CN118192934A - Modular multiplication operation method, device, chip, board and vehicle-mounted system - Google Patents

Abstract

The application provides a modular multiplication operation method, a modular multiplication operation device, a chip, a board card and a vehicle-mounted system, and relates to the technical field of computers. The modular multiplication device comprises: a processor and a data operator; the data operator comprises a multiplier, an accumulator, a first register, a second register, a third register, a first multi-path data selector, a second multi-path data selector, a third multi-path data selector and a fourth multi-path data selector; the processor is used for acquiring target data matched with the data operation instruction after receiving the data operation instruction; transmitting the target data to the data arithmetic unit; the data arithmetic unit is used for receiving the target data and carrying out arithmetic processing on the target data to obtain a data arithmetic result; the data operation result is used for indicating a modular multiplication operation result. The method of the application improves the operation speed of the modular multiplication operation and improves the operation performance.

Description

Modular multiplication operation method, device, chip, board and vehicle-mounted system

Technical Field

The present application relates to the field of computer technology, and in particular to a modular multiplication method, device, chip, board and vehicle-mounted system.

Background technique

The Elliptic Curve Cryptography (ECC) algorithm is a public key cryptographic algorithm based on elliptic curves. The ECC algorithm has a wide range of applications in digital signatures, information security, blockchain and other fields due to its higher security and smaller key length.

As the ECC algorithm becomes more popular, the amount of data that the ECC algorithm calculates is also increasing. At this time, when performing modular multiplication operations of the ECC algorithm, the increasing amount of data may cause memory overflow or reduced computing efficiency, thereby affecting the performance of the ECC algorithm.

Summary of the invention

The present application provides a modular multiplication operation method, device, chip, board and vehicle-mounted system to solve the problems of low efficiency and poor performance of existing modular multiplication operation methods.

In a first aspect, the present application provides a modular multiplication operation device, comprising: a processor and a data operator; wherein the data operator comprises a multiplier, an accumulator, a first register, a second register, a third register, a first multiplexer, a second multiplexer, a third multiplexer and a fourth multiplexer; the processor is respectively connected to the multiplier, the first multiplexer, the second multiplexer and the third multiplexer; the first multiplexer is connected to the first register; the first register is respectively connected to the first multiplexer, the second multiplexer and the fourth multiplexer; the second multiplexer is respectively connected to the first register, the second register and the processor; the second register is respectively connected to the accumulator and the second multiplexer; the accumulator is respectively connected to the third multiplexer and the fourth multiplexer; the third multiplexer is connected to the third register; the third register is respectively connected to the accumulator and the fourth multiplexer;

The processor is used to obtain target data matching the data operation instruction after receiving the data operation instruction; and transmit the target data to the data operator;

The data operator is used to receive the target data and perform operation processing on the target data to obtain a data operation result; wherein the data operation result is used to indicate a modular multiplication operation result.

In a second aspect, the present application provides a modular multiplication method, which is applied to a processor; comprising:

In response to the modular multiplication operation instruction, the data to be operated is obtained; wherein the data to be operated includes the data to be calculated and the pre-calculated data; the data to be calculated represents the data that needs to be operated on for modular multiplication; the pre-calculated data represents the intermediate data relied on in the process of modular multiplication operation; the pre-calculated data is the data determined based on the data to be calculated;

Based on the pre-set data operation instructions, modular multiplication operation is performed on the data to be operated to obtain the modular multiplication operation result corresponding to the data to be operated; wherein, the pre-set data operation instructions are implemented based on any modular multiplication operation device in the above-mentioned first aspect.

In a third aspect, the present application provides a chip, comprising the modular multiplication operation device described in any one of the first aspects.

In a fourth aspect, the present application provides a board card, wherein the board card includes the chip described in the third aspect.

In a fifth aspect, the present application provides a vehicle-mounted system, which includes the chip described in the third aspect or the board described in the fourth aspect.

The modular multiplication operation method, device, chip, board and vehicle-mounted system provided by the present application can respond to the modular multiplication operation instruction to obtain the data to be operated, and then, according to the pre-set data operation instruction, the above-mentioned operation device is used to perform modular multiplication operation on the data to be operated, and obtain the modular multiplication operation result corresponding to the data to be operated. This implementation method can realize the modular multiplication operation through the customized data operation instruction and the hardware unit, so as to improve the operation processing speed of the modular multiplication operation, and then improve the operation efficiency of the modular multiplication operation. At this time, when the above-mentioned modular multiplication operation method is applied to a complex algorithm (for example, elliptic curve cryptography), the calculation performance of the complex algorithm can be improved, so that the application of the complex algorithm is smoother and more extensive, and the robustness of the complex algorithm is improved. Further, the performance of the computer device (for example, the vehicle-mounted system) applying the complex algorithm can also be improved, so as to further improve the user experience of the user using the computer device.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the present application and, together with the description, serve to explain the principles of the present application.

FIG1 is a schematic diagram of a general software architecture of elliptic curve cryptography provided in an embodiment of the present application;

FIG2 is a schematic diagram of a modular multiplication operation device provided in an embodiment of the present application;

FIG3 is a schematic diagram of a pre-set operation instruction provided in an embodiment of the present application;

FIG4 is a schematic diagram of a computing device corresponding to a first multiplication extension instruction provided in an embodiment of the present application;

FIG5 is a schematic diagram of a computing device corresponding to a second multiplication extension instruction provided in an embodiment of the present application;

FIG6 is a schematic diagram of a computing device corresponding to a third multiplication extension instruction provided in an embodiment of the present application;

FIG7 is a schematic diagram of a computing device corresponding to a fourth multiplication extension instruction provided in an embodiment of the present application;

FIG8 is a schematic diagram of a computing device corresponding to a first zeroing extension instruction provided in an embodiment of the present application;

9 is a schematic diagram of a computing device corresponding to a second zero-set extension instruction provided in an embodiment of the present application;

FIG10 is a schematic diagram of a computing device corresponding to a data retention extension instruction provided in an embodiment of the present application;

FIG11 is a schematic diagram of a flow chart of a modular multiplication method provided by the present application;

FIG12 is a flow chart of another modular multiplication method provided by the present application;

FIG13 is a schematic diagram of a first multiplication instruction corresponding to n-word length data provided in an embodiment of the present application;

FIG14 is a schematic diagram of a second multiplication instruction corresponding to n-word length data provided in an embodiment of the present application;

FIG15 is a schematic diagram of a flow chart of implementing a multiplication operation on n-word-length data provided in an embodiment of the present application;

FIG16 is a schematic diagram of a flow chart of implementing a multiplication operation on single-word-length data provided in an embodiment of the present application;

FIG17 is a schematic diagram of a calculation flow of a Montgomery modular multiplication operation provided in an embodiment of the present application;

FIG18 is a schematic diagram of a modular multiplication performance evaluation result provided in an embodiment of the present application;

FIG19 is a schematic diagram of a chip provided in an embodiment of the present application;

FIG20 is a schematic diagram of a board provided in an embodiment of the present application;

FIG. 21 is a schematic diagram of a vehicle-mounted system provided in an embodiment of the present application.

The above drawings have shown clear embodiments of the present application, which will be described in more detail later. These drawings and text descriptions are not intended to limit the scope of the present application in any way, but to illustrate the concept of the present application to those skilled in the art by referring to specific embodiments.

Detailed ways

Exemplary embodiments will be described in detail herein, examples of which are shown in the accompanying drawings. When the following description refers to the drawings, unless otherwise indicated, the same numbers in different drawings represent the same or similar elements. The implementations described in the following exemplary embodiments do not represent all implementations consistent with the present application. Instead, they are merely examples of devices and methods consistent with some aspects of the present application as detailed in the appended claims.

It should be noted that the user information (including but not limited to user device information, user personal information, etc.) and data (including but not limited to data used for analysis, stored data, displayed data, etc.) involved in this application are all information and data authorized by the user or fully authorized by all parties, and the collection, use and processing of relevant data must comply with the relevant laws, regulations and standards of the relevant countries and regions, and provide corresponding operation entrances for users to choose to authorize or refuse.

At present, with the popularization of the ECC algorithm, the amount of calculation data corresponding to the ECC algorithm is also gradually increasing.

In one example, FIG1 is a schematic diagram of a general software architecture of an elliptic curve cryptography provided in an embodiment of the present application. As shown in FIG1 , elliptic curve operations mainly include "fixed point scalar multiplication", "free point scalar multiplication", "point addition" and "doubling addition". Among them, the implementation of elliptic curve operations is mainly based on prime field operations, for example, including modular addition operations, modular subtraction operations, modular multiplication operations and modular inverse operations. At this time, the elliptic curve cryptography algorithm can be implemented according to the random number generator, hash function and elliptic curve operations. At this time, an elliptic curve cryptography algorithm interface can be provided to externally implement encryption/decryption based on elliptic curve cryptography.

At present, when performing modular multiplication operations on prime fields based on the elliptic curve cryptography algorithm, the gradually increasing amount of data may cause memory overflow or reduced computing efficiency, thereby affecting the performance of the ECC algorithm.

The modular multiplication operation method provided in this application aims to implement modular multiplication operation by designing a hardware operation unit corresponding to the modular multiplication operation and combining it with RISC-V extended instructions to solve the above technical problems of the prior art.

The technical solution of the present application and how the technical solution of the present application solves the above-mentioned technical problems are described in detail below with specific embodiments. The following specific embodiments can be combined with each other, and the same or similar concepts or processes may not be repeated in some embodiments. The embodiments of the present application will be described below in conjunction with the accompanying drawings.

In one example, in the modular multiplication operation device provided in the embodiment of the present application, the single word length processed by the multiplier, the accumulator and the multiplexer is described as 32 bits. Based on this, since the first register and the second register are used to store the multiplication operation result corresponding to the multiplier, at this time, the word length of the data that can be stored in the first register and the second register is 64 bits. The third register is used to store the summation result of the accumulator, so the word length of the data that can be stored in the third register is 67 bits.

It should be noted here that the single word length that the hardware processing unit can process, in addition to 32 bits, can also be 64 bits, 16 bits, 128 bits, etc. There is no limitation on the single word length processed by the hardware processing unit, which is subject to what can be achieved.

Figure 2 is a schematic diagram of a modular multiplication operation device provided in an embodiment of the present application. As shown in Figure 2, the operation device includes: a processor 21 and a data operator 22; wherein the data operator 22 includes a multiplier 201, an accumulator 202, a first register 203, a second register 204, a third register 205, a first multiplexer 206, a second multiplexer 207, a third multiplexer 208 and a fourth multiplexer 209.

The processor 21 is connected to the multiplier 201, the first multiplexer 206, the second multiplexer 207, and the third multiplexer 208 respectively; the first multiplexer 206 is connected to the first register 203; the first register 203 is connected to the first multiplexer 206, the second multiplexer 207, and the fourth multiplexer 209 respectively; the second multiplexer 207 is connected to the first register 203, the second register 204, and the processor 21 respectively; the second register 204 is connected to the accumulator 202 and the second multiplexer 207 respectively; the accumulator 202 is connected to the third multiplexer 208 and the fourth multiplexer 209 respectively; the third multiplexer 208 is connected to the third register 205; the third register 205 is connected to the accumulator 202 and the fourth multiplexer 209 respectively.

The processor 21 is used for acquiring target data matching the data operation instruction after receiving the data operation instruction; and transmitting the target data to the data operator 22.

The data operator 22 is used to receive target data and perform operations on the target data to obtain data operation results; wherein the data operation results are used to perform modular multiplication operations.

In one example, the data operation instruction can be used to indicate an instruction to perform operation processing on the target data. The data operation instruction can be used to indicate to perform multiplication operation processing on the target data, or to output the multiplication operation result. In this case, the target data can represent the multiplier and the multiplicand, or be used to represent the multiplication operation result.

In an example, since the single word length of the data processed by the multiplexer is 32 bits, when transmitting data through the multiplexer, if the word length of the data to be transmitted is greater than 32 bits, multiple multiplexers can be used simultaneously according to the word length of the data to be transmitted to complete the data transmission. Data transmission can also be achieved by repeatedly using a single multiplexer.

For example, as shown in the first multiplexer 206 in FIG. 2 , the first multiplexer 206 is used to select one of the data stored in the first register 203, the value 0, and the multiplication result output by the multiplier 201. At this time, when transmitting the data stored in the first register 203 and the multiplication result output by the multiplier 201, data transmission can be achieved by repeatedly using a single multiplexer, i.e., the first multiplexer 206.

For another example, as shown in FIG2 , the second multiplexer 207 and the third multiplexer 208, when the word length of the transmitted data is greater than 32 bits, multiple multiplexers are used simultaneously to achieve data transmission. The number of multiplexers used for data transmission is not limited here, and is subject to meeting actual needs.

In one example, when using the computing device shown in FIG. 2 to implement modular multiplication, a corresponding data operation instruction may be set first, and then the operation may be performed according to the data operation instruction to obtain a modular multiplication result.

In one example, FIG3 is a schematic diagram of a pre-set operation instruction provided by an embodiment of the present application. As shown in FIG3, the pre-set operation instruction includes: a first multiplication extension instruction representing a multiplication operation and summing, that is, the multadd instruction shown in FIG3, described as "multadd rd, rs1, rs2"; a second multiplication extension instruction representing that after performing a multiplication operation and summing, the high-order operation result is retained and the low-order operation result is output, that is, the multaddh instruction shown in FIG3, described as "multaddh rd, rs1, rs2"; a third multiplication extension instruction representing that after performing a multiplication operation, the low-order multiplication operation result is output, that is, the mul instruction shown in FIG3, described as "mul rd, rs1, rs2"; a fourth multiplication extension instruction representing that after performing a multiplication operation, the high-order multiplication operation result is output, that is, the mulh instruction shown in FIG3, described as "mulh rd, rs1, rs2"; a first zeroing extension instruction representing that the low-order data is set to zero after output, that is, the rdlset0 instruction shown in FIG3, described as "rdlset0 rd"; represents a second zeroing extension instruction that sets the high-order data to zero after output, that is, the rdhset0 instruction shown in Figure 3, which is described as "rdhset0rd"; represents a data keeping extension instruction that retains the remaining data after outputting the low-order data, that is, the rdlkeep instruction shown in Figure 3, which is described as "rdlkeep rd". Among them, rs1 and rs2 represent the input data of the instruction, and rd represents the output data of the instruction.

In one example, the above-mentioned preset operation instructions can be designed based on RISC-V to obtain customized RISC-V extended instructions, that is, preset operation instructions. At this time, as shown in Figure 3, the values of the two fields funct7 and funct3 in the customized RISC-V extended instructions can be used to facilitate the calling of corresponding operation instructions. For example, the value of the funct7 field corresponding to the multadd instruction can be "0011100", and the value of the corresponding funct3 field can be "000"; the value of the funct7 field corresponding to the multaddh instruction can be "0011101", and the value of the corresponding funct3 field can be "000"; the value of the funct7 field corresponding to the mul instruction can be "0000001", and the value of the corresponding funct3 field can be "000"; the value of the funct7 field corresponding to the mulh instruction can be "0000 001", the corresponding funct3 field value can be "001"; the funct7 field value corresponding to the rdlset0 instruction can be "0011110", and the corresponding funct3 field value can be "000"; the funct7 field value corresponding to the rdhset0 instruction can be "0011111", and the corresponding funct3 field value can be "000"; the funct7 field value corresponding to the rdlkeep instruction can be "0100000", and the corresponding funct3 field value can be "000".

It should be noted that in the embodiment of the present application, the values of the two fields funct7 and funct3 can be customized. There is no limitation on the values of the two fields funct7 and funct3, so as to accurately distinguish each operation instruction.

The operation process of each operation instruction shown in FIG. 3 will be introduced below in conjunction with a specific schematic diagram of an operation device.

In one example, the data operation instruction represents a first multiplication extension instruction; wherein the first multiplication extension instruction represents an instruction for performing a multiplication operation and summing; and the target data includes a first multiplier and a first multiplicand.

At this time, referring to FIG. 4 , FIG. 4 is a schematic diagram of a computing device corresponding to a first multiplication extension instruction provided in an embodiment of the present application, as shown by the solid line in FIG. 4 :

The processor 41 is used for transmitting the first multiplier (rs1 as shown in Figure 4) and the first multiplicand (rs2 as shown in Figure 4) to the multiplier 401 after receiving the first multiplication extension instruction, so as to perform a multiplication operation on the first multiplier (rs1 as shown in Figure 4) and the first multiplicand (rs2 as shown in Figure 4) based on the multiplier 401 to obtain a first multiplication operation result; and transmitting and saving the first multiplication operation result to the first register 403 through the first multiplexer 406.

The first register 403 is used to receive the first multiplication result, and transmit the first multiplication result to the second register 404 through the second multiplexer 407 and save it.

The second register 404 is used to obtain the data stored in the third register 405 , and transmit the data stored in the third register 405 and the received first multiplication result to the accumulator 402 .

The accumulator 402 is used to perform an addition operation on the data stored in the third register and the first multiplication result to obtain a first addition operation result (mult_add_data as shown in Figure 4); and save the first addition operation result (mult_add_data as shown in Figure 4) to the third register 405 through the third multiplexer 408.

At this time, the data stored in the third register 405 is the result rd obtained after the first multiplication extension instruction multadd is used to perform operation processing on rs1 and rs2.

In one example, the data operation instruction represents a second multiplication extension instruction; wherein the second multiplication extension instruction represents an instruction for performing multiplication and summing, retaining the high-order operation result, and outputting the low-order operation result; the target data includes a second multiplier and a second multiplicand.

At this time, referring to FIG. 5 , FIG. 5 is a schematic diagram of a computing device corresponding to a second multiplication extension instruction provided in an embodiment of the present application, as shown by the solid line in FIG. 5 :

The processor 51 is used for transmitting the second multiplier (rs1 as shown in FIG. 5 ) and the second multiplicand (rs2 as shown in FIG. 5 ) to the multiplier 501 after receiving the second multiplication extension instruction, so as to perform a multiplication operation on the second multiplier (rs1 as shown in FIG. 5 ) and the second multiplicand (rs2 as shown in FIG. 5 ) based on the multiplier 501 to obtain a second multiplication operation result; and transmitting the second multiplication operation result to the first register 503 through the first multiplexer 506 and saving it.

The first register 503 is used to receive the second multiplication result, and transmit the second multiplication result to the second register 504 through the second multiplexer 506 and save it.

The second register 504 is used to transmit the second multiplication result to the accumulator 502 .

The accumulator 502 is used to obtain the data stored in the third register 505, and perform an addition operation on the data stored in the third register 505 and the received second multiplication operation result to obtain a second addition operation result (such as mult_add_data shown in FIG. 5 ).

The processor 51 is also used to obtain and output the low-order data in the second addition operation result (mult_add_data as shown in Figure 5) through the fourth multiplexer 509; and save the high-order data in the second addition operation result to the third register 505 through the third multiplexer 508.

At this time, the low-order data in the output second addition operation result is the result rd obtained after the second multiplication extension instruction multaddh instruction is used to perform operation processing on rs1 and rs2.

In one example, the data operation instruction represents a third multiplication extension instruction; wherein the third multiplication extension instruction represents an instruction for outputting a low-order multiplication result after performing a multiplication operation; and the target data includes a third multiplier and a third multiplicand. At this time, referring to FIG. 6 , FIG. 6 is a schematic diagram of an operation device corresponding to a third multiplication extension instruction provided in an embodiment of the present application, as shown by the solid line in FIG. 6 :

The processor 61 is configured to transmit the third multiplier (such as rs1 as shown in FIG. 6 ) and the third multiplicand (such as rs2 as shown in FIG. 6 ) to the multiplier 601 after receiving the third multiplication extension instruction.

The multiplier 601 is used to receive a third multiplier (rs1 as shown in FIG6 ) and a third multiplicand (rs2 as shown in FIG6 ); perform multiplication operation on the third multiplier (rs1 as shown in FIG6 ) and the third multiplicand (rs2 as shown in FIG6 ) to obtain a third multiplication operation result; and transmit the third multiplication operation result through the first multiplexer 606 and save it in the first register 603.

The processor 61 is further configured to select and output low-order data in the third multiplication operation result based on the fourth multiplexer 609 .

At this time, the low-order data in the output third multiplication result is the result rd obtained after the third multiplication extension instruction mul is used to perform operation processing on rs1 and rs2.

In one example, the data operation instruction represents a fourth multiplication extension instruction; wherein the fourth multiplication extension instruction represents an instruction for outputting a high-order multiplication result after performing a multiplication operation; the target data includes a fourth multiplier, a fourth multiplicand, and a first target value. At this time, referring to FIG. 7 , FIG. 7 is a schematic diagram of an operation device corresponding to a fourth multiplication extension instruction provided in an embodiment of the present application, as shown by the solid line in FIG. 7 :

The processor 71 is configured to transmit a fourth multiplier (rs1 shown in FIG. 7 ) and a fourth multiplicand (rs2 shown in FIG. 7 ) to the multiplier 701 after receiving the fourth multiplication extension instruction.

The multiplier 701 is used to receive a fourth multiplier (rs1 shown in FIG. 7 ) and a fourth multiplicand (rs2 shown in FIG. 7 ); perform multiplication operation on the fourth multiplier (rs1 shown in FIG. 7 ) and the fourth multiplicand (rs2 shown in FIG. 7 ) to obtain a fourth multiplication operation result; and transmit the fourth multiplication operation result through the first multiplexer 706 and save it in the first register 703.

The first register 703 is used to transmit the fourth multiplication result to the second register 704 through the second multiplexer 707 .

The processor 71 is also used to output the high-order data in the fourth multiplication result stored in the second register 704 through the fourth multiplexer 709; transmit the first target value (the first target value is the value 0 shown in Figure 7) to the second register 704 through the second multiplexer 707 to set the second register 704 to zero; transmit the first target value to the third register 705 through the third multiplexer 708 to set the third register 705 to zero.

At this time, the high-order data in the output fourth multiplication result is the result rd obtained after the fourth multiplication extension instruction mulh is used to perform operation processing on rs1 and rs2.

At this time, by performing zeroing processing on the third register 705 and the second register 704, preparation for the next operation can be made.

In one example, the data operation instruction represents a first zeroing extension instruction; wherein the first zeroing extension instruction represents an instruction to output low-order data and then set it to zero; the target data includes the summation result after the accumulator operation and the first target value. At this time, referring to FIG8 , FIG8 is a schematic diagram of an operation device corresponding to a first zeroing extension instruction provided in an embodiment of the present application, as shown by the solid line in FIG8 :

The processor 81 is used to select and output the low-order data in the summation result after the accumulator operation (i.e., mult_add_data shown in Figure 8) based on the fourth multiplexer 809; transmit the first target value (the first target value is the value 0 shown in Figure 8) to the second register 804 through the second multiplexer 807 to set the second register 804 to zero; transmit the first target value to the third register 805 through the third multiplexer 808 to set the third register 805 to zero.

In one example, the data operation instruction represents a second zeroing extension instruction; wherein the second zeroing extension instruction represents an instruction to output high-order data and then set it to zero; the target data includes the data stored in the third register and the first target value. At this time, referring to FIG. 9 , FIG. 9 is a schematic diagram of a computing device corresponding to a second zeroing extension instruction provided in an embodiment of the present application, as shown by the solid line in FIG. 9 :

The processor 91 is used to output the high-order data in the data stored in the third register 905 based on the fourth multiplexer 909; transmit the first target value (the first target value is the value 0 shown in Figure 9) to the second register 904 through the second multiplexer 907 to set the second register 904 to zero; transmit the first target value to the third register 905 through the third multiplexer 908 to set the third register 905 to zero.

In one example, the data operation instruction represents a data retention extension instruction; wherein the data retention extension instruction represents an instruction to retain the remaining data after outputting the low-order data; the target data includes the data stored in the second register and the data stored in the third register. At this time, referring to FIG. 10, FIG. 10 is a schematic diagram of a computing device corresponding to a data retention extension instruction provided in an embodiment of the present application, as shown by the solid line in FIG. 10:

The accumulator 1002 is used to receive the data stored in the second register 1004 and the third register 1005; perform an addition operation on the data stored in the second register 1004 and the data stored in the third register 1005 to obtain a third addition operation result.

Processor 101 is used to output the low-order data in the third addition result through the fourth multiplexer 1009 after the accumulator 1002 obtains the third addition result; and transmit and save the high-order data in the third addition result to the third register 1005 through the third multiplexer 1008.

Based on the data operation instructions that can be implemented by the above modular multiplication operation device, the present application also provides a modular multiplication operation method. Referring to FIG. 11 , FIG. 11 is a flow chart of a modular multiplication operation method provided by the present application. As shown in FIG. 11 , the method can be applied to the processor in any of the above embodiments, including:

S1101. In response to a modular multiplication instruction, obtain data to be operated.

Among them, the data to be calculated includes the data to be calculated and the pre-calculated data; the data to be calculated represents the data that needs to be subjected to modular multiplication operation; the pre-calculated data represents the intermediate data relied on in the process of modular multiplication operation; the pre-calculated data is the data determined based on the data to be calculated.

In one example, the data to be calculated may be understood as data that requires a modular multiplication operation. For example, the data to be calculated may include a multiplier x, a multiplicand y, and a modulus m.

In one example, the pre-calculated data may include modular exponentiation data R, first intermediate data w, and second intermediate data nm. In this case, the data to be calculated may be determined based on the data to be calculated. In this case, the value of the modular exponentiation data R is R=2 ^N , where 2 ^N-1 <m≤2 ^N . The value of the first intermediate data w is w=-m ^-1 mod R. The value of the second intermediate data nm is nm=~m mod R.

S1102. Based on a preset data operation instruction, perform a modular multiplication operation on the data to be operated to obtain a modular multiplication operation result corresponding to the data to be operated.

Among them, the pre-set data operation instruction is implemented based on any of the above-mentioned modular multiplication operation devices.

In one example, the modular multiplication method provided in the embodiment of the present application can be used to calculate complex algorithms, such as elliptic curve cryptography. There is no limitation on the complex algorithms to which the modular multiplication method can be applied, subject to implementation.

It can be known from the above description that the embodiment of the present application can obtain the data to be calculated in response to the modular multiplication operation instruction, and then, according to the pre-set data operation instruction, the above-mentioned operation device is used to perform modular multiplication operation on the data to be calculated, and obtain the modular multiplication operation result corresponding to the data to be calculated. This implementation method can realize the modular multiplication operation through the customized data operation instruction and the hardware unit, so as to improve the operation processing speed of the modular multiplication operation, and then improve the operation efficiency of the modular multiplication operation. At this time, when the above-mentioned modular multiplication operation method is applied to a complex algorithm (for example, elliptic curve cryptography), the computing performance of the complex algorithm can be improved, so that the application of the complex algorithm is smoother and more extensive, and the robustness of the complex algorithm is improved. Further, the performance of the computer device (for example, a vehicle-mounted system) that applies the complex algorithm can also be improved, thereby further improving the user experience of the user using the computer device.

In one example, referring to FIG. 12 , FIG. 12 is a flow chart of another modular multiplication operation method provided by the present application. As shown in FIG. 12 , the method includes:

S1201. In response to a modular multiplication instruction, obtain data to be operated.

Among them, the data to be calculated includes the data to be calculated and the pre-calculated data; the data to be calculated represents the data that needs to be subjected to modular multiplication operation; the pre-calculated data represents the intermediate data relied on in the process of modular multiplication operation; the pre-calculated data is the data determined based on the data to be calculated.

In an example, this step can refer to the content described in S1101 above, and will not be repeated here in detail.

In one example, after obtaining the data to be operated, modular multiplication operation is performed on the data to be operated based on the preset data operation instructions. Before obtaining the modular multiplication operation result corresponding to the data to be operated, the embodiment of the present application can first determine the first multiplication instruction and the second multiplication instruction for implementing the modular multiplication operation based on the preset data operation instructions (wherein the first multiplication instruction is used to determine the high-order data in the multiplication operation result through the first multiplication operation; the second multiplication instruction is used to determine the low-order data in the multiplication operation result through the second multiplication operation), refer to the steps described below for details.

S1202. Determine a first multiplication instruction and a second multiplication instruction based on the data word length corresponding to the data to be operated and a preset data operation instruction.

The first multiplication instruction is used to implement a first multiplication operation; and the second multiplication instruction is used to implement a second multiplication operation.

In one example, the data word length corresponding to the data to be operated may be greater than or equal to the single word length (ie, 32 bits) of the data that can be processed by the modular multiplication operation device.

At this time, in the case where the data word length corresponding to the data to be operated is a multi-word length, the pre-set data operation instruction includes a first multiplication extension instruction, a second multiplication extension instruction, a first zero extension instruction, a second zero extension instruction and a data retention extension instruction. At this time, based on the data word length corresponding to the data to be operated and the pre-set data operation instruction, determining the first multiplication instruction and the second multiplication instruction specifically includes the following process:

First, the target word lengths corresponding to the multiplicand and the multiplier in the data to be operated are determined.

The target word length represents the data word length of the multiplicand or the multiplier. At this time, the target word length can be expressed as n, where the value of n is a positive integer greater than 1.

In one example, the target word length can be understood as the maximum value of the first word length corresponding to the multiplicand and the second word length corresponding to the multiplier. For example, when the first word length corresponding to the multiplicand is 5 and the second word length corresponding to the multiplier is 3, the value of the target word length is 5. For another example, when the first word length corresponding to the multiplicand is 5 and the second word length corresponding to the multiplier is 5, the value of the target word length is 5.

Then, based on the target word length, the first multiplication extension instruction, the second multiplication extension instruction, the first set-zero extension instruction, the second set-zero extension instruction, and the data retention extension instruction, the first multiplication instruction and the second multiplication instruction are determined.

In one example, determining the first multiplication instruction based on the target word length, the first multiplication extension instruction, the second multiplication extension instruction, the first zero extension instruction, the second zero extension instruction and the data retention extension instruction specifically includes the following steps:

Firstly, based on the data length corresponding to the single word length and the target word length, the multiplicand and the multiplier are segmented to obtain a plurality of first sub-data corresponding to the multiplicand and a plurality of second sub-data corresponding to the multiplier.

In an example, assuming that the data length corresponding to a single word length is 32 bits, when the multiplicand and the multiplier are segmented, they can be segmented starting from the lowest bit of the multiplicand and the multiplier, respectively, with 32 bits as units to obtain multiple first sub-data corresponding to the multiplicand and multiple second sub-data corresponding to the multiplier.

Then, a first data combination pattern matching the first multiplication instruction is determined; and based on the matching first data combination pattern, a plurality of first multiplication data groups are determined.

The first multiplication data group is used to indicate the first sub-data and the second sub-data that need to be multiplied.

In one example, the first data combination mode is used to indicate the combination mode of the first sub-data and the second sub-data when performing operation processing. For example, assume that the first sub-data is recorded as _Xi , where i represents the i-th first sub-data in the multiplicand. Assume that the second sub-data is recorded as _Yj , where j represents the j-th second sub-data in the multiplier. Then, the first data combination mode can be i+j=2n. At this time, the i-th first sub-data and the j-th second sub-data, and the first sub-data and the second sub-data whose sum is 2n, can be combined for operation processing. At this time, the first multiplied data group is determined based on the i-th first sub-data and the j-th second sub-data, and the first sub-data and the second sub-data whose sum is 2n.

In one example, there may be multiple first data combination patterns matching the first multiplication instruction. For example, the value of i+j determined by the first data combination pattern may be 2n, 2n-1, ..., n, ..., 3, 2.

At this time, the number of the first multiplication data groups determined based on the first data combination mode can be one or more. For example, when the value of i+j is 2n, the values of i and j are both n, and at this time, the number of the first multiplication data groups is 1. When the value of i+j is 3, i is 1 and j is 2, or i is 2 and j is 1, and at this time, it can be determined that the number of the first multiplication data groups is 2.

Next, based on the number of first data combination patterns and the number of first multiplication data groups determined based on each first data combination pattern, a first number of first multiplication extension instructions and a second number of second multiplication extension instructions included in the first multiplication instruction are determined.

Finally, a first multiplication instruction is determined based on the first number of first multiplication extension instructions, the second number of second multiplication extension instructions, the data retention extension instruction, and the second zeroing extension instruction.

In one example, FIG. 13 is a schematic diagram of a first multiplication instruction corresponding to n-word length data provided by an embodiment of the present application. As shown in FIG. 13, when executing the first multiplication extension instruction and the second multiplication extension instruction for each first multiplication data group under each first data combination mode (for example, i+j=2n, i+j=2n-1, i+j=2n-2, i+j=2n-3, ..., i+j=n+1, i+j=n, ..., i+j=4, i+j=3, i+j=2 as shown in FIG. 13), when determining that the operation is performed for the first time, the first multiplication extension instruction is executed for the first sub-data and the second sub-data in the first multiplication data group. Afterwards, the second multiplication extension instruction is first executed for the first sub-data and the second sub-data in each first multiplication data group in each first data combination mode except the last first data combination mode, until the last first multiplication data group in the first data combination mode, so that the first multiplication extension instruction is executed for the first sub-data and the second sub-data in the last first multiplication data group. Next, the second multiplication extension instruction is executed on the first sub-data and the second sub-data in the first multiplication data group in the last first data combination mode, and after the execution is completed, the data retention extension instruction and the second zeroing extension instruction are continued to be executed.

At this time, the high-order multiplication result can be obtained by outputting the value of the n+1th word, ..., the value of the 4th word, the value of the 3rd word, the value of the 2nd word, and the value of the 1st word (that is, the value of the highest 32 bits).

In one example, for the schematic diagram of the first multiplication instruction shown in FIG13, it can be determined that when the value of n is 2, the first data combination pattern can be: i+j=4, i+j=3, i+j=2, and at this time, the number of the first data combination patterns is 3. When the first data combination pattern is i+j=4, the number of the first multiplication data groups determined is 1; when the first data combination pattern is i+j=3, the number of the first multiplication data groups determined is 2; when the first data combination pattern is i+j=2, the number of the first multiplication data groups determined is 1. At this time, it can be determined that the first number of the first multiplication extension instructions included in the first multiplication instruction is 2, and the second number of the second multiplication extension instructions is 2.

In one example, determining the second multiplication instruction based on the target word length, the first multiplication extension instruction, the second multiplication extension instruction, the first zero extension instruction, the second zero extension instruction and the data retention extension instruction specifically includes the following steps:

First, based on the data length corresponding to the single word length and the target word length, the multiplicand and the multiplier are segmented to obtain a plurality of third sub-data corresponding to the multiplicand and a plurality of fourth sub-data corresponding to the multiplier.

In one example, the multiplicand and the multiplier can be segmented starting from the least significant bit of the multiplicand and the multiplier with the length corresponding to the single word length as a step length to obtain a plurality of third sub-data corresponding to the multiplicand and a plurality of fourth sub-data corresponding to the multiplier.

Then, a second data combination pattern matching the second multiplication instruction is determined; and based on the matching second data combination pattern, a plurality of second multiplication data groups are determined.

The second multiplication data group is used to indicate the third sub-data and the fourth sub-data that need to be multiplied.

In one example, the second data combination mode is used to indicate the combination mode of the third sub-data and the fourth sub-data when performing operation processing. For example, assume that the third sub-data is recorded as x _i , where i represents the i-th third sub-data in the multiplicand. Assume that the second sub-data is recorded as y _j , where j represents the j-th fourth sub-data in the multiplier. Then, the first data combination mode can be i+j=2n. At this time, the third sub-data and the fourth sub-data of the i-th and j-th sub-data, and the sum of i and j is 2n, can be combined for operation processing. At this time, the second multiplied data group is determined based on the third sub-data and the j-th fourth sub-data, and the sum of i and j is 2n.

In one example, there may be multiple second data combination patterns matching the second multiplication instruction. For example, the value of i+j determined by the second data combination pattern may be 2n, 2n-1, ..., n+1.

At this time, the number of the second multiplication data groups determined based on the second data combination mode can be one or more. For example, when the value of i+j is 2n, the values of i and j are both n, and at this time, the number of the second multiplication data groups is 1. When the value of i+j is 3, i is 1 and j is 2, or i is 2 and j is 1, and at this time, it can be determined that the number of the second multiplication data groups is 2.

Next, based on the number of second data combination patterns and the number of second multiplication data groups determined based on each second data combination pattern, a third number of first multiplication extension instructions and a fourth number of second multiplication extension instructions included in the second multiplication instruction are determined.

Finally, a second multiplication instruction is determined based on the third number of first multiplication extension instructions, the fourth number of second multiplication extension instructions, and the first zeroing extension instruction.

In one example, FIG14 is a schematic diagram of a second multiplication instruction corresponding to n-word length data provided by an embodiment of the present application. As shown in FIG14, when executing the first multiplication extension instruction and the second multiplication extension instruction for each second multiplication data group under each second data combination mode (for example, i+j=2n, i+j=2n-1, i+j=2n-2, i+j=2n-3, ..., i+j=n+1 as shown in FIG14), when determining that the operation is performed for the first time, the first multiplication extension instruction is executed for the third sub-data and the fourth sub-data in the second multiplication data group. After that, the second multiplication extension instruction is first executed for the third sub-data and the fourth sub-data in each first multiplication data group under each first data combination mode, and then the first multiplication extension instruction is executed. After the first multiplication instruction and the second multiplication extension instruction are executed for the third sub-data and the fourth sub-data in each second multiplication data group, the first zero extension instruction is executed.

At this time, the low-order multiplication result can be obtained by outputting the value of the lowest 32 bits, the value of the 2n-1th word, the value of the 2n-2th word, ... the value of the n+1th word, and the value of the 1st word.

In one example, for the schematic diagram of the first multiplication instruction shown in FIG14 , it can be determined that when the value of n is 2, the second data combination pattern can be: i+j=4, i+j=3, and at this time, the number of second data combination patterns is 2. When the second data combination pattern is i+j=4, the number of second multiplication data groups determined is 1; when the first data combination pattern is i+j=3, the number of first multiplication data groups determined is 2. At this time, it can be determined that the third number of first multiplication extension instructions included in the second multiplication instruction is 2, and the fourth number of second multiplication extension instructions included is 1.

In one example, the embodiment of the present application can implement a data multiplication operation based on a first multiplication instruction and a second multiplication instruction. At this time, referring to FIG. 15 , FIG. 15 is a flow chart of implementing a multiplication operation on n-word-length data provided by an embodiment of the present application. As shown in FIG. 15 , by simultaneously outputting the output result of the first multiplication instruction and the output result of the second multiplication instruction, the final multiplication operation result can be obtained to implement the multiplication operation process.

In one example, when the data word length corresponding to the data to be operated is a single word length, the pre-set data operation instruction includes a third multiplication extension instruction and a fourth multiplication extension instruction. At this time, based on the data word length corresponding to the data to be operated and the pre-set data operation instruction, when determining the first multiplication instruction and the second multiplication instruction, the third multiplication extension instruction can be directly determined as the second multiplication instruction, and the fourth multiplication extension instruction can be determined as the first multiplication instruction.

At this time, when implementing the multiplication operation of the data to be operated based on the first multiplication instruction and the second multiplication instruction, you can refer to Figure 16, which is a flow chart of implementing the multiplication operation of single-word-length data provided by an embodiment of the present application. As shown in Figure 16, the multiplication operation process can be implemented by first executing the second multiplication instruction (that is, the third multiplication extension instruction) and then executing the first multiplication instruction (that is, the fourth multiplication extension instruction).

In one example, the first multiplication instruction can be used to perform a first multiplication operation, and the second multiplication instruction can be used for a second multiplication operation. At this time, after determining the first multiplication instruction and the second multiplication instruction for performing modular multiplication operation on the data to be operated, the modular multiplication operation can be performed on the data to be operated to obtain a modular multiplication operation result corresponding to the data to be operated. The modular multiplication operation here can be understood as a Montgomery modular multiplication operation. At this time, when performing modular multiplication operation on the data to be operated, the steps described below can be referred to.

S1203. Based on a preset data operation instruction, perform a first multiplication operation on the multiplicand and the multiplier to obtain a first result representing a high bit, and perform a second multiplication operation on the multiplicand and the multiplier to obtain a first result representing a low bit.

S1204 , performing a second multiplication operation on the first result representing the low bits and the first intermediate data to obtain a second result representing the low bits.

S1205, performing a first multiplication operation on the second result representing the lower bits and the modulus data to obtain a third result representing the higher bits, and performing a second multiplication operation on the second result representing the lower bits and the modulus data to obtain a third result representing the lower bits.

S1206: Add the first result representing the lower bits and the third result representing the lower bits to obtain a first summation result.

The first summation result includes first carry data and first summation data.

S1207 performs an addition calculation on the first result representing the high bit, the third result representing the high bit, and the first carry data to obtain a second sum result.

The second summation result includes second carry data and second summation data.

S1208. If a carry is determined to have occurred based on the second carry data, or if it is determined that the second sum data is greater than or equal to the modulus data, the second sum data, the second intermediate data and the second target value are added to obtain a third sum result; and the third sum data included in the third sum result is determined as the modulus multiplication result corresponding to the data to be calculated.

In an example, the second target value may be used to indicate the carry data that needs to be added when the second sum data and the second intermediate data are added. In this case, the second target value may be 1.

S1209: Otherwise, determine the second summed data as the modular multiplication result corresponding to the data to be calculated.

In one example, FIG17 is a schematic diagram of a Montgomery modular multiplication operation flow provided by an embodiment of the present application. As shown in FIG17, the data to be calculated can be obtained in response to the Montgomery modular multiplication operation instruction, including the multiplicand x, the multiplier y and the modulus m, that is, the input x, y, m shown in FIG17. Then, based on the data to be calculated, the pre-calculated data is determined, including the modular exponentiation data R, the first intermediate data w and the second intermediate data nm, that is, the pre-calculated data R, w, nm are determined as shown in FIG17. Wherein, R= ^2N satisfies ^2N-1 <^m≤2N; w=-m ^-1 mod R; nm=~m mod R.

After that, the product of the multiplicand x and the multiplier y can be calculated, and the first result of the high order is stored in mult_div_xy, and the first result of the low order is stored in mult_mod_xy. At this time, the above process can be expressed as: calculate mult_xy = Mult(x, y) = mult_div_xy||mult_mod_xy, where "||" represents a connector, for example, 01||10 = 0110. Wherein, mult_div_xy is the result obtained by performing the first multiplication operation, and mult_mod_xy is the result obtained by performing the second multiplication operation.

Next, a second multiplication operation is performed on mult_mod_xy and the first intermediate data w to obtain a second result, and the second result is stored in t. At this time, the above process can be expressed as: calculate t=MultMod(mult_mod_xy,w).

Then, the product of t and the modulus m is calculated, and the third result of the upper order is stored in mult_div_tm, and the third result of the lower order is stored in mult_mod_tm. At this time, the above process can be expressed as: calculate mult_tm=Mult(t,m)=mult_div_tm||mult_mod_tm.

Then, a modular addition operation is performed on the first result mult_mod_xy of the lower order and the third result of the lower order, and the carry data input of the modular addition operation is set to 0. After the modular addition operation, the highest order data (that is, the first carry data) obtained is stored in cout1, and the remaining data (that is, the first sum data) is stored in drop1. At this time, the above process can be expressed as: calculation (drop1, cout1) = Add (mult_mod_xy, mult_mod_tm, 0).

Next, a modular addition operation is performed on the high-order first result mult_div_xy and the high-order third result mult_div_tm, and the carry data input of the modular addition operation is set to cout1. After the modular addition operation, the highest-order data (that is, the second carry data) obtained is stored in cout2, and the remaining data (that is, the second sum data) is stored in res. At this time, the above process can be expressed as: calculation (res, cout2) = Add (mult_div_xy, mult_div_tm, cout1).

Afterwards, it can be determined whether cout2=1 or res≥m is satisfied.

If the judgment is "yes", a modular addition operation is performed on the second sum data res and the second intermediate data nm, and the carry data input of the modular addition operation is set to 1. After the modular addition operation, the highest bit data can be stored in drop2, and the remaining data (that is, the third sum data) can be stored in z. At this time, this process can be expressed as: calculation (z, drop2) = Add (res, nm, 1). At this time, the data corresponding to z (that is, the third sum data) can be determined as the operation result of the Montgomery modular multiplication operation.

Otherwise, the data corresponding to res (ie, the second summed data) is determined as the result of the Montgomery modular multiplication operation.

In the above implementation mode, a modular multiplication operation device and data operation instructions that can be implemented by the modular multiplication operation device can be designed to implement modular multiplication operations, thereby achieving a significant improvement in the computational speed and performance of modular multiplication operations through the design of low-cost hardware operation units, thereby broadening the robustness of modular multiplication operation applications.

In one example, after performing Montgomery modular multiplication based on the modular multiplication method and modular multiplication device, compared with the conventional method of implementing Montgomery modular multiplication based on software algorithm,

In one example, the embodiment of the present application performed an operation performance evaluation on the modular multiplication operation before optimization and the modular multiplication operation method implemented by the data operation instruction and the modular multiplication operation device provided by the present application in the RISC-V simulation experimental environment. The evaluation results are shown in Figure 18.

FIG18 is a schematic diagram of a modular multiplication operation performance evaluation result provided by an embodiment of the present application. As shown in FIG18 , before the modular multiplication operation is optimized, the operation performance of executing a modular multiplication operation is 3543 cycles. After optimization using the modular multiplication operation method provided by an embodiment of the present application, the operation performance of executing a modular multiplication operation is 1272 cycles. It can be seen that before and after the optimization, the modular multiplication operation performance is improved by about 64%, and the operation performance of the modular multiplication operation is significantly improved.

The inventors also found that when the elliptic curve cryptographic algorithm is calculated using the modular multiplication method provided in the embodiment of the present application, the performance of the elliptic curve cryptographic algorithm is improved by approximately 24%.

FIG19 is a schematic diagram of a chip provided in an embodiment of the present application. As shown in FIG19 , the chip includes the above-mentioned modular multiplication operation device.

FIG20 is a schematic diagram of a board provided in an embodiment of the present application. As shown in FIG20 , the board includes the chip shown in FIG19 .

Figure 21 is a schematic diagram of a vehicle-mounted system provided in an embodiment of the present application. As shown in Figure 21, the vehicle-mounted system includes the chip shown in Figure 19 or the board shown in Figure 20.

In the several embodiments provided in the present application, it should be understood that the disclosed devices and methods can be implemented in other ways. For example, the device embodiments described above are only schematic. For example, the division of modules is only a logical function division. There may be other division methods in actual implementation. For example, multiple modules can be combined or integrated into another system, or some features can be ignored or not executed. Another point is that the mutual coupling or direct coupling or communication connection shown or discussed can be through some interfaces, indirect coupling or communication connection of devices or modules, which can be electrical, mechanical or other forms.

Among them, each module can be physically separated, for example, installed in different locations of a device, or installed on different devices, or distributed on multiple network units, or distributed on multiple processors. Each module can also be integrated together, for example, installed in the same device, or integrated in a set of codes. Each module can exist in the form of hardware, or can also exist in the form of software, or can also be implemented in the form of software plus hardware. The present application can select some or all of the modules according to actual needs to achieve the purpose of the present embodiment.

When each module is implemented as an integrated module in the form of a software function module, it can be stored in a computer-readable storage medium. The above-mentioned software function module is stored in a storage medium, including a number of instructions for a computer device (which can be a personal computer, a server, or a network device, etc.) or a processor to perform some steps of the methods of each embodiment of the present application.

It should be understood that, although the various steps in the flowchart in the above-described embodiment are displayed in sequence according to the indication of the arrows, these steps are not necessarily executed in sequence in the order indicated by the arrows. Unless there is a clear description in this article, the execution of these steps is not strictly limited in order, and they can be executed in other orders. Moreover, at least a portion of the steps in the figure may include a plurality of sub-steps or a plurality of stages, and these sub-steps or stages are not necessarily executed at the same time, but can be executed at different times, and their execution order is not necessarily carried out in sequence, but can be executed in turn or alternately with other steps or at least a portion of the sub-steps or stages of other steps.

Those skilled in the art will readily appreciate other embodiments of the present application after considering the specification and practicing the invention disclosed herein. The present application is intended to cover any modification, use or adaptation of the present application, which follows the general principles of the present application and includes common knowledge or customary techniques in the art that are not disclosed in the present application. The specification and examples are intended to be exemplary only, and the true scope and spirit of the present application are indicated by the following claims.

It should be understood that the present application is not limited to the precise structures that have been described above and shown in the drawings, and that various modifications and changes may be made without departing from the scope thereof. The scope of the present application is limited only by the appended claims.

Claims (20)

1. A modular multiplication operation device, characterized in that the operation device comprises: a processor and a data operator; wherein the data operator comprises a multiplier, an accumulator, a first register, a second register, a third register, a first multiplexer, a second multiplexer, a third multiplexer and a fourth multiplexer; the processor is respectively connected to the multiplier, the first multiplexer, the second multiplexer and the third multiplexer; the first multiplexer is connected to the first register; the first register is respectively connected to the first multiplexer, the second multiplexer and the fourth multiplexer; the second multiplexer is respectively connected to the first register, the second register and the processor; the second register is respectively connected to the accumulator and the second multiplexer; the accumulator is respectively connected to the third multiplexer and the fourth multiplexer; the third multiplexer is connected to the third register; the third register is respectively connected to the accumulator and the fourth multiplexer; The processor is used to obtain target data matching the data operation instruction after receiving the data operation instruction; and transmit the target data to the data operator; The data operator is used to receive the target data and perform operation processing on the target data to obtain a data operation result; wherein the data operation result is used to indicate a modular multiplication operation result. 2. The computing device according to claim 1, characterized in that the data operation instruction represents a first multiplication extension instruction; wherein the first multiplication extension instruction represents an instruction for performing a multiplication operation and summing; and the target data includes a first multiplier and a first multiplicand; The processor is configured to, after receiving the first multiplication extension instruction, transmit the first multiplier and the first multiplicand to the multiplier, so as to perform a multiplication operation on the first multiplier and the first multiplicand based on the multiplier to obtain a first multiplication operation result; transmit and save the first multiplication operation result to the first register through the first multiplexer; The first register is used to receive the first multiplication result, and transmit and save the first multiplication result to the second register through the second multiplexer; The second register is used to obtain the data stored in the third register, and transmit the data stored in the third register and the received first multiplication result to the accumulator; The accumulator is used to perform an addition operation on the data stored in the third register and the first multiplication result to obtain a first addition result; and save the first addition result to the third register through the third multiplexer. 3. The computing device according to claim 1, characterized in that the data operation instruction represents a second multiplication extension instruction; wherein the second multiplication extension instruction represents an instruction for performing multiplication and summing, retaining the high-order operation result, and outputting the low-order operation result; the target data includes a second multiplier and a second multiplicand; The processor is configured to, after receiving the second multiplication extension instruction, transmit the second multiplier and the second multiplicand to the multiplier, so as to perform a multiplication operation on the second multiplier and the second multiplicand based on the multiplier to obtain a second multiplication operation result; transmit the second multiplication operation result to the first register through the first multiplexer and save it; The first register is used to receive the second multiplication result, and transmit and save the second multiplication result to the second register through the second multiplexer; The second register is used to transfer the second multiplication result to the accumulator; The accumulator is used to obtain the data stored in the third register, and perform an addition operation on the data stored in the third register and the received second multiplication operation result to obtain a second addition operation result; The processor is further configured to obtain and output the low-order data in the second addition operation result through the fourth multiplexer; and to save the high-order data in the second addition operation result into the third register through the third multiplexer. 4. The computing device according to claim 1, characterized in that the data operation instruction represents a third multiplication extension instruction; wherein the third multiplication extension instruction represents an instruction for outputting a low-order multiplication result after performing a multiplication operation; and the target data includes a third multiplier and a third multiplicand; The processor is configured to transmit the third multiplier and the third multiplicand to the multiplier after receiving the third multiplication extension instruction; The multiplier is used to receive the third multiplier and the third multiplicand; perform a multiplication operation on the third multiplier and the third multiplicand to obtain a third multiplication operation result; transmit the third multiplication operation result through the first multiplexer and save it in the first register; The processor is further configured to select and output low-order data in the third multiplication result based on the fourth multiplexer. 5. The computing device according to claim 1, characterized in that the data operation instruction represents a fourth multiplication extension instruction; wherein the fourth multiplication extension instruction represents an instruction for outputting a high-order multiplication result after performing a multiplication operation; and the target data includes a fourth multiplier, a fourth multiplicand and a first target value; The processor is configured to transmit the fourth multiplier and the fourth multiplicand to the multiplier after receiving the fourth multiplication extension instruction; The multiplier is configured to receive the fourth multiplier and the fourth multiplicand; perform a multiplication operation on the fourth multiplier and the fourth multiplicand to obtain a fourth multiplication operation result; transmit the fourth multiplication operation result through the first multiplexer and save it in the first register; The first register is used to transmit the fourth multiplication result to the second register through the second multiplexer; The processor is also used to output the high-order data in the fourth multiplication result stored in the second register through the fourth multiplexer; transmit the first target value to the second register through the second multiplexer to set the second register to zero; transmit the first target value to the third register through the third multiplexer to set the third register to zero. 6. The computing device according to claim 1, characterized in that the data operation instruction represents a first zeroing extension instruction; wherein the first zeroing extension instruction represents an instruction to output low-order data and then set it to zero; the target data includes a summation result after the accumulator operation and a first target value; The processor is used to select and output the low-order data in the summation result after the accumulator operation based on the fourth multiplexer; transmit the first target value to the second register through the second multiplexer to set the second register to zero; transmit the first target value to the third register through the third multiplexer to set the third register to zero. 7. The computing device according to claim 1, characterized in that the data computing instruction represents a second zeroing extension instruction; wherein the second zeroing extension instruction represents an instruction to output high-order data and then set it to zero; the target data includes the data stored in the third register and the first target value; The processor is used to output the high-order data in the data stored in the third register based on the fourth multiplexer; transmit the first target value to the second register through the second multiplexer to set the second register to zero; transmit the first target value to the third register through the third multiplexer to set the third register to zero. 8. The computing device according to claim 1, characterized in that the data computing instruction represents a data retention extension instruction; wherein the data retention extension instruction represents an instruction for retaining the remaining data after outputting the low-order data; the target data includes the data stored in the second register and the data stored in the third register; The accumulator is used to receive the data stored in the second register and the third register; perform an addition operation on the data stored in the second register and the data stored in the third register to obtain a third addition operation result; The processor is used to output the low-order data in the third addition result through the fourth multiplexer after the accumulator obtains the third addition result; and transmit and save the high-order data in the third addition result to the third register through the third multiplexer. 9. A modular multiplication method, characterized in that it is applied to a processor; the method comprises: In response to the modular multiplication operation instruction, the data to be operated is obtained; wherein the data to be operated includes the data to be calculated and the pre-calculated data; the data to be calculated represents the data that needs to be operated on for modular multiplication; the pre-calculated data represents the intermediate data relied on in the process of modular multiplication operation; the pre-calculated data is the data determined based on the data to be calculated; Based on a preset data operation instruction, a modular multiplication operation is performed on the data to be operated to obtain a modular multiplication operation result corresponding to the data to be operated; wherein the preset data operation instruction is implemented based on the modular multiplication operation device described in any one of claims 1 to 6 above. 10. The method according to claim 9, characterized in that the data to be calculated includes a multiplicand, a multiplier and modular data; the pre-calculated data includes modular exponentiation data determined based on the modular data, first intermediate data and second intermediate data determined based on the modular exponentiation data; the method of performing modular multiplication operation on the data to be calculated based on the preset data operation instruction to obtain the modular multiplication operation result corresponding to the data to be calculated comprises: Based on the preset data operation instruction, a first multiplication operation is performed on the multiplicand and the multiplier to obtain a first result representing a high bit, and a second multiplication operation is performed on the multiplicand and the multiplier to obtain a first result representing a low bit; Performing the second multiplication operation on the first result representing the low bits and the first intermediate data to obtain a second result representing the low bits; Performing the first multiplication operation on the second result representing the lower bits and the modulo data to obtain a third result representing the higher bits, and performing the second multiplication operation on the second result representing the lower bits and the modulo data to obtain a third result representing the lower bits; Adding the first result representing the lower bit and the third result representing the lower bit to obtain a first sum result; wherein the first sum result includes first carry data and first sum data; Add the first result representing the high bit, the third result representing the high bit, and the first carry data to obtain a second sum result; wherein the second sum result includes the second carry data and the second sum data; Based on the second carry data and the second sum data, a modular multiplication result corresponding to the data to be calculated is determined. 11. The method according to claim 10, characterized in that the step of determining the modular multiplication result corresponding to the data to be operated based on the second carry data and the second sum data comprises: If it is determined based on the second carry data that a carry occurs, or it is determined that the second sum data is greater than or equal to the modulus data, the second sum data, the second intermediate data and the second target value are added to obtain a third sum result; and the third sum data included in the third sum result is determined as the modular multiplication operation result corresponding to the data to be operated; Otherwise, the second summed data is determined as the modular multiplication result corresponding to the data to be calculated. 12. The method according to claim 10, characterized in that before performing modular multiplication operation on the data to be operated based on a preset data operation instruction to obtain a modular multiplication operation result corresponding to the data to be operated, the method further comprises: Based on the data word length corresponding to the data to be operated and the preset data operation instruction, a first multiplication instruction and a second multiplication instruction are determined; wherein the first multiplication instruction is used to implement the first multiplication operation; and the second multiplication instruction is used to implement the second multiplication operation. 13. The method according to claim 12, characterized in that the data word length corresponding to the data to be operated is a multi-word length; the preset data operation instruction includes a first multiplication extension instruction, a second multiplication extension instruction, a first zero extension instruction, a second zero extension instruction and a data retention extension instruction; the determining the first multiplication instruction and the second multiplication instruction based on the data word length corresponding to the data to be operated and the preset data operation instruction comprises: Determine the target word length corresponding to the multiplicand and the multiplier in the data to be operated; wherein the target word length represents the data word length of the multiplicand or the multiplier; The first multiplication instruction and the second multiplication instruction are determined based on the target word length, the first multiplication extension instruction, the second multiplication extension instruction, the first set-zero extension instruction, the second set-zero extension instruction and the data retention extension instruction. 14. The method according to claim 13, characterized in that determining the first multiplication instruction based on the target word length, the first multiplication extension instruction, the second multiplication extension instruction, the first zeroing extension instruction, the second zeroing extension instruction and the data retention extension instruction comprises: Based on the data length corresponding to the single word length and the target word length, the multiplicand and the multiplier are segmented to obtain a plurality of first sub-data corresponding to the multiplicand and a plurality of second sub-data corresponding to the multiplier; Determine a first data combination pattern that matches the first multiplication instruction; and determine a plurality of first multiplication data groups based on the matched first data combination pattern; wherein the first multiplication data groups are used to indicate first sub-data and second sub-data that need to be multiplied; Determining a first number of first multiplication extension instructions and a second number of second multiplication extension instructions included in the first multiplication instruction based on the number of the first data combination patterns and the number of first multiplication data groups determined based on each of the first data combination patterns; The first multiplication instruction is determined based on the first number of first multiplication extension instructions, the second number of second multiplication extension instructions, the data retention extension instruction and the second zeroing extension instruction. 15. The method according to claim 13, characterized in that determining the second multiplication instruction based on the target word length, the first multiplication extension instruction, the second multiplication extension instruction, the first zeroing extension instruction, the second zeroing extension instruction and the data retention extension instruction comprises: Based on the data length corresponding to the single word length and the target word length, the multiplicand and the multiplier are segmented to obtain a plurality of third sub-data corresponding to the multiplicand and a plurality of fourth sub-data corresponding to the multiplier; Determine a second data combination pattern that matches the second multiplication instruction; and determine a plurality of second multiplication data groups based on the matched second data combination pattern; wherein the second multiplication data groups are used to indicate third sub-data and fourth sub-data that need to be multiplied; Determining a third number of first multiplication extension instructions and a fourth number of second multiplication extension instructions included in the second multiplication instruction based on the number of the second data combination patterns and the number of second multiplication data groups determined based on each of the second data combination patterns; The second multiplication instruction is determined based on the third number of first multiplication extension instructions, the fourth number of second multiplication extension instructions, and the first zeroing extension instruction. 16. The method according to claim 12, characterized in that the data word length corresponding to the data to be operated is a single word length; the preset data operation instruction includes a third multiplication extension instruction and a fourth multiplication extension instruction; the determining the first multiplication instruction and the second multiplication instruction based on the data word length corresponding to the data to be operated and the preset data operation instruction comprises: The third multiplication extension instruction is determined as the second multiplication instruction, and the fourth multiplication extension instruction is determined as the first multiplication instruction. 17. The method according to claim 9, characterized in that the method is used to calculate elliptic curve cryptography. 18. A chip, characterized in that the chip comprises the modular multiplication operation device according to any one of claims 1 to 8. 19. A board, characterized in that the board comprises the chip according to claim 18. 20. An in-vehicle system, characterized in that the in-vehicle system comprises the chip according to claim 18 or the board according to claim 19.