CN111526003B - Data encryption method and device, storage medium and electronic equipment - Google Patents
Data encryption method and device, storage medium and electronic equipment Download PDFInfo
- Publication number
- CN111526003B CN111526003B CN202010275793.3A CN202010275793A CN111526003B CN 111526003 B CN111526003 B CN 111526003B CN 202010275793 A CN202010275793 A CN 202010275793A CN 111526003 B CN111526003 B CN 111526003B
- Authority
- CN
- China
- Prior art keywords
- box
- encryption algorithm
- aes
- round key
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
Abstract
The invention provides a data encryption method, a data encryption device, a storage medium and electronic equipment, wherein a round key of an S-Box S-Box of an SM4 encryption algorithm is obtained; performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm to generate the round key of the S-Box of the AES encryption algorithm; calling an AES-NI instruction, and executing encryption operation by using a round key of an S-Box of the AES encryption algorithm to generate the S-Box of the AES encryption algorithm; and carrying out affine transformation reduction on the S-Box of the AES encryption algorithm to generate the S-Box of the SM4 encryption algorithm. Compared with the traditional SM4 algorithm, the method has higher encryption operation speed, and further improves the overall performance of the application system.
Description
Technical Field
The present invention relates to the field of cryptography, and in particular, to a data encryption method, apparatus, storage medium, and electronic device.
Background
The SM4 algorithm is a block cipher algorithm published by the national commercial cipher management office and is also the first commercial cipher algorithm published by the national official.
In the implementation process of the existing SM4 encryption algorithm, the problems of low data throughput and high CPU load can occur. The operation of SM4 encryption algorithms does not match the increasing writing speeds of information system storage devices, network device bandwidth speeds, etc. Existing SM4 encryption algorithms form, in part, a performance bottleneck that slows down the overall performance of the application system.
Disclosure of Invention
In order to solve the problems, the invention utilizes a CPU AESNI instruction system to accelerate the SM4 encryption algorithm hardware and increase the SM4 encryption algorithm speed to a new height. AES (Advanced Encryption Standard), also known as Rijndael Encryption, is a block Encryption Standard adopted by the federal government in the united states. This standard, which is used to replace the original DES, has been analyzed by many parties and is widely used throughout the world. After many years of screening processes, AES has become one of the most popular algorithms in symmetric key encryption. AES-NI (Advanced Encryption Standard New Instructions) is an extension of the x86 instruction set architecture for Intel and AMD microprocessors, proposed by Intel in 2008/3. The purpose of AES-NI is to improve the speed at which applications perform encryption and decryption using AES.
The embodiment of the invention provides an encryption method, an encryption device, a storage medium and electronic equipment.
In a first aspect, an embodiment of the present invention provides a data encryption method, including the following steps:
acquiring a round key of an S-Box S-Box of an SM4 encryption algorithm;
performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm to generate the round key of the S-Box of the AES encryption algorithm;
calling an AES-NI instruction, and executing encryption operation by using a round key of an S-Box of the AES encryption algorithm to generate the S-Box of the AES encryption algorithm;
and carrying out affine transformation reduction on the S-Box of the AES encryption algorithm to generate the S-Box of the SM4 encryption algorithm.
Optionally, the invoking the AES-NI instruction, performing an encryption operation using a round key of the S-Box of the AES encryption algorithm, and generating the S-Box of the AES encryption algorithm includes:
calling an AES-NI instruction, and executing encryption operation by using a round key of an S-Box of the AES encryption algorithm to generate the S-Box of the AES encryption algorithm, wherein the encryption operation comprises: t isomorphic mapping, S-box inversion, and T' isomorphic mapping.
Optionally, the performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm to generate the round key of the S-Box of the AES encryption algorithm includes:
performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm by using an affine transformation formula Affine (x) ═ M x + Count, and generating the round key of the S-Box of the AES encryption algorithm.
In a second aspect, an embodiment of the present invention provides a data encryption apparatus, including:
the acquisition unit is used for acquiring a round key of an S-Box S-Box of an SM4 encryption algorithm;
the transformation unit is used for carrying out affine transformation on the round key of the S-Box of the SM4 encryption algorithm to generate the round key of the S-Box of the AES encryption algorithm;
the encryption unit is used for calling an AES-NI instruction, executing encryption operation by using a round key of an S-Box of the AES encryption algorithm and generating the S-Box of the AES encryption algorithm;
and the restoring unit is used for carrying out affine transformation restoration on the S-Box of the AES encryption algorithm to generate the S-Box of the SM4 encryption algorithm.
Optionally, the encryption unit is specifically configured to:
calling an AES-NI instruction, and executing encryption operation by using a round key of an S-Box of the AES encryption algorithm to generate the S-Box of the AES encryption algorithm, wherein the encryption operation comprises: t isomorphic mapping, S-box inversion, and T' isomorphic mapping.
In a third aspect, the present invention provides a computer-readable storage medium, on which a computer program is stored, which when executed by a processor implements the steps of any one of the above methods.
In a fourth aspect, an embodiment of the present invention provides an electronic device, including a memory, a processor, and a computer program stored on the memory and executable on the processor, where the processor implements the steps of any one of the above methods when executing the program.
The data encryption method, the data encryption device, the storage medium and the electronic equipment provided by the invention are used for acquiring the round key of the S-Box of the SM4 encryption algorithm; performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm to generate the round key of the S-Box of the AES encryption algorithm; calling an AES-NI instruction, and executing encryption operation by using a round key of an S-Box of the AES encryption algorithm to generate the S-Box of the AES encryption algorithm; and carrying out affine transformation reduction on the S-Box of the AES encryption algorithm to generate the S-Box of the SM4 encryption algorithm. The invention can simultaneously run a plurality of encryption processes in parallel by calling the AES-NI instruction and obtain a plurality of unit S box results. The conventional SM4 algorithm can only run a single encryption process at a time and obtain a single cell S-box result. Compared with the traditional SM4 algorithm, the method has higher encryption operation speed, and further improves the overall performance of the application system.
Drawings
Fig. 1 is a schematic flow chart of a data encryption method according to an embodiment of the present invention;
fig. 2 is a schematic flow chart of a data encryption method according to an embodiment of the present invention;
fig. 3 is a data flow diagram of a data encryption method according to an embodiment of the present invention;
fig. 4 is a schematic structural diagram of a data encryption apparatus according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an electronic device according to an embodiment of the present invention;
Detailed Description
The present application is further described with reference to the following figures and examples.
In the following description, the terms "first" and "second" are used for descriptive purposes only and are not intended to indicate or imply relative importance. The following description provides embodiments of the invention, which may be combined or substituted for various embodiments, and this application is therefore intended to cover all possible combinations of the same and/or different embodiments described. Thus, if one embodiment includes feature A, B, C and another embodiment includes feature B, D, then this application should also be considered to include an embodiment that includes one or more of all other possible combinations of A, B, C, D, even though this embodiment may not be explicitly recited in text below.
The following description provides examples, and does not limit the scope, applicability, or examples set forth in the claims. Changes may be made in the function and arrangement of elements described without departing from the scope of the disclosure. Various examples may omit, substitute, or add various procedures or components as appropriate. For example, the described methods may be performed in an order different than the order described, and various steps may be added, omitted, or combined. Furthermore, features described with respect to some examples may be combined into other examples.
Referring to fig. 1, fig. 1 is a schematic flow chart of a data encryption method according to an embodiment of the present invention, where the method includes:
s101, acquiring a round key of an S-Box of an SM4 encryption algorithm.
In cryptography, the S-Box is the basic structure of a symmetric key algorithm to perform a permutation calculation. The S box is used in the block cipher algorithm and is a unique nonlinear structure, and the quality of the indexes of the S box directly determines the quality of the cipher algorithm.
And S102, performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm to generate the round key of the S-Box of the AES encryption algorithm.
Affine transformation is geometrically defined as an affine transformation or affine mapping between two vector spaces, consisting of a non-singular linear transformation (transformation using a linear function) followed by a translation transformation.
Optionally, the performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm to generate the round key of the S-Box of the AES encryption algorithm includes:
performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm by using an affine transformation formula Affine (x) ═ M x + Count, and generating the round key of the S-Box of the AES encryption algorithm.
Where M and Count are transformational affine matrices, typically a 2 x 3 matrix:
m ═ abcd ]2 × 2, Count ═ txty ]2 × 1, then transform matrix N ═ M Count ] = [ actxbdty ]2 × 3; the above a, b, c, d, tx, ty 6 parameters are integers. It should be noted that any affine transformation formula is within the scope of the present invention as long as the purpose of affine transformation from the round key of the S-Box of the SM4 encryption algorithm to the round key of the S-Box of the AES encryption algorithm can be achieved.
S103, calling an AES-NI instruction, and executing encryption operation by using the round key of the S-Box of the AES encryption algorithm to generate the S-Box of the AES encryption algorithm.
Optionally, the invoking the AES-NI instruction, performing an encryption operation using a round key of the S-Box of the AES encryption algorithm, and generating the S-Box of the AES encryption algorithm includes:
calling an AES-NI instruction, executing encryption operation by using a round key of an S-Box of the AES encryption algorithm, and generating the S-Box of the AES encryption algorithm, wherein the encryption operation comprises the following steps in sequence: t isomorphic mapping, S-box inversion, and T' isomorphic mapping.
The algebraic expression of the AES S box is related to the multiplication inverse and the calculation order of the affine transformation for constructing the S box, so the algebraic property of the S box can achieve better effect by modifying the affine transformation pair and adjusting the calculation order of the S box. However, the S-box algebraic expression constructed by adopting one-time affine transformation cannot meet the requirement that the constructed S-box algebraic expression has more terms, so that the multiplication inverse element is solved after one-time affine transformation is carried out, and then one-time affine transformation is carried out.
An improved scheme for constructing an S box is provided for the above problems, and an affine transformation pair ('6B', '5D'), wherein X is an input element, Y is an output, is adopted, and is realized by adopting 3 steps, namely 1 time of affine transformation is carried out on a byte element, then a multiplication inverse element is obtained, and then 1 time of affine transformation is carried out. The operation steps of the improved scheme of the S box are as follows:
a. first, 1 affine transformation pair is performed as an affine transformation of ('6B', '5D'), which is defined as follows:
b. solving a multiplication inverse element:
c. and performing 1 affine transformation pair to obtain affine transformation of ('6B', '5D'), and outputting a result y.
y=Lb×x″+′5D′。
And S104, carrying out affine transformation reduction on the S-Box of the AES encryption algorithm to generate the S-Box of the SM4 encryption algorithm.
Existing SM4 encryption algorithms often process packets in units of 16 bytes. The data encryption method provided by the embodiment of the invention adopts a SIMD instruction of a CPU AESNI instruction, and can process data by taking 64 bytes as a unit. In the same clock cycle, the theoretical speed of data traffic is 4 times the speed capability of the existing SM4 encryption algorithm. In addition, the CPU AESNI instruction SIMD instruction can also process data in units of 128 bytes. In this case, N is 8.
The value of N will vary according to the system, the CPU AESNI instruction set, and the specific requirements. The embodiment of the invention does not limit the specific value of N.
To better illustrate the technical solution of the present invention, a specific embodiment is explained below. Fig. 2 is a schematic flow chart of a data encryption method according to an embodiment of the present invention, where in the embodiment of the present invention, the method includes:
step 1: the key points of the step are as follows: the SM4 encryption algorithm is obtained to encrypt the round keys of the S-Box as input, and the SM4 encryption S-Box' S round keys are used as the source of input parameters as the source of CPU AESNI transformation keys. The key may be obtained directly, i.e. informed, or valued from somewhere by defining the get function.
Step 2: the key points of the step are as follows: and (3) performing Affine transformation and amplification plus translation on the S-Box wheel key by using the round key transformation source of the S-Box issued in the step 1 through an Affine transformation formula Affinine 1(x) ═ M1 x + Count 1. And the isomorphic mapping conversion from the SM 4S-Box to the AESNI S-Box is realized, and context environment preparation is prepared for hardware acceleration of an AESNI parallelized CPU.
Step 3, step 4, step 5: the key points of these three steps are: the intel CPU AESNI parallel hardware instruction system instruction AESENCCLAST is called. The instruction will refer to the context environment of step 2, hardware parallel mode, and execute the encryption operation of 64 byte data block at the same time. And in a single instruction multiple data hardware circuit mode, the actions of 'T isomorphic mapping (3),' S-box inversion (4) and 'T' isomorphic mapping (5) are completed. The aesCLAST hardware instruction collectively calls the CPU hardware to implement a high-speed concurrent encryption function. After the three steps are performed, the result AES-Sbox (Affinine 1(x)) is generated.
Step 6: the key points of the step are as follows: using an SM4 Affine transformation reduction formula Affini 2(x) ═ M2 x + Count2, using the result AES-Sbox (Affini 1(x)) after the step 5 is executed as a parameter, substituting to obtain SM4-Sbox (x) ═ Affini 2(AES-Sbox (Affini 1(x)), performing inverse Affine transformation, amplification and translation on the S-Box wheel key, and realizing isomorphic mapping transformation reduction from the AESNI S-Box to the SM 4S-Box.
And 7: the key points of the step are as follows: the isomorphic mapping reverse conversion obtains 4 units of SM4-Sbox results, which are equivalent to parallel processing, and the effect of four serial operations of the existing SM4 software is achieved.
Fig. 3 is a data flow diagram of a data encryption method according to an embodiment of the present invention. As shown in fig. 3, the existing SM4 encryption algorithm processes packets in units of 16 bytes. The data encryption method provided by the embodiment of the invention adopts a SIMD instruction of a CPU AESNI instruction, and data is processed by taking 64 bytes as a unit. In the same clock cycle, the theoretical speed of data traffic is 4 times the speed capability of the existing SM4 encryption algorithm. Since some additional processing is required for the affine transformation from the SM 4S-Box to the AESNI S-Box, the actual performance speed of the present invention is actually measured to be 3 times as large as that realized by the existing SM4 encryption algorithm.
The Windows platform application program calls an intel CPU AESNI acceleration instruction set, modifies an AES S-Box to meet an SM4-Sbox (x) Affinine 2(AES-Sbox (Affinine 1(x)) Affine isomorphic equivalent mode, achieves the aim that the AESNI instruction acceleration application generates an SM4 parallel encryption algorithm effect, achieves the same purpose by using any deformed Affine transformation formula, uses SIMD single-instruction parallel acceleration in the context of preprocessing and postprocessing, exceeds the performance of the existing SM4 encryption algorithm, and meets the coverage of the implementation route range of the technical scheme.
The Windows platform driver calls an intel CPU AESNI acceleration instruction set in the Ring0 environment, once a modified AES S-Box meets an SM4-Sbox (x) Affinine 2(AES-Sbox (Affinine 1(x)) Affine isomorphic equivalent mode, the AESNI acceleration application generates an SM4 parallel encryption algorithm effect target, any deformed Affine transformation formula achieves the same purpose, SIMD single-instruction parallel acceleration is used in the context of preprocessing and postprocessing, the performance of the existing SM4 encryption algorithm is exceeded, and the implementation route range coverage of the technical scheme is met.
The Linux platform application program calls an intel CPU AESNI acceleration instruction set, modifies an AES S-Box to meet an SM4-Sbox (x) Affine2(AES-Sbox 1(x)) Affine isomorphic equivalent mode, achieves the aim that the AESNI acceleration application generates an SM4 parallel encryption algorithm effect, achieves the same aim through any deformed Affine transformation formula, uses SIMD single-instruction parallel acceleration in the context of preprocessing and postprocessing, exceeds the performance of the existing SM4 encryption algorithm, and meets the coverage of the implementation route range of the technical scheme.
Fig. 1 to 3 describe the data encryption method in detail in the embodiment of the present application. Referring to fig. 4, fig. 4 is a schematic structural diagram of a data encryption device according to an embodiment of the present invention, and as shown in fig. 4, the data encryption device includes:
an obtaining unit 401, configured to obtain a round key of an S-Box of an SM4 encryption algorithm;
a transforming unit 402, configured to perform affine transformation on the round key of the S-Box of the SM4 encryption algorithm to generate the round key of the S-Box of the AES encryption algorithm;
the encryption unit 403 is configured to invoke an AES-NI instruction, perform encryption operation using a round key of the S-Box of the AES encryption algorithm, and generate the S-Box of the AES encryption algorithm;
and the restoring unit 404 is used for performing affine transformation restoration on the S-Box of the AES encryption algorithm to generate the S-Box of the SM4 encryption algorithm.
Optionally, the encryption unit 403 is specifically configured to:
calling an AES-NI instruction, and executing encryption operation by using a round key of an S-Box of the AES encryption algorithm to generate the S-Box of the AES encryption algorithm, wherein the encryption operation comprises: t isomorphic mapping, S-box inversion, and T' isomorphic mapping.
Optionally, the transforming unit 402 is specifically configured to:
performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm by using an affine transformation formula Affine (x) ═ M x + Count, and generating the round key of the S-Box of the AES encryption algorithm.
It is clear to a person skilled in the art that the solution according to the embodiments of the invention can be implemented by means of software and/or hardware. The "unit" and "module" in this specification refer to software and/or hardware that can perform a specific function independently or in cooperation with other components, where the hardware may be, for example, an FPGA (Field-Programmable Gate Array), an IC (Integrated Circuit), or the like.
Each processing unit and/or module according to the embodiments of the present invention may be implemented by an analog circuit that implements the functions described in the embodiments of the present invention, or may be implemented by software that executes the functions described in the embodiments of the present invention.
Embodiments of the present invention further provide a computer-readable storage medium, on which a computer program is stored, where the computer program, when executed by a processor, implements the steps of the data encryption method. The computer-readable storage medium may include, but is not limited to, any type of disk including floppy disks, optical disks, DVD, CD-ROMs, microdrive, and magneto-optical disks, ROMs, RAMs, EPROMs, EEPROMs, DRAMs, VRAMs, flash memory devices, magnetic or optical cards, nanosystems (including molecular memory ICs), or any type of media or device suitable for storing instructions and/or data.
Referring to fig. 5, a schematic structural diagram of an electronic device according to an embodiment of the present invention is shown, where the electronic device may be used to implement the data encryption method in the foregoing embodiment. Specifically, the method comprises the following steps:
the memory 520 may be used to store software programs and modules, and the processor 590 performs various functional applications and data processing by operating the software programs and modules stored in the memory 520. The memory 520 may mainly include a program storage area and a data storage area, wherein the program storage area may store an operating system, an application program required by at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may store data (such as audio data, a phonebook, etc.) created according to the use of the terminal device, and the like. Further, the memory 520 may include high speed random access memory, and may also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device. Accordingly, the memory 520 may also include a memory controller to provide the processor 590 and the input unit 530 access to the memory 520.
The input unit 530 may be used to receive input numeric or character information and generate a keyboard, mouse, joystick, optical or trackball signal input related to user setting and function control. In particular, the input unit 530 may include a touch-sensitive surface 531 (e.g., a touch screen, a touch pad, or a touch frame). The touch sensitive surface 531, also referred to as a touch display screen or a touch pad, may collect touch operations by a user on or near the touch sensitive surface 531 (e.g. operations by a user on or near the touch sensitive surface 531 using a finger, a stylus, or any other suitable object or attachment) and drive the corresponding connection device according to a predetermined program. Alternatively, the touch sensitive surface 531 may comprise two parts, a touch detection means and a touch controller. The touch detection device detects the touch direction of a user, detects a signal brought by touch operation and transmits the signal to the touch controller; the touch controller receives touch information from the touch sensing device, converts the touch information into touch point coordinates, sends the touch point coordinates to the processor 590, and can receive and execute commands sent by the processor 590. In addition, the touch sensitive surface 531 may be implemented using various types of resistive, capacitive, infrared, and surface acoustic waves.
The display unit 540 may be used to display information input by a user or information provided to a user and various graphic user interfaces of the terminal device, which may be configured by graphics, text, icons, video, and any combination thereof. The Display unit 540 may include a Display panel 541, and optionally, the Display panel 541 may be configured in the form of an LCD (Liquid Crystal Display), an OLED (Organic Light-Emitting Diode), or the like. Further, the touch-sensitive surface 531 can overlay the display panel 541 such that when a touch event is detected on or near the touch-sensitive surface 531, the touch event is communicated to the processor 590 for determining a type of touch event, and the processor 590 can then provide a corresponding visual output on the display panel 541 based on the type of touch event. Although in FIG. 5 the touch sensitive surface 531 and the display panel 541 are shown as two separate components to implement input and output functions, in some embodiments the touch sensitive surface 531 and the display panel 541 may be integrated to implement input and output functions.
The processor 590 is a control center of the terminal device, connects various parts of the entire terminal device using various interfaces and lines, and performs various functions of the terminal device and processes data by running or executing software programs and/or modules stored in the memory 520 and calling data stored in the memory 520, thereby integrally monitoring the terminal device. Optionally, processor 590 may include one or more processing cores; processor 590 may, among other things, integrate an application processor, which handles primarily the operating system, user interface, and applications, etc., and a modem processor, which handles primarily wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 590.
Specifically, in this embodiment, the display unit of the terminal device is a touch screen display, the terminal device further includes a memory, and one or more programs, where the one or more programs are stored in the memory, and the one or more programs configured to be executed by the one or more processors include steps for implementing the terminal-based refuge method.
In the several embodiments provided in the present application, it should be understood that the disclosed apparatus and method may be implemented in other ways. The above-described device embodiments are merely illustrative, for example, the division of the unit is only a logical functional division, and there may be other division ways in actual implementation, such as: multiple units or components may be combined, or may be integrated into another system, or some features may be omitted, or not implemented. In addition, the coupling, direct coupling or communication connection between the components shown or discussed may be through some interfaces, and the indirect coupling or communication connection between the devices or units may be electrical, mechanical or other forms.
All functional units in the embodiments of the present invention may be integrated into one processing unit, or each unit may be separately used as one unit, or two or more units may be integrated into one unit; the integrated unit can be realized in a form of hardware, or in a form of hardware plus a software functional unit.
The above description is only a preferred embodiment of the present invention and is not intended to limit the present invention, and various modifications and changes may be made by those skilled in the art. Any modification, equivalent replacement, or improvement made within the spirit and principle of the present invention should be included in the protection scope of the present invention.
Claims (6)
1. A method for data encryption, the method comprising:
acquiring a round key of an S-Box S-Box of an SM4 encryption algorithm;
performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm to generate the round key of the S-Box of the AES encryption algorithm, including:
performing Affine transformation on the round key of the S-Box of the SM4 encryption algorithm by using an Affine transformation formula Affine1(x) ═ M x + Count, where M and Count are transformation Affine matrices, and generating the round key of the S-Box of the AES encryption algorithm;
calling an AES-NI instruction, and executing encryption operation by using a round key of an S-Box of the AES encryption algorithm to generate the S-Box of the AES encryption algorithm;
performing affine transformation reduction on the S-Box of the AES encryption algorithm to generate an S-Box of an SM4 encryption algorithm, comprising:
the SM4 Affine transformation is used for reducing a formula Affinine 2(x) ═ M2 x + Count2, wherein M2 and Count2 are inverse Affine transformation matrixes relative to M and Count, AES-Sbox (Affinine 1(x)) is used as a parameter, and SM4-Sbox (x) ═ Affinine 2(AES-Sbox (Affinine 1(x)) is obtained through substitution, so that S-Box of the AES encryption algorithm is subjected to Affine transformation reduction to obtain S-Box of the SM4 encryption algorithm.
2. The method of claim 1,
the calling AES-NI instruction executes encryption operation by using the round key of the S-Box of the AES encryption algorithm to generate the S-Box of the AES encryption algorithm, and the step of calling the AES-NI instruction comprises the following steps:
calling an AES-NI instruction, executing encryption operation by using a round key of an S-Box of the AES encryption algorithm, and generating the S-Box of the AES encryption algorithm, wherein the encryption operation comprises the following steps in sequence: t isomorphic mapping, S-box inversion, and T' isomorphic mapping.
3. An apparatus for encrypting data, the apparatus comprising:
the acquisition unit is used for acquiring a round key of an S-Box S-Box of an SM4 encryption algorithm;
the transformation unit is used for performing affine transformation on the round key of the S-Box of the SM4 encryption algorithm to generate the round key of the S-Box of the AES encryption algorithm, and comprises:
performing Affine transformation on the round key of the S-Box of the SM4 encryption algorithm by using an Affine transformation formula Affine1(x) ═ M x + Count, where M and Count are transformation Affine matrices, and generating the round key of the S-Box of the AES encryption algorithm;
the encryption unit is used for calling an AES-NI instruction, executing encryption operation by using a round key of an S-Box of the AES encryption algorithm and generating the S-Box of the AES encryption algorithm;
the restoring unit is used for carrying out affine transformation restoration on the S-Box of the AES encryption algorithm to generate the S-Box of the SM4 encryption algorithm, and comprises the following steps:
the SM4 Affine transformation is used for reducing a formula Affinine 2(x) ═ M2 x + Count2, wherein M2 and Count2 are inverse Affine transformation matrixes relative to M and Count, AES-Sbox (Affinine 1(x)) is used as a parameter, and SM4-Sbox (x) ═ Affinine 2(AES-Sbox (Affinine 1(x)) is obtained through substitution, so that S-Box of the AES encryption algorithm is subjected to Affine transformation reduction to obtain S-Box of the SM4 encryption algorithm.
4. The apparatus of claim 3,
the encryption unit is specifically configured to:
calling an AES-NI instruction, and executing encryption operation by using a round key of an S-Box of the AES encryption algorithm to generate the S-Box of the AES encryption algorithm, wherein the encryption operation comprises: t isomorphic mapping, S-box inversion, and T' isomorphic mapping.
5. A computer-readable storage medium, on which a computer program is stored which, when being executed by a processor, carries out the steps of the method according to any one of claims 1-2.
6. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, characterized in that the steps of the method of any of claims 1-2 are implemented when the program is executed by the processor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010275793.3A CN111526003B (en) | 2020-04-09 | 2020-04-09 | Data encryption method and device, storage medium and electronic equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202010275793.3A CN111526003B (en) | 2020-04-09 | 2020-04-09 | Data encryption method and device, storage medium and electronic equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN111526003A CN111526003A (en) | 2020-08-11 |
| CN111526003B true CN111526003B (en) | 2021-08-27 |
Family
ID=71902065
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202010275793.3A Active CN111526003B (en) | 2020-04-09 | 2020-04-09 | Data encryption method and device, storage medium and electronic equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111526003B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112564890B (en) * | 2020-12-07 | 2023-03-24 | 海光信息技术股份有限公司 | Method, device, processor and electronic equipment for accelerating SM4 algorithm |
| CN113507357B (en) * | 2021-07-08 | 2022-03-11 | 无锡沐创集成电路设计有限公司 | Realization method and circuit module compatible with SM4 and AES algorithm S box |
| CN113282947A (en) * | 2021-07-21 | 2021-08-20 | 杭州安恒信息技术股份有限公司 | Data encryption method and device based on SM4 algorithm and computer platform |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2863577A1 (en) * | 2012-06-18 | 2015-04-22 | China Iwncomm Co., Ltd. | Method for conducting data encryption and decryption using symmetric cryptography algorithm and table look-up device |
| CN109450616A (en) * | 2018-12-03 | 2019-03-08 | 北京安华金和科技有限公司 | A method of improving SM4 Encryption Algorithm speed |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US8619985B2 (en) * | 2010-04-27 | 2013-12-31 | Research In Motion Limited | Table splitting for cryptographic processes |
-
2020
- 2020-04-09 CN CN202010275793.3A patent/CN111526003B/en active Active
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| EP2863577A1 (en) * | 2012-06-18 | 2015-04-22 | China Iwncomm Co., Ltd. | Method for conducting data encryption and decryption using symmetric cryptography algorithm and table look-up device |
| CN109450616A (en) * | 2018-12-03 | 2019-03-08 | 北京安华金和科技有限公司 | A method of improving SM4 Encryption Algorithm speed |
Also Published As
| Publication number | Publication date |
|---|---|
| CN111526003A (en) | 2020-08-11 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN111526003B (en) | Data encryption method and device, storage medium and electronic equipment | |
| US9807066B2 (en) | Secure data transmission and verification with untrusted computing devices | |
| US9183373B2 (en) | Secure input via a touchscreen | |
| US11405213B2 (en) | Low latency post-quantum signature verification for fast secure-boot | |
| US11750402B2 (en) | Message index aware multi-hash accelerator for post quantum cryptography secure hash-based signing and verification | |
| US9419972B2 (en) | Two dimensional direct memory access scheme for enhanced network protocol processing performance | |
| US11750403B2 (en) | Robust state synchronization for stateful hash-based signatures | |
| US11722313B2 (en) | State synchronization for post-quantum signing facilities | |
| US11575515B2 (en) | Post-quantum secure remote attestation for autonomous systems | |
| CN101030238A (en) | Method for inputting intelligent key safety information | |
| CN112152782A (en) | Post-quantum public key signature operation for reconfigurable circuit devices | |
| CN112054896B (en) | White box encryption method, white box encryption device, terminal and storage medium | |
| US20220131708A1 (en) | Efficient hybridization of classical and post-quantum signatures | |
| KR20170133892A (en) | Method for parallel processing of encription algorithm using multi cpu and gpu | |
| US20210409188A1 (en) | Countermeasures for side-channel attacks on protected sign and key exchange operations | |
| CN103795696A (en) | Method for data access and cloud server system | |
| EP4152681A1 (en) | Low overhead side channel protection for number theoretic transform | |
| US20220100873A1 (en) | Computation of xmss signature with limited runtime storage | |
| CN115174758A (en) | Picture encryption method and device, electronic equipment and storage medium | |
| CN110224829B (en) | Matrix-based post-quantum encryption method and device | |
| CN113935048A (en) | Key protection using noise addition and de-noise schemes | |
| US20240031127A1 (en) | Lightweight side-channel protection for polynomial multiplication in post-quantum signatures | |
| US20240007266A1 (en) | Reconfigurable side-channel resistant double-throughput aes accelerator | |
| CN112487441B (en) | Data transmission using fuzzy processing unit for Data Processing (DP) accelerator | |
| US20220416998A1 (en) | Side channel protection for sha3 cryptographic functions |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |