CN117113442B - Acceleration system of homomorphic encryption algorithm Paillier-oriented data path - Google Patents
Acceleration system of homomorphic encryption algorithm Paillier-oriented data path Download PDFInfo
- Publication number
- CN117113442B CN117113442B CN202311087515.5A CN202311087515A CN117113442B CN 117113442 B CN117113442 B CN 117113442B CN 202311087515 A CN202311087515 A CN 202311087515A CN 117113442 B CN117113442 B CN 117113442B
- Authority
- CN
- China
- Prior art keywords
- data
- module
- modular
- encryption
- decryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 230000001133 acceleration Effects 0.000 title claims abstract description 26
- 230000005540 biological transmission Effects 0.000 claims abstract description 28
- 238000000034 method Methods 0.000 claims abstract description 25
- 230000008569 process Effects 0.000 claims abstract description 14
- 238000004891 communication Methods 0.000 claims abstract description 12
- 238000004364 calculation method Methods 0.000 claims description 36
- 238000013500 data storage Methods 0.000 claims description 9
- 238000006243 chemical reaction Methods 0.000 claims description 7
- 238000012545 processing Methods 0.000 claims description 6
- 230000004931 aggregating effect Effects 0.000 claims description 2
- 238000004806 packaging method and process Methods 0.000 claims 1
- 230000008901 benefit Effects 0.000 description 5
- 238000013507 mapping Methods 0.000 description 5
- 230000015654 memory Effects 0.000 description 5
- 238000013461 design Methods 0.000 description 4
- 238000011161 development Methods 0.000 description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000006870 function Effects 0.000 description 3
- 238000012856 packing Methods 0.000 description 3
- 230000002093 peripheral effect Effects 0.000 description 3
- 230000009286 beneficial effect Effects 0.000 description 2
- 230000003139 buffering effect Effects 0.000 description 2
- 238000005336 cracking Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000005457 optimization Methods 0.000 description 2
- LHMQDVIHBXWNII-UHFFFAOYSA-N 3-amino-4-methoxy-n-phenylbenzamide Chemical compound C1=C(N)C(OC)=CC=C1C(=O)NC1=CC=CC=C1 LHMQDVIHBXWNII-UHFFFAOYSA-N 0.000 description 1
- 239000000654 additive Substances 0.000 description 1
- 230000000996 additive effect Effects 0.000 description 1
- 238000004458 analytical method Methods 0.000 description 1
- 229910002056 binary alloy Inorganic materials 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000010801 machine learning Methods 0.000 description 1
- 230000007246 mechanism Effects 0.000 description 1
- 238000006116 polymerization reaction Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- General Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- General Physics & Mathematics (AREA)
- Mathematical Physics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses an acceleration system of a data path oriented to a homomorphic encryption algorithm Paillier, relates to the field of hardware information security, and aims to solve the problem that the existing data transmission rate through a software function is low, and the Paillier encryption and decryption performance requirements under a large-bit wide secret key are difficult to meet. Comprising the following steps: XDMA IP core: the system is used for receiving data sent by the upper computer and sending the data to the AXI4 slave module, and receiving the data sent by the AXI4 slave module and returning the data to the upper computer; AXI4 slave module: writing the data into an IFIFO module; the device is used for reading the data of the OFIFO module; and a controller module: the system comprises an IFIFO module, an OFIFO module and an encryption and decryption module, wherein the encryption and decryption module is used for controlling data communication of the IFIFO module and the OFIFO module and the encryption and decryption module, and a Paillier homomorphic encryption network model is built in the encryption and decryption module: paillier homomorphic encryption algorithm based on Chinese remainder theorem encrypts and decrypts plaintext data transmitted by upper computer, wherein Paillier algorithm adopts 2 K The modular exponentiation algorithm calculates the modular exponentiation in the encryption and decryption processes. The system has accurate data transmission and excellent read-write performance.
Description
Technical Field
The invention relates to the technical field of hardware information security, in particular to an acceleration system of a homomorphic encryption algorithm Paillier-oriented data path.
Background
Homomorphic encryption is an encryption algorithm based on a public key cryptosystem, and can obtain an encryption result by calculating a ciphertext, and the encryption result is consistent with a plaintext calculation result after decryption. Therefore, the operations such as the retrieval and comparison of the ciphertext can be solved under the condition of data confidentiality. Homomorphic encryption algorithms are divided into homomorphic encryption algorithms and partial homomorphic encryption algorithms, and the results obtained by decryption after random calculation of ciphertext in the homomorphic encryption algorithms are all corresponding plaintext calculation results. However, the existing full homomorphic encryption algorithm is low in general efficiency and difficult to be practically applied in order to ensure data security. The integer homomorphic encryption algorithm is simple in concept, high in encryption and decryption calculation efficiency and suitable for practical application. But as with other fully homomorphic encryption algorithms, the algorithm can only encrypt 1bit plaintext. The partial homomorphic encryption algorithm is early in appearance, has high encryption and decryption speed, and is widely applied to message transmission and digital signature. The partial homomorphic encryption scheme refers to a scheme having a single addition homomorphism or multiplication homomorphism, such as an RSA algorithm, an Elgamal algorithm, a Paillier algorithm, and the like. The Paillier cryptographic system is used as a homomorphic cryptographic system, and its additive homomorphic property is widely used in applications such as secret security computing, encryption databases, and machine learning of encrypted data. There is a great deal of competition where only ciphertext addition calculations are required.
In the age of rapid development of information technology, communication technology has made great progress, the importance of data transmission rate has become more and more remarkable in modern information society, and high-speed data transmission and efficient storage systems play an important role in modern information society, which ensure rapid data transmission and safe storage. The key of the current mainstream Paillier homomorphic encryption algorithm reaches 1024 bits or more, while the encryption security can be ensured by selecting a key with large bit width, the encryption and decryption performance of the Paillier is seriously affected, the cost of cracking is far higher than the benefit due to the excessively long time consumption, the further development of a high-performance Paillier accelerator is hindered, and the quick realization of the encryption algorithm has very important practical significance. At present, most of information encryption adopts software encryption, and compared with software implementation, the hardware implementation encryption algorithm has obvious advantages, and is faster, safer and more stable. Therefore, a method for accelerating the data transmission rate by hardware implementation to further improve the encryption and decryption efficiency of the Paillier algorithm is needed.
Disclosure of Invention
The invention aims to solve the technical problems that:
the existing data transmission rate through a software function is low, the Paillier encryption and decryption performance requirements under a large-bit wide secret key are difficult to meet, and the cost of cracking is too high due to too long consumed time.
The invention adopts the technical scheme for solving the technical problems:
the invention provides an acceleration system of a homomorphic encryption algorithm Paillier-oriented data path, which deploys the Paillier algorithm on an FPGA platform to realize Paillier hardware acceleration, and comprises the following steps:
XDMA IP core: the system is used for realizing communication between the upper computer and the PCIE, receiving data sent by the upper computer and sending the data to the AXI4 slave module at the next stage, and receiving data sent by the AXI4 slave module and returning the data to the upper computer;
AXI4 slave module: the system comprises an IFIFO module, an XDMA IP core, a first data storage module, a second data storage module and a first data storage module, wherein the XDMA IP core is used for storing data sent by the XDMA IP core and writing the data into the IFIFO module; the method comprises the steps of receiving data of an OFIFO module, and sending the received data to an XDMA IP core;
the IFIFO module: a Native FIFO IP core is selected for caching the plaintext data sent from the AXI4 slave module to the encryption and decryption module; the OFIFO module: a Native FIFO IP core is selected and used for caching ciphertext output by the encryption and decryption module and decrypted plaintext data;
and a controller module: the system comprises an encryption and decryption module, an IFIFO module, an OFIFO module, an AXI4 slave computer, an XDMA IP core, an encryption and decryption module, an OFIFO module, an AXI4 slave computer, an AXI interface and an XDMA IP core, wherein the data communication between the IFO module and the OFIFO module is controlled, namely, cache data in the IFO module is spliced and sent to the encryption and decryption module, and output data of the encryption and decryption module is split and sent to the OFIFO module;
the encryption and decryption module is constructed with a Paillier homomorphic encryption network model: the network model is based on a Paillier homomorphic encryption algorithm of the Chinese remainder theorem and is used for encrypting and decrypting plaintext data transmitted by an upper computer to obtain ciphertext and decrypted plaintext data;
wherein Paillier algorithm adopts 2 K And performing modular exponentiation calculation on the modular exponentiation in the encryption and decryption processes by using a modular exponentiation algorithm so as to reduce the number of modular exponentiation calculation in the modular exponentiation calculation process.
Further, the channel width of the XDMA IP core is X8, the AXI address width is 64bit, the data width transmitted on the AXI bus is 128bit, and the AXI interface clock is 125MHZ; the upper computer organizes the sending data into different types of TLP data packets according to PCIE protocol, sends the TLP data packets to the XDMA IP core, the XDMA IP core unpacks the data and instructions to analyze the data and instructions to obtain instruction addresses of read-write operation, correspondingly carries out the read-write operation, returns the read data to the XDMA IP core through an AXI interface, and finally converts the read data into a TLP format after packing and returns the TLP format to the upper computer.
Further, the AXI4 slave module is configured to receive data sent by the XDMA IP core, detect a packet header thereof, determine whether the packet header is a specified packet header, if yes, receive the data sent by the XDMA IP core, perform burst transmission, and write the data into the IFIFO module; and the data transmission complies with the AXI protocol, and when the data output by the encryption and decryption module is written into the OFIFO module, the controller module controls the AXI4 slave to read the data in the OFIFO module and return the data to the XDMA IP core.
Further, the IFIFO module and the OFIFO module are configured to transmit data between different clock domains.
Further, the Paillier homomorphic encryption network model encryption module and decryption module, the encryption module comprises: the decryption module comprises a decryption control end, a modular exponentiation unit, a modular multiplication unit, a modular inverse operation unit and a modular addition and subtraction unit;
the encryption module is used for encrypting the data, the encryption control end controls the modular exponentiation unit to encrypt the data, namely, the input plaintext and the random number are sent to the modular exponentiation unit, after the modular exponentiation unit finishes operation, the data is received to obtain ciphertext, and the ciphertext data is sent to the decryption module;
the decryption module is used for carrying out decryption operation on the ciphertext to obtain a plaintext, the decryption control end controls the modular exponentiation unit, the modular multiplication unit, the modular inverse operation unit and the modular addition and subtraction unit to carry out decryption operation on the ciphertext to obtain the plaintext, namely, ciphertext data sent by the encryption control end are received, the ciphertext and the random number are sent to the modular exponentiation unit, the result of the modular exponentiation unit is sent to the modular inverse operation unit, the result of the modular inverse operation unit is sent to the modular multiplication unit, the result of the modular multiplication unit is sent to the modular addition and subtraction unit, and after the modular addition and subtraction unit is completed, the plaintext is obtained by receiving the data;
the modular exponentiation unit: the power operation is carried out on the input data, namely the times of sending the data to the modular multiplication operation unit is determined according to the size of the exponent;
the modular multiplication operation unit: the method is used for multiplying two input data and taking a modulus;
the modulo inverse operation unit: for calculating the reciprocal of the input data at the modulus;
the modulo addition and subtraction operation unit: the method is used for taking the modulus after the addition and subtraction operation is carried out on the input data.
Further, in the encryption module, the encryption operation needs one modular exponentiation operation and two modular exponentiation operations, the encryption control end controls the input data to enter the modular exponentiation operation unit, and the modular exponentiation operation unit is adopted to repeatedly operate to calculate the modular exponentiation, and the calculation result is stored in the register; the input operands n and m enter a modular multiplication operation unit to carry out multiplication operation, and the output result of the modular exponentiation operation unit enter the modular multiplication operation unit again to carry out calculation to obtain ciphertext data;
in the decryption module, decryption operationFour modular exponentiation operations, four modular multiplication operations, two modular addition and subtraction operations and three modular inverse operations are needed; the decryption control end controls ciphertext data to enter a modular exponentiation unit to carry out fourth power operation, a part of modular exponentiation output results are obtained, under the control of the decryption control end, the part of modular exponentiation results enter a modular inverse operation unit to carry out twice modular inverse operation, and the modular inverse result and the other part of modular exponentiation results enter a modular multiplication operation unit to carry out twice calculation, so that m is obtained p 、m q Will m p Is stored in a register to control m q 、m p The input operand p enters a modular inverse operation unit to calculate p -1 The modulo inverse result and the subtraction result obtained in modq enter a modulo multiplication operation unit to carry out multiplication operation, the output result is returned to one input end of the modulo multiplication operation unit, the other input end is connected with an input operand p to carry out multiplication operation, and the output result of the multiplication operation enters a modulo addition and subtraction operation unit to carry out multiplication operation with m p And performing modulo addition operation to obtain modulo addition result, namely decrypted plaintext data.
Further, the decryption module is based on the following algorithm: in the decryption process, the modular exponentiation of the modulus n is converted into a congruent equation set consisting of two different moduli p and q, the moduli are calculated as the modular exponentiation of the p and q respectively, and the exponent in the modular exponentiation is 2 K Binarization processing by adding 2 in the pre-calculation stage K And (3) carrying out modular exponentiation, namely calculating the result of the 1 to k power modes of the input data, storing the result in a lookup table, carrying out modular exponentiation operation quickly at the back, respectively obtaining modular exponentiation results, and then aggregating the results to obtain the decrypted plaintext which is optimized by using the Chinese remainder theorem.
Further, the decryption module is based on the following algorithm: paillier homomorphic encryption algorithm optimized by using Chinese remainder theorem:
h p =L p (g p-1 modp 2 ) -1 modp
h q =L q (g q-1 modq 2 ) -1 modq
m p =L p (c p-1 modp 2 )h p modp
m q =L q (c q-1 modq 2 )h q modq
m=CRT(m p ,m q )modpq=m p +(m q -m p )p -1 (modq)·p
wherein g is a random number, c is ciphertext, p and q are moduli, h p 、h q 、m p 、m q The modulus n in modular exponentiation is converted into an intermediate result of p and q smaller moduli, m is the decrypted plaintext, and the functionCRT(m p ,m q ) The two intermediate results are aggregated by using the Chinese remainder theorem to obtain a decrypted plaintext m.
Conversion of index into 2 in modular exponentiation K And (3) carrying out binary:
wherein, p-1 is the exponent of modular exponentiation, p s ,……,p 0 Is a binary representation of p-1, s is the most significant bit of p-1, p i For conversion 2 K Every k bits of value after the system, i.e. p when i=0 i =(p k-1 ,p k-2 ,……,p 2 ,p 1 ,p 0 )。
Further, the controller module splices the 20 strokes of 128bit data output in the IFIFO module into 2560bit data and sends the 2560bit data to the encryption and decryption module, and splits the 2560bit data output by the encryption and decryption module into 20 strokes of 128bit data and sends the 20 strokes of 128bit data to the OFIFO module.
Further, the input and output of the encryption and decryption module are 2560bit data, wherein the input plaintext is 512bit plaintext, the random number is 2048bit plaintext, and the 2048bit ciphertext and the 512bit decrypted plaintext are output.
Compared with the prior art, the invention has the beneficial effects that:
according to the acceleration system of the homomorphic encryption algorithm Paillier-oriented data path, the data interaction between the FPGA and the encryption and decryption module is completed at high speed through the hardware peripheral circuit. The upper computer transmits data through the PCIE interface, adopts the AXI4 protocol, supports all data bit width, address bit width and burst length described in the AXI4 protocol, and uses the FIFO buffer memory to organize AXI burst read-write, thereby improving the data transmission efficiency. By automatically calling the data in the data packet, automatic reading and writing are performed, data transmission is accurate, reading and writing performances are excellent, and the problems that software is slow in data transmission speed and difficult to meet encryption and decryption performances are effectively solved. Meanwhile, the paillier homomorphic encryption algorithm in the invention is optimized according to the Chinese remainder theorem, and the exponent in modular exponentiation is 2 K The number of cycles required by encryption and decryption processes is reduced by binarization processing, the overall calculation complexity is remarkably reduced, and the performance of the system is effectively improved.
Drawings
FIG. 1 is a diagram of an acceleration system for a data path facing the homomorphic encryption algorithm Paillier in accordance with an embodiment of the present invention;
FIG. 2 is a block diagram of an encryption and decryption module in an embodiment of the present invention;
FIG. 3 is a block diagram of a modular exponentiation unit in an embodiment of the invention.
Detailed Description
In the description of the present invention, it should be noted that the terms "first," "second," and "third" mentioned in the embodiments of the present invention are used for descriptive purposes only and are not to be construed as indicating or implying relative importance or implicitly indicating the number of technical features indicated. Thus, a feature defining "a first", "a second", or a third "may explicitly or implicitly include one or more such feature.
In order that the above objects, features and advantages of the invention will be readily understood, a more particular description of the invention will be rendered by reference to specific embodiments thereof which are illustrated in the appended drawings.
The specific embodiment I is as follows: with reference to fig. 1 to fig. 3, the present invention provides an acceleration system for a data path of a homomorphic encryption algorithm Paillier, where the Paillier algorithm is deployed on an FPGA platform to implement Paillier hardware acceleration, including:
XDMA IP core: the system is used for realizing communication between the upper computer and the PCIE, receiving data sent by the upper computer and sending the data to the AXI4 slave module at the next stage, and receiving data sent by the AXI4 slave module and returning the data to the upper computer;
AXI4 slave module: the system comprises an IFIFO module, an XDMA IP core, a first data storage module, a second data storage module and a first data storage module, wherein the XDMA IP core is used for storing data sent by the XDMA IP core and writing the data into the IFIFO module; the method comprises the steps of receiving data of an OFIFO module, and sending the received data to an XDMA IP core;
the IFIFO module: a Native FIFO IP core is selected for caching the plaintext data sent from the AXI4 slave module to the encryption and decryption module; the OFIFO module: a Native FIFO IP core is selected and used for caching ciphertext output by the encryption and decryption module and decrypted plaintext data;
and a controller module: the system comprises an encryption and decryption module, an IFIFO module, an OFIFO module, an AXI4 slave computer, an XDMA IP core, an encryption and decryption module, an OFIFO module, an AXI4 slave computer, an AXI interface and an XDMA IP core, wherein the data communication between the IFO module and the OFIFO module is controlled, namely, cache data in the IFO module is spliced and sent to the encryption and decryption module, and output data of the encryption and decryption module is split and sent to the OFIFO module;
the encryption and decryption module is constructed with a Paillier homomorphic encryption network model: the network model is based on a Paillier homomorphic encryption algorithm of the Chinese remainder theorem and is used for encrypting and decrypting plaintext data transmitted by an upper computer to obtain ciphertext and decrypted plaintext data;
wherein Paillier algorithm adopts 2 K And performing modular exponentiation calculation on the modular exponentiation in the encryption and decryption processes by using a modular exponentiation algorithm so as to reduce the number of modular exponentiation calculation in the modular exponentiation calculation process.
In this embodiment, the upper computer first writes data into the bin file and sends the bin file to the PCIE communication module through the XDMA driver, the XDMA automatically unpacks the data and the instruction to analyze the data and the instruction to obtain an instruction address of the read-write operation, and correspondingly performs the read-write operation, and in Vivado, the DMA/Bridge Subsystem for PCI Express (PCIE) is selected as an IP core controlled by PCIE in the Block Design. The DMA interface type adopts an AXI MM (memory mapped) interface, an AXI4 slave computer is responsible for receiving data transmitted by XDMA, wherein each data size is 128 bits, a host computer transmits 21 data containing a packet header, after the slave computer determines that the packet header is specified data, the slave computer transmits and writes the rest twenty data burst transmission into an IFIFO module, and because an AXI clock is inconsistent with a clock of an encryption and decryption module, data transmission between different clock domains is carried out by utilizing two Native FIFO IP cores respectively buffering input data and output data, and the read-write data width is 128 bits and the depth is 64. When the data are all cached in the OFIFO, the AXI4 slave reads the OFIFO module and returns the OFIFO module to the XDMA, and finally, the XDMA performs packet-packing conversion on the read data to be in a TLP format, and sends the read data back to the upper computer through the physical layer.
In this embodiment, the PCIE selects an XDMA IP core, the IP core provides an AXI4 interface, the AXI bus is a high-performance and expandable bus protocol, and for the transmission rate, the design of the AXI bus considers the requirement of high-speed data transmission, so that the efficiency and speed of data transmission can be improved. Therefore, the acceleration system of the data path of the embodiment accelerates the data transmission rate, improves the Paillier encryption and decryption efficiency, and has obvious advantages.
The FPGA has the advantages of high parallelism, low cost, rich logic resources and the like, and becomes a hardware platform which is beneficial to the acceleration realization of Paillier hardware. PCIE is used as a third-generation high-performance I/O bus, so that the number of bus signals is reduced, and the transmission rate is greatly improved.
The meaning of the english abbreviations in this embodiment is:
DMA: (Direct Memory Access) direct memory access, which is a mechanism for transferring data quickly, is important in that DMA technology is used to improve the efficiency of the system executing applications without the need for CPU intervention during data access.
PCIE: (Peripheral Component Interconnect Express) is a high-speed serial computer expansion bus standard. The method belongs to high-speed serial point-to-point dual-channel high-bandwidth transmission, and connected equipment distributes exclusive channel bandwidth and does not share bus bandwidth.
AXI: (Advanced eXtensible Interface) advanced extensible interface) it is an interface protocol defined by Arm, contained in the advanced microcontroller bus architecture AMBA standard.
FIFO: (First In First Out) is a first-in first-out data buffer which differs from conventional memories in that there are no external read-write address lines.
TLP: (Transaction Layer Packet) transaction layer packet.
And a specific embodiment II: the channel width of the XDMA IP core is X8, the AXI address width is 64bit, the data width transmitted on the AXI bus is 128bit, and the AXI interface clock is 125MHz; the upper computer organizes the sending data into different types of TLP data packets according to PCIE protocol, sends the TLP data packets to the XDMA IP core, the XDMA IP core unpacks the data and instructions to analyze the data and instructions to obtain instruction addresses of read-write operation, correspondingly carries out the read-write operation, returns the read data to the XDMA IP core through an AXI interface, and finally converts the read data into a TLP format after packing and returns the TLP format to the upper computer. The other embodiments are the same as those of the first embodiment.
And a third specific embodiment: the AXI4 slave module is used for receiving the data sent by the XDMA IP core, detecting the data packet head of the data, judging whether the data packet head is the specified data packet head, if yes, receiving the data sent by the XDMA IP core, carrying out burst transmission, and writing the data into the IFIFO module; and the data transmission complies with the AXI protocol, and when the data output by the encryption and decryption module is written into the OFIFO module, the controller module controls the AXI4 slave to read the data in the OFIFO module and return the data to the XDMA IP core. The other embodiments are the same as those of the first embodiment.
And a specific embodiment IV: the IFIFO module and the OFIFO module are used for data transmission between different clock domains. This embodiment is otherwise identical to the third embodiment.
In this embodiment, the FIFO is an asynchronous FIFO, the read/write data width is 128 bits, and the depth is 64. The controller module splices the 20 strokes of 128bit data output in the buffer module IFIFO into 2560bit data and sends the 2560bit data to the encryption and decryption module, and splits the 2560bit data output by the encryption and decryption module into 20 strokes of 128bit data and sends the 20 strokes of 128bit data to the OFIFO buffer module.
Fifth embodiment: as shown in fig. 2, the Paillier homomorphic encryption network model encryption module and decryption module, the encryption module includes: the decryption module comprises a decryption control end, a modular exponentiation unit, a modular multiplication unit, a modular inverse operation unit and a modular addition and subtraction unit;
the encryption module is used for encrypting the data, the encryption control end controls the modular exponentiation unit to encrypt the data, namely, the input plaintext and the random number are sent to the modular exponentiation unit, the modular exponentiation unit sends the data to the modular exponentiation unit, the modular exponentiation unit calculates the modular exponentiation, after the modular exponentiation unit finishes the operation, the data is received to obtain ciphertext, and the ciphertext data is sent to the decryption module;
the decryption module is used for carrying out decryption operation on the ciphertext to obtain a plaintext, the decryption control end controls the modular exponentiation unit, the modular multiplication unit, the modular inverse operation unit and the modular addition and subtraction unit to carry out decryption operation on the ciphertext to obtain the plaintext, namely, ciphertext data sent by the encryption control end are received, the ciphertext and the random number are sent to the modular exponentiation unit, the result of the modular exponentiation unit is sent to the modular inverse operation unit, the result of the modular inverse operation unit is sent to the modular multiplication unit, the result of the modular multiplication unit is sent to the modular addition and subtraction unit, and after the modular addition and subtraction unit is completed, the plaintext is obtained by receiving the data;
the modular exponentiation unit: the power operation is carried out on the input data, namely the times of sending the data to the modular multiplication operation unit is determined according to the size of the exponent;
the modular multiplication operation unit: the method is used for multiplying two input data and taking a modulus;
the modulo inverse operation unit: for calculating the reciprocal of the input data at the modulus;
the modulo addition and subtraction operation unit: the method is used for taking the modulus after the addition and subtraction operation is carried out on the input data. The other embodiments are the same as those of the first embodiment.
Specific embodiment six: as shown in fig. 2, in the encryption module, the encryption operation requires a first modular exponentiation operation and a second modular exponentiation operation, the encryption control end controls the input data to enter the modular exponentiation operation unit, and the modular exponentiation operation unit is used for repeatedly operating to calculate the modular exponentiation, and the calculation result is stored in the register; the input operands n and m enter a modular multiplication operation unit to carry out multiplication operation, and the output result of the modular exponentiation operation unit enter the modular multiplication operation unit again to carry out calculation to obtain ciphertext data;
in the decryption module, four modular exponentiation operations, four modular multiplication operations, two modular addition and subtraction operations and three modular inverse operations are needed for decryption operation; the decryption control end controls ciphertext data to enter a modular exponentiation unit to carry out fourth power operation, a part of modular exponentiation output results are obtained, under the control of the decryption control end, the part of modular exponentiation results enter a modular inverse operation unit to carry out twice modular inverse operation, and the modular inverse result and the other part of modular exponentiation results enter a modular multiplication operation unit to carry out twice calculation, so that m is obtained p 、m q Will m p Is stored in a register to control m p 、m q The input operand p enters a modular inverse operation unit to calculate p -1 The modulo inverse result and the subtraction result obtained in modq enter a modulo multiplication operation unit to carry out multiplication operation, the output result is returned to one input end of the modulo multiplication operation unit, the other input end is connected with an input operand p to carry out multiplication operation, and the output result of the multiplication operation enters a modulo addition and subtraction operation unit to carry out multiplication operation with m p And performing modulo addition operation to obtain modulo addition result, namely decrypted plaintext data. This embodiment is otherwise identical to embodiment five.
Specific embodiment seven: the decryption module is based on the following algorithm: in the decryption process, the modular exponentiation of the modulus n is converted into a congruent equation set consisting of two different moduli p and q, the moduli are calculated as the modular exponentiation of the p and q respectively, and the exponent in the modular exponentiation is 2 K Binarization processing by adding 2 in the pre-calculation stage K The modular exponentiation, the result of the 1 to k power module of the input data is calculated and stored in a lookup table for fast modular exponentiation operation, and the result is aggregated after the modular exponentiation result is obtained respectively, namely the useThe decrypted plaintext optimized by the Chinese remainder theorem. This embodiment is otherwise identical to the sixth embodiment.
The Chinese remainder theorem is used for solving a first congruence group, the modulus in the paillier homomorphic encryption algorithm is obtained by multiplying two different large prime numbers, the Chinese remainder theorem is very suitable for optimization, in the decryption process, the modular exponentiation of the modulus n is converted into a congruence equation group consisting of two different moduli p and q, the modular exponentiation exponent is reduced from 1024 bits to 512 bits, the overall calculation complexity is obviously reduced, and the performance of the whole paillier homomorphic cryptosystem can be effectively improved.
The core part of the paillier homomorphic encryption system is to complete large integer modular exponentiation, and for modular exponentiation, the traditional BR algorithm is realized by converting an exponent into a binary system. In order to reduce a large number of iteration times in the BR algorithm and improve the operation efficiency of the paillier homomorphic cryptographic algorithm, the exponent is subjected to 2 K Binarization processing by adding 2 in the pre-calculation stage K Sub-modular multiplication establishes a lookup table to store data required in the following modular multiplication operation so as to simplify the times of the following modular multiplication operationAnd twice. Therefore, the iteration times can be greatly reduced, the number of cycles required by the encryption and decryption process is reduced, and the operation can be completed by reducing the modular multiplication times required by a modular exponentiation algorithm with the input index of 1024 bits from 1024 times to 340 times at most through simplification.
To realize input index of 1024bit 2 K In the modular exponentiation algorithm, the present embodiment provides a circuit configuration diagram of a modular exponentiation unit shown in fig. 3, which includes a register set, a modular multiplication unit, an one-to-eight multiplexer MUX1, and an one-to-two multiplexer MUX2. The input end of the register group is connected with the output end of the modular multiplication operation unit, the output end of the register group is connected with the input end of the MUX1, eight input ends of the MUX1 are respectively connected with the output end of the register group, one output end of the MUX1 is connected with the input end of the MUX2, two input ends of the MUX2 are respectively connected with the output end of the MUX1 and the output end of the modular multiplication operation unit, and one output end of the MUX2 is connected withThe input end of the modular multiplication operation unit is connected.
As shown in fig. 3, the input data first enters a modular multiplication operation unit for processing, the output result is stored in corresponding 8 2048bit registers, the eighth one multiplexer MUX1 selects corresponding register data according to the value of the exponent e, the eighth one multiplexer MUX2 enters the eighth one multiplexer MUX2, the MUX2 controls the current modular multiplication operation or the modular square operation according to the state machine of the control end, the modular multiplication operation MUX2 outputs corresponding register data, the modular square operation is performed, and the MUX2 outputs the output data of the modular multiplication operation unit.
Specific embodiment eight: the decryption module is based on the following algorithm: paillier homomorphic encryption algorithm optimized by using Chinese remainder theorem:
h p =L p (g p-1 modp 2 ) -1 modp
h q =L q (g q-1 modq 2 ) -1 modq
m p =L p (c p-1 modp 2 )h p modp
m q =L q (c q-1 modq 2 )h q modq
m=CRT(m p ,m q )modpq=m p +(m q -m p )p -1 (modq)·p
wherein g is a random number, c is ciphertext, p and q are moduli, h p 、h q 、m p 、m q The modulus n in modular exponentiation is converted into an intermediate result of p and q smaller moduli, m is the decrypted plaintext, and the functionCRT(m p ,m q ) The two intermediate results are aggregated by utilizing the Chinese remainder theorem to obtain a decrypted plaintext m;
conversion of index into 2 in modular exponentiation K And (3) carrying out binary:
wherein, p-1 is the exponent of modular exponentiation, p s ,……,p 0 Is a binary representation of p-1, s is the most significant bit of p-1, p i For conversion 2 K Every k bits of value after the system, i.e. p when i=0 i =(p k-1 ,p k-2 ,……,p 2 ,p 1 ,p 0 ). This embodiment is otherwise identical to embodiment seven.
In this embodiment, the Chinese Remainder Theorem (CRT) first exponentiations the data a and its exponent b, i.e., a b Mapping to Z p ,Z q (Z p A set of congruence classes that are modulo p, p being modulo) to reduce the analog-to-digital bit width, and aggregate the result back to Z n (Z n Is a set of congruence classes modulo n, n is a modulus, n=pq), yielding the final result.
Mapping to Z p : calculation of a b At Z p The mapping on is noted as x p ,Wherein a is p =amodp is the remainder of a modulo p, b p =bmod Φ (p) is the remainder of b modulo Φ (p), where Φ (p) =p-1 is the euler function of p.
Mapping to Z q : calculation of a b At Z q The mapping on is noted as x q ,The process is the same as above.
Polymerization back to Z n : using CRT general term formulas, the modular exponentiation, a, is calculated b Modulo n, denoted x:
x=x p ·q -1 (modp)·q+x q ·p -1 (modq)·p
since the moduli p, q are mutually prime, q -1 (modp)·q+p -1 (modq)·p=1
Substituting the above formula, there are: x=x p ·q -1 (modp)·q+x q ·p -1 (modq)·p
=x p (1-p -1 (modq)·p)+x q ·p -1 (modq)·p
=x p +(x q -x p )p -1 (modq)·p
The paillier homomorphic encryption algorithm in the embodiment is optimized according to the Chinese remainder theorem, after optimization, the exponent digital width of modular exponentiation calculation in the paillier decryption algorithm is reduced, the partial calculation modulus digital width is also reduced, the overall calculation complexity is obviously reduced, and the calculation of x=a is performed by using fewer calculation amounts b And the mod effectively improves the performance of the system.
Embodiment nine: the controller module splices the 20 128bit data output in the IFIFO module into 2560bit data and sends the 2560bit data to the encryption and decryption module, and splits the 2560bit data output by the encryption and decryption module into 20 128bit data and sends the 20 128bit data to the OFIFO module. The other embodiments are the same as those of the first embodiment.
Specific embodiment ten: the input and output of the encryption and decryption module are 2560bit data, wherein the input plaintext is 512bit and random number 2048bit plaintext, and 2048bit ciphertext and 512bit decrypted plaintext are output. The other embodiments are the same as those of the first embodiment.
Example 1
In this example, kintex 7 development Board, model XC7K325TFFG900, was used. XILINX's XC7K325TFFG900 FPGA has integrated a PCIE hard core, can be configured to x1, x2, x4, x8 realize different rate high-speed serial data communication. The PCIE reference clock is provided to the development board by the PCIE slot of the upper computer, and the frequency of the reference clock is 100MHz. The FPGA end program adopts the PCIE Core of XILINX to design and configure x8 to perform PCIE communication. Block Design using XILINX, program module description: the acceleration system of the data path facing the homomorphic encryption algorithm Paillier consists of a util_ds_buf, a clk_wiz, an axi_ interconncet, system _ ila, an XDMA IP core, an AXI slave module, a controller module, an encryption and decryption module, an IFIFO module and an OFIFO module. The util_ds_buf is used for buffering an external PCIE input clock; clk_ wiz is used for providing clock and reset signals for the encryption and decryption module; axi_interconnect is a protocol module for interconnection of the Master and Slave interface devices of AXI; the XDMA IP core is a PCIE communication module, has a DMA function inside, can only be provided in a version of Vivado2016 or more, and has a function of debugging by being a system_ ila signal analysis module. After the system module is built, a PCIE driver is installed, and the upper computer performs read-write operation test on the PCIE AXI4 bus and the peripheral. The write data command is xdma_rw.exeh2c_0 write 0x0-b-f din.bin-l 336. The read data command is xdma_rw.exec2h_0read 0x0-l 32. The read-write command packet is stored in the write. Py and read. Py files, and the read-write files are sequentially run on the command line. Experimental results: and (3) signal observation is carried out through the system_ ila, and input data and output data of the encryption and decryption module are compared, wherein the input plaintext is 512-bit and random number 2048-bit plaintext, and 2048-bit ciphertext and 512-bit decrypted plaintext are output. The results show that: the result obtained by sending the data packet is consistent with the output data provided by the encryption and decryption module, the data transmission is accurate, the read-write performance is excellent, and the acceleration system of the homomorphic encryption algorithm Paillier-oriented data path effectively solves the problems that the software transmission data rate is slow, and the encryption and decryption performance is difficult to meet.
Although the present disclosure is disclosed above, the scope of the present disclosure is not limited thereto. Various changes and modifications may be made by one skilled in the art without departing from the spirit and scope of the disclosure, and such changes and modifications would be within the scope of the disclosure.
Claims (10)
1. The acceleration system of the homomorphic encryption algorithm Paillier-oriented data path is characterized in that the Paillier algorithm is deployed on an FPGA platform to realize Paillier hardware acceleration, and the acceleration system comprises:
XDMAIP core: the system is used for realizing communication between the upper computer and the PCIE, receiving data sent by the upper computer and sending the data to the AXI4 slave module at the next stage, and receiving data sent by the AXI4 slave module and returning the data to the upper computer;
AXI4 slave module: the system comprises an IFIFO module, an XDMA IP core, a first data storage module, a second data storage module and a first data storage module, wherein the XDMA IP core is used for storing data sent by the XDMA IP core and writing the data into the IFIFO module; the method comprises the steps of receiving data of an OFIFO module, and sending the received data to an XDMAIP core;
the IFIFO module: a Native FIFO IP core is selected for caching the plaintext data sent from the AXI4 slave module to the encryption and decryption module; the OFIFO module: a Native FIFO IP core is selected and used for caching ciphertext output by the encryption and decryption module and decrypted plaintext data;
and a controller module: the system comprises an encryption and decryption module, an IFIFO module, an OFIFO module, an AXI4 slave computer, an XDMAIP core, an encryption and decryption module, an OFIFO module, an AXI4 slave computer, an XDMAIP core and a controller, wherein the data communication between the IFIFO module and the OFIFO module and between the IFIFO module and the encryption and decryption module is controlled, namely, cache data in the IFO module are spliced and sent to the encryption and decryption module, and output data of the encryption and decryption module are split and sent to the OFIFO module;
the encryption and decryption module is constructed with a Paillier homomorphic encryption network model: the network model is based on a Paillier homomorphic encryption algorithm of the Chinese remainder theorem and is used for encrypting and decrypting plaintext data transmitted by an upper computer to obtain ciphertext and decrypted plaintext data;
wherein Paillier algorithm adopts 2 K And performing modular exponentiation calculation on the modular exponentiation in the encryption and decryption processes by using a modular exponentiation algorithm so as to reduce the number of modular exponentiation calculation in the modular exponentiation calculation process.
2. The acceleration system of the data path facing the homomorphic encryption algorithm Paillier according to claim 1, wherein the XDMA IP core has a channel width of X8, an AXI address width of 64 bits, a data width transmitted on the AXI bus of 128 bits, and an AXI interface clock of 125MHZ; the upper computer organizes the sending data into different types of TLP data packets according to PCIE protocol, sends the TLP data packets to the XDMAIP core, the XDMAIP core unpacks the data and instructions to analyze the data and instructions to obtain instruction addresses of read-write operation, correspondingly carries out the read-write operation, returns the read data to the XDMA IP core through an AXI interface, and finally converts the read data into a TLP format after packaging and returns the TLP format to the upper computer.
3. The acceleration system for the data path of the homomorphic encryption algorithm Paillier according to claim 1, wherein the AXI4 slave module is configured to receive data sent by the XDMA IP core, detect a data packet header thereof, determine whether the data packet header is a specified data packet header, if yes, receive the data sent by the XDMA IP core, perform burst transmission, and write the data into the IFIFO module; and the data transmission complies with the AXI protocol, and when the data output by the encryption and decryption module is written into the OFIFO module, the controller module controls the AXI4 slave to read the data in the OFIFO module and return the data to the XDMAIP core.
4. A homomorphic encryption algorithm Paillier oriented data path acceleration system in accordance with claim 3, wherein the IFIFO module and OFIFO module are used for data transfer between different clock domains.
5. Acceleration system of data paths for the homomorphic encryption algorithm Paillier according to claim 1, characterized in that the Paillier homomorphic encryption network model encryption module and decryption module, the encryption module comprises: the decryption module comprises a decryption control end, a modular exponentiation unit, a modular multiplication unit, a modular inverse operation unit and a modular addition and subtraction unit;
the encryption module is used for encrypting the data, the encryption control end controls the modular exponentiation unit to encrypt the data, namely, the input plaintext and the random number are sent to the modular exponentiation unit, the modular exponentiation unit sends the data to the modular exponentiation unit, the modular exponentiation unit calculates the modular exponentiation, after the modular exponentiation unit finishes the operation, the data is received to obtain ciphertext, and the ciphertext data is sent to the decryption module;
the decryption module is used for carrying out decryption operation on the ciphertext to obtain a plaintext, the decryption control end controls the modular exponentiation unit, the modular multiplication unit, the modular inverse operation unit and the modular addition and subtraction unit to carry out decryption operation on the ciphertext to obtain the plaintext, namely, ciphertext data sent by the encryption control end are received, the ciphertext and the random number are sent to the modular exponentiation unit, the result of the modular exponentiation unit is sent to the modular inverse operation unit, the result of the modular inverse operation unit is sent to the modular multiplication unit, the result of the modular multiplication unit is sent to the modular addition and subtraction unit, and after the modular addition and subtraction unit is completed, the plaintext is obtained by receiving the data;
the modular exponentiation unit: the power operation is carried out on the input data, namely the times of sending the data to the modular multiplication operation unit is determined according to the size of the exponent;
the modular multiplication operation unit: the method is used for multiplying two input data and taking a modulus;
the modulo inverse operation unit: for calculating the reciprocal of the input data at the modulus;
the modulo addition and subtraction operation unit: the method is used for taking the modulus after the addition and subtraction operation is carried out on the input data.
6. The acceleration system of the homomorphic encryption algorithm Paillier-oriented data path according to claim 5, wherein in the encryption module, the encryption operation requires one modular exponentiation and two modular exponentiation, the encryption control end controls the input data to enter the modular exponentiation unit, the modular exponentiation unit is adopted to repeatedly operate to calculate the modular exponentiation, and the calculation result is stored in the register; the input operands n and m enter a modular multiplication operation unit to carry out multiplication operation, and the output result of the modular exponentiation operation unit enter the modular multiplication operation unit again to carry out calculation to obtain ciphertext data;
in the decryption module, four modular exponentiation operations, four modular multiplication operations, two modular addition and subtraction operations and three modular inverse operations are needed for decryption operation; the decryption control end controls ciphertext data to enter a modular exponentiation unit to carry out fourth exponentiation, a part of modular exponentiation results are obtained, under the control of the decryption control end, the part of modular exponentiation results enter a modular inverse operation unit to carry out twice modular inverse operation, and the modular inverse result and the other part of modular exponentiation results enter a modular multiplication operation unit to carry out twice calculation, so that m is obtained p 、m q Will m p Is stored in a register to control m p 、m q The input operand p enters a modular inverse operation unit to calculate p -1 The mod q, the obtained modular inverse result and the subtraction result enter a modular multiplication operation unit to carry out multiplication operation, and the output result is returned to one output of the modular multiplication operation unitThe input end, the other input end is connected with the input operand p to carry out multiplication operation, and the output result of the multiplication operation enters a modular addition and subtraction unit to carry out m p And performing modulo addition operation to obtain modulo addition result, namely decrypted plaintext data.
7. The acceleration system of the data path towards the homomorphic encryption algorithm Paillier of claim 6, wherein the decryption module is based on the algorithm: in the decryption process, the modular exponentiation of the modulus n is converted into a congruent equation set consisting of two different moduli p and q, the moduli are calculated as the modular exponentiation of the p and q respectively, and the exponent in the modular exponentiation is 2 K Binarization processing by adding 2 in the pre-calculation stage K And (3) carrying out modular exponentiation, namely calculating the result of the 1 to k power modes of the input data, storing the result in a lookup table, carrying out modular exponentiation operation quickly at the back, respectively obtaining modular exponentiation results, and then aggregating the results to obtain the decrypted plaintext optimized by using the Chinese remainder theorem.
8. The acceleration system of the data path towards the homomorphic encryption algorithm Paillier of claim 7, wherein the decryption module is based on the algorithm: paillier homomorphic encryption algorithm optimized by using Chinese remainder theorem:
h p =L p (g p-1 modp 2 ) -1 modp
h q =L q (g q-1 modq 2 ) -1 modq
m p =L p (c p-1 modp 2 )h p modp
m q =L q (c q-1 modq 2 )h q modq
m=CRT(m p ,m q )modpq=m p +(m q -m p )p -1 (modq)·p
wherein g is a random number, c is ciphertext, p and q are moduli, h p 、h q 、m p 、m q The analog-to-digital n in the modular exponentiation is converted into two of p and qIntermediate result of smaller modulus, m is plaintext after decryption, functionCRT(m p ,m q ) The two intermediate results are aggregated by utilizing the Chinese remainder theorem to obtain a decrypted plaintext m;
conversion of index into 2 in modular exponentiation k And (3) carrying out binary:
wherein, p-1 is the exponent of modular exponentiation, p s ,……,p 0 Is a binary representation of p-1, s is the most significant bit of p-1, p i For conversion 2 K Every k bits of value after the system, i.e. p when i=0 i =(p k-1 ,p k-2 ,……,p 2 ,p 1 ,p 0 )。
9. The acceleration system of the data path facing the homomorphic encryption algorithm Paillier according to claim 1, wherein the controller module splices the 20 strokes of 128bit data output by the IFIFO module into 2560bit data, sends the 2560bit data to the encryption and decryption module, and splits the 2560bit data output by the encryption and decryption module into 20 strokes of 128bit data, and sends the 20 strokes of 128bit data to the OFIFO module.
10. The acceleration system of the data path facing the homomorphic encryption algorithm Paillier according to claim 1, wherein the input and output of the encryption and decryption module are 2560bit data, wherein the input plaintext is 512bit, random number 2048bit plaintext, 2048bit ciphertext is output, and plaintext after 512bit decryption is output.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311087515.5A CN117113442B (en) | 2023-08-28 | 2023-08-28 | Acceleration system of homomorphic encryption algorithm Paillier-oriented data path |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202311087515.5A CN117113442B (en) | 2023-08-28 | 2023-08-28 | Acceleration system of homomorphic encryption algorithm Paillier-oriented data path |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN117113442A CN117113442A (en) | 2023-11-24 |
| CN117113442B true CN117113442B (en) | 2024-04-05 |
Family
ID=88799667
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202311087515.5A Active CN117113442B (en) | 2023-08-28 | 2023-08-28 | Acceleration system of homomorphic encryption algorithm Paillier-oriented data path |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN117113442B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN117527192B (en) * | 2024-01-08 | 2024-04-05 | 蓝象智联(杭州)科技有限公司 | Paillier decryption method based on GPU |
Citations (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20140028233A (en) * | 2012-08-28 | 2014-03-10 | 서울대학교산학협력단 | Homomorphic encryption and decryption method using chinese remainder theorem and apparatus using the same |
| CN112988237A (en) * | 2021-04-21 | 2021-06-18 | 深圳致星科技有限公司 | Paillier decryption system, chip and method |
| CN115115032A (en) * | 2022-06-28 | 2022-09-27 | 中国银行股份有限公司 | Homomorphic convolution acceleration method and system |
| CN115996117A (en) * | 2022-12-20 | 2023-04-21 | 上海交通大学 | Optimized encryption and decryption method and system based on improved Paillier algorithm |
| CN116049907A (en) * | 2023-02-13 | 2023-05-02 | 北极雄芯信息科技(天津)有限公司 | Paillier homomorphic encryption processor and processing method thereof |
| CN116112145A (en) * | 2021-11-11 | 2023-05-12 | 三星电子株式会社 | Device supporting homomorphic encryption operation and operation method thereof |
| CN116506106A (en) * | 2023-03-13 | 2023-07-28 | 苏州宏存芯捷科技有限公司 | Configurable key SM4 encryption and decryption system based on FPGA |
-
2023
- 2023-08-28 CN CN202311087515.5A patent/CN117113442B/en active Active
Patent Citations (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR20140028233A (en) * | 2012-08-28 | 2014-03-10 | 서울대학교산학협력단 | Homomorphic encryption and decryption method using chinese remainder theorem and apparatus using the same |
| CN112988237A (en) * | 2021-04-21 | 2021-06-18 | 深圳致星科技有限公司 | Paillier decryption system, chip and method |
| US11296861B1 (en) * | 2021-04-21 | 2022-04-05 | Clustar Technology Co., Ltd. | Paillier decryption system, IC and method |
| CN116112145A (en) * | 2021-11-11 | 2023-05-12 | 三星电子株式会社 | Device supporting homomorphic encryption operation and operation method thereof |
| CN115115032A (en) * | 2022-06-28 | 2022-09-27 | 中国银行股份有限公司 | Homomorphic convolution acceleration method and system |
| CN115996117A (en) * | 2022-12-20 | 2023-04-21 | 上海交通大学 | Optimized encryption and decryption method and system based on improved Paillier algorithm |
| CN116049907A (en) * | 2023-02-13 | 2023-05-02 | 北极雄芯信息科技(天津)有限公司 | Paillier homomorphic encryption processor and processing method thereof |
| CN116506106A (en) * | 2023-03-13 | 2023-07-28 | 苏州宏存芯捷科技有限公司 | Configurable key SM4 encryption and decryption system based on FPGA |
Non-Patent Citations (2)
| Title |
|---|
| Designing an FPGA-Accelerated Homomorphic Encryption Co-Processor;David Bruce Cousins;Kurt Rohloff;Daniel Sumorok;IEEE Transaction on Emerging Topics in Computing;20170601;第5卷(第2期);193-206 * |
| 基于中国剩余定理的公钥加密方案同态性;王会勇,孙爽,冯勇;计算机应用;20150630;第35卷(第6期);1668-1672 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN117113442A (en) | 2023-11-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN117113442B (en) | Acceleration system of homomorphic encryption algorithm Paillier-oriented data path | |
| JP4427214B2 (en) | Interface unit for transfer between host processor and digital signal processor in asynchronous transfer mode, and data processing system using the same | |
| Shafiee et al. | Secure DIMM: Moving ORAM primitives closer to memory | |
| CN112367155B (en) | FPGA-based ZUC encryption system IP core construction method | |
| CN112329038B (en) | Data encryption control system and chip based on USB interface | |
| JPH09222988A (en) | Computer system, and interface circuit transferring data between 1st circuit and 2nd circuit | |
| CN109388370B (en) | Method and device for realizing first-in first-out queue | |
| US6549622B1 (en) | System and method for a fast hardware implementation of RC4 | |
| WO2023109235A1 (en) | Encryption and decryption initialization configuration method, edge end, encryption and decryption platform and security system | |
| Yang et al. | Improving AES core performance via an advanced ASBUS protocol | |
| TWI604303B (en) | Inout/output expander chip and verification method therefor | |
| CN109271137B (en) | Modular multiplication device based on public key encryption algorithm and coprocessor | |
| US20170302438A1 (en) | Advanced bus architecture for aes-encrypted high-performance internet-of-things (iot) embedded systems | |
| CN116070292B (en) | SM4 encryption heterogeneous acceleration system based on FPGA | |
| CN111566987B (en) | Data processing method, circuit, terminal device and storage medium | |
| KR100652376B1 (en) | Modular multiplier having structure capable of operating separately and cryptography system with the modular multiplier | |
| CN115437972A (en) | Ping-pong cache method with clock switching, device and interface controller | |
| CN106209370A (en) | Elliptic curve cipher device, system and data cache control method | |
| CN116561036B (en) | Data access control method, device, equipment and storage medium | |
| WO2023185230A1 (en) | Data processing method and apparatus | |
| Setiawan et al. | Demodulator IP cores design for OFDM-based visible light communication system-on-chip | |
| CN117097457B (en) | Data processing system, method, equipment and medium | |
| CN116820397B (en) | Rapid number theory conversion circuit based on CRYSTALS-Kyber | |
| CN109144889B (en) | Ultrasonic testing data storage module based on FPGA and FPGA circuit | |
| KR101775597B1 (en) | High speed modulo calculation apparatus |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |