifth cache region as a parameter, call the seventh function with data at a position 15 words ahead of the current position in the sixth cache region as a parameter to obtain an output result, and store the output result in the twentieth cache region;
a fifth calculating unit, configured to perform modulo addition on the data in the seventh cache area and the data in the seventeenth cache area as an output result obtained by calling a fourth function by using the first parameter and the second parameter, the data in the tenth cache area and the data in the twentieth cache area as an output result obtained by calling the fourth function by using the first parameter and the second parameter, the data in the position of 7 words ahead of the current position in the fifth cache area, and the data in the position of 16 words ahead of the current position in the fifth cache area, and sequentially store the modulo addition results in the fifth cache area;
a sixth calculating unit, configured to perform a modulo addition operation on data in the seventeenth cache region, data in the twentieth cache region, data in a position of a current position forward by 7 words in the sixth cache region, and data in a position of a current position forward by 16 words in the sixth cache region, and store a modulo addition result in the sixth cache region in sequence;
a seventh calculating unit, configured to perform modulo addition on data at a current position in the fifth cache region, a preset constant, and data on an 8 th word in the third cache region, and store a modulo addition result in the eighth cache region;
an eighth calculating unit, configured to perform modulo addition operation on data in the current position in the sixth cache region and a number on an 8 th word in the second cache region, and store a modulo addition result in the eighth cache region;
a ninth calculating unit, configured to call an eighth function using the data on the 5 th word in the third cache area as a parameter to obtain an output result, and update the data in the twenty-seventh cache area; using the data on the 5 th word in the second cache region as a parameter to call an eighth function to obtain an output result, and updating the data in the seventeenth cache region;
a tenth calculating unit, configured to call, using the data in the twenty-seventh cache area and the data in the seventeenth cache area as parameters, an output result obtained by a fourth function, perform modulo addition on the data in the eighth cache area, and update the data in the eighth cache area with the modulo addition result; updating the data in the eighth cache region by using a modulo addition operation result of the data in the eighteenth cache region and the data in the seventeenth cache region;
an eleventh calculating unit, configured to use the data in the 5 th word, the data in the 6 th word, the data in the 7 th word in the third cache area, and the data in the 5 th word, the data in the 6 th word, and the data in the 7 th word in the second cache area as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter, and a sixth parameter, call an output result obtained by a third function to update the data in the twenty-seventh cache area, and use a result of performing an exclusive or operation on the data in the 5 th word and the data in the 7 th word in the second cache area to update the data in the seventeenth cache area;
a twelfth calculating unit, configured to perform modulo addition on an output result obtained by calling a fourth function using the data in the twenty-seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter and the data in the eighth cache area, and update the data in the eighth cache area with the modulo addition result; and performing modulo addition operation on the data in the eighteenth cache region and the data in the seventeenth cache region and updating the data in the eighteenth cache region by using a modulo addition result.
Further, the fifth function module comprises:
a first generation and storage unit, configured to generate a second random number and store the second random number in a first register, store a result obtained by performing a double operation on the second random number in the first register in a second register, store a result obtained by performing an exclusive or operation on data in the first register and a second parameter in a third register, store a result obtained by performing an and operation on data in the first register and data in the third register in a fourth register, store a result obtained by performing an exclusive or operation on data in the second register and a first parameter in a fifth register, store a result obtained by performing an exclusive or operation on data in the first register and data in the fifth register in a sixth register, store a result obtained by performing an and operation on data in the sixth register and the second parameter in a seventh register, store a result obtained by performing an exclusive or operation on data in the fourth register and data in the seventh register in an eighth register, store a result obtained by performing an exclusive or operation on data in the fourth register and the second parameter in the ninth register in a ninth register, and store a ninth register;
the first saving and updating unit is used for saving a result obtained by performing AND operation on the data in the second register and the second parameter into an eleventh register; updating the data in the eleventh register with the result of the exclusive-or operation of the data in the eleventh register and the data in the tenth register; updating the data in the second register by using the result of AND operation of the data in the second register and the first parameter; updating the data in the eleventh register with the result of the exclusive or operation of the data in the eleventh register and the data in the second register, and updating the data in the second register with the result of the doubling operation of the data in the eleventh register;
the first judging unit is used for judging whether the cycle number is a preset value or not, if so, the first arithmetic unit is triggered, otherwise, the cycle number is updated, and the first saving updating unit is triggered;
and the first arithmetic unit is used for taking the result of the exclusive or operation of the data in the fifth register and the data in the second register as the output result of the fifth function module.
Further, the sixth function module is specifically configured to perform an exclusive or operation on the result of circularly right-shifting the parameter by 17 bits, the result of circularly right-shifting the parameter by 19 bits, and the result of right-shifting the parameter by 10 bits, and use the result as an output result of the sixth function module.
Further, the seventh function module is specifically configured to use a result obtained by performing an exclusive or operation on a result obtained by circularly right-shifting the parameter by 7 bits, a result obtained by circularly right-shifting the parameter by 18 bits, and a result obtained by right-shifting the parameter by 3 bits as an output result of the seventh function module.
Further, the fourth function module is specifically configured to generate a third random number and store the third random number in a twelfth register, store a result obtained by performing an exclusive or operation on the first parameter and the random number in the twelfth register, and store a result obtained by performing a non-operation on data in the twelfth register and data in the twelfth register in a thirteenth register; and storing a result obtained by performing exclusive-or operation on the data in the thirteenth register and the data in the twelfth register into a fourteenth register, storing a result obtained by performing exclusive-or operation on the data in the twelfth register and a second parameter into a fifteenth register, storing a result obtained by performing exclusive-or operation on the first parameter and the data in the fifteenth register into a sixteenth register, storing a result obtained by performing non-operation on the data in the sixteenth register and the data in the fifteenth register into a seventeenth register, and using a result obtained by performing exclusive-or operation on the data in the seventeenth register and the data in the fourteenth register as an output result of a fourth function module.
Further, the third function module is specifically configured to call the first function module according to the first parameter, the second parameter, the fourth parameter, and the fifth parameter to obtain an output result, and store the output result in the eighteenth register; calling a first function module according to the third parameter, the code reversal of the first parameter, the sixth parameter and the fourth parameter to obtain a result, and storing the result in a nineteenth register; and taking the result obtained by carrying out exclusive or operation on the data in the eighteenth register and the data in the nineteenth register as the output result of the third function module.
Further, the first function module is specifically configured to store a result obtained by performing an and operation on the inverse code of the fourth parameter and the third parameter in a twentieth register, store a result obtained by performing an and operation on the fourth parameter and the first parameter in a twenty-first register, store a result obtained by performing an or operation on data in the twentieth register and data in the twenty-first register in a twenty-second register, and store a result obtained by performing an and operation on the inverse code of the second parameter and data in the twenty-second register in a twenty-third register; storing a result obtained by performing an and operation on the fourth parameter and the third parameter into a twenty-fourth register, storing a result obtained by performing an and operation on an inverse code of the fourth parameter and the first parameter into a twenty-fifth register, storing a result obtained by performing an or operation on data in the twenty-fourth register and data in the twenty-fifth register into a twenty-sixth register, and storing a result obtained by performing an and operation on the second parameter and data in the twenty-sixth register into a twenty-seventh register; and taking the result obtained by performing OR operation on the data in the twenty-third register and the twenty-seventh register as the output result of the first function module.
Further, the eighth function module is specifically configured to perform an exclusive or operation on a result of circularly right shifting the parameter by 6 bits, a result of circularly right shifting the parameter by 11 bits, and a result of circularly right shifting the parameter by 25 bits, and use the result as an output result of the eighth function module.
Further, the CPU further includes a second function module and a ninth function module, and the third calculation module includes:
a thirteenth calculating unit, configured to update the data in the twenty-seventh cache area with an output result obtained by calling a ninth function with the data in the 1 st word in the third cache area as a parameter; using data on the 1 st word in the second cache region as a parameter to call a ninth function to obtain an output result, and updating a third result in the seventeenth cache region;
a fourteenth calculating unit, configured to use the data in the twenty-seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter to call a fourth function to obtain an output result, and update the data in the ninth cache area; updating the data in the nineteenth cache with the data in the seventeenth cache;
a fifteenth calculating unit, configured to update the data in the twenty-seventh cache area with an output result obtained by calling a second function with the data on the 1 st word, the data on the 2 nd word, the data on the 3 rd word in a third cache area and the data on the 1 st word, the data on the 2 nd word, and the data on the 3 rd word in the second cache area as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter, and a sixth parameter, and update the data in the seventeenth cache area with the data on the 2 nd word in the second cache area;
a sixteenth calculating unit, configured to perform modulo addition operation on an output result obtained by calling a fourth function using the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter, and the data in the ninth cache area, and update the data in the ninth cache area with the modulo addition result; performing modulo addition operation on the data in the nineteenth cache region and the data in the seventeenth cache region, and updating the data in the nineteenth cache region by using a modulo addition result;
a seventeenth calculation unit, configured to update the data on the 8 th word in the third cache area with the data on the 7 th word in the third cache area, update the data on the 8 th word in the second cache area with the data on the 7 th word in the second cache area, update the data on the 7 th word in the third cache area with the data on the 6 th word in the third cache area, update the data on the 7 th word in the second cache area with the data on the 6 th word in the second cache area, update the data on the 6 th word in the third cache area with the data on the 5 th word in the third cache area, and update the data on the 6 th word in the second cache area with the data on the 5 th word in the second cache area;
an eighteenth calculating unit, configured to use data on a4 th word in the first cache region and data on a4 th word in the second cache region as a first parameter and a second parameter, call an output result obtained by a fourth function to update data in the seventh cache region, and use data on the 4 th word in the second cache region to update data in the seventeenth cache region;
a nineteenth calculating unit, configured to update data on a5 th word in the third cache area with a result of a modulo addition operation of data in the seventh cache area and data in the eighth cache area; updating the data on the 5 th word in the second cache region by using the modulo addition operation result of the data in the seventeenth cache region and the data in the eighteenth cache region;
and the twentieth calculating unit is used for updating the data on the 5 th word in the third cache region by using the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as output results obtained by calling a fifth function by using the first parameter and the second parameter.
Further, the ninth function module is specifically configured to perform an exclusive or operation on the result of the parameter cyclic right shift by 2 bits, the result of the cyclic right shift by 13 bits, and the result of the cyclic right shift by 22 bits, and use the obtained result as an output result of the ninth function module.
Further, the second function module is specifically configured to call the first function module according to the first parameter, the second parameter, the third parameter, and the fourth parameter to obtain an output result, and store the output result in a twenty-eighth register; an output result obtained by calling the first function module according to the first parameter, the third parameter, the fourth parameter and the sixth parameter is stored in a twenty-ninth register; the output result obtained by calling the first function module according to the second parameter, the third parameter, the fifth parameter and the sixth parameter is stored in a thirtieth register; and carrying out exclusive OR operation on the data in the twenty-eighth register, the data in the twenty-ninth register and the data in the thirtieth register to obtain an output result.
Further, the fourth calculation module includes:
a twenty-first calculating unit, configured to update data on a4 th word in the third cache area with data on a3 rd word in the third cache area, update data on a4 th word in the second cache area with data on a3 rd word in the second cache area, update data on a3 rd word in the third cache area with data on a2 nd word in the third cache area, update data on a3 rd word in the second cache area with data on a2 nd word in the second cache area, update data on a2 nd word in the third cache area with data on a1 st word in the third cache area, and update data on a2 nd word in the second cache area with data on a1 st word in the second cache area;
a twenty-second calculating unit, configured to perform modulo addition on the data in the eighth cache area and the data in the ninth cache area, and update the data on the 1 st word in the third cache area with a modulo addition result; performing modulo addition operation on the data in the eighteenth cache region and the data in the nineteenth cache region, and updating the data on the 1 st word in the second cache region by using a modulo addition result;
and the twenty-third calculating unit is used for updating the data on the 1 st word in the third cache region by using the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as the first parameter and the output result obtained by calling a fifth function module by using the second parameter.
Further, the first determining module includes:
the second judging unit is used for respectively judging whether the sum of the length of the data in the fifth cache region and the length of the data in the sixth cache region is 64 words or not, if so, the third judging unit is triggered, and if not, an error is reported;
and the third judging unit is used for judging whether the idle lengths in the fifth cache region and the sixth cache region are both 0, if so, triggering the fifth calculating module, and otherwise, triggering the second calculating module.
Further, the fifth calculation module includes:
a twenty-fourth calculating unit, configured to sequentially store, in a thirty-first register, an output result obtained by calling a fourth function module with each word in the third cache area as a first parameter and data at a corresponding position in the second cache area as a second parameter, perform modulo addition operation on the data in the thirty-first register and the data at the corresponding position in the first cache area, and update the data at the corresponding position in the first cache area with the modulo addition result;
a first acting unit for taking the data in the first buffer as a hash packet calculation result.
Further, the twenty-fourth calculating unit is specifically configured to store the data in the 1 st word in the third cache area and the data in the 1 st word in the second cache area as output results obtained by calling a fourth function module by using the first parameter and the second parameter to a thirty-second register, and update the data in the 1 st word in the first cache area by using a result of performing modulo addition operation on the data in the thirty-second register and the data in the 1 st word in the first cache area; taking the data on the 2 nd word in the third cache region and the data on the 2 nd word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-fourth register, and updating the data on the 2 nd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fourth register and the data on the 2 nd word in the first cache region; taking the data on the 3 rd word in the third cache region and the data on the 3 rd word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-fifth register, and updating the data on the 3 rd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fifth register and the data on the 3 rd word in the first cache region; taking the data on the 4 th word in the third cache region and the data on the 4 th word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-sixth register, and updating the data on the 4 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-sixth register and the data on the 4 th word in the first cache region; taking the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-seventh register, and updating the data on the 5 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-seventh register and the data on the 5 th word in the first cache region; taking the data on the 6 th word in the third cache region and the data on the 6 th word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-eighth register, and updating the data on the 6 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-eighth register and the data on the 6 th word in the first cache region; taking the data on the 7 th word in the third cache region and the data on the 7 th word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-ninth register, and updating the data on the 7 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-ninth register and the data on the 7 th word in the first cache region; and storing the data on the 8 th word in the third cache region and the data on the 8 th word in the second cache region as output results obtained by calling a fourth function module by using the first parameter and the second parameter into a fortieth register, and updating the data on the 8 th word in the first cache region by using the result of performing modulo addition operation on the data in the fortieth register and the data on the 8 th word in the first cache region.
Compared with the prior art, the invention has the following advantages:
the technical scheme of the invention can well protect the hash data, all hash data and intermediate processes do not have plaintext values in the whole hash process through the random mask, can well resist power consumption analysis such as energy and electromagnetism, judges whether the hash data is subjected to error attack after each packet calculation, reports errors when the error attack occurs, and can effectively prevent the error attack.
Drawings
Fig. 1 is a flowchart of a secure implementation method for hash packet computation according to an embodiment of the present invention;
fig. 2 and fig. 3 are flowcharts of a secure implementation method for hash packet calculation according to a second embodiment of the present invention;
fig. 4 is a block diagram of a security implementation apparatus for hash packet calculation according to an embodiment of the present invention.
Detailed Description
The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the drawings in the embodiments of the present invention, and it is obvious that the described embodiments are only a part of the embodiments of the present invention, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.
Example one
An embodiment of the present invention provides a secure implementation method for hash packet calculation, as shown in fig. 1, including:
step S1: the CPU calculates the initial vector in the first cache region and the data on the high 8 words in the second cache region and stores the calculation result in the third cache region, calculates the original data in the fourth cache region and the data on the low 16 words in the second cache region and stores the calculation result in the fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region;
specifically, step S1 includes: the CPU carries out XOR operation on the initial vector in the first cache region and the data on the high 8 words in the second cache region and stores the calculation result into a third cache region, and carries out modular subtraction operation on the original data in the fourth cache region and the data on the low 16 words in the second cache region and stores the calculation result into a fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region;
in this embodiment, the length of the initial vector of the first buffer area is 8 words, the length of the original data of the fourth buffer area is 16 words, and the length of the data in the second buffer area is 24 words; the sizes of the fifth cache region and the sixth cache region are 64 words, and the storage sequence is that the storage is sequentially performed from the front;
optionally, in this embodiment, before step S1, the method further includes: the CPU generates a first random number with the length of 24 words and stores the first random number in a second cache region;
step S2: the CPU calculates and generates a third numerical value and a third result according to the data in the fifth cache region and the data in the sixth cache region and stores the third numerical value and the third result in the seventh cache region and the seventeenth cache region respectively, calculates and stores the calculation results in the fifth cache region in sequence according to the data in the seventh cache region, the data in the seventeenth cache region and the data in the sixth cache region, calculates and obtains a first numerical value and a first result according to the data in the fifth cache region, the data in the sixth cache region, the data in the seventh cache region and the data in the seventeenth cache region and stores the first numerical value and the first result in the eighth cache region and the eighteenth cache region respectively, calculates and generates third data according to the data in the third cache region and stores the third numerical value in the twenty-seventh cache region, and stores the third numerical value and the first result in the twenty-seventh cache region and the eighteenth data in the seventeenth cache region in a more new data in the twenty-eighth cache region;
preferably, in this embodiment, step S2 further includes, before: the CPU takes the first idle word in the fifth cache region as the current position and takes the first idle word in the sixth cache region as the current position;
in this embodiment, the data stored in the fifth cache region and the sixth cache region are sequentially accessed from front to back, and the size of the fifth cache region and the size of the sixth cache region are fixed to 64 words;
specifically, in this embodiment, step S2 includes:
step S2-1: the CPU takes the data at the position of the current position 2 words ahead in the fifth cache region as a first parameter of a fifth function, takes the data at the position of the current position 2 words ahead in the sixth cache region as a second parameter of the fifth function, calls the fifth function to obtain an output result and stores the output result in a seventh cache region;
step S2-2: the CPU uses the data in the seventh cache region as a parameter to call the output result obtained by the sixth function to update the data in the seventh cache region, uses the data in the position 2 words ahead of the current position in the sixth cache region as a parameter to call the sixth function to obtain the output result, and stores the output result in the seventeenth cache region;
step S2-3: the CPU takes the data at the position 15 words ahead of the current position in the fifth cache region as a first parameter, and takes the data at the position 15 words ahead of the current position in the sixth cache region as a second parameter to call a fifth function to obtain an output result, and the output result is stored in the tenth cache region;
step S2-4: the CPU uses the data at the position 15 words ahead of the current position in the fifth cache region as a parameter to call a seventh function to obtain an output result and updates the data in the tenth cache region, uses the data at the position 15 words ahead of the current position in the sixth cache region as a parameter to call the seventh function to obtain an output result and stores the output result in the twentieth cache region;
step S2-5: the CPU takes the data in the seventh cache region and the data in the seventeenth cache region as a first parameter and a second parameter to call a fourth function to obtain an output result, takes the data in the tenth cache region and the data in the twentieth cache region as a first parameter and a second parameter to call a fourth function to obtain an output result, takes the data at the position of 7 words ahead of the current position in the fifth cache region and the data at the position of 16 words ahead of the current position in the fifth cache region to carry out modulo addition operation, and sequentially stores the modulo addition result into the fifth cache region;
step S2-6: the CPU performs modular addition operation on the data in the seventeenth cache region, the data in the twentieth cache region, the data at the position 7 words ahead of the current position in the sixth cache region and the data at the position 16 words ahead of the current position in the sixth cache region, and sequentially stores the modular addition results into the sixth cache region;
step S2-7: the CPU performs modular addition operation on the data at the current position in the fifth cache region, a preset constant and the data on the 8 th word in the third cache region and stores the modular addition result into the eighth cache region;
step S2-8: the CPU performs the modulo addition operation on the data at the current position in the sixth cache region and the number on the 8 th word in the second cache region and stores the modulo addition result into the eighteenth cache region;
step S2-9: the CPU uses the data on the 5 th word in the third cache region as a parameter to call an eighth function to obtain an output result and update the data in the twenty-seventh cache region; using the data on the 5 th word in the second cache region as a parameter to call an eighth function to obtain an output result and update the data in the seventeenth cache region;
step S2-10: the CPU takes the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter and calls an output result obtained by a fourth function to perform modular addition operation with the data in the eighth cache area, and the data in the eighth cache area is updated by using the modular addition result; updating the data in the eighth cache region by using the modulo addition operation result of the data in the eighteenth cache region and the data in the seventeenth cache region;
step S2-11: the CPU uses the data on the 5 th word, the data on the 6 th word, the data on the 7 th word in the third cache region and the data on the 5 th word, the data on the 6 th word and the data on the 7 th word in the second cache region as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter and a sixth parameter, calls an output result obtained by a third function to update the data in a twenty-seventh cache region, and uses the result of the XOR operation between the data on the 5 th word and the data on the 7 th word in the second cache region to update the data in the seventeenth cache region;
step S2-12: the CPU takes the data in the twenty-seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter to call the output result obtained by the fourth function to perform modulo addition operation with the data in the eighth cache area and update the data in the eighth cache area by using the modulo addition result; and performing modulo addition operation on the data in the eighteenth cache region and the data in the seventeenth cache region and updating the data in the eighteenth cache region by using a modulo addition result.
And step S3: the CPU updates the third data in the seventh cache region by using the data in the third cache region, updates the data in the seventeenth cache region by using the data in the second cache region, generates a second numerical value and a second result according to the data in the twenty seventh cache region and the data in the seventeenth cache region, and respectively stores the second numerical value and the second result in the ninth cache region and the nineteenth cache region; updating the data in the seventh cache region and the data in the seventeenth cache region according to the data in the third cache region and the first random number in the second cache region; updating the data in the ninth cache area and the data in the nineteenth cache area according to the data in the seventeenth cache area and the data in the twenty-seventh cache area;
specifically, in this embodiment, step S3 includes:
step S3-1: the CPU uses the data on the 1 st word in the third cache region as a parameter to call a ninth function to obtain an output result and updates the data in the twenty-seventh cache region; using the data on the 1 st word in the second cache region as a parameter to call a ninth function to obtain an output result, and updating the data in the seventeenth cache region;
step S3-2: the CPU uses the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to call an output result obtained by a fourth function to update the data in the ninth cache area; updating the data in the nineteenth cache area with the data in the seventeenth cache area;
step S3-3: the CPU uses the data on the 1 st word, the data on the 2 nd word, the data on the 3 rd word in the third cache region and the data on the 1 st word, the data on the 2 nd word and the data on the 3 rd word in the second cache region as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter and a sixth parameter to call an output result obtained by a second function to update the data in the twenty-seventh cache region, and uses the data on the 2 nd word in the second cache region to update the data in the seventeenth cache region;
step S3-4: the CPU uses the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to call an output result obtained by a fourth function to perform modular addition operation with the data in the ninth cache area and uses the modular addition result to update the data in the ninth cache area; performing modulo addition operation on the data in the nineteenth cache region and the data in the seventeenth cache region, and updating the data in the nineteenth cache region by using a modulo addition result;
step S3-5: the CPU updates the data on the 8 th word in the third cache region with the data on the 7 th word in the third cache region, updates the data on the 8 th word in the second cache region with the data on the 7 th word in the second cache region, updates the data on the 7 th word in the third cache region with the data on the 6 th word in the third cache region, updates the data on the 7 th word in the second cache region with the data on the 6 th word in the second cache region, updates the data on the 6 th word in the third cache region with the data on the 5 th word in the third cache region, and updates the data on the 6 th word in the second cache region with the data on the 5 th word in the second cache region;
step S3-6: the CPU uses the data on the 4 th word in the first cache region and the data on the 4 th word in the second cache region as a first parameter and a second parameter, calls an output result obtained by a fourth function to update the data in the seventh cache region, and uses the data on the 4 th word in the second cache region to update the data in the seventeenth cache region;
step S3-7: the CPU updates the data on the 5 th word in the third cache region by using the modulo addition operation result of the data in the seventh cache region and the data in the eighth cache region; updating the data on the 5 th word in the second cache region by using the result of the modulo addition operation of the data in the seventeenth cache region and the data in the eighteenth cache region;
step S3-8: the CPU uses the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as a first parameter and a second parameter to call a fifth function to obtain an output result and update the data on the 5 th word in the third cache region;
and step S4: the CPU updates the data in the third cache region according to the data in the eighth cache region, the data in the eighteenth cache region, the data in the ninth cache region, the data in the nineteenth cache region, the data in the seventh cache region and the data in the seventeenth cache region;
specifically, in this embodiment, step S4 includes:
step S4-1: the CPU updates the data on the 4 th word in the third cache region by using the data on the 3 rd word in the third cache region, updates the data on the 4 th word in the second cache region by using the data on the 3 rd word in the second cache region, updates the data on the 3 rd word in the third cache region by using the data on the 2 nd word in the third cache region, updates the data on the 3 rd word in the second cache region by using the data on the 2 nd word in the second cache region, updates the data on the 2 nd word in the third cache region by using the data on the 1 st word in the third cache region, and updates the data on the 2 nd word in the second cache region by using the data on the 1 st word in the second cache region;
step S4-2: the CPU performs modular addition operation on the data in the eighth cache region and the data in the ninth cache region and updates the data on the 1 st word in the third cache region by using a modular addition result; performing modular addition operation on the data in the eighteenth cache region and the data in the nineteenth cache region, and updating the data on the 1 st word in the second cache region by using a modular addition result;
step S4-3: the CPU uses the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as a first parameter and a second parameter to call a fifth function to obtain an output result and update the data on the 1 st word in the third cache region;
step S5: the CPU judges whether the length of the data in the fifth cache region and the length of the data in the sixth cache region are both 64 words, if yes, the step S6 is returned, otherwise, the step S2 is executed;
specifically, in this embodiment, step S5 includes:
step S5-1: the CPU respectively judges whether the sum of the length of the data in the fifth cache region and the length of the data in the sixth cache region is 64 words or not, if so, the step S5-2 is executed, otherwise, an error is reported;
step S5-2: the CPU judges whether the idle lengths in the fifth cache region and the sixth cache region are both 0, if yes, the step S6 is executed, and if not, the step S2 is returned to;
step S6: the CPU updates the data in the first buffer with the data in the third buffer and the data on the high 8 word in the second buffer and takes the data in the first buffer as the hash packet calculation result.
In this embodiment, the updating the data in the first buffer with the data in the third buffer and the data on the upper 8 words in the second buffer in step S6 includes: step Y: sequentially taking each word in the third cache region as a first parameter, taking data at a corresponding position in the second cache region as a second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-one register, performing modulo addition operation on the data in the thirty-one register and the data at the corresponding position in the first cache region, and updating the data at the corresponding position in the first cache region by using the modulo addition result;
the step Y specifically comprises the following steps: taking the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as a first parameter and a second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-second register, and updating the data on the 1 st word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-second register and the data on the 1 st word in the first cache region; taking the data on the 2 nd word in the third cache region and the data on the 2 nd word in the second cache region as a first parameter and a second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-fourth register, and updating the data on the 2 nd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fourth register and the data on the 2 nd word in the first cache region; taking the data on the 3 rd word in the third cache region and the data on the 3 rd word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-fifth register, and updating the data on the 3 rd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fifth register and the data on the 3 rd word in the first cache region; taking the data on the 4 th word in the third cache region and the data on the 4 th word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-sixth register, and updating the data on the 4 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-sixth register and the data on the 4 th word in the first cache region; taking the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-seventh register, and updating the data on the 5 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-seventh register and the data on the 5 th word in the first cache region; taking the data on the 6 th word in the third cache region and the data on the 6 th word in the second cache region as a first parameter and a second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-eighth register, and updating the data on the 6 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-eighth register and the data on the 6 th word in the first cache region; taking the data on the 7 th word in the third cache region and the data on the 7 th word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-ninth register, and updating the data on the 7 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-ninth register and the data on the 7 th word in the first cache region; and storing the data on the 8 th word in the third cache region and the data on the 8 th word in the second cache region as output results obtained by calling a fourth function by the first parameter and the second parameter into a fortieth register, and updating the data on the 8 th word in the first cache region by using the result of performing modulo addition operation on the data in the fortieth register and the data on the 8 th word in the first cache region.
Preferably, in this embodiment, step S1 further includes: the CPU judges whether the length of the input data is a preset length or not, if so, the input data is grouped according to the preset length and first grouped data is stored into a first cache region as an initial vector, otherwise, 0 is used for filling the input data to the preset length, and then the filled input data is grouped according to the preset length and the first grouped data is stored into the first cache region as the initial vector;
correspondingly, step S6 is followed by: and judging whether all the grouped data of the input data are completely processed, if so, finishing the processing, otherwise, storing the next unprocessed grouped data serving as an initial vector into the first buffer area, and returning to the step S1.
Example two
An embodiment of the present invention provides a secure implementation method for hash packet calculation, as shown in fig. 2 and 3, including:
step 101: the CPU obtains an initial vector and stores the initial vector in a first cache region, and obtains original data and stores the original data in a fourth cache region; generating a first random number with a preset length and storing the first random number in a second cache region;
specifically, in this embodiment, the length of the initial vector is 8 words, the length of the original data is 16 words, and the length of the first random number is 24 words; each word is 32 bits;
for example, the initial vector in this embodiment is 0x6a09e667 0xbb67ae85 x3c6ef372 0xa54ff53a 0x510e527f 0x9b05688c 0x1f83d9ab 0x5be0cd19, the original data were 0XB505CD88 0X6E54FD04 0X4F7119A8 0X541922FB 0X665B3EDE 0XE78390XE93C869A 0X44BE2306 0XD98E8B58 XAFCD7BC8 0X9D83DE 0X165CB5A6 XEC410A1B 0XD0X4C4B0XBFADD5B3 X0CD5447, the first random number generated was 0x09b7cbdd 0x5f253cc0 0xdbdae401 0xb8d57bbe 0x14e6a0260x64607bfd.0x63267a6f.0xd99c15dc.0Xf0F12D0Xb10Xb10Xb0Xd82055 0X3F08FCDF 0X6CD35AB5 0XDDB4F36D 0XE2808227 0X0BAE7946 0X28F2044A 0X49E3FA9A 0XBEECd013 0X17287389 0X24EABC95 0X513FBF7 XDA7772DC 0X63E2FE6B;
step 102: the CPU carries out XOR operation on the initial vector in the first cache region and the data on the high 8 words in the second cache region and stores the calculation result into a third cache region, and carries out modular subtraction operation on the original data in the fourth cache region and the data on the low 16 words in the second cache region and stores the calculation result into a fifth cache region;
specifically, the length of the data in the third cache region is 8 words, and the length of the data in the fifth cache region is 16 words;
for example, in this embodiment, the data in the third buffer is 0x63be2dba 0xe4429245 0xe7b41773, 0x1d9a8e84, 0x45e8f259, 0xff651371, 0x7ca5a3c4, 0xcd8278c5, and the data in the fifth buffer is: 0X71D7DB98 0X4E3D4053 0XFA50A162 0X741D1ABC0XB1006B72 B72 0X798FE2A3 XC11BA05B8 0XE4474FB 0X8F899930 0X14D2987F 0XEBCC9720 0X8CE98D8F 0X56841FF0XDB413ACd0XE33B5dd9 X8ACE71E4;
step 103: the CPU stores the data on the lower 16 words in the second cache region into a sixth cache region;
in this embodiment, the data stored in the fifth buffer area and the sixth buffer area are sequentially accessed from front to back;
step 104: the CPU takes the first idle word in the fifth cache region as the current position and takes the first idle word in the sixth cache region as the current position;
for example, in this step, the first free word in the fifth cache region is the 17 th word starting from the 1 st word in the fifth cache region, and the first free word in the sixth cache region is the 17 th word starting from the 1 st word in the sixth cache region;
step 105: the CPU uses the data at the position of the current position 2 words ahead in the fifth cache region as a first parameter of a fifth function, uses the data at the position of the current position 2 words ahead in the sixth cache region as a second parameter of the fifth function, calls the fifth function to obtain an output result and stores the output result in a seventh cache region;
specifically, in this embodiment, the implementation process of the fifth function is as follows:
step a1: the CPU generates a second random number and stores the second random number into a first register, a result obtained by carrying out doubling operation on the second random number in the first register is stored into a second register, a result obtained by carrying out exclusive OR operation on data in the first register and second parameters is stored into a third register, a result obtained by carrying out exclusive OR operation on data in the first register and data in the third register is stored into a fourth register, a result obtained by carrying out exclusive OR operation on data in the second register and first parameters is stored into a fifth register, a result obtained by carrying out exclusive OR operation on data in the first register and data in the fifth register is stored into a sixth register, a result obtained by carrying out exclusive OR operation on data in the sixth register and second parameters is stored into a seventh register, a result obtained by carrying out exclusive OR operation on data in the fourth register and data in the seventh register is stored into an eighth register, a result obtained by carrying out exclusive OR operation on data in the second register and second parameters is stored into a ninth register, and a result obtained by carrying out exclusive OR operation on data in the ninth register and the ninth register;
step a2: the CPU performs AND operation on the data in the second register and the second parameter to obtain a result, and the result is stored in an eleventh register; updating the data in the eleventh register with the result of the exclusive or operation of the data in the eleventh register and the data in the tenth register; updating the data in the second register by using the result of the AND operation of the data in the second register and the first parameter; updating the data in the eleventh register by using the result of the exclusive-or operation of the data in the eleventh register and the data in the second register, and updating the data in the second register by using the result of the doubling operation of the data in the eleventh register;
step a3: the CPU judges whether the cycle number is a preset value, if so, the step a4 is executed, otherwise, the cycle number is updated, and the step a2 is returned;
in this embodiment, if the initial value of the cycle count is 1, the preset value is 31, and the updating cycle count specifically includes: the cycle number is added by 1; if the initial value of the cycle number is 31, the preset value is 1, and the updating cycle number specifically comprises: the cycle number is reduced by 1;
step a4: the CPU takes the result of the XOR operation of the data in the fifth register and the data in the second register as the output result of the fifth function;
for example, the data in the seventh buffer area in this step is 0x63dfa269;
step 106: the CPU uses the data in the seventh cache region as a parameter to call the output result obtained by the sixth function to update the data in the seventh cache region, uses the data in the position 2 words ahead of the current position in the sixth cache region as a parameter to call the sixth function to obtain the output result, and stores the output result in the seventeenth cache region;
in this embodiment, the sixth function is implemented as: the CPU performs exclusive OR operation on the result of the parameter cyclic right shift by 17 bits, the result of the cyclic right shift by 19 bits and the result of the parameter cyclic right shift by 10 bits to obtain a result which is used as an output result of a sixth function;
for example, the data in the seventeenth buffer in this step is 0x25616a7c;
step 107: the CPU takes the data at the position 15 words ahead of the current position in the fifth cache region as a first parameter, takes the data at the position 15 words ahead of the current position in the sixth cache region as a second parameter, calls a fifth function to obtain an output result and stores the output result in the tenth cache region;
for example, the data in the tenth buffer in this step is 0x4e4341b5;
step 108: the CPU uses the data in the tenth cache region as a parameter to call a seventh function to obtain an output result to update the data in the tenth cache region, uses the data at the position 15 words ahead of the current position in the sixth cache region as a parameter to call the seventh function to obtain an output result, and stores the output result in the twentieth cache region;
in this embodiment, the implementation process of the seventh function is: the CPU performs exclusive OR operation on the result of the parameter cyclic right shift by 7 bits, the result of the cyclic right shift by 18 bits and the result of the right shift by 3 bits to obtain a result which is used as an output result of a seventh function;
for example, the data in the twentieth buffer in this step is 0xb339bd25;
step 109: the CPU uses the data in the seventh cache region and the data in the seventeenth cache region as a first parameter and a second parameter to call an output result obtained by a fourth function, uses the data in the tenth cache region and the data in the twentieth cache region as a first parameter and a second parameter to call a fourth function to obtain an output result, and stores the result obtained by performing modulo addition operation on the data at the position 7 words ahead of the current position in the fifth cache region and the data at the position 16 words ahead of the current position in the fifth cache region in sequence;
specifically, in this embodiment, the implementation process of the fourth function is: the CPU generates a third random number and stores the third random number in a twelfth register, stores a result obtained by carrying out XOR operation on the first parameter and the random number in the twelfth register, and stores a result obtained by carrying out non-operation on data in the twelfth register and data in the twelfth register in a thirteenth register; storing a result obtained by performing exclusive-or operation on the data in the thirteenth register and the data in the twelfth register into the fourteenth register, storing a result obtained by performing exclusive-or operation on the data in the twelfth register and the second parameter into the fifteenth register, storing a result obtained by performing exclusive-or operation on the first parameter and the data in the fifteenth register into the sixteenth register, storing a result obtained by performing non-operation on the data in the sixteenth register and the data in the fifteenth register into the seventeenth register, and using a result obtained by performing exclusive-or operation on the data in the seventeenth register and the data in the fourteenth register as an output result of the fourth function;
for example, the data stored in the fifth buffer area in this step is 0x12b22b28;
step 110: the CPU performs modular addition operation on the data in the seventeenth cache region, the data in the twentieth cache region, the data at the position 7 words ahead of the current position in the sixth cache region and the data at the position 16 words ahead of the current position in the sixth cache region, and sequentially stores the modular addition results into the sixth cache region;
for example, the data stored in the sixth buffer area in this step is 0xdcb88f4d;
step 111: the CPU carries out modular addition operation on the data at the current position in the fifth cache region, a preset constant and the data on the 8 th word in the third cache region and stores a modular addition result into the eighth cache region;
for example, the data in the eighth buffer in this step is 0x25e34e72;
step 112: the CPU performs the modulo addition operation on the data at the current position in the sixth cache region and the number on the 8 th word in the second cache region and stores the modulo addition result into the eighteenth cache region;
in the embodiment, the modulus of all the modulo addition operations is 32 powers of 2;
for example, the data in the eighteenth cache area in this step is 0x56ef8933;
step 113: the CPU uses the data on the 5 th word in the third cache region as a parameter to call an eighth function to obtain an output result and update the data in the twenty-seventh cache region; using the data on the 5 th word in the second cache region as a parameter to call an eighth function to obtain an output result and update the data in the seventeenth cache region;
specifically, in this embodiment, the implementation process of the eighth function is: the CPU performs exclusive OR operation on the result of the parameter cyclic right shift by 6 bits, the result of the cyclic right shift by 11 bits and the result of the cyclic right shift by 25 bits to obtain a result which is used as an output result of the eighth function;
for example, the data in the twenty-seventh buffer area in this step is 0xef679d54, and the data in the seventeenth buffer area is 0x741c7028;
step 114: the CPU takes the data in the twenty-seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter to call the output result obtained by the fourth function to perform modulo addition operation with the data in the eighth cache area and update the data in the eighth cache area by using the modulo addition result; updating the data in the eighteenth cache region by using the result of the modulo addition operation of the data in the eighteenth cache region and the data in the seventeenth cache region;
for example, the data in the eighth buffer area in this step is 0xc70ac99e, and the data in the eighteenth buffer area is 0xd98328d4;
step 115: the CPU uses the data on the 5 th word, the data on the 6 th word, the data on the 7 th word in the third cache region and the data on the 5 th word, the data on the 6 th word and the data on the 7 th word in the second cache region as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter and a sixth parameter, calls an output result obtained by a third function to update the data in the twenty-seventh cache region, and uses the result of XOR operation between the data on the 5 th word in the second cache region and the data on the 7 th word to update the data in the seventeenth cache region;
specifically, in this embodiment, the implementation process of the third function is as follows: the CPU calls a first function according to the first parameter, the second parameter, the fourth parameter and the fifth parameter to obtain an output result and stores the output result in an eighteenth register; a result obtained by calling a first function according to the third parameter, the code reversal of the first parameter, the sixth parameter and the fourth parameter is stored in a nineteenth register; taking the result obtained by carrying out exclusive or operation on the data in the eighteenth register and the data in the nineteenth register as the output result of the third function;
the first function comprises a first parameter, a second parameter, a third parameter and a fourth parameter, and the implementation process of the first function specifically comprises the following steps: the CPU performs AND operation on the inverse code of the fourth parameter and the third parameter to obtain a result, the result is stored in a twentieth register, the result is stored in a twenty-first register, the result is stored in a twenty-second register, the result is obtained by performing OR operation on the data in the twentieth register and the data in the twenty-first register, and the result is stored in a twenty-third register, the result is obtained by performing AND operation on the inverse code of the second parameter and the data in the twenty-second register; storing a result obtained by performing an and operation on the fourth parameter and the third parameter into a twenty-fourth register, storing a result obtained by performing an and operation on an inverse code of the fourth parameter and the first parameter into a twenty-fifth register, storing a result obtained by performing an or operation on data in the twenty-fourth register and data in the twenty-fifth register into a twenty-sixth register, and storing a result obtained by performing an and operation on the second parameter and data in the twenty-sixth register into a twenty-seventh register; taking the result obtained by performing OR operation on the data in the twenty-third register and the twenty-seventh register as the output result of the first function;
for example, the data in the twenty-seventh buffer area in this step is 0x552dfee8, and the data in the seventeenth buffer area is 0x6a09e667;
step 116: the CPU takes the data in the twenty-seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter to call the output result obtained by the fourth function to perform modulo addition operation with the data in the eighth cache area and update the data in the eighth cache area by using the modulo addition result; performing modulo addition operation on the data in the eighteenth cache region and the data in the seventeenth cache region and updating the data in the eighteenth cache region by using a modulo addition result;
for example, in the eighth buffer area in this step, 0x7a367706 is provided, and the data in the eighteenth buffer area is 0x51fd78d8;
step 117: the CPU uses the data on the 1 st word in the third cache region as a parameter to call a ninth function to obtain an output result and update the data in the twenty-seventh cache region; using the data on the 1 st word in the second cache region as a parameter to call a ninth function to obtain an output result and update the data in the seventeenth cache region;
specifically, the implementation process of the ninth function in this embodiment is as follows: the CPU performs exclusive OR operation on the result of the parameter cyclic right shift by 2 bits, the result of the cyclic right shift by 13 bits and the result of the cyclic right shift by 22 bits to obtain a result which is used as an output result of the ninth function;
for example, the data in the twenty-seventh buffer area in this step is 0xf9d83056, and the data in the seventeenth buffer area is 0xbf7de200;
step 118: the CPU uses the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to call an output result obtained by a fourth function to update the data in the ninth cache area; updating the data in the nineteenth cache area with the data in the seventeenth cache area;
for example, the data in the ninth buffer in this step is 0x8727f056, and the data in the nineteenth buffer is 0xbf7de200;
step 119: the CPU uses the data on the 1 st word, the data on the 2 nd word, the data on the 3 rd word in the third cache region and the data on the 1 st word, the data on the 2 nd word and the data on the 3 rd word in the second cache region as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter and a sixth parameter to call an output result obtained by a second function to update the data in the twenty-seventh cache region, and uses the data on the 2 nd word in the second cache region to update the data in the seventeenth cache region;
in this embodiment, the specific implementation process of the second function is: the CPU calls a first function according to the first parameter, the second parameter, the third parameter and the fourth parameter to obtain an output result, and the output result is stored in a twenty-eighth register; calling a first function according to the first parameter, the third parameter, the fourth parameter and the sixth parameter to obtain an output result, and storing the output result in a twenty-ninth register; an output result obtained by calling the first function according to the second parameter, the third parameter, the fifth parameter and the sixth parameter is stored in a thirtieth register; carrying out exclusive-or operation on the data in the twenty-eighth register, the data in the twenty-ninth register and the data in the thirtieth register to obtain an output result;
for example, the data in the twenty-seventh buffer area in this step is 0x81d30a28, and the data in the seventeenth buffer area is 0x86 afc 98;
step 120: the CPU uses the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to call an output result obtained by a fourth function to perform modulo addition operation with the data in the ninth cache area and update the data in the ninth cache area by using the modulo addition result; updating the data in the nineteenth cache region by using the modulo addition operation result of the data in the nineteenth cache region and the data in the seventeenth cache region;
for example, the data in the ninth buffer area in this step is 0x07f4ea6e, and the data in the nineteenth buffer area is 0x462dde98;
step 121: the CPU updates the data on the 8 th word in the third cache region by using the data on the 7 th word in the third cache region, updates the data on the 8 th word in the second cache region by using the data on the 7 th word in the second cache region, updates the data on the 7 th word in the third cache region by using the data on the 6 th word in the third cache region, updates the data on the 7 th word in the second cache region by using the data on the 6 th word in the second cache region, updates the data on the 6 th word in the third cache region by using the data on the 5 th word in the third cache region, and updates the data on the 6 th word in the second cache region by using the data on the 5 th word in the second cache region;
for example, the data on the words 6, 7, and 8 in the third buffer in this step are: 0x8948672b, 0x413370e1, 0x9cf59dc3; the data on the 6 th, 7 th and 8 th words in the second cache are 0xf9dc5033, 0x45b6ee7c and 0x205f78e7 respectively;
step 122: the CPU uses the data on the 4 th word in the first cache region and the data on the 4 th word in the second cache region as a first parameter and a second parameter, calls an output result obtained by a fourth function to update the data in the seventh cache region, and uses the data on the 4 th word in the second cache region to update the data in the seventeenth cache region;
for example, the data in the seventh buffer area in this step is 0xe728d34c, and the data in the seventeenth buffer area is 0x2509598f;
step 123: the CPU updates the data on the 5 th word in the third cache region by using the modulo addition operation result of the data in the seventh cache region and the data in the eighth cache region; updating the data on the 5 th word in the second cache region by using the result of the modulo addition operation of the data in the seventeenth cache region and the data in the eighteenth cache region;
for example, the data on the 5 th word in the third buffer area in this step is 0x615f4a52, and the data on the 5 th word in the second buffer area is 0x7706d267;
step 124: the CPU uses the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as a first parameter and a second parameter to call a fifth function to obtain an output result and update the data on the 5 th word in the third cache region;
for example, the data on the 5 th word in the third cache area in this step is 0xaf60cede;
step 125: the CPU updates the data on the 4 th word in the third cache region by the data on the 3 rd word in the third cache region, updates the data on the 4 th word in the second cache region by the data on the 3 rd word in the second cache region, updates the data on the 3 rd word in the third cache region by the data on the 2 nd word in the third cache region, updates the data on the 3 rd word in the second cache region by the data on the 2 nd word in the second cache region, updates the data on the 2 nd word in the third cache region by the data on the 1 st word in the third cache region, and updates the data on the 2 nd word in the second cache region by the data on the 1 st word in the second cache region;
for example, the data on the 2 nd, 3 rd and 4 th words in the third buffer in this step are respectively: 0x77444ea6, 0x83892ae9, 0x53223341; the data on the 2 nd, 3 rd and 4 th words in the second cache region are 0x70b8f816, 0x77444ea6 and 0xf97ec7e5 respectively;
step 126: the CPU updates the data on the 1 st word in the third cache region by using the modulo addition operation result of the data in the eighth cache region and the data in the ninth cache region; updating the data on the 1 st word in the second cache region by using the result of the modulo addition operation of the data in the eighteenth cache region and the data in the nineteenth cache region;
for example, the data on the 1 st word in the third buffer area in this step is 0x822b6174, and the data on the 1 st word in the second buffer area is 0x982b5770;
step 127: the CPU uses the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as a first parameter and a second parameter to call a fifth function to obtain an output result and update the data on the 1 st word in the third cache region;
for example, the data on the 1 st word in the third buffer in this step is 0x827def94;
step 128: the CPU respectively judges whether the sum of the length and the idle length of the data in the fifth cache region and the sixth cache region is 64 words, if so, the step 129 is executed, otherwise, an error is reported;
step 129: the CPU judges whether the idle lengths in the fifth cache region and the sixth cache region are both 0, if yes, the step 130 is executed, otherwise, the step 104 is returned to;
step 130: the CPU takes each word in the third cache region as a first parameter, the data at the corresponding position in the second cache region as a second parameter in sequence and calls a fourth function to obtain an output result and stores the output result into a thirty-one register, the data in the thirty-one register and the data at the corresponding position in the first cache region are subjected to modulo addition operation, and the data at the corresponding position in the first cache region are updated by the modulo addition result;
in this embodiment, step 130 includes: the CPU takes the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as a first parameter and a second parameter to call a fourth function to obtain an output result, the output result is stored in a thirty-second register, and the data on the 1 st word in the first cache region is updated by using the result of performing modulo addition operation on the data in the thirty-second register and the data on the 1 st word in the first cache region; taking the data on the 2 nd word in the third cache region and the data on the 2 nd word in the second cache region as a first parameter and a second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-fourth register, and updating the data on the 2 nd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fourth register and the data on the 2 nd word in the first cache region; taking the data on the 3 rd word in the third cache region and the data on the 3 rd word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-fifth register, and updating the data on the 3 rd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fifth register and the data on the 3 rd word in the first cache region; taking the data on the 4 th word in the third cache region and the data on the 4 th word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-sixth register, and updating the data on the 4 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-sixth register and the data on the 4 th word in the first cache region; taking the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-seventh register, and updating the data on the 5 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-seventh register and the data on the 5 th word in the first cache region; taking the data on the 6 th word in the third cache region and the data on the 6 th word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-eighth register, and updating the data on the 6 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-eighth register and the data on the 6 th word in the first cache region; taking the data on the 7 th word in the third cache region and the data on the 7 th word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-ninth register, and updating the data on the 7 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-ninth register and the data on the 7 th word in the first cache region; and storing the data on the 8 th word in the third cache region and the data on the 8 th word in the second cache region as output results obtained by calling a fourth function by the first parameter and the second parameter into a fortieth register, and updating the data on the 8 th word in the first cache region by using the result of performing modulo addition operation on the data in the fortieth register and the data on the 8 th word in the first cache region.
Step 131: the CPU takes the data in the first buffer area as a hash packet calculation result.
In this embodiment, after obtaining the hash packet calculation result, the CPU may continue to perform subsequent operations, such as a signature operation.
In this embodiment, the first cache region, the second cache region, the third cache region, the fourth cache region, the fifth cache region, the sixth cache region, the seventh cache region, the eighth cache region, the ninth cache region, the tenth cache region, the seventeenth cache region, the eighteenth cache region, the nineteenth cache region, the twentieth cache region, and the twenty-seventh cache region may be different partitions on the entire memory chip.
The technical scheme of the invention can well protect the hash data, through the random mask, all hash data and intermediate processes do not have plaintext values in the whole hash process, and can well resist power consumption analysis such as energy and electromagnetism, and the like, and after each grouping calculation, whether the hash data is subjected to error attack is judged through the summation of the positive counter and the negative counter, and when the error attack occurs, the existing data is cleared, so that the error attack is effectively prevented.
EXAMPLE III
Third of the embodiments of the present invention provides a secure implementation device for hash packet calculation, as shown in fig. 4, the secure implementation device includes a CPU and a memory, where the memory includes a first cache region, a second cache region, a third cache region, a fourth cache region, a fifth cache region, a sixth cache region, a seventh cache region, an eighth cache region, a ninth cache region, a seventeenth cache region, an eighteenth cache region, a nineteenth cache region, and a twenty-seventh cache region, and the CPU includes a first calculation module, a second calculation module, a third calculation module, a fourth calculation module, a first judgment module, and a fifth calculation module;
the first calculation module is used for calculating the initial vector in the first cache region and the data on the high 8 words in the second cache region, storing the calculation result into the third cache region, calculating the original data in the fourth cache region and the data on the low 16 words in the second cache region, and storing the calculation result into the fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region;
in this embodiment, the size of the second buffer is 24 words; the size of the fifth cache region and the sixth cache region is 64 words; each word is 32 bits;
a second calculation module, configured to calculate and generate a third numerical value and a third result according to data in the fifth cache area and data in the sixth cache area, store the third numerical value and the third result in the seventh cache area and the seventeenth cache area, calculate and store the calculation results in the fifth cache area sequentially, calculate and store the calculation results in the sixth cache area sequentially according to data in the seventh cache area, data in the seventeenth cache area and data in the sixth cache area, calculate and obtain a first numerical value and a first result according to data in the fifth cache area, data in the sixth cache area, data in the seventh cache area and data in the seventeenth cache area, store the first numerical value and the first result in the eighth cache area and the eighteenth cache area respectively, calculate and generate and store the third data according to data in the third cache area in the twenty-seventh cache area and store the twenty-seventh cache area, and use more recent data in the twenty-seventh cache area and the eighteenth cache area;
the third calculation module is used for updating third data in the seventh cache region by using the data in the third cache region, updating data in the seventeenth cache region by using the data in the second cache region, generating a second numerical value and a second result according to the data in the twenty-seventh cache region and the data in the seventeenth cache region, and respectively storing the second numerical value and the second result into the ninth cache region and the nineteenth cache region; updating the data in the seventh cache region and the data in the seventeenth cache region according to the data in the third cache region and the first random number in the second cache region; updating the data in the ninth cache area and the data in the nineteenth cache area according to the data in the seventeenth cache area and the data in the twenty-seventh cache area;
the fourth calculation module is used for updating the data in the third cache region according to the data in the eighth cache region, the data in the eighteenth cache region, the data in the ninth cache region, the data in the nineteenth cache region, the data in the seventh cache region and the data in the seventeenth cache region;
the first judgment module is used for judging whether the length of the data in the fifth cache region and the length of the data in the sixth cache region are both 64 words, if so, the fifth calculation module is triggered, and otherwise, the second calculation module is triggered;
and the fifth calculation module is used for updating the data in the first cache region by using the data in the third cache region and the data on the high 8 words in the second cache region and taking the data in the first cache region as a hash grouping calculation result.
Optionally, the CPU in this embodiment further includes a second determining module, configured to determine whether the length of the input data is a preset length, if so, group the input data according to the preset length and store the first grouped data as an initial vector in the first buffer, otherwise, fill the input data to the preset length by using 0, then group the filled input data according to the preset length and store the first grouped data as the initial vector in the first buffer.
Optionally, the CPU in this embodiment further includes a third determining module, configured to determine whether all packet data of the input data are completely processed, if so, the processing is finished, otherwise, the next unprocessed packet data is stored in the first buffer as an initial vector, and the first calculating module is triggered.
In this embodiment, the first calculation module is specifically configured to perform an exclusive or operation on an initial vector in the first cache region and data on a high 8 word in the second cache region, store a calculation result in the third cache region, perform a modulo reduction operation on original data in the fourth cache region and data on a low 16 word in the second cache region, and store the calculation result in the fifth cache region; the data on the lower 16 words in the second cache region is stored into the sixth cache region.
Optionally, the CPU in this embodiment further includes a generation storage module, configured to generate a first random number with a length of 24 words and store the first random number in the second cache region.
Optionally, the CPU in this embodiment further includes a module, configured to use the first free word in the fifth cache area as the current location, and use the first free word in the sixth cache area as the current location.
In this embodiment, the memory further includes a tenth cache region and a twentieth cache region, the CPU further includes a first function module, a third function module, a fourth function module, a fifth function module, a sixth function module, a seventh function module, and an eighth function module in this embodiment, and then the second calculation module includes:
the first calculation unit is used for calling a fifth function by taking data at a position 2 words ahead of the current position in the fifth cache region as a first parameter of the fifth function and taking data at a position 2 words ahead of the current position in the sixth cache region as a second parameter of the fifth function to obtain an output result, and storing the output result in a seventh cache region;
the second calculation unit is used for updating the data in the seventh cache region by using the data in the seventh cache region as a parameter and calling the output result obtained by the sixth function, and updating the data in the seventeenth cache region by using the data in the position which is 2 words ahead of the current position in the sixth cache region as a parameter and calling the output result obtained by the sixth function;
the third calculation unit is used for taking data at a position of 15 words ahead of the current position in the fifth cache region as a first parameter, taking data at a position of 15 words ahead of the current position in the sixth cache region as a second parameter, and calling a fifth function to obtain an output result and storing the output result in the tenth cache region;
a fourth calculating unit, configured to update the data in the tenth cache area with the output result obtained by calling the seventh function with the data at the position of the 15 words ahead of the current position in the fifth cache area as a parameter, call the seventh function with the data at the position of the 15 words ahead of the current position in the sixth cache area as a parameter to obtain the output result, and store the output result in the twentieth cache area;
a fifth calculating unit, configured to perform modulo addition on the data in the seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter to obtain an output result by calling the fourth function, the data in the tenth cache area and the data in the twentieth cache area as the first parameter and the second parameter to obtain an output result by calling the fourth function, the data in the position of 7 words ahead of the current position in the fifth cache area, and the data in the position of 16 words ahead of the current position in the fifth cache area, and sequentially store the modulo addition results in the fifth cache area;
a sixth calculating unit, configured to perform modulo addition on the data in the seventeenth cache region, the data in the twentieth cache region, the data at the position 7 words ahead of the current position in the sixth cache region, and the data at the position 16 words ahead of the current position in the sixth cache region, and store the modulo addition result in the sixth cache region in sequence;
the seventh calculating unit is used for performing modulo addition operation on the data at the current position in the fifth cache region, the preset constant and the data on the 8 th word in the third cache region and storing a modulo addition result into the eighth cache region;
the eighth calculating unit is used for performing modulo addition operation on the data at the current position in the sixth cache region and the number on the 8 th word in the second cache region and storing a modulo addition result into the eighth cache region;
a ninth calculating unit, configured to update the data in the twenty-seventh cache area with an output result obtained by calling an eighth function with the data in the 5 th word in the third cache area as a parameter; using the data on the 5 th word in the second cache region as a parameter to call an eighth function to obtain an output result and update the data in the seventeenth cache region;
the tenth calculating unit is configured to call, using the data in the twenty-seventh cache area and the data in the seventeenth cache area as parameters, an output result obtained by a fourth function to perform modulo addition operation on the data in the eighth cache area and update the data in the eighth cache area with the modulo addition result; updating the data in the eighth cache region by using the modulo addition operation result of the data in the eighteenth cache region and the data in the seventeenth cache region;
an eleventh calculating unit, configured to use data on a5 th word, data on a6 th word, data on a7 th word in the third cache area, and data on a5 th word, data on a6 th word, and data on a7 th word in the second cache area as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter, and a sixth parameter, call an output result obtained by the third function to update data in the twenty-seventh cache area, and use a result of performing an exclusive or operation between data on the 5 th word in the second cache area and data on the 7 th word to update data in the seventeenth cache area;
a twelfth calculating unit, configured to call, using the data in the twenty-seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter, an output result obtained by the fourth function, perform modulo addition on the data in the eighth cache area and update the data in the eighth cache area with the modulo addition result; and performing modulo addition operation on the data in the eighteenth cache region and the data in the seventeenth cache region and updating the data in the eighteenth cache region by using a modulo addition result.
Specifically, in this embodiment, the fifth function module includes:
the first generation and storage unit is used for generating a second random number and storing the second random number into a first register, storing a result obtained by carrying out doubling operation on the second random number in the first register into a second register, storing a result obtained by carrying out exclusive OR operation on data in the first register and second parameters into a third register, storing a result obtained by carrying out and operation on data in the first register and data in the third register into a fourth register, storing a result obtained by carrying out exclusive OR operation on data in the second register and first parameters into a fifth register, storing a result obtained by carrying out exclusive OR operation on data in the first register and data in the fifth register into a sixth register, storing a result obtained by carrying out and operation on data in the sixth register and second parameters into a seventh register, storing a result obtained by carrying out exclusive OR operation on data in the fourth register and data in the seventh register into an eighth register, storing a result obtained by carrying out and operation on data in the second register and second parameters into a ninth register, and storing a result obtained by carrying out exclusive OR operation on data in the ninth register and tenth register;
the first saving and updating unit is used for saving a result obtained by performing AND operation on the data in the second register and the second parameter into an eleventh register; updating the data in the eleventh register with the result of the exclusive or operation of the data in the eleventh register and the data in the tenth register; updating the data in the second register by using the result of the AND operation of the data in the second register and the first parameter; updating the data in the eleventh register by using the result of the exclusive-or operation of the data in the eleventh register and the data in the second register, and updating the data in the second register by using the result of the doubling operation of the data in the eleventh register;
the first judgment unit is used for judging whether the cycle number is a preset value or not, if so, the first operation unit is triggered, otherwise, the cycle number is updated, and the first storage updating unit is triggered in a return mode;
and the first operation unit is used for taking the result of the exclusive OR operation of the data in the fifth register and the data in the second register as the output result of the fifth function module.
In this embodiment, the sixth function module is specifically configured to use a result obtained by performing an exclusive or operation on the result obtained by circularly right-shifting the parameter by 17 bits, the result obtained by circularly right-shifting the parameter by 19 bits, and the result obtained by right-shifting the parameter by 10 bits as an output result of the sixth function module.
In this embodiment, the seventh function module is specifically configured to perform an exclusive or operation on the result of circularly right-shifting the parameter by 7 bits, the result of circularly right-shifting the parameter by 18 bits, and the result of right-shifting the parameter by 3 bits, and use the result as the output result of the seventh function module.
In this embodiment, the fourth function module is specifically configured to generate a third random number and store the third random number in a twelfth register, store a result obtained by performing an exclusive-or operation on the first parameter and the random number in the twelfth register, and store a result obtained by performing a non-operation on data in the twelfth register and data in the twelfth register in a thirteenth register; the result obtained by performing an exclusive or operation on the data in the thirteenth register and the data in the twelfth register is stored in the fourteenth register, the result obtained by performing an exclusive or operation on the data in the twelfth register and the second parameter is stored in the fifteenth register, the result obtained by performing an exclusive or operation on the first parameter and the data in the fifteenth register is stored in the sixteenth register, the result obtained by performing a non-operation on the data in the sixteenth register and the data in the fifteenth register is stored in the seventeenth register, and the result obtained by performing an exclusive or operation on the data in the seventeenth register and the data in the fourteenth register is used as an output result of the fourth function module.
In this embodiment, the third function module is specifically configured to call the first function module according to the first parameter, the second parameter, the fourth parameter, and the fifth parameter to obtain an output result, and store the output result in the eighteenth register; calling a first function module according to the third parameter, the code reversal of the first parameter, the sixth parameter and the fourth parameter to obtain a result, and storing the result in a nineteenth register; and taking the result obtained by carrying out exclusive OR operation on the data in the eighteenth register and the data in the nineteenth register as the output result of the third function module.
In this embodiment, the first function module is specifically configured to store a result obtained by performing an and operation on an inverse code of the fourth parameter and the third parameter in a twentieth register, store a result obtained by performing an and operation on the fourth parameter and the first parameter in a twenty-first register, store a result obtained by performing an or operation on data in the twentieth register and data in the twenty-first register in a twenty-second register, and store a result obtained by performing an and operation on an inverse code of the second parameter and data in the twenty-second register in a twenty-third register; storing a result obtained by performing an and operation on the fourth parameter and the third parameter into a twenty-fourth register, storing a result obtained by performing an and operation on an inverse code of the fourth parameter and the first parameter into a twenty-fifth register, storing a result obtained by performing an or operation on data in the twenty-fourth register and data in the twenty-fifth register into a twenty-sixth register, and storing a result obtained by performing an and operation on the second parameter and data in the twenty-sixth register into a twenty-seventh register; and taking the result obtained by OR operation of the data in the twenty-third register and the twenty-seventh register as the output result of the first function module.
In this embodiment, the eighth function module is specifically configured to perform an exclusive or operation on the result of the parameter cycle right shift by 6 bits, the result of the cycle right shift by 11 bits, and the result of the cycle right shift by 25 bits, and use the result as the output result of the eighth function module.
The CPU in this embodiment further includes a second function module and a ninth function module, and the third calculation module includes:
a thirteenth calculating unit, configured to update the data in the twenty-seventh cache area with an output result obtained by calling a ninth function with the data in the 1 st word in the third cache area as a parameter; using the data on the 1 st word in the second cache region as a parameter to call a ninth function to obtain an output result and update a third result in a seventeenth cache region;
a fourteenth calculating unit, configured to update the data in the ninth cache area with the data in the twenty-seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter, and using an output result obtained by calling a fourth function; updating the data in the nineteenth cache area with the data in the seventeenth cache area;
a fifteenth calculating unit, configured to update the data in the twenty-seventh buffer area with an output result obtained by calling a second function by using the data on the 1 st word, the data on the 2 nd word, the data on the 3 rd word in the third buffer area and the data on the 1 st word, the data on the 2 nd word, and the data on the 3 rd word in the second buffer area as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter, and a sixth parameter, and update the data in the seventeenth buffer area with the data on the 2 nd word in the second buffer area;
a sixteenth calculating unit, configured to call a fourth function to obtain an output result and perform modulo addition on the data in the ninth cache area using the data in the twenty-seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter, and update the data in the ninth cache area with the modulo addition result; performing modulo addition operation on the data in the nineteenth cache region and the data in the seventeenth cache region, and updating the data in the nineteenth cache region by using a modulo addition result;
a seventeenth calculation unit, configured to update the data on the 8 th word in the third buffer with the data on the 7 th word in the third buffer, update the data on the 8 th word in the second buffer with the data on the 7 th word in the second buffer, update the data on the 7 th word in the third buffer with the data on the 6 th word in the third buffer, update the data on the 7 th word in the second buffer with the data on the 6 th word in the second buffer, update the data on the 6 th word in the third buffer with the data on the 5 th word in the third buffer, and update the data on the 6 th word in the second buffer with the data on the 5 th word in the second buffer;
an eighteenth calculating unit, configured to use data on a4 th word in the first cache region and data on a4 th word in the second cache region as the first parameter and the second parameter, call an output result obtained by the fourth function to update data in the seventh cache region, and use data on the 4 th word in the second cache region to update data in the seventeenth cache region;
a nineteenth calculating unit, configured to update the data on the 5 th word in the third cache region with a modulo addition operation result of the data in the seventh cache region and the data in the eighth cache region; updating the data on the 5 th word in the second cache region by using the modulo addition operation result of the data in the seventeenth cache region and the data in the eighteenth cache region;
and the twentieth calculating unit is used for updating the data on the 5 th word in the third cache region by using the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as output results obtained by calling a fifth function by using the first parameter and the second parameter.
In this embodiment, the ninth function module is specifically configured to perform an exclusive or operation on the result of circularly right-shifting the parameter by 2 bits, the result of circularly right-shifting the parameter by 13 bits, and the result of circularly right-shifting the parameter by 22 bits, and use the result as the output result of the ninth function module.
In this embodiment, the second function module is specifically configured to call the first function module according to the first parameter, the second parameter, the third parameter, and the fourth parameter to obtain an output result, and store the output result in the twenty-eighth register; calling the first function module according to the first parameter, the third parameter, the fourth parameter and the sixth parameter to obtain an output result, and storing the output result in a twenty-ninth register; the output result obtained by calling the first function module according to the second parameter, the third parameter, the fifth parameter and the sixth parameter is stored in a thirtieth register; and carrying out exclusive OR operation on the data in the twenty-eighth register, the data in the twenty-ninth register and the data in the thirtieth register to obtain an output result.
In this embodiment, the fourth calculating module includes:
a twenty-first calculating unit, configured to update data on a4 th word in the third buffer with data on a3 rd word in the third buffer, update data on a4 th word in the second buffer with data on a3 rd word in the second buffer, update data on a3 rd word in the third buffer with data on a2 nd word in the third buffer, update data on a3 rd word in the second buffer with data on a2 nd word in the second buffer, update data on a2 nd word in the third buffer with data on a1 st word in the third buffer, and update data on a2 nd word in the second buffer with data on a1 st word in the second buffer;
the twenty-second calculating unit is used for performing modulo addition operation on the data in the eighth cache region and the data in the ninth cache region and updating the data on the 1 st word in the third cache region by using a modulo addition result; performing modular addition operation on the data in the eighteenth cache region and the data in the nineteenth cache region, and updating the data on the 1 st word in the second cache region by using a modular addition result;
and the twenty-third calculating unit is used for updating the data on the 1 st word in the third cache region by using the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as the first parameter and the output result obtained by calling the fifth function module by using the second parameter.
In this embodiment, the first determining module includes:
the second judgment unit is used for respectively judging whether the sum of the length of the data in the fifth cache region and the idle length in the sixth cache region is 64 words or not, if so, the third judgment unit is triggered, and if not, an error is reported;
and the third judging unit is used for judging whether the idle lengths in the fifth cache region and the sixth cache region are both 0, if so, triggering the fifth calculating module, and otherwise, triggering the second calculating module.
In this embodiment, the fifth calculating module includes:
a twenty-fourth calculating unit, configured to sequentially use each word in the third cache region as the first parameter, use data at a corresponding position in the second cache region as the second parameter, call a fourth function module to obtain an output result, store the output result in a thirty-first register, perform modulo addition operation on the data in the thirty-first register and the data at the corresponding position in the first cache region, and update the data at the corresponding position in the first cache region with the modulo addition result;
first, the method includes using data in the first buffer as a hash packet calculation result.
In this embodiment, the twenty-fourth calculating unit is specifically configured to store the data in the 1 st word in the third cache area and the data in the 1 st word in the second cache area as the first parameter and the second parameter, call the fourth function module to obtain an output result, store the output result in the thirty-second register, and update the data in the 1 st word in the first cache area with a result of performing modulo addition operation on the data in the thirty-second register and the data in the 1 st word in the first cache area; taking the data on the 2 nd word in the third cache region and the data on the 2 nd word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-fourth register, and updating the data on the 2 nd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fourth register and the data on the 2 nd word in the first cache region; taking the data on the 3 rd word in the third cache region and the data on the 3 rd word in the second cache region as the first parameter and the second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-fifth register, and updating the data on the 3 rd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fifth register and the data on the 3 rd word in the first cache region; taking the data on the 4 th word in the third cache region and the data on the 4 th word in the second cache region as the first parameter and the second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-sixth register, and updating the data on the 4 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-sixth register and the data on the 4 th word in the first cache region; taking the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as the first parameter and the second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-seventh register, and updating the data on the 5 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-seventh register and the data on the 5 th word in the first cache region; taking the data on the 6 th word in the third cache region and the data on the 6 th word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-eighth register, and updating the data on the 6 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-eighth register and the data on the 6 th word in the first cache region; taking the data on the 7 th word in the third cache region and the data on the 7 th word in the second cache region as the first parameter and the second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-ninth register, and updating the data on the 7 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-ninth register and the data on the 7 th word in the first cache region; and taking the data on the 8 th word in the third cache region and the data on the 8 th word in the second cache region as the first parameter and the second parameter, calling a fourth function module to obtain an output result, storing the output result into a fortieth register, and updating the data on the 8 th word in the first cache region by using the result of performing modulo addition operation on the data in the fortieth register and the data on the 8 th word in the first cache region.
In this embodiment, the first cache region, the second cache region, the third cache region, the fourth cache region, the fifth cache region, the sixth cache region, the seventh cache region, the eighth cache region, the ninth cache region, the tenth cache region, the seventeenth cache region, the eighteenth cache region, the nineteenth cache region, the twentieth cache region, and the twenty-seventh cache region may be different partitions on the entire memory chip.
The technical scheme of the invention can well protect the hash data, through the random mask, all hash data and intermediate processes do not have plaintext values in the whole hash process, and can well resist power consumption analysis such as energy and electromagnetism, and the like, and after each grouping calculation, whether the hash data is subjected to error attack is judged through the summation of the positive counter and the negative counter, and when the error attack occurs, the existing data is cleared, so that the error attack is effectively prevented.
The above description is only for the preferred embodiment of the present invention, but the scope of the present invention is not limited thereto, and any changes or substitutions that can be easily conceived by those skilled in the art within the technical scope of the present invention are included in the scope of the present invention. Therefore, the protection scope of the present invention should be subject to the protection scope of the claims.

Claims (42)

1. A secure implementation method of hash packet computation, comprising:
step S1: the CPU calculates the initial vector in the first cache region and the data on the high 8 words in the second cache region and stores the calculation result in the third cache region, and calculates the original data in the fourth cache region and the data on the low 16 words in the second cache region and stores the calculation result in the fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region; the size of the second cache region is 24 words; the size of the fifth cache region and the sixth cache region is 64 words;
step S2: the CPU calculates and generates a third numerical value and a third result according to the data in the fifth cache region and the data in the sixth cache region, stores the third numerical value and the third result in a seventh cache region and a seventeenth cache region respectively, calculates and stores the calculation results in the fifth cache region sequentially according to the data in the seventh cache region, the data in the seventeenth cache region and the data in the fifth cache region, calculates and stores the calculation results in the sixth cache region sequentially according to the data in the seventh cache region, the data in the seventeenth cache region and the data in the sixth cache region, calculates and obtains a first numerical value and a first result according to the data in the fifth cache region, the data in the sixth cache region, the data in the seventh cache region and the data in the seventeenth cache region, stores the first numerical value and the first result in an eighth cache region and an eighteenth cache region respectively, calculates and generates third cache data according to the data in the third cache region, stores the third cache region in the eighth cache region and the eighteenth cache region, and uses a new data in the twenty-seventh cache region and the eighteenth cache region;
and step S3: the CPU updates third data in the seventh cache region by using the data in the third cache region, updates data in the seventeenth cache region by using the data in the second cache region, generates a second numerical value and a second result according to the data in the twenty-seventh cache region and the data in the seventeenth cache region, and respectively stores the second numerical value and the second result in a ninth cache region and a nineteenth cache region; updating the data in the seventh cache region and the data in the seventeenth cache region according to the data in the third cache region and the first random number in the second cache region; updating the data in the ninth cache area and the data in the nineteenth cache area according to the data in the seventeenth cache area and the data in the twenty seventh cache area;
and step S4: the CPU updates the data in the third cache region according to the data in the eighth cache region, the data in the eighteenth cache region, the data in the ninth cache region, the data in the nineteenth cache region, the data in the seventh cache region and the data in the seventeenth cache region;
step S5: the CPU judges whether the length of the data in the fifth cache region and the length of the data in the sixth cache region are both 64 words, if so, the step S6 is executed, otherwise, the step S2 is executed;
step S6: and the CPU updates the data in the first cache region by using the data in the third cache region and the data on the high 8 words in the second cache region and takes the data in the first cache region as a Hash packet calculation result.
2. The method of claim 1, wherein step S1 is preceded by: the CPU judges whether the length of the input data is a preset length or not, if yes, the input data is grouped according to the preset length and first grouped data is stored into the first cache region as an initial vector, otherwise, 0 is used for filling the input data to the preset length, then the filled input data is grouped according to the preset length and the first grouped data is stored into the first cache region as the initial vector.
3. The method of claim 2, wherein step S6 is further followed by: and judging whether all the grouped data of the input data are processed completely, if so, finishing, and if not, storing the next unprocessed grouped data as an initial vector into the first buffer area, and returning to the step S1.
4. The method of claim 1, wherein the step S1 comprises: the CPU carries out XOR operation on the initial vector in the first cache region and the data on the high 8 words in the second cache region and stores the calculation result into a third cache region, and carries out modular subtraction operation on the original data in the fourth cache region and the data on the low 16 words in the second cache region and stores the calculation result into a fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region.
5. The method of claim 4, wherein step S1 is preceded by: and the CPU generates a first random number with the length of 24 words and stores the first random number into the second cache region.
6. The method of claim 1, wherein step S2 is preceded by: and the CPU takes the first idle word in the fifth cache region as the current position and takes the first idle word in the sixth cache region as the current position.
7. The method of claim 6, wherein the step S2 comprises:
step S2-1: the CPU takes the data at the position 2 words ahead of the current position in the fifth cache region as a first parameter of a fifth function, and takes the data at the position 2 words ahead of the current position in the sixth cache region as a second parameter of the fifth function to call the fifth function to obtain an output result and store the output result in the seventh cache region;
step S2-2: the CPU uses the data in the seventh cache region as a parameter to call an output result obtained by a sixth function to update the data in the seventh cache region, and uses the data in the position of the current position in the sixth cache region which is 2 words ahead as the parameter to call the output result obtained by the sixth function to update the data in the seventeenth cache region;
step S2-3: the CPU takes the data at the position 15 words ahead of the current position in the fifth cache region as a first parameter, and the data at the position 15 words ahead of the current position in the sixth cache region as a second parameter to call a fifth function to obtain an output result and store the output result in a tenth cache region;
step S2-4: the CPU uses the data at the position of 15 words ahead of the current position in the fifth cache region as a parameter to call a seventh function to obtain an output result and updates the data in the tenth cache region, and uses the data at the position of 15 words ahead of the current position in the sixth cache region as a parameter to call the seventh function to obtain an output result and stores the output result in the twentieth cache region;
step S2-5: the CPU takes the data in the seventh cache region and the data in the seventeenth cache region as the first parameter and the second parameter to call the output result obtained by the fourth function, takes the data in the tenth cache region and the data in the twentieth cache region as the first parameter and the second parameter to call the output result obtained by the fourth function, performs modulo addition operation on the data at the position of 7 words ahead of the current position in the fifth cache region and the data at the position of 16 words ahead of the current position in the fifth cache region, and sequentially stores the modulo addition result into the fifth cache region;
step S2-6: the CPU performs modulo addition operation on the data in the seventeenth cache region, the data in the twentieth cache region, the data at the position 7 words ahead of the current position in the sixth cache region and the data at the position 16 words ahead of the current position in the sixth cache region, and stores the modulo addition results into the sixth cache region in sequence;
step S2-7: the CPU performs modulo addition operation on the data at the current position in the fifth cache region, a preset constant and the data on the 8 th word in the third cache region, and stores the modulo addition result into the eighth cache region;
step S2-8: the CPU performs modulo addition operation on the data at the current position in the sixth cache region and the number on the 8 th word in the second cache region and stores the modulo addition result into the eighth cache region;
step S2-9: the CPU uses the data on the 5 th word in the third cache region as a parameter to call an eighth function to obtain an output result and updates the data in the twenty-seventh cache region; using the data on the 5 th word in the second cache region as a parameter to call an eighth function to obtain an output result, and updating the data in the seventeenth cache region;
step S2-10: the CPU calls an output result obtained by a fourth function by using the data in the twenty-seventh cache region and the data in the seventeenth cache region as parameters and performs modular addition operation on the data in the eighth cache region and updates the data in the eighth cache region by using the modular addition result; updating the data in the eighth cache region by using a modulo addition operation result of the data in the eighteenth cache region and the data in the seventeenth cache region;
step S2-11: the CPU uses the data on the 5 th word, the data on the 6 th word, the data on the 7 th word in the third cache region and the data on the 5 th word, the data on the 6 th word and the data on the 7 th word in the second cache region as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter and a sixth parameter, calls an output result obtained by a third function to update the data in the twenty-seventh cache region, and uses the result of the XOR operation between the data on the 5 th word and the data on the 7 th word in the second cache region to update the data in the seventeenth cache region;
step S2-12: the CPU takes the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to call an output result obtained by a fourth function and the data in the eighth cache area to perform modulo addition on the output result and update the data in the eighth cache area by using the modulo addition result; and performing modulo addition operation on the data in the eighteenth cache region and the data in the seventeenth cache region and updating the data in the eighteenth cache region by using a modulo addition result.
8. The method of claim 7, wherein the fifth function is implemented by:
step a1: the CPU generates a second random number and stores the second random number in a first register, a result obtained by carrying out doubling operation on the second random number in the first register is stored in a second register, a result obtained by carrying out XOR operation on the data in the first register and a second parameter is stored in a third register, a result obtained by carrying out AND operation on the data in the first register and the data in the third register is stored in a fourth register, a result obtained by carrying out XOR operation on the data in the second register and a first parameter is stored in a fifth register, a result obtained by carrying out XOR operation on the data in the first register and the data in the fifth register is stored in a sixth register, a result obtained by carrying out AND operation on the data in the sixth register and the second parameter is stored in a seventh register, a result obtained by carrying out XOR operation on the data in the fourth register and the data in the seventh register is stored in an eighth register, a result obtained by carrying out XOR operation on the data in the second register and the second parameter is stored in a ninth register, and a ninth register;
step a2: the CPU performs AND operation on the data in the second register and the second parameter to obtain a result, and the result is stored in an eleventh register; updating the data in the eleventh register with the result of the exclusive-or operation of the data in the eleventh register and the data in the tenth register; updating the data in the second register by using the result of AND operation of the data in the second register and the first parameter; updating the data in the eleventh register with the result of the exclusive or operation of the data in the eleventh register and the data in the second register, and updating the data in the second register with the result of the doubling operation of the data in the eleventh register;
step a3: the CPU judges whether the cycle number is a preset value, if so, the step a4 is executed, otherwise, the cycle number is updated, and the step a2 is returned;
step a4: and the CPU takes the result of the exclusive OR operation of the data in the fifth register and the data in the second register as the output result of the fifth function.
9. The method of claim 7, wherein the sixth function is implemented by: and the CPU takes the result obtained by performing exclusive OR operation on the result of the parameter cyclic right shift by 17 bits, the result of the cyclic right shift by 19 bits and the result of the parameter cyclic right shift by 10 bits as the output result of the sixth function.
10. The method of claim 7, wherein the seventh function is implemented by: and the CPU performs exclusive OR operation on the result of circularly right shifting the parameter by 7 bits, the result of circularly right shifting the parameter by 18 bits and the result of right shifting the parameter by 3 bits to obtain a result which is used as an output result of the seventh function.
11. The method of claim 7, wherein the fourth function is implemented by: the CPU generates a third random number and stores the third random number into a twelfth register, stores a result obtained by carrying out XOR operation on the first parameter and the random number in the twelfth register into the twelfth register, and stores a result obtained by carrying out non-operation on data in the twelfth register and data in the twelfth register into a thirteenth register; a result obtained by performing an exclusive or operation on the data in the thirteenth register and the data in the twelfth register is stored in a fourteenth register, a result obtained by performing an exclusive or operation on the data in the twelfth register and a second parameter is stored in a fifteenth register, a result obtained by performing an exclusive or operation on the first parameter and the data in the fifteenth register is stored in a sixteenth register, a result obtained by performing a non-operation on the data in the sixteenth register and the data in the fifteenth register is stored in a seventeenth register, and a result obtained by performing an exclusive or operation on the data in the seventeenth register and the data in the fourteenth register is used as an output result of a fourth function.
12. The method of claim 7, wherein the third function is implemented by: the CPU calls a first function according to the first parameter, the second parameter, the fourth parameter and the fifth parameter to obtain an output result, and the output result is stored in an eighteenth register; a result obtained by calling the first function according to the third parameter, the code reversal of the first parameter, the sixth parameter and the fourth parameter is stored in a nineteenth register; and taking the result obtained by carrying out exclusive or operation on the data in the eighteenth register and the data in the nineteenth register as the output result of the third function.
13. The method according to claim 12, wherein the first function is implemented by: the CPU stores a result obtained by performing AND operation on the inverse code of the fourth parameter and the third parameter into a twentieth register, stores a result obtained by performing AND operation on the fourth parameter and the first parameter into a twenty-first register, stores a result obtained by performing OR operation on data in the twentieth register and data in the twenty-first register into a twenty-second register, and stores a result obtained by performing AND operation on the inverse code of the second parameter and data in the twenty-second register into a twenty-third register; storing a result obtained by performing an and operation on the fourth parameter and the third parameter into a twenty-fourth register, storing a result obtained by performing an and operation on an inverse code of the fourth parameter and the first parameter into a twenty-fifth register, storing a result obtained by performing an or operation on data in the twenty-fourth register and data in the twenty-fifth register into a twenty-sixth register, and storing a result obtained by performing an and operation on the second parameter and data in the twenty-sixth register into a twenty-seventh register; and taking the result obtained by performing OR operation on the data in the twenty-third register and the twenty-seventh register as the output result of the first function.
14. The method of claim 7, wherein the eighth function is implemented by: and the CPU performs exclusive OR operation on the result of the parameter circulation right shift by 6 bits, the result of the circulation right shift by 11 bits and the result of the circulation right shift by 25 bits to obtain a result which is used as an output result of the eighth function.
15. The method of claim 7, wherein the step S3 comprises:
step S3-1: the CPU uses the data on the 1 st word in the third cache region as a parameter to call a ninth function to obtain an output result and update the data in the twenty-seventh cache region; using data on the 1 st word in the second cache region as a parameter to call a ninth function to obtain an output result, and updating a third result in the seventeenth cache region;
step S3-2: the CPU uses the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to call a fourth function to obtain an output result to update the data in the ninth cache area; updating the data in the nineteenth cache with the data in the seventeenth cache;
step S3-3: the CPU uses the data on the 1 st word, the data on the 2 nd word and the data on the 3 rd word in a third cache region and the data on the 1 st word, the data on the 2 nd word and the data on the 3 rd word in a second cache region as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter and a sixth parameter to call an output result obtained by a second function to update the data in a twenty-seventh cache region, and uses the data on the 2 nd word in the second cache region to update the data in the seventeenth cache region;
step S3-4: the CPU uses the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to call an output result obtained by a fourth function to perform modular addition operation with the data in the ninth cache area and uses the modular addition result to update the data in the ninth cache area; performing modulo addition operation on the data in the nineteenth cache region and the data in the seventeenth cache region, and updating the data in the nineteenth cache region by using a modulo addition result;
step S3-5: the CPU updates the data on the 8 th word in the third cache region by the data on the 7 th word in the third cache region, updates the data on the 8 th word in the second cache region by the data on the 7 th word in the second cache region, updates the data on the 7 th word in the third cache region by the data on the 6 th word in the third cache region, updates the data on the 7 th word in the second cache region by the data on the 6 th word in the second cache region, updates the data on the 6 th word in the third cache region by the data on the 5 th word in the third cache region, and updates the data on the 6 th word in the second cache region by the data on the 5 th word in the second cache region;
step S3-6: the CPU uses the data on the 4 th word in the first cache region and the data on the 4 th word in the second cache region as a first parameter and a second parameter, calls an output result obtained by a fourth function to update the data in the seventh cache region, and uses the data on the 4 th word in the second cache region to update the data in the seventeenth cache region;
step S3-7: the CPU updates the data on the 5 th word in the third cache region by using the modulo addition operation result of the data in the seventh cache region and the data in the eighth cache region; updating the data on the 5 th word in the second cache region by using the modulo addition operation result of the data in the seventeenth cache region and the data in the eighteenth cache region;
step S3-8: and the CPU uses the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as the first parameter and the second parameter to call a fifth function to obtain an output result and update the data on the 5 th word in the third cache region.
16. The method of claim 15, wherein the ninth function is implemented by: and the CPU performs exclusive OR operation on the result of the parameter cyclic right shift by 2 bits, the result of the cyclic right shift by 13 bits and the result of the cyclic right shift by 22 bits to obtain a result which is used as an output result of the ninth function.
17. The method of claim 15, wherein the second function is implemented by: the CPU calls a first function according to the first parameter, the second parameter, the third parameter and the fourth parameter to obtain an output result, and the output result is stored in a twenty-eighth register; calling a first function according to the first parameter, the third parameter, the fourth parameter and the sixth parameter to obtain an output result, and storing the output result in a twenty-ninth register; an output result obtained by calling the first function according to the second parameter, the third parameter, the fifth parameter and the sixth parameter is stored in a thirtieth register; and carrying out exclusive OR operation on the data in the twenty-eighth register, the data in the twenty-ninth register and the data in the thirtieth register to obtain an output result.
18. The method of claim 15, wherein the step S4 comprises:
step S4-1: the CPU updates data on a4 th word in the third cache region with data on a3 rd word in the third cache region, updates data on a4 th word in the second cache region with data on a3 rd word in the second cache region, updates data on a3 rd word in the third cache region with data on a2 nd word in the third cache region, updates data on a3 rd word in the second cache region with data on a2 nd word in the second cache region, updates data on a2 nd word in the third cache region with data on a1 st word in the third cache region, and updates data on a2 nd word in the second cache region with data on a1 st word in the second cache region;
step S4-2: the CPU performs modular addition operation on the data in the eighth cache region and the data in the ninth cache region and updates the data on the 1 st word in the third cache region by using a modular addition result; performing modulo addition operation on the data in the eighteenth cache region and the data in the nineteenth cache region, and updating the data on the 1 st word in the second cache region by using a modulo addition result;
step S4-3: and the CPU uses the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as a first parameter and a second parameter to call a fifth function to obtain an output result and update the data on the 1 st word in the third cache region.
19. The method of claim 18, wherein the step S5 comprises:
step S5-1: the CPU respectively judges whether the sum of the length and the free length of the data in the fifth cache region and the sixth cache region is 64 words, if so, the step S5-2 is executed, otherwise, an error is reported;
step S5-2: and the CPU judges whether the idle lengths in the fifth cache region and the sixth cache region are both 0, if so, the step S6 is executed, otherwise, the step S2 is returned.
20. The method as claimed in claim 18, wherein the updating of the data in the first buffer with the data in the third buffer and the data on the upper 8 word in the second buffer in step S6 comprises:
step Y: and the CPU sequentially takes each word in the third cache region as a first parameter, takes the data at the corresponding position in the second cache region as a second parameter, calls a fourth function to obtain an output result and stores the output result in a thirty-one register, performs modulo addition operation on the data in the thirty-one register and the data at the corresponding position in the first cache region, and updates the data at the corresponding position in the first cache region by using the modulo addition result.
21. The method according to claim 20, wherein step Y is specifically: the CPU takes the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as a first parameter and a second parameter to call a fourth function to obtain an output result and stores the output result into a thirty-second register, and the data on the 1 st word in the first cache region is updated by using the result of performing modulo addition operation on the data in the thirty-second register and the data on the 1 st word in the first cache region; storing the data on the 2 nd word in the third cache region and the data on the 2 nd word in the second cache region as the output result obtained by calling a fourth function by the first parameter and the second parameter into a thirty-fourth register, and updating the data on the 2 nd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fourth register and the data on the 2 nd word in the first cache region; taking the data on the 3 rd word in the third cache region and the data on the 3 rd word in the second cache region as a first parameter and a second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-fifth register, and updating the data on the 3 rd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fifth register and the data on the 3 rd word in the first cache region; taking the data on the 4 th word in the third cache region and the data on the 4 th word in the second cache region as a first parameter and a second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-sixth register, and updating the data on the 4 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-sixth register and the data on the 4 th word in the first cache region; taking the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as the first parameter and the second parameter to call a fourth function to obtain an output result, storing the output result into a thirty-seventh register, and updating the data on the 5 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-seventh register and the data on the 5 th word in the first cache region; taking the data on the 6 th word in the third cache region and the data on the 6 th word in the second cache region as the first parameter and the second parameter, calling a fourth function to obtain an output result, storing the output result into a thirty-eighth register, and updating the data on the 6 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-eighth register and the data on the 6 th word in the first cache region; storing the data on the 7 th word in the third cache region and the data on the 7 th word in the second cache region as output results obtained by calling a fourth function by the first parameter and the second parameter into a thirty ninth register, and updating the data on the 7 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty ninth register and the data on the 7 th word in the first cache region; and storing the data on the 8 th word in the third cache region and the data on the 8 th word in the second cache region as output results obtained by calling a fourth function by using the first parameter and the second parameter into a fortieth register, and updating the data on the 8 th word in the first cache region by using the result of performing modulo addition operation on the data in the fortieth register and the data on the 8 th word in the first cache region.
22. The equipment is characterized by comprising a CPU and a memory, wherein the memory comprises a first cache region, a second cache region, a third cache region, a fourth cache region, a fifth cache region, a sixth cache region, a seventh cache region, an eighth cache region, a ninth cache region, a seventeenth cache region, an eighteenth cache region, a nineteenth cache region and a twenty-seventh cache region, and the CPU comprises a first calculation module, a second calculation module, a third calculation module, a fourth calculation module, a first judgment module and a fifth calculation module;
the first calculation module is configured to calculate an initial vector in the first cache region and data on a high 8 word in the second cache region and store a calculation result in the third cache region, calculate original data in the fourth cache region and data on a low 16 word in the second cache region and store a calculation result in the fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region; the size of the second cache region is 24 words; the size of the fifth cache region and the sixth cache region is 64 words;
the second calculation module is configured to calculate and generate a third numerical value and a third result according to the data in the fifth cache area and the data in the sixth cache area, store the third numerical value and the third result in a seventh cache area and a seventeenth cache area respectively, calculate and store the calculation results in the fifth cache area sequentially according to the data in the seventh cache area, the data in the seventeenth cache area, and the data in the sixth cache area, calculate and store the calculation results in the sixth cache area sequentially according to the data in the seventh cache area, the data in the seventeenth cache area, and the data in the sixth cache area, calculate and obtain a first numerical value and a first result according to the data in the fifth cache area, the data in the sixth cache area, the data in the seventh cache area, and the data in the seventeenth cache area, and store the first numerical value and the first result in an eighth cache area and an eighteenth cache area respectively, calculate and generate and store the third data according to the data in the third cache area, and store the third numerical value and the first result in the seventeenth cache area, and the eighth cache area, and the twenty-fourth cache area, and the eighth area;
the third calculation module is configured to update third data in the seventh cache area with data in the third cache area, update data in the seventeenth cache area with data in the second cache area, generate a second numerical value and a second result according to the data in the twenty-seventh cache area and the data in the seventeenth cache area, and store the second numerical value and the second result in a ninth cache area and a nineteenth cache area, respectively; updating the data in the seventh cache region and the data in the seventeenth cache region according to the data in the third cache region and the first random number in the second cache region; updating the data in the ninth cache area and the data in the nineteenth cache area according to the data in the seventeenth cache area and the data in the twenty-seventh cache area;
the fourth calculation module is configured to update the data in the third cache region according to the data in the eighth cache region, the data in the eighteenth cache region, the data in the ninth cache region, the data in the nineteenth cache region, the data in the seventh cache region, and the data in the seventeenth cache region;
the first judging module is configured to judge whether the length of the data in the fifth cache region and the length of the data in the sixth cache region are 64 words, if yes, trigger the fifth calculating module, and otherwise trigger the second calculating module;
the fifth calculation module is configured to update the data in the first cache region with the data in the third cache region and the data on the high 8 word in the second cache region, and use the data in the first cache region as a hash packet calculation result.
23. The apparatus of claim 22, wherein the CPU further comprises a second determining module, configured to determine whether a length of input data is a preset length, and if so, group the input data according to the preset length and store a first group of data as an initial vector in the first buffer, otherwise, fill the input data to the preset length using 0, and then group the filled input data according to the preset length and store the first group of data as the initial vector in the first buffer.
24. The apparatus of claim 23, wherein the CPU further comprises a third determining module, configured to determine whether all packet data of the input data are completely processed, if so, the processing is ended, otherwise, a next unprocessed packet data is stored as an initial vector in the first buffer, and the first calculating module is triggered.
25. The device of claim 22, wherein the first computing module is specifically configured to perform an exclusive or operation on an initial vector in a first cache region and data on a high 8 word in a second cache region and store a computation result in a third cache region, perform a modulo subtraction operation on original data in the fourth cache region and data on a low 16 word in the second cache region and store a computation result in a fifth cache region; storing data on the lower 16 words in the second cache region into a sixth cache region.
26. The apparatus of claim 25, wherein the CPU further comprises a generate store module to generate and store a first random number of 24 words in length into the second buffer.
27. The apparatus of claim 22, wherein the CPU further comprises as a module for taking a first free word in the fifth cache as a current location and a first free word in the sixth cache as a current location.
28. The apparatus of claim 27, wherein the memory further comprises a tenth cache and a twentieth cache, the CPU further comprises a first function module, a third function module, a fourth function module, a fifth function module, a sixth function module, a seventh function module, an eighth function module, the second calculation module comprises:
the first calculation unit is used for taking data at a position 2 words ahead of the current position in the fifth cache region as a first parameter of a fifth function, taking data at a position 2 words ahead of the current position in the sixth cache region as a second parameter of the fifth function, calling the fifth function to obtain an output result, and storing the output result in the seventh cache region;
the second calculation unit is used for updating the data in the seventh cache region by using an output result obtained by calling a sixth function by using the data in the seventh cache region as a parameter, and updating the data in the seventeenth cache region by using an output result obtained by calling the sixth function by using the data in the position which is 2 words ahead of the current position in the sixth cache region as a parameter;
a third calculating unit, configured to store, in a tenth cache area, an output result obtained by calling a fifth function with the data at the position of the 15 words ahead of the current position in the fifth cache area as a first parameter and the data at the position of the 15 words ahead of the current position in the sixth cache area as a second parameter;
a fourth calculating unit, configured to update the data in the tenth cache region with an output result obtained by calling a seventh function with data at a position 15 words ahead of the current position in the fifth cache region as a parameter, call the seventh function with data at a position 15 words ahead of the current position in the sixth cache region as a parameter to obtain an output result, and store the output result in the twentieth cache region;
a fifth calculating unit, configured to perform modulo addition on the data in the seventh cache area and the data in the seventeenth cache area as an output result obtained by calling a fourth function with the first parameter and the second parameter, the data in the tenth cache area and the data in the twentieth cache area as an output result obtained by calling the fourth function with the first parameter and the second parameter, the data in the position of 7 words ahead of the current position in the fifth cache area, and the data in the position of 16 words ahead of the current position in the fifth cache area, and sequentially store the modulo addition results in the fifth cache area;
a sixth calculating unit, configured to perform modulo addition on the data in the seventeenth cache region, the data in the twentieth cache region, the data in the position 7 words ahead of the current position in the sixth cache region, and the data in the position 16 words ahead of the current position in the sixth cache region, and store the modulo addition result in the sixth cache region in sequence;
a seventh calculating unit, configured to perform modulo addition on data at a current position in the fifth cache region, a preset constant, and data on an 8 th word in the third cache region, and store a modulo addition result in the eighth cache region;
an eighth calculating unit, configured to perform modulo addition operation on data in the current position in the sixth cache region and a number on an 8 th word in the second cache region, and store a modulo addition result in the eighth cache region;
a ninth calculating unit, configured to update the data in the twenty-seventh cache area with an output result obtained by calling an eighth function with the data in the 5 th word in the third cache area as a parameter; using the data on the 5 th word in the second cache region as a parameter to call an eighth function to obtain an output result, and updating the data in the seventeenth cache region;
a tenth calculating unit, configured to call, using the data in the twenty-seventh cache area and the data in the seventeenth cache area as parameters, an output result obtained by a fourth function, perform modulo addition on the data in the eighth cache area, and update the data in the eighth cache area with the modulo addition result; updating the data in the eighth cache region by using a modulo addition operation result of the data in the eighteenth cache region and the data in the seventeenth cache region;
an eleventh calculating unit, configured to use the data in the 5 th word, the data in the 6 th word, the data in the 7 th word in the third cache area, and the data in the 5 th word, the data in the 6 th word, and the data in the 7 th word in the second cache area as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter, and a sixth parameter, call an output result obtained by a third function to update the data in the twenty-seventh cache area, and use a result of performing an exclusive or operation on the data in the 5 th word and the data in the 7 th word in the second cache area to update the data in the seventeenth cache area;
a twelfth calculating unit, configured to perform modulo addition on an output result obtained by calling a fourth function using the data in the twenty-seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter and the data in the eighth cache area, and update the data in the eighth cache area with the modulo addition result; and performing modulo addition operation on the data in the eighteenth cache region and the data in the seventeenth cache region and updating the data in the eighteenth cache region by using a modulo addition result.
29. The apparatus of claim 28, wherein the fifth function module comprises:
a first generation and storage unit, configured to generate a second random number and store the second random number in a first register, store a result obtained by performing a double operation on the second random number in the first register in a second register, store a result obtained by performing an exclusive or operation on data in the first register and a second parameter in a third register, store a result obtained by performing an and operation on data in the first register and data in the third register in a fourth register, store a result obtained by performing an exclusive or operation on data in the second register and a first parameter in a fifth register, store a result obtained by performing an exclusive or operation on data in the first register and data in the fifth register in a sixth register, store a result obtained by performing an and operation on data in the sixth register and the second parameter in a seventh register, store a result obtained by performing an exclusive or operation on data in the fourth register and data in the seventh register in an eighth register, store a result obtained by performing an exclusive or operation on data in the fourth register and the second parameter in the ninth register in a ninth register, and store a ninth register;
the first saving and updating unit is used for saving a result obtained by performing AND operation on the data in the second register and the second parameter into an eleventh register; updating the data in the eleventh register with the result of the exclusive-or operation of the data in the eleventh register and the data in the tenth register; updating the data in the second register by using the result of the AND operation of the data in the second register and the first parameter; updating the data in the eleventh register by using the result of the exclusive or operation of the data in the eleventh register and the data in the second register, and updating the data in the second register by using the result of the doubling operation of the data in the eleventh register;
the first judging unit is used for judging whether the cycle number is a preset value or not, if so, the first arithmetic unit is triggered, and if not, the cycle number is updated, and the first saving updating unit is triggered;
and the first arithmetic unit is used for taking the result of the exclusive or operation of the data in the fifth register and the data in the second register as the output result of the fifth function module.
30. The apparatus according to claim 28, wherein the sixth function module is specifically configured to xor the result of the cyclic right shift of the parameter by 17 bits, the result of the cyclic right shift by 19 bits, and the result of the right shift by 10 bits as the output result of the sixth function module.
31. The apparatus as claimed in claim 28, wherein the seventh function module is specifically configured to xor the result of circularly right-shifting the parameter by 7 bits, the result of circularly right-shifting the parameter by 18 bits, and the result of right-shifting the parameter by 3 bits as the output result of the seventh function module.
32. The apparatus according to claim 28, wherein the fourth function module is specifically configured to generate a third random number and store the third random number in a twelfth register, store a result obtained by performing an exclusive or operation on the first parameter and the random number in the twelfth register, and store a result obtained by performing a non-operation on data in the twelfth register and data in the twelfth register in a thirteenth register; and storing a result obtained by performing exclusive-or operation on the data in the thirteenth register and the data in the twelfth register into a fourteenth register, storing a result obtained by performing exclusive-or operation on the data in the twelfth register and a second parameter into a fifteenth register, storing a result obtained by performing exclusive-or operation on the first parameter and the data in the fifteenth register into a sixteenth register, storing a result obtained by performing non-operation on the data in the sixteenth register and the data in the fifteenth register into a seventeenth register, and using a result obtained by performing exclusive-or operation on the data in the seventeenth register and the data in the fourteenth register as an output result of a fourth function module.
33. The apparatus according to claim 28, wherein the third function module is specifically configured to call the first function module according to the first parameter, the second parameter, the fourth parameter, and the fifth parameter to obtain an output result, and store the output result in an eighteenth register; calling a first function module according to the third parameter, the code reversal of the first parameter, the sixth parameter and the fourth parameter to obtain a result, and storing the result in a nineteenth register; and taking the result obtained by carrying out exclusive or operation on the data in the eighteenth register and the data in the nineteenth register as the output result of the third function module.
34. The device according to claim 33, wherein the first function module is specifically configured to store a result obtained by performing an and operation on an inverse code of the fourth parameter and a third parameter in a twentieth register, store a result obtained by performing an and operation on the fourth parameter and the first parameter in a twenty-first register, store a result obtained by performing an or operation on data in the twentieth register and data in the twenty-first register in a twenty-second register, and store a result obtained by performing an and operation on an inverse code of the second parameter and data in the twenty-second register in a twenty-third register; storing a result obtained by performing an and operation on the fourth parameter and the third parameter into a twenty-fourth register, storing a result obtained by performing an and operation on an inverse code of the fourth parameter and the first parameter into a twenty-fifth register, storing a result obtained by performing an or operation on data in the twenty-fourth register and data in the twenty-fifth register into a twenty-sixth register, and storing a result obtained by performing an and operation on the second parameter and data in the twenty-sixth register into a twenty-seventh register; and taking the result obtained by performing OR operation on the data in the twenty-third register and the data in the twenty-seventh register as the output result of the first function module.
35. The apparatus as claimed in claim 28, wherein the eighth function module is specifically configured to perform an exclusive or operation on the result of the parameter cycle right shift by 6 bits, the result of the cycle right shift by 11 bits, and the result of the cycle right shift by 25 bits as an output result of the eighth function module.
36. The apparatus of claim 28, wherein the CPU further comprises a second function module and a ninth function module, the third calculation module comprising:
a thirteenth calculating unit, configured to update the data in the twenty-seventh cache area with an output result obtained by calling a ninth function with the data in the 1 st word in the third cache area as a parameter; using data on the 1 st word in the second cache region as a parameter to call a ninth function to obtain an output result, and updating a third result in the seventeenth cache region;
a fourteenth calculating unit, configured to use the data in the twenty-seventh cache area and the data in the seventeenth cache area as the first parameter and the second parameter to call a fourth function to obtain an output result, and update the data in the ninth cache area; updating the data in the nineteenth cache with the data in the seventeenth cache;
a fifteenth calculating unit, configured to update the data in the twenty-seventh cache area with an output result obtained by calling a second function with the data on the 1 st word, the data on the 2 nd word, the data on the 3 rd word in a third cache area and the data on the 1 st word, the data on the 2 nd word, and the data on the 3 rd word in the second cache area as a first parameter, a second parameter, a third parameter, a fourth parameter, a fifth parameter, and a sixth parameter, and update the data in the seventeenth cache area with the data on the 2 nd word in the second cache area;
a sixteenth calculating unit, configured to call a fourth function using the data in the twenty-seventh cache area and the data in the seventeenth cache area as a first parameter and a second parameter to obtain an output result, perform modulo addition operation on the output result and the data in the ninth cache area, and update the data in the ninth cache area with the modulo addition result; performing modulo addition operation on the data in the nineteenth cache region and the data in the seventeenth cache region, and updating the data in the nineteenth cache region by using a modulo addition result;
a seventeenth calculation unit, configured to update the data on the 8 th word in the third cache area with the data on the 7 th word in the third cache area, update the data on the 8 th word in the second cache area with the data on the 7 th word in the second cache area, update the data on the 7 th word in the third cache area with the data on the 6 th word in the third cache area, update the data on the 7 th word in the second cache area with the data on the 6 th word in the second cache area, update the data on the 6 th word in the third cache area with the data on the 5 th word in the third cache area, and update the data on the 6 th word in the second cache area with the data on the 5 th word in the second cache area;
an eighteenth calculating unit, configured to use data on a4 th word in the first cache region and data on a4 th word in the second cache region as a first parameter and a second parameter, call an output result obtained by a fourth function to update data in the seventh cache region, and use data on the 4 th word in the second cache region to update data in the seventeenth cache region;
a nineteenth calculating unit, configured to update data on a5 th word in the third cache area with a result of a modulo addition operation of data in the seventh cache area and data in the eighth cache area; updating the data on the 5 th word in the second cache region by using the modulo addition operation result of the data in the seventeenth cache region and the data in the eighteenth cache region;
and the twentieth calculating unit is used for updating the data on the 5 th word in the third cache region by using the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as output results obtained by calling a fifth function by using the first parameter and the second parameter.
37. The apparatus as claimed in claim 36, wherein the ninth function module is specifically configured to perform an exclusive or operation on the result of circularly right-shifting the parameter by 2 bits, the result of circularly right-shifting the parameter by 13 bits, and the result of circularly right-shifting the parameter by 22 bits, as the output result of the ninth function module.
38. The apparatus according to claim 36, wherein the second function module is specifically configured to call the first function module according to the first parameter, the second parameter, the third parameter, and the fourth parameter to obtain an output result, and store the output result in a twenty-eighth register; an output result obtained by calling the first function module according to the first parameter, the third parameter, the fourth parameter and the sixth parameter is stored in a twenty-ninth register; the output result obtained by calling the first function module according to the second parameter, the third parameter, the fifth parameter and the sixth parameter is stored in a thirtieth register; and carrying out exclusive or operation on the data in the twenty-eighth register, the data in the twenty-ninth register and the data in the thirtieth register to obtain an output result.
39. The apparatus of claim 36, wherein the fourth calculation module comprises:
a twenty-first calculating unit, configured to update data on a4 th word in the third cache area with data on a3 rd word in the third cache area, update data on a4 th word in the second cache area with data on a3 rd word in the second cache area, update data on a3 rd word in the third cache area with data on a2 nd word in the third cache area, update data on a3 rd word in the second cache area with data on a2 nd word in the second cache area, update data on a2 nd word in the third cache area with data on a1 st word in the third cache area, and update data on a2 nd word in the second cache area with data on a1 st word in the second cache area;
a twenty-second calculating unit, configured to perform modulo addition on the data in the eighth cache area and the data in the ninth cache area, and update the data on the 1 st word in the third cache area with a modulo addition result; performing modulo addition operation on the data in the eighteenth cache region and the data in the nineteenth cache region, and updating the data on the 1 st word in the second cache region by using a modulo addition result;
and the twenty-third calculating unit is used for updating the data on the 1 st word in the third cache region by using the data on the 1 st word in the third cache region and the data on the 1 st word in the second cache region as the first parameter and the output result obtained by calling a fifth function module by using the second parameter.
40. The apparatus of claim 39, wherein the first determining module comprises:
the second judging unit is used for respectively judging whether the sum of the length of the data in the fifth cache region and the length of the data in the sixth cache region is 64 words or not, if so, the third judging unit is triggered, and if not, an error is reported;
and the third judging unit is used for judging whether the idle lengths in the fifth cache region and the sixth cache region are both 0, if so, triggering the fifth calculating module, and otherwise, triggering the second calculating module.
41. The apparatus of claim 39, wherein the fifth calculation module comprises:
a twenty-fourth calculating unit, configured to sequentially save, as a first parameter, each word in the third cache area, and an output result obtained by calling a fourth function module using data at a corresponding position in the second cache area as a second parameter, in a thirty-first register, perform modulo addition operation on the data in the thirty-first register and the data at the corresponding position in the first cache area, and update the data at the corresponding position in the first cache area with the modulo addition result;
a first serving unit configured to serve data in the first buffer as a hash packet calculation result.
42. The device according to claim 41, wherein the twenty-fourth calculating unit is specifically configured to store the data in the 1 st word in the third cache area and the data in the 1 st word in the second cache area as output results obtained by calling a fourth function module with the first parameter and the second parameter, into a thirty-second register, and update the data in the 1 st word in the first cache area with a result of performing a modulo addition operation between the data in the thirty-second register and the data in the 1 st word in the first cache area; taking the data on the 2 nd word in the third cache region and the data on the 2 nd word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-fourth register, and updating the data on the 2 nd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fourth register and the data on the 2 nd word in the first cache region; taking the data on the 3 rd word in the third cache region and the data on the 3 rd word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-fifth register, and updating the data on the 3 rd word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-fifth register and the data on the 3 rd word in the first cache region; taking the data on the 4 th word in the third cache region and the data on the 4 th word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-sixth register, and updating the data on the 4 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-sixth register and the data on the 4 th word in the first cache region; taking the data on the 5 th word in the third cache region and the data on the 5 th word in the second cache region as the first parameter and the second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-seventh register, and updating the data on the 5 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-seventh register and the data on the 5 th word in the first cache region; taking the data on the 6 th word in the third cache region and the data on the 6 th word in the second cache region as a first parameter and a second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-eighth register, and updating the data on the 6 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-eighth register and the data on the 6 th word in the first cache region; taking the data on the 7 th word in the third cache region and the data on the 7 th word in the second cache region as the first parameter and the second parameter, calling a fourth function module to obtain an output result, storing the output result into a thirty-ninth register, and updating the data on the 7 th word in the first cache region by using the result of performing modulo addition operation on the data in the thirty-ninth register and the data on the 7 th word in the first cache region; and storing the data on the 8 th word in the third cache region and the data on the 8 th word in the second cache region as output results obtained by calling a fourth function module by using the first parameter and the second parameter into a fortieth register, and updating the data on the 8 th word in the first cache region by using the result of performing modulo addition operation on the data in the fortieth register and the data on the 8 th word in the first cache region.
CN201911302812.0A 2019-12-17 2019-12-17 Secure implementation method and device for Hash grouping calculation Active CN111143893B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201911302812.0A CN111143893B (en) 2019-12-17 2019-12-17 Secure implementation method and device for Hash grouping calculation

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201911302812.0A CN111143893B (en) 2019-12-17 2019-12-17 Secure implementation method and device for Hash grouping calculation

Publications (2)

Publication Number Publication Date
CN111143893A CN111143893A (en) 2020-05-12
CN111143893B true CN111143893B (en) 2023-04-07

Family

ID=70518570

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201911302812.0A Active CN111143893B (en) 2019-12-17 2019-12-17 Secure implementation method and device for Hash grouping calculation

Country Status (1)

Country Link
CN (1) CN111143893B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101894229A (en) * 2010-06-30 2010-11-24 华南理工大学 Device compatible with three SHA standards and realization method thereof
CN104753684A (en) * 2015-04-15 2015-07-01 飞天诚信科技股份有限公司 Digital signature and signature verification method
CN106650240A (en) * 2016-11-22 2017-05-10 深圳大学 Construction method of parallel hash function
CN109429222A (en) * 2017-08-22 2019-03-05 马鞍山明阳通信科技有限公司 A kind of pair of Wireless Communication Equipment upgrade procedure and the method for communication data encryption
CN110471924A (en) * 2019-08-14 2019-11-19 紫光展锐(重庆)科技有限公司 Data processing method, device, computer equipment and storage medium

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7266703B2 (en) * 2001-06-13 2007-09-04 Itt Manufacturing Enterprises, Inc. Single-pass cryptographic processor and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101894229A (en) * 2010-06-30 2010-11-24 华南理工大学 Device compatible with three SHA standards and realization method thereof
CN104753684A (en) * 2015-04-15 2015-07-01 飞天诚信科技股份有限公司 Digital signature and signature verification method
CN106650240A (en) * 2016-11-22 2017-05-10 深圳大学 Construction method of parallel hash function
CN109429222A (en) * 2017-08-22 2019-03-05 马鞍山明阳通信科技有限公司 A kind of pair of Wireless Communication Equipment upgrade procedure and the method for communication data encryption
CN110471924A (en) * 2019-08-14 2019-11-19 紫光展锐(重庆)科技有限公司 Data processing method, device, computer equipment and storage medium

Also Published As

Publication number Publication date
CN111143893A (en) 2020-05-12

Similar Documents

Publication Publication Date Title
CN103427997B (en) A kind of method generating digital signature and device
Bernstein et al. Non-uniform cracks in the concrete: the power of free precomputation
CN100579006C (en) RSA ciphering method for realizing quick big prime generation
CN111143893B (en) Secure implementation method and device for Hash grouping calculation
US20110075836A1 (en) Method and apparatus for elliptic curve cryptographic processing
CN106254059B (en) Operation method and security chip
CN109067526A (en) Level public private key pair generation method and device
US20220385466A1 (en) Prime number generation for encryption
CN109600232A (en) For attack verifying, means of defence and the device of SM2 signature algorithm
CN112737778B (en) Digital signature generation and verification method and device, electronic equipment and storage medium
CN105956921A (en) Method and device for selecting bankcard number by user himself/herself
CN109379185B (en) Secure RSA operation implementation method and device
Hua et al. Nearly optimal distributed algorithm for computing betweenness centrality
US9613229B2 (en) Method for generating coordinate point in embedded system
Kotukh et al. Method of Security Improvement for MST3 Cryptosystem Based on Automorphism Group of Ree Function Field
CN111970112A (en) Ether house deployment method and system based on ZYNQ heterogeneous computing platform
CN103414545B (en) Overtime determination methods between heterogeneous system and system
CN104579651A (en) Method and device for elliptic curve cryptography point multiplication operation
JP2009169473A (en) Module arrangement device, module arranging method and program
CN102591618B (en) Method for generating big prime in embedded system
CN112800476A (en) Data desensitization method and device and electronic equipment
Chen et al. Equivalent nondegenerate L‐shapes of double‐loop networks
Igumnov Generation of the large random prime numbers
KR100901280B1 (en) Method and apparatus for modulo 3 calculation
Yu et al. Efficient software implementation of ZUC stream cipher

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant