CN118363925A - Encryption and decryption circuit, method and SOC system supporting multi-algorithm multi-packet mode - Google Patents

Abstract

The invention relates to an encryption and decryption circuit, a method and an SOC system supporting a multi-algorithm multi-grouping mode, wherein a register configuration module acquires a data processing request to configure configuration parameters in a register to generate configuration information, wherein the configuration parameters comprise an algorithm core type, a grouping mode and a working mode, so that the configuration information such as the encryption algorithm type, the grouping mode, the working mode and the like can be flexibly changed according to requirements; the flow direction of the data to be processed is controlled according to the configuration information through the data flow control module, and under different algorithm types or grouping modes, the data flow direction is different algorithm control modules or data processing modules, and different peripheral circuits do not need to be designed for different algorithms, so that the application of the multi-algorithm multi-grouping mode is realized. In a word, the invention realizes the suspension and recovery of the broken high-priority computing stream through the peripheral structure design of the encryption algorithm core, and can more conveniently carry out the iterative upgrade of the algorithm through replacing the algorithm core.

Description

Encryption and decryption circuit, method and SOC system supporting multi-algorithm multi-packet mode

Technical Field

The present invention relates to the field of integrated chips, and in particular, to an encryption and decryption circuit, method and SOC system supporting multiple algorithms and multiple packet modes.

Background

Along with the continuous improvement of the digitalization degree of society, information security is more and more concerned by people, and various encryption algorithms are proposed, popularized and applied to various different occasions. Compared with the software implementation, the hardware implementation of the encryption algorithm in the integrated circuit chip can greatly improve the calculation speed of information encryption and decryption, so that the common hardware accelerator module of the encryption algorithm is often integrated in the chip with the requirement on data security.

More hardware acceleration circuits of a single encryption algorithm are used currently, but the expansibility of the single encryption algorithm is weak, the applicable scene is single, and the algorithm cannot be replaced according to specific use conditions. In order to solve the above-mentioned problems, the prior art (CN 111488310-a structure and method for adapting the function expansion of a packet algorithm in an SOC system) proposes a structure composed of a bus interface management module, a DMA interface management module, a mode parsing and reorganizing module, a DATA selection control module, an IV selection control module, and a transmission unit management module, which is used to expand the packet mode of an encryption algorithm. Although the scheme realizes that the encrypted grouping mode can be configured according to the requirement in the application of different security levels, the technical scheme only can adapt a set of circuit structures supporting multiple grouping modes for the traditional grouping algorithm such as DES, AES or SM4, etc., the scheme is also the multi-grouping mode application of the traditional single algorithm core, and the scheme can not realize that multiple sets of encryption algorithm cores share the same set of grouping mode circuit structures.

To implement the multiple encryption algorithm, another scheme (CN 114244510 —hardware acceleration device, method, apparatus, and storage medium) of the prior art proposes a variety of key length encryption modes implemented by 16 encryption computing units, including SM4 encryption, AES128 encryption, AES192 encryption, and AES256 encryption. The invention focuses on the core level of the encryption algorithm, improves the calculation efficiency by a multiplexing method of the encryption calculation unit, and realizes multiplexing of two encryption algorithms in the same encryption core. However, although the method simplifies the circuit by the multiplexing method, the encryption algorithm and the iterative update of the encryption algorithm cannot be replaced after the design of the bottom computing unit is fixed.

Therefore, the existing technical scheme for realizing multi-algorithm encryption has the following problems: in the prior art, each encryption algorithm module can be respectively realized in the SOC system, algorithm selection signals, encryption data information, configuration information and the like are transmitted through buses, but the method has low resource sharing rate and can generate a large number of redundant circuits; the multiple similar encryption algorithms are logically multiplexed in the algorithm core layer to realize the combination of the calculation units of the multiple algorithms, and the calculation of the multiple encryption algorithms is realized in a single module.

Disclosure of Invention

The embodiment of the invention provides an encryption and decryption circuit, a method and an SOC system supporting multiple algorithms and multiple grouping modes, which at least solve the problem that the multiple algorithms and the multiple grouping modes cannot be freely combined in the related technology.

In a first aspect, an embodiment of the present invention provides an encryption and decryption circuit supporting a multi-algorithm multi-packet mode, where the encryption and decryption circuit includes a register configuration module, a data flow control module, a data processing module, and one or more algorithm core control modules; wherein,

The register configuration module acquires configuration information and stores the configuration information in a data register in the register configuration module, and when a data processing request is received, the configuration information is transmitted to the data flow control module, the data processing module and/or the algorithm core control module; the configuration information comprises an algorithm core type, a grouping mode and a working mode;

the data flow control module is used for acquiring data to be processed, controlling the flow direction of the data to be processed according to the configuration information and sending the data to the corresponding algorithm control module;

The algorithm core control module is used for carrying out encryption and decryption calculation on the received data to obtain encrypted and decrypted data;

the data processing module is used for processing the data to be processed or the encrypted and decrypted data.

In some of these embodiments, the data flow control module includes data flow control logic and a data cache unit; wherein the method comprises the steps of

The data flow control logic is used for controlling the flow direction of the data to be processed according to the configuration information so as to select different data processing lines to reach corresponding algorithm control modules;

the data caching unit is used for acquiring and storing intermediate variables which are normally used or are to be used in the data processing process, and the intermediate variables comprise the encrypted and decrypted data.

In some of these embodiments, the data processing module includes a first data exchange module, a second data exchange module, and a multiplier module; wherein,

The first data exchange module and the second data exchange module are respectively used for carrying out exchange processing of data formats on the data to be processed or the encrypted and decrypted data;

the multiplier module is used for carrying out finite field multiplication operation on the data to be processed when the grouping mode is GMAC or GCM.

In some embodiments, the register configuration module includes a bus interface, a DMA interface, an interrupt output interface, register read-write configuration logic, a DMA controller, interrupt generation logic, key validity check logic, and data read-write validity check logic; wherein,

The bus interface is connected with the register read-write configuration logic, and various configuration information is written into the data register through the bus interface and the register read-write configuration logic for storage for standby;

The DMA interface is connected with the DMA controller, and the DMA controller acquires a data processing request and data to be processed through the DMA interface;

The interrupt output interface is connected with the interrupt generation logic, the key validity check logic and the data read-write validity check logic, and is used for outputting interrupt signals, wherein the interrupt signals comprise calculation completion interrupt, key error interrupt or read-write error interrupt.

In some of these embodiments, each of the algorithm core control modules includes a run state machine for controlling the operation steps and one or more algorithm cores.

In some of these embodiments, the data flow control logic includes a plurality of data selectors and a plurality of exclusive-or arithmetic units; the data selector is used for selecting and processing the received data; the exclusive-or operation unit is used for exclusive-or operation processing of the received data.

In some of these embodiments, the data cache unit includes a first register, a second register, a third register, and a fourth register; the intermediate variable further comprises an initial vector value, an authentication value for which the CCM mode is effectively responsible, a hash subkey and a hash function operation result; the first register, the second register, the third register and the fourth register respectively store different intermediate variables.

Specifically, the data flow control logic includes eleven data selectors, four exclusive-or operation units, and one adder; the eleven data selectors are respectively: mux_0, mux_1, mux_2, mux_3, mux_4, mux_5, mux_6, mux_7, mux_8, mux_9 and mux_a), the four exclusive-or operation units are respectively: XOR1, XOR2, XOR3, XOR4; the algorithm core control module comprises a first algorithm core control module and a second algorithm core control module;

The input end of mux_0 is connected with the output end of the first data exchange module, and the output end of mux_0 is connected with the XOR 1; the first input end of mux_2 is connected to the data to be processed, the second input end is connected with the first register, and the output end is connected with mux_1; the output end of mux_1 is connected with XOR 1; the output end of the XOR1 is connected with a first algorithm core control module; the first input end of mux_4 is connected to the data to be processed, the second input end is connected to the first register, and the output end is connected to the adder; the output end of the adder is connected with the first input end of mux_3; the second input end of the mux_3 is connected with the first data exchange module, the third input end of the mux_3 is connected with the output end of the first algorithm core control module, and the output end of the mux_3 is connected with the first register; the first input end of mux_5 is connected with the output end of mux_2, the second input end is connected with the second register, and the output end is connected with the fourth register; the input end of mux_6 is connected with the output end of the second data exchange module; the first input end of mux_7 is connected with the output end of the first data exchange module, the second input end is connected with the output end of the second data exchange module, and the output end is connected with XOR3; the input end of mux_8 is connected with the fourth register, and the input end is connected with XOR3; the output end of the XOR3 is connected with the multiplier module; the input end of the mux_9 is connected with data to be processed, and the output end of the mux_9 is connected with the input end of the first algorithm core control module; the first input end of the mux_a is connected with the output end of the first algorithm core control module, the second input end of the mux_a is connected with the output end of the second algorithm core control module, and the output end of the mux_a is connected with the second register; the first input end of the XOR2 is connected with the output end of the first algorithm core control module, the second input end of the XOR2 is connected with the output end of the first data exchange module, and the output end of the XOR2 is connected with the input end of the second data exchange module; the first input end of the XOR4 is connected to the output end of the first data exchange module, the second input end is connected to the second register, and the output end is connected to the input end of the second algorithm core control module.

In a second aspect, an embodiment of the present invention provides an SOC system, where the system includes the encryption and decryption circuit supporting the multi-algorithm multi-packet mode described in any one of the embodiments above.

In a third aspect, an embodiment of the present invention provides an encryption and decryption method supporting a multi-algorithm multi-packet mode, which is characterized in that the method is applied to the encryption and decryption circuit described in any one of the above embodiments; the encryption and decryption method comprises the following steps:

Acquiring a data processing request, configuring configuration parameters in a register according to the data processing request, and generating configuration information; the configuration parameters comprise an algorithm core type, a grouping mode and a working mode;

acquiring configuration information and storing the configuration information in a data register, and transmitting the configuration information to a data flow control module, a data processing module and/or an algorithm core control module when a data processing request is received; the configuration information comprises an algorithm core type, a grouping mode and a working mode;

encrypting and decrypting the data received by the algorithm core control module according to the configuration information to obtain encrypted and decrypted data;

and storing the data to be processed or the encrypted and decrypted data as the data to be processed in the subsequent encryption and decryption process.

Compared with the related art, the encryption and decryption circuit, the encryption and decryption method and the SOC system supporting the multi-algorithm multi-grouping mode provided by the embodiment of the invention acquire and store the configuration information through the register configuration module, and transmit the configuration information to other functional modules when the configuration information is used later, wherein the configuration information comprises an algorithm core type, a grouping mode and a working mode, and the number of algorithm control modules is not limited, so that the configuration information such as the encryption algorithm type, the grouping mode, the working mode, the key length and the like can be changed flexibly according to the need; the flow direction of the data to be processed is controlled according to the configuration information through the data flow control module, and under different algorithm types or grouping modes, the data flow direction is different algorithm control modules or data processing modules, and different peripheral circuits do not need to be designed for different algorithms, so that the application of the multi-algorithm multi-grouping mode is realized. In a word, the invention realizes the application of a multi-algorithm multi-grouping mode through the peripheral structure design of the algorithm core, and can conveniently carry out the iterative upgrade of the algorithm through replacing the algorithm core.

Drawings

The accompanying drawings, which are included to provide a further understanding of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the invention and do not constitute a limitation on the invention. In the drawings:

FIG. 1 is a block diagram of an encryption and decryption circuit supporting a multi-algorithm multi-packet mode according to an embodiment of the present invention;

FIG. 2 is a schematic diagram of a portion of an encryption and decryption circuit supporting a multi-algorithm multi-packet mode according to an embodiment of the present invention;

FIG. 3 is a data flow diagram of data flow control logic in CBC mode according to one embodiment of the present invention;

FIG. 4 is a data flow diagram of data flow control logic in CCM mode according to another embodiment of the present invention;

FIG. 5 is a block diagram of an algorithm control module according to one embodiment of the present invention;

FIG. 6 is a state diagram of an operating state machine in an algorithm core control module according to one embodiment of the invention.

Detailed Description

The present invention will be described and illustrated with reference to the accompanying drawings and examples in order to make the objects, technical solutions and advantages of the present invention more apparent. It should be understood that the specific embodiments described herein are for purposes of illustration only and are not intended to limit the scope of the invention. All other embodiments, which can be made by a person of ordinary skill in the art based on the embodiments provided by the present invention without making any inventive effort, are intended to fall within the scope of the present invention. Moreover, it should be appreciated that while such a development effort might be complex and lengthy, it would nevertheless be a routine undertaking of design, fabrication, or manufacture for those of ordinary skill having the benefit of this disclosure, and thus should not be construed as having the benefit of this disclosure.

Reference in the specification to "an embodiment" means that a particular feature, structure, or characteristic described in connection with the embodiment may be included in at least one embodiment of the invention. The appearances of such phrases in various places in the specification are not necessarily all referring to the same embodiment, nor are separate or alternative embodiments mutually exclusive of other embodiments. It is to be expressly and implicitly understood by those of ordinary skill in the art that the described embodiments of the invention can be combined with other embodiments without conflict.

Unless defined otherwise, technical or scientific terms used herein should be given the ordinary meaning as understood by one of ordinary skill in the art to which this invention belongs. The terms "a," "an," "the," and similar referents in the context of the invention are not to be construed as limiting the quantity, but rather as singular or plural. The terms "comprising," "including," "having," and any variations thereof, are intended to cover a non-exclusive inclusion; for example, a process, method, system, article, or apparatus that comprises a list of steps or modules (elements) is not limited to only those steps or elements but may include other steps or elements not expressly listed or inherent to such process, method, article, or apparatus. The terms "connected," "coupled," and the like in connection with the present invention are not limited to physical or mechanical connections, but may include electrical connections, whether direct or indirect. The term "plurality" as used herein means greater than or equal to two. "and/or" describes an association relationship of an association object, meaning that there may be three relationships, e.g., "a and/or B" may mean: a exists alone, A and B exist together, and B exists alone. The terms "first," "second," "third," and the like, as used herein, are merely distinguishing between similar objects and not representing a particular ordering of objects.

The encryption and decryption circuit supporting the multi-algorithm multi-packet mode is generally applied to an SOC (system on a chip) system, and comprises a register configuration module, a data flow control module, a data processing module and more than one algorithm core control module.

The data flow relation of each module refers to fig. 1, the register configuration module obtains configuration information through a bus interface and stores the configuration information in a data register in the register configuration module, and meanwhile, a data processing request (data request processing is generally data encryption processing, key expansion processing or data decryption processing) is obtained through a DMA interface, and the configuration information is transmitted to a data flow control module, a data processing module and/or an algorithm core control module when the data processing request is received; the configuration information includes an algorithm core type, a key length, a grouping mode, a phase selection type, a working mode, a data exchange type, and/or DMA enable. Specifically, the register configuration module provides an access interface for the SOC system (system on chip), and the SOC system configures various parameters such as information of algorithm type, packet mode, key length and the like into the data register through the bus interface for storage for standby, and then the configuration information is sent to other functional modules such as the data flow control module and the like.

The data flow control module is used for acquiring data to be processed and controlling the flow direction of the data to be processed according to the configuration information so that the data are sent to the corresponding algorithm core control module after being processed by the data processing module; the algorithm core control module is used for carrying out encryption and decryption calculation on the received data to obtain encrypted and decrypted data, and each algorithm core control module comprises an operation state machine for controlling the operation steps and more than one bottom layer algorithm core; the data processing module is used for processing the data to be processed and the encryption and decryption data.

More specifically, the register configuration module includes a bus interface, a DMA interface, an interrupt output interface, register read-write configuration logic, a DMA controller, interrupt generation logic, key validity check logic, and data read-write validity check logic. The SOC system writes various configuration information into the data register for standby through the bus interface and the register read-write configuration logic, and obtains and reads the configuration information in the existing data register. For example, selecting a corresponding algorithm core type according to an application scenario, wherein the algorithm core type generally comprises the existing algorithm type (such as AES, SM4, DES … …); setting the key length according to the requirement, such as 128 bits, 192 bits or 256 bits; selecting a grouping mode, wherein the grouping mode mainly comprises an Electronic Codebook (ECB), a Cipher Block Chaining (CBC), a counter mode (CTR), a Galois Counter Mode (GCM), a Galois Message Authentication Code (GMAC) and a CBC-MAC counter mode (CCM); in some modes, the stage selection type needs to be set, for example, in the GCM or CCM mode, the stages are selected from an initialization stage (initial), a header stage (header), a payload stage (payload), and a final stage (final); the operation mode is selected, and generally there are an encryption mode and a decryption mode, and in the case of ECB or CBC for the packet mode, there is also a key expansion mode for decrypting the preparation key for ECB or CBC. In some embodiments, it is also desirable to set the data exchange type and DMA enable.

The DMA interface in fig. 1 is connected with the DMA controller, and the DMA controller obtains a data processing request and data to be processed through the DMA interface and feeds back corresponding response signals to the outside through the DMA interface. The interrupt output interface is connected with the interrupt generation logic, the key validity check logic and the data read-write validity check logic, and is used for outputting interrupt signals, wherein the interrupt signals comprise calculation completion interrupt, key error interrupt or read-write error interrupt. The interrupt generation logic generates an interrupt signal for calculating the completion interrupt when detecting the program interrupt; the key validity checking logic is used for checking the validity of the key, and generating an interrupt signal of key error interrupt when the key is detected to be inconsistent with the requirement; the data read-write validity check logic is used for detecting the read-write of the data, and generating an interrupt signal of the read-write error interrupt when the read-write error occurs.

In the embodiment of the invention, the data flow control module comprises data flow control logic and a data cache unit; and the data flow control logic is used for controlling the flow direction of the data to be processed or the encrypted and decrypted data according to the configuration information. Wherein the data flow control logic comprises a plurality of data selectors and a plurality of exclusive-or operation units; the data selector is used for selecting the data to be processed, the encryption and decryption data or the intermediate variable; the exclusive-or operation unit is used for carrying out exclusive-or operation processing on the data to be processed, the encryption and decryption data or the intermediate variable.

The data buffer unit is used for obtaining and storing intermediate variables which are normally used or to be used in the encryption and decryption process, and the intermediate variables can comprise the encryption and decryption data. The data caching unit comprises a first register, a second register, a third register and a fourth register; the intermediate variable further comprises an initial vector value, an authentication value for which the CCM mode is effectively responsible, a hash subkey and a hash function operation result; the first, second, third and fourth registers store different intermediate variables, respectively.

The data processing circuit comprises a first data exchange module, a second data exchange module and a multiplier module; the first data exchange module and the second data exchange module are respectively used for carrying out data format exchange processing on the data to be processed and the encryption and decryption data; the multiplier module is used for carrying out finite field multiplication operation on the data to be processed when the grouping mode is GMAC or GCM.

The encryption and decryption circuit provided by the invention is a circuit structure composed of a register configuration module, a data flow control module, an algorithm core control module and a data processing module, different data flow directions correspond to different algorithms or grouping modes through the control of the data flow control module, and a plurality of algorithm control modules can be connected in parallel in the circuit, so that a plurality of encryption algorithms can be realized in the same SOC IP module, configuration information such as encryption algorithm types, grouping modes, key lengths and the like can be freely set as required, and the application of a multi-algorithm multi-grouping mode is realized. On the other hand, the encryption and decryption circuit can carry out iterative upgrade of the algorithm by replacing the bottom layer algorithm core in the algorithm control module, is convenient and simple to operate, and does not need to change the peripheral circuit structure. In addition, the invention can save the corresponding data into the data caching unit if the current data encryption and decryption process is interrupted by the data caching unit in the data flow control module, and can directly extract and use the data when needed, thereby realizing the interrupt and recovery functions of high-priority operation.

In a preferred embodiment of the present invention, the data flow control module provided in this embodiment refers to fig. 2, and the data flow control logic in fig. 2 is an implementation manner of the specific implementation circuit. The data flow control logic includes eleven data selectors (mux_0, mux_1, mux_2, mux_3, mux_4, mux_5, mux_6, mux_7, mux_8, mux_9, and mux_a), four exclusive-or operation units (XOR 1, XOR2, XOR3, XOR 4), and one adder (block of "+1" in the figure). In this embodiment, the data flow control logic is connected to two algorithm CORE control modules (first algorithm CORE control module enc_core_wrap#0, second algorithm CORE control module enc_core_wrap#1).

In this embodiment, the data to be processed includes an initial vector IV, an original data block SRC, KEY data KEY, and a working mode. The input end of mux_0 is connected with the output end of the first data exchange module SWAP1, and the output end of mux_0 is connected with XOR 1; the first input end of mux_2 inputs the initial data block IV, the second input end is connected with the first register IVI_latch, the output end is connected with mux_1, and the output end of mux_1 is connected with XOR 1; the output of XOR1 is connected to algorithm CORE control module enc_core_wrap#0. The first input end of mux_4 inputs the initial data block, the second input end is connected with the first register IVI_latch, the output end is connected with the adder, and the output end of the adder is connected with the first input end of mux_3; the second input terminal of mux_3 is connected to the output terminal of first data switch module SWAP1, the third input terminal is connected to enc_core_wrap#0, and the output terminal is connected to first register ivi_latch. The first input end of mux_5 is connected with the output end of mux_2, the second input end is connected with the second register CCM_mac, and the output end is connected with the fourth register GF_result; the input end of mux_6 is connected with the output end of second data exchange module SWAP2, and the output end outputs the final operation result. The first input end of mux_7 is connected with the output end of the first data exchange module SWAP1, the second input end is connected with the output end of the second data exchange module SWAP2, and the output end is connected with XOR3; the input end of mux_8 is connected with a fourth register GF_result, and the input end is connected with XOR3; the output of XOR3 is connected to multiplier block GF2Mul. The input terminal of mux_9 inputs the mode data cfg_mode [1:0] representing the current operation mode, and the output terminal is connected with the input terminal of ENC_CORE_WRAP#0. The mux_a has a first input connected to the output of enc_core_wrap#0, a second input connected to the output of enc_core_wrap#1, and an output connected to the second register ccm_mac. The first input end of the XOR2 is connected with the output end of the ENC_CORE_WRAP#0, the second input end of the XOR2 is connected with the output end of the first data exchange module SWAP1, and the output end of the XOR2 is connected with the input end of the second data exchange module SWAP 2; XOR4 has a first input connected to the output of first data switch module SWAP1, a second input connected to second register ccm_mac, and an output connected to the input of enc_core_wrap#1. The third register H obtains the encrypted and decrypted data output by enc_core_wrap#0 and the data gcm_ lnit in GCM mode, and may send the data to the multiplier module GF2Mul, where some data selectors have their input terminals accessed' b0, indicating that the input terminal is assigned zero.

The four registers (ivi_latch, ccm_mac, H, gf_result) of fig. 2 store intermediate variables that are being used or are to be used in the current operation, respectively representing the initial vector value (IV), the authentication message value in CCM mode, the hash subkey, and the hash function operation result. When the high priority operation breaks the current operation, the data in the four registers are saved, and when the operation is resumed, the registers are reloaded with data, and the operation is continued from the state when the operation was broken. Because the above method can save all intermediate states, the circuit can support mutual and nested breaks of various modes of various algorithms.

The circuit provided in the embodiment of fig. 2 supports an advanced CCM grouping mode, and two algorithm core control modules are required to meet specific operation requirements, and the circuit provided in the embodiment supports two algorithms of AES and SM4, so that the algorithm control modules include two algorithm cores of AES and SM 4; while simple grouping modes such as ECB, CBC, etc. only require a single algorithm core control module. The present embodiment supports GCM and CCM grouping modes, and thus requires the multiplier module GF2Mul module to support finite field multiplication in both modes, and conventional simple grouping modes such as ECB, CBC, CTR do not require the module to participate in the operation, or the internal parameter is configured to be 0. The present embodiment supports data conversion in the Big end mode (Big ENDIAN AND LITTLE ENDIAN), so that the data exchange module is required to participate in the operation, and if the Big end problem is not required to be considered, the module is not required to participate, or the data exchange module is configured as a default parameter. The data flow control logic of this embodiment supports controlling the plurality of data selector mux and thus the data flow according to the following configuration information:

algorithm type-AES, SM4;

Packet mode-Electronic Codebook (ECB), cipher Block Chaining (CBC), counter mode (CTR), galois Counter Mode (GCM), galois Message Authentication Code (GMAC), CBC-MAC counter mode (CCM);

A phase select-initialize phase (initial), a header phase (header), a payload phase (payload), a final phase (final) in GCM or CCM mode;

working mode-encryption, key generation (or key preparation for ECB/CBC decryption), decryption;

SOB (start of block) -whether it is an initial data block.

The present invention is specifically described below with respect to the control process of the data flow control logic provided in fig. 2, by way of examples.

Referring to fig. 3, the data flow indicated by the dashed arrow in fig. 3 is an initialization flow of the AES algorithm for the initial data block SOB in the original data block SRC in the CBC mode. The sob indicates a determination signal of whether the currently processed data is an initial data block, and the data selector performs data selection based on the determination signal to determine the direction of data flow. Since the current data block is an initial data block, the Initial Vector (IV) is exclusive-ored with the original data block (SRC) after the processing of the data exchange module (SWAP 1) and the selection of mux_0 after the selection of the multiplexers (i.e., data selectors) mux_2 and mux_1; the result after operation is sent to an algorithm CORE control module (ENC_CORE_WRAP#0), and AES CORE is used as algorithm to carry out encryption calculation; the encrypted result is sent to the IVI_latch register by mux_3 for being saved as calculation in the subsequent stage, and the result becomes the final data operation result of the current module after the selection of the subsequent exclusive OR operation (XOR 2), data exchange (SWAP 2) and multiplexer mux_6.

Referring to fig. 4, the data flow indicated by the dashed arrow in fig. 4 is an operation flow of the AES algorithm payload stage (payload) performed on the original data block in CCM mode, and two algorithm core control modules participate in this stage because the encryption result of the data and the authentication message of the data need to be calculated at the same time. For the IVI_latch register, the initial vector value (IV) stored in the IVI_latch register enters an algorithm CORE control module ENC_CORE_WRAP#0 for operation under the selection of mux_2 and mux_1 on the one hand; on the other hand, one is added by self after mux_4 is selected, and then the result is sent back to the IVI_latch register after mux_3 is selected for calculation in the subsequent stage. After the original data block (SRC) of the current data block is processed by the data exchange module (SWAP 1), the original data block (SRC) is exclusive-or with the authentication message data in the CCM_MAC register, and then is sent to the algorithm CORE control module ENC_CORE_WRAP#1 for calculation, and the calculation result is restored in the CCM_MAC register to be used as a new authentication message under the selection of mux_a; on the other hand, after mux_5 is selected, the result obtained by calculation with the previous ENC_CORE_WRAP#0 is exclusive-or, and then the result is finally calculated by the module under the current condition after data exchange and mux_6 selection.

As shown in fig. 5, each algorithm core control module provided by the present invention includes a plurality of algorithm cores and an operation state machine for controlling the operation steps, and the data request/response signals and the key request/response signals of each algorithm core are sent to the corresponding operation state machine. The request/response signals, some configuration information, clock, reset and other signals need to be connected with the algorithm core interface, and for the algorithm core, no matter how the calculation logic in the algorithm core is optimized, as long as the number of the interface signals and the control logic are unchanged, the algorithm core (or the logic in the core) can be replaced to iterate and optimize the algorithm, and other external modules cannot be influenced, namely, the corresponding algorithm core is directly replaced in the process of carrying out iterative updating of the algorithm.

The operation of the running state machine in the algorithm core control module of this embodiment is shown in fig. 6. The state machine can be divided into 4 states, namely a preparation state, a key expansion state, a data operation state and an operation response state, and can be divided into the following three processes (each process starts from the preparation state) according to the algorithm and the state of the operation:

the method comprises the following steps that 1, a key expansion is needed before data decryption, in this case, a key expansion state is entered, and a preparation state is returned after the expansion is completed;

Step2, when in SM4 encryption mode, if the current data is an initial data block, the key expansion state is required to be completed, then data operation and operation response are sequentially carried out, and finally the preparation state is returned;

And 3, when the state machine is in the SM4 decryption mode, the SM4 encryption mode (non-initial data block) and the AES encryption or decryption mode, the state machine directly enters a data operation state under the selection of effective signals, enters an operation response state after the operation is completed, and finally returns to a preparation state.

In another embodiment of the present invention, there is provided an SOC system to which the encryption/decryption circuit supporting the multi-algorithm multi-packet mode in any one of the above embodiments is applied.

In another embodiment of the present invention, an encryption and decryption method supporting a multi-algorithm multi-packet mode is provided, and is mainly applied to the encryption and decryption circuit described in the above embodiment; the encryption and decryption method comprises the following steps:

Acquiring configuration information and storing the configuration information in a data register, and transmitting the configuration information to a data flow control module, a data processing module and/or an algorithm core control module when a data processing request is received; ; the configuration information comprises an algorithm core type, a key length, a grouping mode, a stage selection type, a working mode, a data exchange type and/or DMA (direct memory access) enabling; the data processing request generally requests to perform data encryption processing or data decryption processing, and the data processing request can include contents such as a data processing scene, a processing requirement and the like, and requires the type of encryption and decryption algorithm, a grouping mode and the like to be used, so that configuration parameters can be configured, and corresponding configuration information can be obtained.

And acquiring data to be processed, and controlling the flow direction of the data to be processed according to the configuration information so as to send the data to the corresponding algorithm core control module. Specifically, the data flow control module acquires data to be encrypted or decrypted, and then controls the flow direction of the data to be processed according to the grouping mode or the algorithm core type in the configuration information, namely, a data processing line (composed of a data selector and an exclusive or operation unit), the data reaches the corresponding algorithm core control module through the corresponding data processing line, the data processing module is also connected in the data processing line, and part of the data to be processed can be processed first and then sent to the algorithm core control module. Then the corresponding algorithm core control module encrypts or decrypts the data received by the algorithm core control module according to the configuration information to obtain encrypted and decrypted data; the data buffer unit in the data flow control module can also store the data to be processed or the encrypted and decrypted data as the data to be processed in the subsequent encryption and decryption process, thereby realizing the interrupt and recovery functions of high-priority operation.

The above-described respective modules may be functional modules or program modules, and may be implemented by software or hardware. For modules implemented in hardware, the various modules described above may be located in the same processor; or the above modules may be located in different processors in any combination.

It should be noted that, the specific examples in this embodiment may refer to the examples described in the above hardware embodiments and the alternative implementation manners, and this embodiment is not repeated here.

In addition, in combination with the encryption and decryption method supporting the multi-algorithm multi-packet mode in the above embodiment, the embodiment of the present invention may be implemented by providing a storage medium. The storage medium has a computer program stored thereon; the computer program, when executed by the processor, implements the encryption and decryption method supporting the multi-algorithm multi-packet mode in the above embodiment.

An embodiment of the present invention further provides an electronic device, which may be a terminal. The electronic device includes a processor, a memory, a network interface, a display screen, and an input device connected by a system bus. Wherein the processor of the electronic device is configured to provide computing and control capabilities. The memory of the electronic device includes a nonvolatile storage medium and an internal memory. The non-volatile storage medium stores an operating system and a computer program. The internal memory provides an environment for the operation of the operating system and computer programs in the non-volatile storage media. The network interface of the electronic device is used for communicating with an external terminal through a network connection. The computer program, when executed by a processor, implements an encryption and decryption method that supports a multi-algorithm multi-packet mode. The display screen of the electronic equipment can be a liquid crystal display screen or an electronic ink display screen, and the input device of the electronic equipment can be a touch layer covered on the display screen, can also be keys, a track ball or a touch pad arranged on the shell of the electronic equipment, and can also be an external keyboard, a touch pad or a mouse and the like.

Those skilled in the art will appreciate that implementing all or part of the above described methods may be accomplished by way of a computer program stored on a non-transitory computer readable storage medium, which when executed, may comprise the steps of the embodiments of the methods described above. Any reference to memory, storage, database, or other medium used in embodiments provided herein may include non-volatile and/or volatile memory. The nonvolatile memory can include Read Only Memory (ROM), programmable ROM (PROM), electrically Programmable ROM (EPROM), electrically Erasable Programmable ROM (EEPROM), or flash memory. Volatile memory can include Random Access Memory (RAM) or external cache memory. By way of illustration and not limitation, RAM is available in a variety of forms such as Static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double Data Rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous link (SYNCHLINK) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM), among others.

It should be understood by those skilled in the art that the technical features of the above-described embodiments may be combined in any manner, and for brevity, all of the possible combinations of the technical features of the above-described embodiments are not described, however, they should be considered as being within the scope of the description provided herein, as long as there is no contradiction between the combinations of the technical features.

The above examples illustrate only a few embodiments of the invention, which are described in detail and are not to be construed as limiting the scope of the invention. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the invention, which are all within the scope of the invention. Accordingly, the scope of protection of the present invention is to be determined by the appended claims.

Claims (10)

1. The encryption and decryption circuit supporting the multi-algorithm multi-packet mode is characterized by comprising a register configuration module, a data flow control module, a data processing module and more than one algorithm core control module; wherein,

The register configuration module acquires configuration information and stores the configuration information in a data register in the register configuration module, and when a data processing request is received, the configuration information is transmitted to the data flow control module, the data processing module and/or the algorithm core control module; the configuration information comprises an algorithm core type, a grouping mode and a working mode;

the data flow control module is used for acquiring data to be processed, controlling the flow direction of the data to be processed according to the configuration information and sending the data to the corresponding algorithm control module;

The algorithm core control module is used for carrying out encryption and decryption calculation on the received data to obtain encrypted and decrypted data;

the data processing module is used for processing the data to be processed or the encrypted and decrypted data.

2. The encryption and decryption circuit of claim 1, wherein the data flow control module comprises data flow control logic and a data buffer unit; wherein the method comprises the steps of

The data flow control logic is used for controlling the flow direction of the data to be processed according to the configuration information so as to select different data processing lines to reach corresponding algorithm control modules;

the data caching unit is used for acquiring and storing intermediate variables which are normally used or are to be used in the data processing process, and the intermediate variables comprise the encrypted and decrypted data.

3. The encryption and decryption circuit of claim 2, wherein the data processing module comprises a first data exchange module, a second data exchange module, and a multiplier module; wherein,

The first data exchange module and the second data exchange module are respectively used for carrying out exchange processing of data formats on the data to be processed or the encrypted and decrypted data;

the multiplier module is used for carrying out finite field multiplication operation on the data to be processed when the grouping mode is GMAC or GCM.

4. The encryption and decryption circuit of claim 1, wherein the register configuration module comprises a bus interface, a DMA interface, an interrupt output interface, register read-write configuration logic, a DMA controller, interrupt generation logic, key validity check logic, and data read-write validity check logic; wherein,

The bus interface is connected with the register read-write configuration logic, and various configuration information is written into the data register through the bus interface and the register read-write configuration logic for storage for standby;

The DMA interface is connected with the DMA controller, and the DMA controller acquires a data processing request and data to be processed through the DMA interface;

The interrupt output interface is connected with the interrupt generation logic, the key validity check logic and the data read-write validity check logic, and is used for outputting interrupt signals, wherein the interrupt signals comprise calculation completion interrupt, key error interrupt or read-write error interrupt.

5. The encryption and decryption circuit of claim 1, wherein each of the algorithm core control modules comprises an operation state machine for controlling the operation steps and one or more algorithm cores.

6. The encryption and decryption circuit of claim 3, wherein the data flow control logic comprises a plurality of data selectors and a plurality of exclusive-or arithmetic units; the data selector is used for selecting and processing the received data; the exclusive-or operation unit is used for exclusive-or operation processing of the received data.

7. The encryption and decryption circuit according to claim 6, wherein the data buffer unit comprises a first register, a second register, a third register and a fourth register; the intermediate variable further comprises an initial vector value, an authentication value for which the CCM mode is effectively responsible, a hash subkey and a hash function operation result; the first register, the second register, the third register and the fourth register respectively store different intermediate variables.

8. The encryption and decryption circuit of claim 7, wherein the data flow control logic comprises eleven data selectors, four exclusive-or arithmetic units, and one adder; the eleven data selectors are respectively: mux_0, mux_1, mux_2, mux_3, mux_4, mux_5, mux_6, mux_7, mux_8, mux_9 and mux_a, the four exclusive-or operation units are respectively: XOR1, XOR2, XOR3, XOR4; the algorithm core control module comprises a first algorithm core control module and a second algorithm core control module;

The input end of mux_0 is connected with the output end of the first data exchange module, and the output end of mux_0 is connected with the XOR 1; the first input end of mux_2 is connected to the data to be processed, the second input end is connected with the first register, and the output end is connected with mux_1; the output end of mux_1 is connected with XOR 1; the output end of the XOR1 is connected with a first algorithm core control module; the first input end of mux_4 is connected to the data to be processed, the second input end is connected to the first register, and the output end is connected to the adder; the output end of the adder is connected with the first input end of mux_3; the second input end of the mux_3 is connected with the first data exchange module, the third input end of the mux_3 is connected with the output end of the first algorithm core control module, and the output end of the mux_3 is connected with the first register; the first input end of mux_5 is connected with the output end of mux_2, the second input end is connected with the second register, and the output end is connected with the fourth register; the input end of mux_6 is connected with the output end of the second data exchange module; the first input end of mux_7 is connected with the output end of the first data exchange module, the second input end is connected with the output end of the second data exchange module, and the output end is connected with XOR3; the input end of mux_8 is connected with the fourth register, and the input end is connected with XOR3; the output end of the XOR3 is connected with the multiplier module; the input end of the mux_9 is connected with data to be processed, and the output end of the mux_9 is connected with the input end of the first algorithm core control module; the first input end of the mux_a is connected with the output end of the first algorithm core control module, the second input end of the mux_a is connected with the output end of the second algorithm core control module, and the output end of the mux_a is connected with the second register; the first input end of the XOR2 is connected with the output end of the first algorithm core control module, the second input end of the XOR2 is connected with the output end of the first data exchange module, and the output end of the XOR2 is connected with the input end of the second data exchange module; the first input end of the XOR4 is connected to the output end of the first data exchange module, the second input end is connected to the second register, and the output end is connected to the input end of the second algorithm core control module.

9. An SOC system including the encryption and decryption circuit supporting a multi-algorithm multi-packet mode as claimed in any one of claims 1 to 8.

10. An encryption and decryption method supporting a multi-algorithm multi-packet mode, characterized in that the method is applied to the encryption and decryption circuit according to any one of claims 1 to 9; the encryption and decryption method comprises the following steps:

acquiring configuration information and storing the configuration information in a data register, and transmitting the configuration information to a data flow control module, a data processing module and/or an algorithm core control module when a data processing request is received; the configuration information comprises an algorithm core type, a grouping mode and a working mode;

Acquiring data to be processed, and controlling the flow direction of the data to be processed according to the configuration information so as to send the data to the corresponding algorithm core control module;

encrypting and decrypting the data received by the algorithm core control module according to the configuration information to obtain encrypted and decrypted data;

and storing the data to be processed or the encrypted and decrypted data as the data to be processed in the subsequent encryption and decryption process.