CN1567267A - Programmable controlled data handling equipment - Google Patents
Programmable controlled data handling equipment Download PDFInfo
- Publication number
- CN1567267A CN1567267A CN 03148563 CN03148563A CN1567267A CN 1567267 A CN1567267 A CN 1567267A CN 03148563 CN03148563 CN 03148563 CN 03148563 A CN03148563 A CN 03148563A CN 1567267 A CN1567267 A CN 1567267A
- Authority
- CN
- China
- Prior art keywords
- data
- storage element
- signal
- programme
- control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Landscapes
- Storage Device Security (AREA)
Abstract
This invention discloses a kind of programmable controlled data processing apparatus by using a storing unit to store the mutable fields with WLAN encryption standard. When the encryption standard varies, it only needs to modify this storing unit and decrease the modification of other parts. The data processing apparatus comprises: first storing unit, which stores at least one assistant information, if the encryption standard changed, it updates the assistant information in the first storing unit; a reading unit, which coupled with the storing unit, receives an index, gets the corresponding assistant information from the first storing unit according to this index; a processing unit, which coupled with the reading unit, receives the assistant information and a data signal, and processes the data signal according to the assistant information, and outputs a processing signal.
Description
Technical field
The present invention relates to a kind of data processing equipment of control able to programme, particularly a kind ofly be applied in WLAN (wireless LAN, WLAN) encryption standard when change can reduce the data processing equipment of the control able to programme of hardware modifications amplitude.
Background technology
In recent years, along with the progress of radio communication science and technology, digital mobile product miscellaneous such as mobile phone, mobile computer, PDA have realized the hope of human radio communication, except breaking away from the constraint of traditional wire telephony, make the user freer, also make interhuman distance nearer.
Yet wireless network is to utilize broadcasting (broadcast) mode to transmit in the space.That is to say that as long as have the inclination, anyone can capture transmission signals in the space, learn the transmission content, and then the attack of harm network security such as be engaged in that puppet is emitted, altered.Particularly, more can cause great injury at the ecommerce that requires transmission security or the application of classified papers.Therefore, wireless signal transmission is all essential through encrypting (encryption), to guarantee transmission safety.
(the Institute of Electrical and ElectronicsEngineers of U.S. motor electronic Engineering society, IEEE), in order to strengthen WLAN (wireless LAN, WLAN) data transmission security has been worked out an encryption standard: IEEE 802.lli CCMP (Counter-Mode/CBC-MACProtocol) especially.CCMP adopts CCM (Counter-Mode with Cipher-Block ChainingMessage Authentication Code, Counter-Mode with CBC-MAC) pattern go to control advanced encryption standard (Advance Encryption Standard, AES).Because assailant institute using method is maked rapid progress, be difficult for by success attack in order to ensure the transmission data, the wireless transmission safety standard needs constantly experiment and test.So IEEE 802.11i standard still do not decide fully as yet by the end.Therefore, the medium access control service data unit of the parameter of encryption and decryption under the CCMP pattern is provided, and (MAC Service Data Unit, frame header MSDU) (frame header) just have the part field to be become easy variable domain field (mutable files) by IEEE 802.11i standard definition.In the ciphering process of CCMP, easy variable domain field can be given up or set 0 in response to such situation.
In sum, see also Fig. 1, the arrangement plan of this figure CCMP.CCM steering logic 3 receives the transmission data, and the secundum legem encrypting step utilizes two AES ciphering units 5 to encrypt, and the result is sent afterwards again.Yet along with the change of standard, the form of data is through the change of being everlasting, so the hardware design of CCM steering logic 3 particularly receives the part of data-signal 1, just must often upgrade.
Because the high-tech industry competition is fierce mutually, the time is exactly the key of deciding the issue of the battle.Therefore, industry can not the wait standard be finished and is just begun the research and development of being correlated with.In the process of carrying out synchronously, easy variable domain field can be given up or set 0 for, and these are rejected or set 0 easy variable domain field for and also can bring the Additional Verification data (Additional Authenticated Data) of making CCM.As long as standard a little changes, hardware just must constantly redesign meeting demand, except wasting time and energy, and also inefficent, so must seek under standard is definite as yet, can improve the hardware configuration of continuous design iterations.
Summary of the invention
But fundamental purpose of the present invention provides the hardware configuration that a kind of elasticity is revised, and with when standard changes, reduces the change amplitude of hardware design.
For reaching above-mentioned purpose, the data processing equipment of control able to programme provided by the invention comprises:
One first storage element stores supplementary, in order to an auxiliary cryptographic algorithm deal with data, wherein, when cryptographic algorithm changes, upgrades the stored supplementary of this first storage element accordingly from the outside;
One reading unit is coupled to this first storage element, receives an index, to read the pairing supplementary of this index from this first storage element;
And
One processing unit is coupled to this reading unit, receives the pairing data-signal of this index, and according to the pairing supplementary of this index, handles this data-signal.
In order further to understand feature of the present invention, purpose and function, the present invention is described in detail with instantiation below in conjunction with accompanying drawing.
Description of drawings
Fig. 1 is the CCMP arrangement plan;
Fig. 2 is an arrangement plan of the present invention;
Fig. 3 shows a specific embodiment of the present invention;
Fig. 4 is a flow chart illustration of the present invention.
Description of reference numerals: 1-data-signal; The 11-index; The 2-interface arrangement; 20-first storage element; The 21-reading unit; The 210-supplementary; 24-second storage element; 240-keeps in signal; 25-assists moving cell; 250-prestrain signal; The 27-processing unit; The 270-processing signals; The 271-setting device; 273-gives up device; 274-captures signal; 275-layout device; 29-the 3rd storage element; The 3-CCM steering logic; The 5-AES ciphering unit.
Embodiment
Consult Fig. 2, this figure arrangement plan of the present invention.Spirit of the present invention is to provide an interface arrangement 2, utilizes one to store the variation that body writes down easy variable domain field.When standard changes, as long as upgrade the information in this internal memory, data-signal 1 is the same as after these interface arrangement 2 processing, send into CCM steering logic 3, reach standard change field purpose, and need not revise CCM steering logic 3, particularly therefore the input and output interfaces part can save the time and the time of hardware design widely.
See also Fig. 3, this figure specific embodiment of the present invention.In this embodiment, the present invention includes:
One first storage element 20 stores a supplementary at least, when this encryption standard change, upgrades stored supplementary in this first storage element 20 by the outside.
One reading unit 21 connects this storage element 20, receives an index 11, obtains a pairing supplementary 210 according to this index 11 from first storage element 20.Obtaining the method for supplementary can utilize the mode of tabling look-up to realize.
One second storage element 24 receives a prestrain signal 250, temporary input data, output one temporary signal 240; Second storage element 24 mainly is to keep in the data of being imported.Prestrain signal 250 is provided by association's moving cell 25 of this interface arrangement, be used for replenishing in the frame header (frame header) that institute does not have and in ciphering process information necessary, as information such as header lengths.
One processing unit 27 connects this reading unit 21 and this second storage element 24, receives supplementary 210, temporary signal 240 and data-signal 1.Processing unit 27 is handled according to 210 pairs of these data-signals 1 of this supplementary, exports a processing signals, and the data that will exceed a treated length to deliver to this second storage element temporary.Processing unit is according to from this supplementary the partial bit of this data-signal being done to give up or the work of setting.Therefore, this processing unit comprises:
One setting device 271 connects this reading unit 21, according to this supplementary 210, sets the part position of this data-signal for a particular value.This particular value can set 0 or 1 for, and the sighting target standard needs and decides, and generally is set at 0.On real the work, can utilize the form of bit shielding (bit mask) to realize.That is to say that the bit addresses that this supplementary 210 is set in desire is 0, remaining address is 1, doing a logic and (AND) processing with data-signal 1, can obtain institute and ask.
One gives up device 273, connects reading unit 21, according to this supplementary 210, the partial bit of this data-signal 1 is given up.Ciphering process does not need or the still untapped bit of standard is just given up, and last bits is filled vacancies in the proper order forward successively, and not enough address mends 0.
One layout device 275, this layout device has and receives through setting device 271 or give up one first of acquisition signal 274 that device 273 handled and import and connect one second of this second storage element and import, this layout device according to this treated length with this first the input and this second input editing after output processing signals 270, and will exceed the data of this treated length, it is temporary to deliver to this second storage element 24.Layout device 275 can be imported from second of this second storage element 24 in preferential layout.That is to say that the temporary signal 240 that layout device 275 can preferentially be imported second storage element 24 is placed on the front, the back connects the acquisition signal 274 that first input is received again.The output of layout device has a length restriction, exceeds the part of this treated length, delivers to second storage element 24, and is temporary by second storage element 24, waits for the output of next time.
In this specific embodiment, 3 outputs of CCM steering logic all are 128 bits with input, and data-signal 1 input once is 32 bits.In this case, also need one the 3rd storage element 29, do the processing of interface.The 3rd storage element 29 connects this processing unit 27, receives this processing signals 270, is accumulated to a designated bit number, exports subordinate's circuit to, and just the CCM steering logic 3.In the present embodiment, this designated bit number is 128 just, has in other words full 128 bit numbers of the 3rd storage element 29 collection just data can be delivered to CCM steering logic 3.
See also Fig. 4, continue to utilize Fig. 3 to do a flow process explanation.Data-signal 1 transmission primaries is 32 bits, and promptly 4 bytes are expressed as D0, D1, D2 and D3.In input, also have an index 11 and be input to reading unit 21, make reading unit 21 obtain pairing supplementary 210 to first storage element 20.In addition, data also can be imported association's moving cell 25, and by association's moving cell 25 prestrain signal 250 being delivered to second storage element, 24, the second storage elements 24 is the buffer of 3 bytes, is expressed as BD0, BD1 and BD2 in regular turn.Data are at first passed through processing unit 27, the supplementary 210 obtained according to reading unit 21, and setting device 271 is set at 0 with specific bit, giving up device 273 gives up specific bit, as this byte of D2 is given up, at this moment need the value of D3 is moved on among the D2, the bit among the D3 mends 0.In layout device 275, can load with second storage element 24 and through setting device 271, the acquisition signal 274 of giving up device 273, during layout with the temporary signal 240 preferential layouts of second storage element 24 preceding, connect acquisition signal 274 afterwards again, the processing signals 270 of output treated length (the present embodiment treated length is 4), it is temporary that the part that exceeds is just delivered to second reservoir 24, waits for output next time.Also be, the data of BD0, BD1, BD2 add that D0 is 4 bytes altogether, are processing signals 270, and that D1 and D3 just are sent to second storage element 24 is temporary, and during next record data input by the time, D1 and D3 will become BD0 and BD1, are preferentially come the front and export.Because 3 outputs of CCM steering logic all are 128 bits with input, so also need one the 3rd reservoir 29 that output data is temporary, behind accumulation 128 bits, output to CCM steering logic 3 again, again by CCM steering logic 3 control encrypting steps.
Therefore, how pipe standards do not change, and the place of required change just only is confined to the supplementary in first storage element 20, and need not change the design in other place.But therefore during researching and developing, can adopt reusable internal memory usually as program read-only memory (Programmable Read Only Memory; PROM), Erasable Programmable Read Only Memory EPROM (Erasable Programmable Read Only Memory; EPROM) or electronic type EPROM Electrically Erasable ProgrammableRead Only is Memory, form EEPROM).During launch,, can adopt ROM (read-only memory) (read only memory, form ROM) for reducing cost.Can effectively solve problem because of a large amount of design iterations of standard change palpus.
Except CCMP, for another the selection of encryption standard: by the WPA (WiFi Protected Access) that WiFi alliance is proposed, the present invention also can be suitable equally.
The above only is preferred embodiment of the present invention, can not limit the scope of the invention with this.All equalizations of doing according to claim of the present invention change and modify, will not lose main idea of the present invention place, also do not break away from the spirit and scope of the present invention, all should be considered as further enforcement of the present invention.
Claims (10)
1, a kind of data processing equipment of control able to programme comprises:
One first storage element stores supplementary, in order to an auxiliary cryptographic algorithm deal with data, wherein, when cryptographic algorithm changes, upgrades the stored supplementary of this first storage element accordingly from the outside;
One reading unit is coupled to this first storage element, receives an index, to read the pairing supplementary of this index from this first storage element;
And
One processing unit is coupled to this reading unit, receives the pairing data-signal of this index, and according to the pairing supplementary of this index, handles this data-signal.
2, the data processing equipment of control able to programme as claimed in claim 1, wherein this cryptographic algorithm is IEEE 802.11i CCMP (Counter-Mode/CBC-MAC Protocol), this data-signal is WLAN (wireless LAN, WLAN) medium access control service data unit (MAC ServiceData Unit, MSDU) some.
3, the data processing equipment of control able to programme as claimed in claim 1 also includes one the 3rd storage element, is coupled to this processing unit, receives the data-signal through this processing unit processes, and after waiting to be accumulated to a designated bit, exports subordinate's circuit to.
4, the data processing equipment of control able to programme as claimed in claim 1, wherein this first storage element is a ROM (read-only memory) (read only memory, ROM), a programmable read only memory (Programmable Read Only Memory, PROM), an Erasable Programmable Read Only Memory EPROM (Erasable Programmable Read Only Memory, EPROM), and an electronic type EPROM (Electrically Erasable Programmable Read Only Memory, one of EEPROM).
5, the data processing equipment of control able to programme as claimed in claim 1, wherein this processing unit also includes a setting device, is coupled to this reading unit, according to the pairing supplementary of this index, the partial bit of this data-signal is set for one specific.
6, the data processing equipment of control able to programme as claimed in claim 1, wherein this processing unit also includes one and gives up device, is coupled to this reading unit, according to the pairing supplementary of this index, the partial bit of this data-signal is given up.
7, the data processing equipment of control able to programme as claimed in claim 1, wherein this processing unit also comprises a layout device, this layout device has one first input of input data and receives one second input of the temporary signal of one second storage element, this layout device according to a treated length with this first the input and this second input editing after export, and will exceed the data of this treated length, it is temporary to deliver to this second storage element.
8, the data processing equipment of control able to programme as claimed in claim 7, this second storage element wherein, be coupled to this layout device of this processing unit, the data that exceed this treated length that this second storage element receives a prestrain signal and imported by this processing unit, temporary input data are exported the layout device of this temporary signal to this processing unit.
9, the data processing equipment of control able to programme as claimed in claim 8, wherein this layout assembly first layout is from second input of this second storage element.
10, the data processing equipment of control able to programme as claimed in claim 8, wherein this second storage element is a buffer (register).
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031485634A CN1321379C (en) | 2003-07-03 | 2003-07-03 | Programmable controlled data handling equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB031485634A CN1321379C (en) | 2003-07-03 | 2003-07-03 | Programmable controlled data handling equipment |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1567267A true CN1567267A (en) | 2005-01-19 |
| CN1321379C CN1321379C (en) | 2007-06-13 |
Family
ID=34472316
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB031485634A Expired - Lifetime CN1321379C (en) | 2003-07-03 | 2003-07-03 | Programmable controlled data handling equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN1321379C (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100424611C (en) * | 2005-07-28 | 2008-10-08 | 国际商业机器公司 | Method and central processing unit for processing encryption software |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5892826A (en) * | 1996-01-30 | 1999-04-06 | Motorola, Inc. | Data processor with flexible data encryption |
| CN1189071A (en) * | 1996-12-31 | 1998-07-29 | 摩托罗拉公司 | Apparatus and method for securing electronic information in wireless communication device |
| US6014745A (en) * | 1997-07-17 | 2000-01-11 | Silicon Systems Design Ltd. | Protection for customer programs (EPROM) |
| CN2464030Y (en) * | 2000-08-26 | 2001-12-05 | 暨南大学 | Enciphered mobile telephone set |
| CN1219382C (en) * | 2000-09-05 | 2005-09-14 | 中兴通讯股份有限公司 | New scrambler |
-
2003
- 2003-07-03 CN CNB031485634A patent/CN1321379C/en not_active Expired - Lifetime
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN100424611C (en) * | 2005-07-28 | 2008-10-08 | 国际商业机器公司 | Method and central processing unit for processing encryption software |
Also Published As
| Publication number | Publication date |
|---|---|
| CN1321379C (en) | 2007-06-13 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN101924607B (en) | Firmware processing method based on firmware air transmission technology, device and system thereof | |
| EP1580958B1 (en) | Internet protocol tunnelling using templates | |
| CN110149373A (en) | Date storage method, device, medium and server based on point to point network | |
| CN1378735A (en) | Protection of communications | |
| US7191343B2 (en) | Voucher driven on-device content personalization | |
| CN107454590A (en) | A kind of data ciphering method, decryption method and wireless router | |
| CN108418893A (en) | A kind of method of smart machine firmware safety upgrade | |
| CN107689864A (en) | A kind of authentication method, server, terminal and gateway | |
| CN109358611A (en) | A kind of vehicle diagnostics software pre-setting method, vehicle diagnosing system and relevant device | |
| CN102946315B (en) | A kind of method and system adopting packet mode to construct MAC code | |
| CN110727455A (en) | Software remote upgrading method and related equipment | |
| CN101895538B (en) | Method and system for establishing data exchange channels, smart card and server | |
| EP1632943B1 (en) | Method of preventing multimedia copy | |
| CN111866864B (en) | Method, device and storage medium for realizing encrypted storage and safe use management of cloud platform certificate based on wireless AP | |
| CN1567267A (en) | Programmable controlled data handling equipment | |
| CN111162898B (en) | SM4 rapid software implementation method and device based on Android terminal | |
| CN115766244A (en) | Internet of vehicles information encryption method and device, computer equipment and storage medium | |
| CN112333699B (en) | Internet of things communication protocol encryption method, equipment and storage medium | |
| CN110730166B (en) | Data encryption and data decryption method, system, computer device and storage medium | |
| DE60205576T2 (en) | Loading data into a mobile device | |
| CN112035866A (en) | Data encryption and decryption method, device, equipment and computer readable storage medium | |
| US20050008149A1 (en) | Programmable data processing apparatus for CCMP hardware implementation | |
| CN118101169B (en) | Method and system for realizing encryption and decryption algorithm of reserved format of block cipher | |
| EP4113341A1 (en) | Encryption scheme for providing software updates to an update agent | |
| CN114491587B (en) | White-box password encryption and decryption method based on SM 4-like structure |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CX01 | Expiry of patent term | ||
| CX01 | Expiry of patent term |
Granted publication date: 20070613 |