CN1379375A - Full-hardware intelligent RSA encrypt/decrypt processor - Google Patents

Full-hardware intelligent RSA encrypt/decrypt processor Download PDF

Info

Publication number
CN1379375A
CN1379375A CN 01110395 CN01110395A CN1379375A CN 1379375 A CN1379375 A CN 1379375A CN 01110395 CN01110395 CN 01110395 CN 01110395 A CN01110395 A CN 01110395A CN 1379375 A CN1379375 A CN 1379375A
Authority
CN
China
Prior art keywords
data
module
rsa encryption
decryption processor
registers group
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN 01110395
Other languages
Chinese (zh)
Inventor
赵云琪
饶进平
侯勇
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
GUOXIAN INTEGRATED CIRCUIT DESIGN CO Ltd BEIJING
Original Assignee
GUOXIAN INTEGRATED CIRCUIT DESIGN CO Ltd BEIJING
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GUOXIAN INTEGRATED CIRCUIT DESIGN CO Ltd BEIJING filed Critical GUOXIAN INTEGRATED CIRCUIT DESIGN CO Ltd BEIJING
Priority to CN 01110395 priority Critical patent/CN1379375A/en
Publication of CN1379375A publication Critical patent/CN1379375A/en
Pending legal-status Critical Current

Links

Images

Landscapes

  • Advance Control (AREA)

Abstract

A full-hardware intelligent RSA encrypting/decrypting processor features that a superscalar streamline mode is used to encrypt/decrypt 1024-bit information by basic 64-bit modules in one run. It is composed of register group module, control logic module and multiplier/divider and accumulator module. Its advantages is high speed.

Description

The RSA encryption and decryption processor of intellectuality, devices at full hardware
The present invention relates to use RSA Algorithm (is that first can be used for the algorithm that data encryption also can be used for digital signature.The name of algorithm is named with the initial of inventor's surname: Ron Rivest, Adi Shamir and Leonard Adleman) carry out the devices at full hardware of data encrypting and deciphering computing, intelligent processor, more particularly, the present invention relates to comprise the interface mode of the DPRAM of the CPU that is applicable to any frequency, the utilization RSA Algorithm, pending information can be cut into the data block of several 1024bit positions, and data block is carried out the devices at full hardware processors that enciphering/deciphering is handled with the highest 64 for basic machining cell.
What existing RSA deciphering chip adopted when the mould of making data removes is Montgomery algorithm, thereby encryption/decryption speed is slower; And the present invention adopts " power " relevant superscale pipeline system to realize that the multiply accumulating and the mould of data remove, and cumulative process is isometric adding up, and has made full use of resource; And decryption processing adopted Chinese remainder theorem, the mould division operation of 1024 bit data changed into the mould division operation of 512 bit data, thereby accelerated the speed of decrypt operation.With the 50MHz frequency of operation, 0.35 μ m technology, the minimum data processing power reaches 400Kbps.And the present invention can need not consider data synchronization problems with the CPU cooperating of any dominant frequency.
The purpose of this invention is to provide the effective RSA encryption and decryption of a kind of high speed processor towards digital signature, authentication and data encrypting and deciphering.
For realizing above purpose, the invention provides the data cache module circuit; The multiplication of overlength width continuous-flow type and division parts; The progression control logic circuit of adaptive streamline; Section is taken advantage of and section is removed data address control logic module circuit.It is characterized in that: processor comprises: control logic module, data cache module, registers group module and arithmetical logic module.Data cache module is by bidirectional data line and address bus and outside swap data; After external data writes data cache module, control logic module produces control signal the data in the data cache module is read, write the corresponding units of registers group module, after institute's palpus operational data has been write, control logic module starts the enciphering/deciphering calculating process, the intermediate data (quotient and the remainder) that calculating process produces writes the registers group module via data line from the arithmetical logic module; Control logic module also produces the displacement control signal of arithmetical logic module.
Below with reference to accompanying drawings the preferred embodiments of the invention are described in detail, thereby advantage of the present invention and characteristics will be concrete more and obvious.In the accompanying drawing:
Fig. 1 RSA processor general structure block diagram;
The multi-stage pipeline diagram that Fig. 2 section of being long-pending " power " is relevant;
Fig. 3 is the connection diagram that adaptive pipeline series control logic circuit and data address produce logic control circuit;
Fig. 4 section of being volume data source address steering logic structural representation.
Fig. 5 is that clean multiplier is according to address control logic module structural representation.
Fig. 6 is an arithmetical logic modular structure simplified schematic diagram;
To be that 64 situation is described the present invention by basic machining cell below, and it should be understood that data block figure place of the present invention is not limited only to 1024, and can be to be less than or equal to any natural number of 1024, as 1000,512,10 etc.; Basic machining cell is not limited to 64 situation yet, and can be position as 32,16,8 etc. arbitrarily.When the integral multiple of 64 of pending information less thaies, a high position can be done and add " 0 " and handle, and carries out computing with 64 for basic machining cell.When pending information is 64 * n position (n is a natural number, when table data hop count, integral multiple that less than is 64, high-orderly does to add " 0 " and handles), pending information can be divided into the elementary cell of 64 of n sections.
Fig. 1 is a RSA processor general structure block diagram, mainly comprises: control logic module (1), data cache module (2), registers group module (3) and arithmetical logic module (4).Wherein, data cache module (2) is by bidirectional data line DATA_BUS and address bus ADDR and outside swap data; Data cache module (2) links to each other with registers group module (3) with RESULT by data line EDBBUS, is used for carrying out with registers group module (3) exchange of required data of enciphering/deciphering and result; Registers group module (3) is used to preserve encryption and decryption and handles required data, and the intermediate data (quotient and the remainder) of calculating process generation, via data line CODE, and MODE, QUO, R etc. link to each other with the arithmetical logic module (4) of RSA CORE; Control logic module (1) links to each other respectively with data cache module (2), registers group module (3) and arithmetical logic module (4), provide to registers group module (3) read and write must the address, to the read-write operation control signal of data cache module (2) and to the displacement control signal of arithmetical logic module (4).Control logic module (1) is mainly by forming with lower module: adaptive pipeline series control logic module, data address produce Logic control module circuit, section volume data source address control logic module, clean multiplier according to the address control logic module, and being used to produce computing institute must address and other control signal.
Produce writing address signal by steering logic, cooperate among the register module DPRAM of outer CPU instruction with Data Loading RSA circuit; After enciphering/deciphering finished, steering logic produced writing address signal RSA CORE and deposits data in DPRAM, and CPU extracts result from DPRAM; The preservation and the transmission of the intermediate data that the enciphering/deciphering calculating process is produced are finished automatically by special hard component.It is apparent to those skilled in the art that this interface circuit can be applicable to the CPU of any frequency, and need not consider data synchronization problems, thereby reduced circuit overhead.
The multi-stage pipeline diagram that Fig. 2 section of being long-pending " power " is relevant is described the relevant multi-stage pipeline mode of of the present invention section long-pending " power " below with reference to this figure.Section multiply accumulating with 64 * 2 bit data is an example: " power " that order is low 64 is 2 0, high 64 " power " is 2 1, then the power of product should be 2 3, the corresponding relation between each of product section and operand sees diagram for details.The section multiply accumulating flowing water progression of 64 * 2 bit data is 4 grades, and the rest may be inferred, and (n>m) the section multiply accumulating streamline form of data is n section * m section: A n* B mA N-1* B m, A n* B M-1A N-2* B m, A N-1* B M-1, A n* B M-2A N-3* B m, A N-2* B M-1A 0* B 1A 1* B 0A 0* B 0" power " relevant streamline multiplication.Flowing water length can be by adaptive control logic circuit, according to the real data length of (comprising the intermediate data that calculating process produces), automatically the hop count of control data, thus the pipeline series of each subcycle (section is taken advantage of or section is removed) controlled, optimized processing speed.
Fig. 3 is the connection diagram that adaptive control logic circuit and data address produce logic control circuit.Those skilled in the art is easy to realize according to block diagram shown in Figure 4 the adaptive control logic circuit of flowing water progression.In processing procedure, when former sections of mould division result are complete " 0 ", DATA=0, pipeline series control circuit (PipelineStage Control) subtracts one to mould division result hop count n, first occurs till the section for " 0 " until the mould division result.Steering logic is inserted address generating circuit with new data segment length nn as section volume data maximum segment address, takes advantage of flowing water progression thereby controlled new round round-robin section.
In order to realize that data segment is long-pending, to multiply by and pipeline processes that mould removes only, this patent provides a section volume data source address control logic circuit, clean multiplier to remove according to source address control logic circuit and mould to subtract volume data source address control logic circuit.Wherein, mould is addressed in the Chinese patent of " 1024 bit stream ability of swimming division parts " in detail except that subtracting volume data source address control logic circuit, will repeat no more in this patent.
Fig. 4 section of being volume data address control logic circuit block diagram.Add a counter 1 and be the tetrad address cycle counter, adding a counter 2 is the tetrad address counter, subtracts a counter 1 and subtract a counter 2 to subtract a counter for tetrad.N circulation be by adding 1 counting before adding a counter 1, cross n after, count by subtracting 1.
(the section multiplication of the data of n>m) is at first inserted n value and is added a counter 1, the negative logic of its output is exported to add a counter 2, the sector address of generation first operand A for n section * m section.Tetrad subtracts a counter and subtracts a counter 2 and subtract the sector address that a counter 1 is used to produce second operand B.Two-way address control logic circuit is pressed A n* B mA N-1* B m, A n* B M-1A N-2* B m, A N-1* B M-1, A n* B M-2A N-3* B m, A N-2* B M-1A 0* B 1A 1* B 0A 0* B 0The flowing water sector address of the section of generation multiplication operand in proper order.
Fig. 5 be clean multiplier according to the source address control logic circuit, add a counter 1 and add a counter 2 for tetrad adds a counter, subtract a counter 1 and subtract a counter 2 and subtract a counter for triad.(the clean multiplication of data of n>m) adds exporting to of a counter 1 and adds a counter 2 and put initial value, produces first operand A by adding a counter 2 for n section * m section 2Sector address.The output that adds a counter 1 is returned and is subtracted a counter 1 and put initial value, by subtracting the sector address that a counter 1 is used to produce second operand B.Two-way address control logic circuit is pressed A 0* B 0A 0* B 1, A 1* B 0A 0* B 2, A 1* B 1, A 2* B 0A 0* B 3, A 1* B 2A N-1* B m, A n* B M-1A n* B mFlowing water produce the sector address of clean multiplication operand in proper order.
Fig. 6 is an arithmetical logic modular structure block diagram.The arithmetical logic module is made up of 64 multiply accumulating devices of continuous-flow type of an overlength width, the continuous-flow type divider of 1024 overlength width.64 multiply accumulating devices of the continuous-flow type of overlength width be used to carry out from the section of the data of registers group module take advantage of, section is long-pending adds up, data address is produced according to address control logic module, a section volume data address control logic module by clean multiplier respectively.The continuous-flow type divider of 1024 overlength width is used for the mould division operation.Its adaptive control logic circuit of pipeline system division parts of 1024 overlength width that this patent is related is addressed in the Chinese patent of " 1024 bit stream ability of swimming division parts " in detail, will repeat no more in this patent.
Under the situation that does not break away from thought of the present invention and scope, those skilled in the art can also realize data are cut into the arbitrary data block length, and carries out encryption and decryption processing computing with the data length of random length as basic machining cell.

Claims (9)

1. RSA encryption and decryption processor adopts the superscale pipeline system, is a data block with pending information with 1024, and data block is handled for basic machining cell carries out enciphering/deciphering with the highest 64, it is characterized in that:
Described RSA encryption and decryption processor comprises: control logic module (1), data cache module (2), registers group module (3) and arithmetical logic module (4), wherein, data cache module (2) is by bidirectional data line DATA_BUS and address bus ADDR and outside swap data; Data cache module (2) links to each other with registers group module (3) with RESULT by data line EDBBUS, is used for carrying out with registers group module (3) exchange of required data of enciphering/deciphering and result; Registers group module (3) is used to preserve encryption and decryption and handles required data, and the intermediate data (quotient and the remainder) of calculating process generation, via data line CODE, and MODE, QUO, R links to each other with arithmetical logic module (4); Control logic module (1) links to each other respectively with data cache module (2), registers group module (3) and arithmetical logic module (4), provide to registers group module (3) read and write must the address, to the read-write operation control signal of data cache module (2) and to the displacement control signal of arithmetical logic module (4).
2. according to the RSA encryption and decryption processor of claim 1, it is characterized in that interface mode is applicable to the CPU of any frequency, whole enciphering/deciphering calculating process is finished automatically by hard component.
3. according to the RSA encryption and decryption processor of claim 1 or 2, registers group module (3) is stored 1024 required moulds of encryption and decryption respectively, plaintext or ciphertext, intermediate data merchant, and remainder.
4. according to the RSA encryption and decryption processor of claim 1, it is characterized in that arithmetical logic module (4) comprises the multiplying unit of overlength width, the relevant multilevel pipelining of employing " power " that adds up that section is long-pending.
5. according to the RSA encryption and decryption processor of claim 4, the long-pending stream line operation of the section of it is characterized in that is finished by adaptive control logic circuit, can be according to the real data length of (comprising the intermediate data that calculating process produces), automatically control the length of each subcycle and the progression of streamline, thereby optimized processing speed.
6. according to the RSA encryption and decryption processor of claim 1, it is characterized in that arithmetical logic module (4) has comprised the division parts of overlength width, the mould division operation adopts by " power " relevant multilevel pipelining.
7. according to the RSA encryption and decryption processor of claim 6, the stream line operation that it is characterized in that the mould division operation comprises adaptive control logic circuit, can be according to the real data length of (comprising the intermediate data that calculating process produces), automatically control the length of each subcycle and the progression of streamline, thereby optimized processing speed.
8. according to the RSA encryption and decryption processor of claim 1, it is characterized in that the address of the operational data that steering logic unit (1) produces is delivered to the computing that the arithmetical logic module is correlated with data in " power " relevant mode.
9. according to the RSA encryption and decryption processor of claim 1, it is characterized in that decrypting process has utilized Chinese remainder theorem, the mould division operation of 1024 bit data is changed into the mould division operation of 512 bit data.
CN 01110395 2001-04-11 2001-04-11 Full-hardware intelligent RSA encrypt/decrypt processor Pending CN1379375A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN 01110395 CN1379375A (en) 2001-04-11 2001-04-11 Full-hardware intelligent RSA encrypt/decrypt processor

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN 01110395 CN1379375A (en) 2001-04-11 2001-04-11 Full-hardware intelligent RSA encrypt/decrypt processor

Publications (1)

Publication Number Publication Date
CN1379375A true CN1379375A (en) 2002-11-13

Family

ID=4658565

Family Applications (1)

Application Number Title Priority Date Filing Date
CN 01110395 Pending CN1379375A (en) 2001-04-11 2001-04-11 Full-hardware intelligent RSA encrypt/decrypt processor

Country Status (1)

Country Link
CN (1) CN1379375A (en)

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102739396A (en) * 2011-04-11 2012-10-17 航天信息股份有限公司 Co-processor applied in information security
CN102968601A (en) * 2011-09-01 2013-03-13 深圳市证通电子股份有限公司 128-bit RSA (Rivest Shamir Adleman) processor
CN104104504A (en) * 2014-07-22 2014-10-15 大唐微电子技术有限公司 RSA decoding method and device
CN107404380A (en) * 2017-06-30 2017-11-28 吴尽昭 A kind of RSA Algorithm based on asynchronous data-path

Cited By (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102739396A (en) * 2011-04-11 2012-10-17 航天信息股份有限公司 Co-processor applied in information security
CN102739396B (en) * 2011-04-11 2015-07-15 航天信息股份有限公司 Co-processor applied in information security
CN102968601A (en) * 2011-09-01 2013-03-13 深圳市证通电子股份有限公司 128-bit RSA (Rivest Shamir Adleman) processor
CN104104504A (en) * 2014-07-22 2014-10-15 大唐微电子技术有限公司 RSA decoding method and device
CN104104504B (en) * 2014-07-22 2017-05-10 大唐微电子技术有限公司 RSA decoding method and device
CN107404380A (en) * 2017-06-30 2017-11-28 吴尽昭 A kind of RSA Algorithm based on asynchronous data-path
CN107404380B (en) * 2017-06-30 2020-09-11 吴尽昭 RSA algorithm based on asynchronous data path

Similar Documents

Publication Publication Date Title
CN101547089B (en) Method for realizing elliptic curve cryptosystem algorithm over prime field in integrated circuit
US8271570B2 (en) Unified integer/galois field (2m) multiplier architecture for elliptic-curve crytpography
EP2350811B1 (en) Method and apparatus for modulus reduction
CN101149675A (en) Multiplier
US8078661B2 (en) Multiple-word multiplication-accumulation circuit and montgomery modular multiplication-accumulation circuit
CN100420182C (en) Multi-stage counting device
US6772942B2 (en) Arithmetic circuit to increase the speed of a modular multiplication for a public key system for encryption
CN102231102A (en) Method for processing RSA password based on residue number system and coprocessor
Hasan Look-up table-based large finite field multiplication in memory constrained cryptosystems
CN102122241A (en) Analog multiplier/divider applicable to prime field and polynomial field
CN101212292A (en) ECC/RSA encryption/decryption coprocessor
KR20020063793A (en) Power-residue calculating unit using montgomery algorithm
CN109271137B (en) Modular multiplication device based on public key encryption algorithm and coprocessor
CN110704109A (en) Elliptic curve password coprocessor
CN114371829A (en) Data processing method in polynomial multiplier, polynomial multiplier and processor
CN1379375A (en) Full-hardware intelligent RSA encrypt/decrypt processor
KR100950117B1 (en) Method and apparatus for processing arbitrary key bit length encryption operations with similar efficiencies
US5954788A (en) Apparatus for performing modular multiplication
US7266577B2 (en) Modular multiplication apparatus, modular multiplication method, and modular exponentiation apparatus
CN107463354A (en) A kind of variable Montgomery modular multiplication circuits of dual domain degree of parallelism towards ECC
CN114371828A (en) Polynomial multiplier and processor with same
CN1696894B (en) Multiplier calculating modular multiplicatin of large numbers
Smyth et al. An adaptable and scalable asymmetric cryptographic processor
CN117785128A (en) Computing system capable of being used for elliptic curve of arbitrary prime number domain
KR100297110B1 (en) Modular multiplier

Legal Events

Date Code Title Description
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C02 Deemed withdrawal of patent application after publication (patent law 2001)
WD01 Invention patent application deemed withdrawn after publication