CN207184503U - reconfigurable S-box circuit structure - Google Patents

reconfigurable S-box circuit structure Download PDF

Info

Publication number
CN207184503U
CN207184503U CN201720572547.8U CN201720572547U CN207184503U CN 207184503 U CN207184503 U CN 207184503U CN 201720572547 U CN201720572547 U CN 201720572547U CN 207184503 U CN207184503 U CN 207184503U
Authority
CN
China
Prior art keywords
constant
unit
matrices
selector
output end
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201720572547.8U
Other languages
Chinese (zh)
Inventor
郑辛星
张肖强
邢博昱
王倩
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuhu Institute of Technology
Original Assignee
Wuhu Institute of Technology
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuhu Institute of Technology filed Critical Wuhu Institute of Technology
Priority to CN201720572547.8U priority Critical patent/CN207184503U/en
Application granted granted Critical
Publication of CN207184503U publication Critical patent/CN207184503U/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Two-Way Televisions, Distribution Of Moving Picture Or The Like (AREA)

Abstract

Reconfigurable S-box circuit structure provided by the utility model, including:Composite matrix multiplication unit 1, composite matrix multiplication unit 2, constant add unit 1, constant to add unit 2, constant to add unit 3, constant to add unit 4, constant to add unit 5, constant to add unit 6, compositum multiplication against unit, selector 1, selector 2, byte data input port, byte data output port and control signal input mouth, and the selector 1 and the selector 2 are four to select a selector.Reconfigurable S-box circuit structure provided by the utility model, by being multiplexed compositum multiplication against unit mode, realize AES encryption S boxes, AES decryption S boxes, the computing of SM4S boxes and the reconfigurable function of Camellia S box computings, greatly reduce circuit area, simultaneously synthesizing matrix structure is advantageous to the raising of circuit optimization efficiency, so as to further reduce circuit area.

Description

Reconfigurable S-box circuit structure
Technical field
It the utility model is related to cryptochannel technical field, more particularly to a kind of Reconfigurable S-box circuit structure.
Background technology
1.AES cryptographic algorithms, SM4 cryptographic algorithms and Camellia cryptographic algorithms
AES (Advanced Encryption Standard, Advanced Encryption Standard) is by American National Standard and technology A new generation's packet symmetric cryptographic algorithm that research institute formulates for 2001, for substituting original DES (Data Encryption Standard, data encryption standards).The data packet length of AES cryptographic algorithms is 128 bits, and key length has 128,192 Hes 256 three kinds of bits.AES cryptographic algorithms are used by multiple International Standards Organization, are that most popular block cipher is calculated at present Method.
SM4 AESs are first commercializations announced by country of China commercial cipher management office in January, 2006 Block cipher, its block length and key length are 128 bits.Camellia algorithms are by NTT With Mitsubishi in Joint Designing in 2000, the data packet length of Camellia algorithms is also 128 bits, and key length is Three kinds of 128 bits, 192 bits and 256 bits.
Camellia elects canonical algorithm, including the NESSIE standards in Europe, the CRYPTREC of Japan as by many tissues The ISO/IEC18033-3 standards that standard and International Organization for standardization formulate with International Electrotechnical Commission.
The diversity of block cipher standard is that cryptographic system realization brings huge challenge, in order to meet different regions and difference The application demand of industry, generally require different algorithm integrations into a hardware platform.
The computing of 2.AES S boxes, SM4 S boxes computings and Camellia S box computings
In AES cryptographic algorithms, SM4 cryptographic algorithms and Camellia cryptographic algorithms, byte replacement operation (commonly referred to as S Box computing) it is unique nonlinear operation, computational complexity highest.Therefore AES cryptographic algorithms, SM4 cipher circuits and Camellia cipher circuits, S box computing circuits are most important arithmetic units, in these three cipher circuits respectively Occupy most of logical resource.
2.1 AES S box computings
In AES cryptographic algorithms, ciphering process and decrypting process use different S box computings, in S box computings are encrypted, Input byte carries out a finite field gf (2 first8) domain comultiplication inverse operation, then carry out an Affine arithmetic, its expression formula For:
Wherein x is to input byte, ()A –1For finite field gf (28) inverse of multiplication on domain, MAFor 8 × 8bit constant squares Battle array, cAFor 8bit constant vectors, MAAnd cAFor completing to encrypt the Affine arithmetic in S boxes.Specified GF in AES cryptographic algorithms (28) irreducible function in domain is
F (x)=x8+x4+x3+x+1
Constant matrices MAWith constant vector cARespectively:
Decryption S box computings are to encrypt the inverse operation of S box computings, and its expression formula is:
Wherein M'AFor MAInverse of a matrix matrix, M'AAnd cAFor complete decrypt S boxes in Affine arithmetic, other computings with Formula (1) computing is identical.
2.2 SM4 S box computings
In SM4 cryptographic algorithms, ciphering process and decrypting process use same S boxes computing.SM4 S boxes are first to input Byte carries out an Affine arithmetic, then carries out a GF (2 again8) domain inverse of multiplication, Affine arithmetic is finally carried out again, its Expression is
Wherein ()S -1The GF (2 specified for SM4 cryptographic algorithms8) inverse of multiplication on domain, MSFor 8 × 8bit constant squares Battle array, cSFor 8bit constant vectors, MSAnd cSFor completing Affine arithmetic.
Specified GF (2 in SM4 cryptographic algorithms8) irreducible function in domain is
F (x)=x8+x7+x6+x5+x4+x2+1
Constant matrices MSWith constant vector cSRespectively:
2.3 Camellia S box computings
Camellia cipher algorithm encryption processes employ 4 different S box computings, are respectively:
Wherein x is to input byte, ()C -1For finite field gf ((24)2) on inverse of multiplication, MCfAnd MChIt is normal for 8 × 8bit Matrix number, cCfAnd cChFor 8bit constant vectors, MCfAnd cCfFor completing Affine arithmetic f, MChAnd cChFor completing Affine arithmetic H,<< < 1 are the bit arithmetic of ring shift left one,>>>1 is the bit arithmetic of ring shift right one.
From formula (4), S boxes SC1Output ring shift left one constitute S boxes SC2, S boxes SC1Output ring shift right One constitutes S boxes SC3, S boxes SC1Input ring shift left one constitute S boxes SC4.In being realized in hardware circuit, circulation Move to left and do not need any circuit logic with ring shift right, it is only necessary to bus order is exchanged, therefore, when hardware is realized, Only need to realize SC1Circuit.S boxes SC1Carrying out an Affine arithmetic to input byte first, (Affine arithmetic f), then enters again One GF ((2 of row4)2) domain inverse of multiplication, an Affine arithmetic (Affine arithmetic h) is finally carried out again.Camellia cryptographic algorithms In specified GF ((24)2) irreducible function in domain is
Wherein ω={ 1001 }2, constant matrices MCfWith constant matrices MChRespectively:
Constant vector cCfWith constant vector cChRespectively:
The decryption computing of Camellia cryptographic algorithms uses and the 4 S box computings of cryptographic calculation identical.
The isomorphism mapping of the computing of 3.AES S boxes, SM4 S boxes computings and Camellia S box computings
The compound domain mapping of 3.1 AES encryption S boxes
AES encryption S box operation expressions based on compositum are:
Wherein ()M -1For the inverse of multiplication on target compositum, described target compositum for arbitrarily with GF (28) domain is same The compositum of structure, DAFor 8 × 8bit mapping matrixes, it is that will input byte x from GF (2 that it, which is acted on,8) domain mapping is to target compositum On, D'AFor DAInverse matrix, its effect is that operation result is mapped back to the GF specified by AES cryptographic algorithms from target compositum (28) domain.In formula (5), MAAnd D'AAll it is 8 × 8bit matrixes, therefore 8 × 8bit matrix can be merged into, merges it AES encryption S box operation expressions afterwards are:
Wherein constant matrices QAFor MAAnd D'AMerge matrix, i.e. QA=MA×D'A, constant matrices QAAlso it is 8 × 8bit constants Matrix.
3.2 AES decrypt the compound domain mapping of S boxes
SM4 S box operation expressions based on compositum are:
Related operation in above formula is identical with formula (5).Equally, mapping matrix DAWith constant matrices M'AOne can be merged into Individual matrix, the AES decryption S box operation expressions after merging are:
Wherein constant matrices Q'A=DA×M'A, constant vector dA=Q'A×cA
The compound domain mapping of 3.3 SM4 S boxes
SM4 S box operation expressions based on compositum are:
Wherein ()M -1For the inverse of multiplication on target compositum, described target compositum for arbitrarily with GF (28) domain is same The compositum of structure, DSFor 8 × 8bit mapping matrixes, it is the GF (2 for specifying input byte x from SM4 that it, which is acted on,8) domain mapping is to mesh Mark on compositum, D'AFor DAInverse matrix, it is that operation result is mapped back into the GF (2 that SM4 specifies from target compositum that it, which is acted on,8) Domain.In formula (9), MSAnd D'SAll it is 8 × 8bit matrixes, therefore 8 × 8bit matrix can be merged into.Equally, DSWith MS8 × 8bit matrix can also be merged into, the SM4 S box operation expressions after merging are:
Wherein constant matrices QS=MS×D'S, constant matrices RS=DS×MS, constant vector dS=DS×cS。
The isomorphism mapping of 3.4 Camellia S boxes
In order to be multiplexed finite field multiplier inverse operation unit with SM4 S boxes, the finite field multiplier of Camellia S boxes is inverse ()C -1 It is also required to be mapped on target compositum.Camellia S box operation expressions after mapping are:
Wherein ()M -1For the inverse of multiplication on target compositum, DCFor mapping matrix, D'CFor inverse mapping matrix.Equally, Correlation matrix in formula (11) is merged, the Camellia S box operation expressions after merging are:
Wherein constant matrices QCh=MCh×D'C, constant matrices QCf=DC×MCf, constant vector dCf=DC×cCf
Due in the prior art, in an electronic installation simultaneously integrated AES cryptographic algorithms, SM4 cryptographic algorithms with Camellia cryptographic algorithms, the computing of AES encryption S boxes, the computing of AES decryption S boxes, SM4 S boxes computings and Camellia S box computings It is to cause the circuit area of overall cryptographic algorithm larger by different circuit realirations respectively, so that using the encryption The hardware volume of method is larger, does not meet people for light, thin, short, the small requirement of electronic installation.
Utility model content
The utility model provides a kind of Reconfigurable S-box circuit structure, to be integrated in same electronic installation simultaneously When AES cryptographic algorithms, SM4 cryptographic algorithms and Camellia cryptographic algorithms, total circuit area is reduced.
In order to solve the above problems, the utility model provides a kind of Reconfigurable S-box circuit structure, including:Composite matrix Multiplication unit 1, composite matrix multiplication unit 2, constant add unit 1, constant add unit 2, constant add unit 3, constant add unit 4, Constant adds unit 5, constant to add unit 6, compositum multiplication against unit, selector 1, selector 2, byte data input port, word Save data-out port and control signal input mouth, the selector 1 and the selector 2 are four to select a selector;Institute The input port for stating composite matrix multiplication unit 1 is connected with byte data input port;The output of composite matrix multiplication unit 1 Hold PA, output end PV, output end PS, output end PCThe input with selector 1, constant add the input of unit 1, constant respectively The input of unit 2, constant is added to add the input of unit 3 to connect one to one;The constant adds the output end of unit 1, constant The output end of unit 2, constant is added to add input of the output end of unit 3 with selector 1 to be connected;The selector 1 it is defeated Go out end with the input of compositum multiplication against the unit to be connected;Output end and synthesis square of the compositum multiplication against unit The input of battle array multiplication unit 2 is connected;The output end P of the composite matrix multiplication unit 2A, output end PV, output end PS, it is defeated Go out to hold PCThe input of unit 4, the input of selector 2, constant is added to add the input of unit 5, constant to add list with constant respectively The input of member 6 connects one to one;The constant adds the output end of unit 4, constant to add the output end of unit 5, constant to add list Input of the output end of member 6 with selector 2 is connected;The output end of the selector 2 and byte data output port phase Connection;The selection end of the selector 1 and selector 2 is connected with control signal input mouth;The Reconfigurable S-box circuit Structure has four mode of operations:AES encryption S boxes mode of operation, AES decryption S boxes mode of operation, SM4 S boxes mode of operations and Camellia S box mode of operations;Under the control of selection signal, selector 1 and selector 2 select different signals to lead to respectively Road, so as to realize the different mode of operation of Reconfigurable S-box:Under AES encryption S box mode of operations, selector 1 exports composite matrix The output end P of multiplication unit 1AOn operation result, the output constant of selector 2 adds the operation result of unit 4;S boxes are decrypted in AES Under mode of operation, the output constant of selector 1 adds the operation result of unit 1, and selector 2 exports the defeated of composite matrix multiplication unit 2 Go out to hold PVOn operation result;Under SM4 S box mode of operations, the output constant of selector 1 adds the operation result of unit 2, selection The output constant of device 2 adds the operation result of unit 5;Under Camellia S box mode of operations, the output constant of selector 1 adds unit 3 Operation result, the output constant of selector 2 adds the operation result of unit 6;Described selection signal is by control signal input mouth Input.
Preferably, described composite matrix multiplication unit 1 realize composite matrix multiplying Φ ×;Described composite matrix Φ is by the constant matrices D in AES encryption S boxesA, AES decryption S boxes in constant matrices Q'A, constant matrices R in SM4 S boxesSWith Constant matrices Q in Camellia S boxesCfCombine;The output end P of composite matrix multiplication unit 1A, output end PV, output Hold PS, output end PCCorrespond output constant matrix multiplication DA× operation result, constant matrices multiplication Q'A× computing knot Fruit, constant matrices multiplication RS× operation result, constant matrices multiplication QCf× operation result;Described composite matrix multiplication list Member 2 realize composite matrix multiplying Ψ ×;Described composite matrix Ψ is by the constant matrices Q in AES encryption S boxesA, AES solution Constant matrices D' in close S boxesA, constant matrices Q in SM4 S boxesSWith the constant matrices Q in Camellia S boxesChCombination and Into;The output end P of composite matrix multiplication unit 2A, output end PV, output end PS, output end PCCorrespond output constant matrix Multiplication QA× operation result, constant matrices multiplication D'A× operation result, constant matrices multiplication QS× operation result, constant Matrix multiplication QCh× operation result;Described constant adds unit 1 to realize the additive constant d in AES decryption S boxesAComputing;Described Constant adds unit 2 to realize the additive constant d in SM4 S boxesSComputing;Described constant adds unit 3 to realize in Camellia S boxes Additive constant dCfComputing;Described constant adds unit 4 to realize the additive constant c in AES encryption S boxesAComputing;Described constant adds unit 5 realize the additive constant c in SM4 S boxesSComputing;Described constant adds unit 6 to realize the additive constant c in Camellia S boxesChFortune Calculate;Described compositum multiplication realizes input byte in compositum comultiplication inverse operation against unit.
Preferably, described constant dAFor constant matrices Q'AWith constant cAProduct;Described constant dSFor constant matrices DS With constant cSProduct;Described constant dCfFor constant matrices DCWith constant cCfProduct;Described constant cACalculated for AES passwords Constant vector in the Affine arithmetic specified in method;Described constant cSFor in the Affine arithmetic specified in SM4 cryptographic algorithms Constant vector;Described constant cCfFor the constant vector in the Affine arithmetic f that is specified in Camellia cryptographic algorithms;Described is normal Number cChFor the constant vector in the Affine arithmetic h that is specified in Camellia cryptographic algorithms;Described constant matrices QAFor constant square Battle array MAWith constant matrices D'AProduct;Described constant matrices QSFor constant matrices MSWith constant matrices D'SProduct;Described Constant matrices QChFor constant matrices MChWith constant matrices D'CProduct;Described constant matrices Q'AFor constant matrices DAWith constant Matrix M'AProduct;Described constant matrices RSFor constant matrices DSWith constant matrices MSProduct;Described constant matrices QCf For constant matrices DCWith constant matrices MCfProduct;Described constant matrices DAFor mapping matrix, its effect is to calculate AES passwords The GF (2 specified in method8) element on domain is mapped on target compositum;Described constant matrices D'AFor mapping matrix, it is made With being that the element on target compositum is mapped to the GF (2 that is specified in AES cryptographic algorithms8) on domain;Described constant matrices DSFor Mapping matrix, it is the GF (2 that will be specified in SM4 cryptographic algorithms that it, which is acted on,8) element on domain is mapped on target compositum;It is described Constant matrices D'SFor mapping matrix, its effect is that the element on target compositum is mapped into what is specified in SM4 cryptographic algorithms GF(28) on domain;Described constant matrices DCFor mapping matrix, it is the GF that will be specified in Camellia cryptographic algorithms that it, which is acted on, ((24)2) element on domain is mapped on target compositum;Described constant matrices D'CFor mapping matrix, its effect is by target Element on compositum is mapped to the GF ((2 specified in Camellia cryptographic algorithms4)2) on domain;Described constant matrices MAFor Constant matrices in the encryption flow Affine arithmetic specified in AES cryptographic algorithms;Described constant matrices M'ACalculated for AES passwords Constant matrices in the decryption flow Affine arithmetic specified in method;Described constant matrices MSFor what is specified in SM4 cryptographic algorithms Constant matrices in Affine arithmetic;Described constant matrices MCfFor in the Affine arithmetic f that is specified in Camellia cryptographic algorithms Constant matrices;Described constant matrices MChFor the constant matrices in the Affine arithmetic h that is specified in Camellia cryptographic algorithms;It is described Compositum for arbitrarily with GF (28) domain isomorphism compositum.
Reconfigurable S-box circuit structure provided by the utility model, realize that finite field multiplier is inverse based on compositum, and by multiple With finite field multiplier against unit mode, realize the computing of AES encryption S boxes, the computing of AES decryption S boxes, SM4 S boxes computings and The reconfigurable function of Camellia S box computings, therefore, integrated AES cryptographic algorithms, SM4 are close simultaneously in same electronic installation When code algorithm is with Camellia cryptographic algorithms, circuit area, while the composite matrix knot in Reconfigurable S-box can be greatly reduced Structure is advantageous to the raising of circuit optimization efficiency, so as to further reduce circuit area.
Brief description of the drawings
Fig. 1 is the Reconfigurable S-box electrical block diagram of the utility model embodiment;
Fig. 2 is schematic diagram of the utility model embodiment Reconfigurable S-box under AES encryption S box mode of operations;
Fig. 3 is that the utility model embodiment Reconfigurable S-box decrypts the schematic diagram under S box mode of operations in AES;
Fig. 4 is schematic diagram of the utility model embodiment Reconfigurable S-box under SM4 S box mode of operations;
Fig. 5 is schematic diagram of the utility model embodiment Reconfigurable S-box under Camellia S box mode of operations.
Embodiment
The embodiment of Reconfigurable S-box circuit structure provided by the utility model is done specifically below in conjunction with the accompanying drawings It is bright.
Present embodiment provides a kind of Reconfigurable S-box circuit structure, and Fig. 1 is the utility model embodiment Reconfigurable S-box electrical block diagram.
As shown in figure 1, the Reconfigurable S-box circuit structure that present embodiment provides, including:Composite matrix multiplication unit 1st, composite matrix multiplication unit 2, constant add unit 1, constant to add unit 2, constant to add unit 3, constant to add unit 4, constant to add list Member 5, constant add unit 6, compositum multiplication defeated against unit, selector 1, selector 2, byte data input port, byte data Exit port and control signal input mouth, the selector 1 and the selector 2 are four to select a selector.
The input port of the composite matrix multiplication unit 1 is connected with byte data input port;Composite matrix multiplication The output end P of unit 1A, output end PV, output end PS, output end PCThe input with selector 1, constant add unit 1 respectively Input, constant add the input of unit 2, constant to add the input of unit 3 to connect one to one;The constant adds unit 1 Output end, constant add the output end of unit 2, constant to add input of the output end of unit 3 with selector 1 to be connected;It is described The output end of selector 1 is connected with the input of compositum multiplication against the unit;The compositum multiplication is against the defeated of unit Go out end with the input of composite matrix multiplication unit 2 to be connected;The output end P of the composite matrix multiplication unit 2A, output end PV, output end PS, output end PCThe input of unit 4, the input of selector 2, constant is added to add the defeated of unit 5 with constant respectively Enter end, constant adds the input of unit 6 to connect one to one;The constant adds the output end of unit 4, constant to add the defeated of unit 5 Go out end, constant adds input of the output end of unit 6 with selector 2 to be connected;The output end and byte number of the selector 2 It is connected according to output port;The selection end of the selector 1 and selector 2 is connected with control signal input mouth.
Described composite matrix multiplication unit 1 realize composite matrix multiplying Φ ×;Described composite matrix Φ is by AES Encrypt the constant matrices D in S boxesA, AES decryption S boxes in constant matrices Q'A, constant matrices R in SM4 S boxesSWith Constant matrices Q in Camellia S boxesCfCombine, i.e.,
The output end P of composite matrix multiplication unit 1A, output end PV, output end PS, output end PCCorrespond output constant Matrix multiplication DA× operation result, constant matrices multiplication Q'A× operation result, constant matrices multiplication RS× operation result, Constant matrices multiplication QCf× operation result.
Described composite matrix multiplication unit 2 realize composite matrix multiplying Ψ ×;Described composite matrix Ψ is by AES Encrypt the constant matrices Q in S boxesA, AES decryption S boxes in constant matrices D'A, constant matrices Q in SM4 S boxesSWith Constant matrices Q in Camellia S boxesChCombine, i.e.,
The output end P of composite matrix multiplication unit 2A, output end PV, output end PS, output end PCCorrespond output constant Matrix multiplication QA× operation result, constant matrices multiplication D'A× operation result, constant matrices multiplication QS× operation result, Constant matrices multiplication QCh× operation result.
Described constant adds unit 1 to realize the additive constant d in AES decryption S boxesAComputing;Described constant adds unit 2 to realize Additive constant d in SM4 S boxesSComputing;Described constant adds unit 3 to realize the additive constant d in Camellia S boxesCfComputing;Institute The constant stated adds unit 4 to realize the additive constant c in AES encryption S boxesAComputing;Described constant adds unit 5 to realize in SM4 S boxes Additive constant cSComputing;Described constant adds unit 6 to realize the additive constant c in Camellia S boxesChComputing;Described compositum Multiplication realizes input byte in compositum comultiplication inverse operation against unit.
Reconfigurable S-box circuit structure described in present embodiment has four mode of operations:AES encryption S boxes mode of operation, AES decryption S boxes mode of operation, SM4 S boxes mode of operations and Camellia S box mode of operations;Under the control of selection signal, Selector 1 and selector 2 select different signalling channels respectively, so as to realize the different mode of operation of Reconfigurable S-box.
The computing of AES S boxes, SM4 S boxes computings and Camellia S boxes computings are all by finite field multiplier inverse operation and affine Computing is formed, but the computing of AES S boxes, SM4 S boxes computings and Camellia S box computings are defined in different finite fields. Can be by the GF (2 of AES S boxes by isomorphism mapping8) domain, the GF (2 of SM4 S boxes8) domain and Camellia S boxes GF ((24)2) Domain mapping is into same finite field.Therefore, when AES cryptographic algorithms, SM4 cryptographic algorithms and Camellia cryptographic algorithms are same When hardware platform is realized, present embodiment is multiplexed by the way that arithmetic element multiplex mode is inverse to finite field multiplier, significantly Reduce the way circuit area for realizing cryptographic algorithm.
Due to based on compositum GF ((24)2) domain or based on compositum GF (((22)2)2) domain finite field multiplier ifft circuit Hardware complexity far smaller than will be based on GF (28) domain finite field multiplier ifft circuit, therefore present embodiment further will It is limited in finite field multiplier inverse operation in AES S boxes, the finite field multiplier inverse operation in SM4 S boxes and Camellia S boxes Domain inverse of multiplication is mapped in same compositum and realized, and the mode inverse by being multiplexed finite field multiplier, reduces password and calculates The circuit area that method is realized.
AES encryption S box mode of operations
Fig. 2 is schematic diagram of the utility model embodiment Reconfigurable S-box under AES encryption S box mode of operations.Such as Shown in Fig. 2, under AES encryption S box mode of operations, Reconfigurable S-box inputs a byte vector x, and the byte vector x of input is first Composite matrix multiplying is carried out into composite matrix multiplication unit 1, i.e.,
Operation result DAThe output end Ps of × x from composite matrix multiplication unit 1AOutput, operation result Q'A× x from synthesis square The output end P of battle array multiplication unit 1VOutput, operation result RSThe output end Ps of × x from composite matrix multiplication unit 1SOutput, computing As a result QCfThe output end Ps of × x from composite matrix multiplication unit 1COutput.
Selector 1 selects the output end P of composite matrix multiplication unit 1 under selection signal controlAOn operation result DA× X is output to compositum multiplication against unit, by compositum multiplication against exporting operation result after unitOperation result Progress composite matrix multiplying in composite matrix multiplication unit 2 is further input into, i.e.,
Operation resultFrom the output end P of composite matrix multiplication unit 2AOutput, operation resultFrom the output end P of composite matrix multiplication unit 2VOutput, operation resultFrom synthesis The output end P of matrix multiplication unit 2SOutput, operation resultFrom the output end of composite matrix multiplication unit 2 PCOutput.The wherein output end P of composite matrix multiplication unit 2AOn operation resultTravel further into often Additive constant c is carried out in number plus unit 4AComputing, operation result are
Selector 2 is under selection signal control by the output end P of composite matrix multiplication unit 2AOn operation resultExported from byte data output port.Contrast equation (6) understands that the operation result is that AES adds Close S boxes operation result SA(x).The selection signal of selector 1 and selector 2 inputs from control signal input mouth.
AES decrypts S box mode of operations
Fig. 3 is that the utility model embodiment Reconfigurable S-box decrypts the schematic diagram under S box mode of operations in AES.Such as Shown in Fig. 3, in the case where AES decrypts S box mode of operations, Reconfigurable S-box inputs a byte vector x, and the byte vector x of input is first Composite matrix multiplying is carried out into composite matrix multiplication unit 1, i.e.,
Operation result DAThe output port Ps of × x from composite matrix multiplication unit 1AOutput, operation result Q'A× x is from synthesis The output end P of matrix multiplication unit 1VOutput, operation result RSThe output end Ps of × x from composite matrix multiplication unit 1SOutput, fortune Calculate result QCfThe output port Ps of × x from composite matrix multiplication unit 1COutput.The wherein output end of composite matrix multiplication unit 1 PVOn operation result Q'A× x further inputs into constant and adds progress additive constant d in unit 1AComputing, operation result Q'A×x +dA
The selectivity constant under selection signal control of selector 1 adds the operation result Q' of unit 1A×x+dAIt is output to compositum Multiplication is against unit, by compositum multiplication against exporting operation result after unitOperation result is further defeated Enter into composite matrix multiplication unit 2 and carry out composite matrix multiplying, i.e.,
Operation resultFrom the output end P of composite matrix multiplication unit 2AOutput, operation resultFrom the output port P of composite matrix multiplication unit 2VOutput, operation result From the output port P of composite matrix multiplication unit 2SOutput, operation resultFrom composite matrix multiplication The output port P of unit 2COutput.
Selector 2 is under selection signal control by the output end P of composite matrix multiplication unit 2VThe operation result of upper outputExported from byte data output port.Contrast equation (8) understands that the operation result is AES solutions Close S boxes operation result S'A(x).The selection signal of selector 1 and selector 2 inputs from control signal input mouth.
SM4 S box mode of operations
Fig. 4 is schematic diagram of the utility model embodiment Reconfigurable S-box under SM4 S box mode of operations.Such as Fig. 4 Shown, under SM4 S box mode of operations, Reconfigurable S-box inputs a byte vector x, and the byte vector x of input initially enters conjunction Composite matrix multiplying is carried out into matrix multiplication unit 1, i.e.,
Operation result DAThe output end Ps of × x from composite matrix multiplication unit 1AOutput, operation result Q'A× x from synthesis square The output end P of battle array multiplication unit 1VOutput, operation result RSThe output end Ps of × x from composite matrix multiplication unit 1SOutput, computing As a result QCfThe output end Ps of × x from composite matrix multiplication unit 1COutput.Wherein, the output end P of composite matrix multiplication unit 1SOn The operation result R of outputS× x further inputs into constant and adds progress additive constant d in unit 2SComputing, operation result RS×x+ dS
The selectivity constant under selection signal control of selector 1 adds the operation result R of unit 2S×x+dSCompositum is output to multiply Method is against unit, by compositum multiplication against exporting operation result after unitOperation resultProgress composite matrix multiplying in composite matrix multiplication unit 2 is further input into, i.e.,
Operation resultFrom the output end P of composite matrix multiplication unit 2AOutput, operation resultFrom the output end P of composite matrix multiplication unit 2VOutput, operation resultFrom The output port P of composite matrix multiplication unit 2SOutput, operation resultFrom composite matrix multiplication unit 2 Output port PCOutput.Wherein, the output end P of composite matrix multiplication unit 2SOn operation result Travel further into constant and add progress additive constant c in unit 5SComputing, operation result are
Selector 2 is under selection signal control by the output end P of composite matrix multiplication unit 2SThe operation result of upper outputExported from byte data output port.Contrast equation (10) understands that the operation result is SM4 S box operation results SS(x).The selection signal of selector 1 and selector 2 inputs from control signal input mouth.
Camellia S box mode of operations
Fig. 5 is schematic diagram of the utility model embodiment Reconfigurable S-box under Camellia S box mode of operations. As shown in figure 5, under Camellia S box mode of operations, Reconfigurable S-box input one byte vector x, the byte vector x of input Initially enter composite matrix multiplication unit 1 and carry out composite matrix multiplying, i.e.,
Operation result DAThe output end Ps of × x from composite matrix multiplication unit 1AOutput, operation result Q'A× x from synthesis square The output end P of battle array multiplication unit 1VOutput, operation result RSThe output end Ps of × x from composite matrix multiplication unit 1SOutput, computing As a result QCfThe output end Ps of × x from composite matrix multiplication unit 1COutput.Wherein, the output end P of composite matrix multiplication unit 1COn The operation result Q of outputCf× x further inputs into constant and adds progress additive constant d in unit 3CfComputing, operation result QCf×x +dCf
The selectivity constant under selection signal control of selector 1 adds the operation result Q of unit 2Cf×x+dCfIt is output to compositum Multiplication is against unit, by compositum multiplication against exporting operation result after unitOperation resultProgress composite matrix multiplying in composite matrix multiplication unit 2 is further input into, i.e.,
Operation resultFrom the output end P of composite matrix multiplication unit 2AOutput, computing knot FruitFrom the output end P of composite matrix multiplication unit 2VOutput, operation resultFrom The output end P of composite matrix multiplication unit 2SOutput, operation resultFrom composite matrix multiplication unit 2 Output end PCOutput.Wherein, the output end P of composite matrix multiplication unit 2CThe operation result of upper output Travel further into constant and add progress additive constant c in unit 6ChComputing, operation result are
Selector 2 is under selection signal control by the output end P of composite matrix multiplication unit 2SThe operation result of upper outputExported from byte data output port.Knowable to contrast equation (12), the operation result As Camellia S boxes operation result SC1(x).The selection signal of selector 1 and selector 2 is defeated from control signal input mouth Enter.
The Reconfigurable S-box circuit structure that present embodiment provides, realizes that finite field multiplier is inverse, and lead to based on compositum Multiplexing finite field multiplier is crossed against unit mode, realize the computing of AES encryption S boxes, the computing of AES decryption S boxes, SM4 S boxes computings and The reconfigurable function of Camellia S box computings, therefore, integrated AES cryptographic algorithms, SM4 are close simultaneously in same electronic installation When code algorithm is with Camellia cryptographic algorithms, circuit area, while the composite matrix knot in Reconfigurable S-box can be greatly reduced Structure is advantageous to the raising of circuit optimization efficiency, so as to further reduce circuit area.
Described above is only preferred embodiment of the present utility model, it is noted that for the common skill of the art Art personnel, on the premise of the utility model principle is not departed from, some improvements and modifications can also be made, these improvements and modifications Also it should be regarded as the scope of protection of the utility model.

Claims (3)

  1. A kind of 1. Reconfigurable S-box circuit structure, it is characterised in that including:Composite matrix multiplication unit 1, composite matrix multiplication list Member 2, constant add unit 1, constant add unit 2, constant add unit 3, constant add unit 4, constant add unit 5, constant add unit 6, Compositum multiplication is against unit, selector 1, selector 2, byte data input port, byte data output port and control signal Input port, the selector 1 and the selector 2 are four to select a selector;
    The input port of the composite matrix multiplication unit 1 is connected with byte data input port;Composite matrix multiplication unit 1 Output end PA, output end PV, output end PS, output end PCThe input with selector 1, constant add the input of unit 1 respectively End, constant add the input of unit 2, constant to add the input of unit 3 to connect one to one;The constant adds the output of unit 1 End, constant add the output end of unit 2, constant to add input of the output end of unit 3 with selector 1 to be connected;The selection The output end of device 1 is connected with the input of compositum multiplication against the unit;Output end of the compositum multiplication against unit It is connected with the input of composite matrix multiplication unit 2;The output end P of the composite matrix multiplication unit 2A, output end PV, it is defeated Go out to hold PS, output end PCAdd respectively with constant the input of unit 4, the input of selector 2, constant add unit 5 input, Constant adds the input of unit 6 to connect one to one;The constant add the output end of unit 4, constant add unit 5 output end, Constant adds input of the output end of unit 6 with selector 2 to be connected;The output end and byte data of the selector 2 are defeated Exit port is connected;The selection end of the selector 1 and selector 2 is connected with control signal input mouth;
    The Reconfigurable S-box circuit structure has four mode of operations:AES encryption S boxes mode of operation, AES decryption S box Working moulds Formula, SM4 S boxes mode of operations and Camellia S box mode of operations;Under the control of selection signal, selector 1 and selector 2 Different signalling channels is selected respectively, so as to realize the different mode of operation of Reconfigurable S-box:In AES encryption S box mode of operations Under, selector 1 exports the output end P of composite matrix multiplication unit 1AOn operation result, the output constant of selector 2 adds unit 4 Operation result;In the case where AES decrypts S box mode of operations, the output constant of selector 1 adds the operation result of unit 1, and selector 2 is defeated Go out the output end P of composite matrix multiplication unit 2VOn operation result;Under SM4 S box mode of operations, the output constant of selector 1 Add the operation result of unit 2, the output constant of selector 2 adds the operation result of unit 5;Under Camellia S box mode of operations, The output constant of selector 1 adds the operation result of unit 3, and the output constant of selector 2 adds the operation result of unit 6;Described selection Signal is inputted by control signal input mouth.
  2. 2. Reconfigurable S-box circuit structure according to claim 1, it is characterised in that described composite matrix multiplication unit 1 Realize composite matrix multiplying Φ ×;Described composite matrix Φ is by the constant matrices D in AES encryption S boxesA, AES decryption S Constant matrices Q' in boxA, constant matrices R in SM4 S boxesSWith the constant matrices Q in Camellia S boxesCfCombine; The output end P of composite matrix multiplication unit 1A, output end PV, output end PS, output end PCCorrespond output constant matrix multiplication DA× operation result, constant matrices multiplication Q'A× operation result, constant matrices multiplication RS× operation result, constant matrices Multiplication QCf× operation result;
    Described composite matrix multiplication unit 2 realize composite matrix multiplying Ψ ×;Described composite matrix Ψ is by AES encryption Constant matrices Q in S boxesA, AES decryption S boxes in constant matrices D'A, constant matrices Q in SM4 S boxesSWith Camellia S Constant matrices Q in boxChCombine;The output end P of composite matrix multiplication unit 2A, output end PV, output end PS, output end PCCorrespond output constant matrix multiplication QA× operation result, constant matrices multiplication D'A× operation result, constant matrices Multiplication QS× operation result, constant matrices multiplication QCh× operation result;
    Described constant adds unit 1 to realize the additive constant d in AES decryption S boxesAComputing;
    Described constant adds unit 2 to realize the additive constant d in SM4 S boxesSComputing;
    Described constant adds unit 3 to realize the additive constant d in Camellia S boxesCfComputing;
    Described constant adds unit 4 to realize the additive constant c in AES encryption S boxesAComputing;
    Described constant adds unit 5 to realize the additive constant c in SM4 S boxesSComputing;
    Described constant adds unit 6 to realize the additive constant c in Camellia S boxesChComputing;
    Described compositum multiplication realizes input byte in compositum comultiplication inverse operation against unit.
  3. 3. Reconfigurable S-box circuit structure according to claim 2, it is characterised in that described constant dAFor constant matrices Q'AWith constant cAProduct;
    Described constant dSFor constant matrices DSWith constant cSProduct;
    Described constant dCfFor constant matrices DCWith constant cCfProduct;
    Described constant cAFor the constant vector in the Affine arithmetic specified in AES cryptographic algorithms;
    Described constant cSFor the constant vector in the Affine arithmetic specified in SM4 cryptographic algorithms;
    Described constant cCfFor the constant vector in the Affine arithmetic f that is specified in Camellia cryptographic algorithms;
    Described constant cChFor the constant vector in the Affine arithmetic h that is specified in Camellia cryptographic algorithms;
    Described constant matrices QAFor constant matrices MAWith constant matrices D'AProduct;
    Described constant matrices QSFor constant matrices MSWith constant matrices D'S product;
    Described constant matrices QChFor constant matrices MChWith constant matrices D'CProduct;
    Described constant matrices Q'AFor constant matrices DAWith constant matrices M'AProduct;
    Described constant matrices RSFor constant matrices DSWith constant matrices MSProduct;
    Described constant matrices QCfFor constant matrices DCWith constant matrices MCfProduct;
    Described constant matrices DAFor mapping matrix, it is the GF (2 that will be specified in AES cryptographic algorithms that it, which is acted on,8) element on domain reflects It is mapped on target compositum;
    Described constant matrices D'AFor mapping matrix, its effect is that the element on target compositum is mapped into AES cryptographic algorithms In the GF (2 that specifies8) on domain;
    Described constant matrices DSFor mapping matrix, it is the GF (2 that will be specified in SM4 cryptographic algorithms that it, which is acted on,8) element on domain reflects It is mapped on target compositum;
    Described constant matrices D'SFor mapping matrix, its effect is that the element on target compositum is mapped into SM4 cryptographic algorithms In the GF (2 that specifies8) on domain;
    Described constant matrices DCFor mapping matrix, it is the GF ((2 that will be specified in Camellia cryptographic algorithms that it, which is acted on,4)2) on domain Element be mapped on target compositum;
    Described constant matrices D'CFor mapping matrix, its effect is that the element on target compositum is mapped into Camellia passwords The GF ((2 specified in algorithm4)2) on domain;
    Described constant matrices MAFor the constant matrices in the encryption flow Affine arithmetic specified in AES cryptographic algorithms;
    Described constant matrices M'AFor the constant matrices in the decryption flow Affine arithmetic specified in AES cryptographic algorithms;
    Described constant matrices MSFor the constant matrices in the Affine arithmetic specified in SM4 cryptographic algorithms;
    Described constant matrices MCfFor the constant matrices in the Affine arithmetic f that is specified in Camellia cryptographic algorithms;
    Described constant matrices MChFor the constant matrices in the Affine arithmetic h that is specified in Camellia cryptographic algorithms;
    Described compositum for arbitrarily with GF (28) domain isomorphism compositum.
CN201720572547.8U 2017-05-22 2017-05-22 reconfigurable S-box circuit structure Expired - Fee Related CN207184503U (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201720572547.8U CN207184503U (en) 2017-05-22 2017-05-22 reconfigurable S-box circuit structure

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201720572547.8U CN207184503U (en) 2017-05-22 2017-05-22 reconfigurable S-box circuit structure

Publications (1)

Publication Number Publication Date
CN207184503U true CN207184503U (en) 2018-04-03

Family

ID=61732600

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201720572547.8U Expired - Fee Related CN207184503U (en) 2017-05-22 2017-05-22 reconfigurable S-box circuit structure

Country Status (1)

Country Link
CN (1) CN207184503U (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107181586A (en) * 2017-05-22 2017-09-19 芜湖职业技术学院 reconfigurable S-box circuit structure
CN108964876A (en) * 2018-06-11 2018-12-07 安徽工程大学 Ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit
CN109033892A (en) * 2018-06-11 2018-12-18 安徽工程大学 Round transformation multiplex circuit and AES based on composite matrix decrypt circuit
CN109039583A (en) * 2018-06-11 2018-12-18 安徽工程大学 It is multiplexed round transformation circuit, AES encryption circuit and encryption method
CN109150496A (en) * 2018-06-11 2019-01-04 安徽工程大学 AES encryption arithmetic element, AES encryption circuit and encryption method

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107181586A (en) * 2017-05-22 2017-09-19 芜湖职业技术学院 reconfigurable S-box circuit structure
CN107181586B (en) * 2017-05-22 2023-09-15 芜湖职业技术学院 Reconfigurable S-box circuit structure
CN108964876A (en) * 2018-06-11 2018-12-07 安徽工程大学 Ordinary wheel transform operation unit, ordinary wheel translation circuit and AES encryption circuit
CN109033892A (en) * 2018-06-11 2018-12-18 安徽工程大学 Round transformation multiplex circuit and AES based on composite matrix decrypt circuit
CN109039583A (en) * 2018-06-11 2018-12-18 安徽工程大学 It is multiplexed round transformation circuit, AES encryption circuit and encryption method
CN109150496A (en) * 2018-06-11 2019-01-04 安徽工程大学 AES encryption arithmetic element, AES encryption circuit and encryption method
CN108964876B (en) * 2018-06-11 2021-02-12 安徽工程大学 Ordinary round conversion arithmetic unit, ordinary round conversion circuit and AES encryption circuit
CN109039583B (en) * 2018-06-11 2021-04-02 安徽工程大学 Multiplexing round conversion circuit, AES encryption circuit and encryption method
CN109150496B (en) * 2018-06-11 2021-05-04 安徽工程大学 AES encryption operation unit, AES encryption circuit and encryption method
CN109033892B (en) * 2018-06-11 2021-08-31 安徽工程大学 Round conversion multiplexing circuit based on synthetic matrix and AES decryption circuit

Similar Documents

Publication Publication Date Title
CN207184503U (en) reconfigurable S-box circuit structure
CN106921487A (en) Reconfigurable S-box circuit structure
CN107181586A (en) reconfigurable S-box circuit structure
CN106992852A (en) Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms
CN104639314A (en) Device based on AES (advanced encryption standard) encryption/decryption algorithm and pipelining control method
Chaves et al. Reconfigurable memory based AES co-processor
CN106998249A (en) Applied to SM4 and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms
CN105007154A (en) Encryption and decryption device based on AES (Advanced Encryption Standard) algorithm
CN206585573U (en) reconfigurable S-box circuit structure
CN109033892B (en) Round conversion multiplexing circuit based on synthetic matrix and AES decryption circuit
Guan et al. Implementation of SM4 on FPGA: Trade-off analysis between area and speed
CN207010694U (en) Applied to AES and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms
CN109150495B (en) Round conversion multiplexing circuit and AES decryption circuit thereof
CN108933652B (en) Ordinary round of transform arithmetic element, ordinary round of transform circuit and AES decryption circuit
CN104219045A (en) RC4 (Rivest cipher 4) stream cipher generator
Miroshnik et al. Uses of programmable logic integrated circuits for implementations of data encryption standard and its experimental linear cryptanalysis
CN207184502U (en) Applied to SM4 and the Reconfigurable S-box circuit structure of Camellia cryptographic algorithms
CN108809627B (en) Round conversion multiplexing circuit and AES decryption circuit
CN108566271B (en) Multiplexing round conversion circuit, AES encryption circuit and encryption method thereof
CN102857334B (en) Method and device for realizing AES (advanced encryption standard) encryption and decryption
CN108494547A (en) A kind of AES encryption system and chip
Sasongko et al. Architecture for the secret-key BC3 cryptography algorithm
CN106034022B (en) AES ciphering and deciphering device and method under CBC mode
CN109639408A (en) A kind of AES decryption multiplexing round transformation circuit structure
CN107241183B (en) Configurable multiplication device for hardware circuit of AES and RSA mixed algorithm

Legal Events

Date Code Title Description
GR01 Patent grant
GR01 Patent grant
CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180403

Termination date: 20200522