TW200536329A - Apparatus and method for performing transparent cipher block chaining mode cryptographic functions - Google Patents

Abstract

The present invention provides an apparatus and method for performing cryptographic operations on a plurality of input data blocks within a processor. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction, CBC block pointer logic, and execution logic. The cryptographic instruction is received by a computing device as part of an instruction flow executing on the computing device. The cryptographic instruction prescribes one of the cryptographic operations. The one of the cryptographic operations includes a plurality of CBC block cryptographic operations performed on a corresponding plurality of input text blocks. The CBC block pointer logic is operatively coupled to the cryptographic instruction. The CBC block pointer logic directs the computing device to update pointer registers and intermediate results for each of the plurality of CBC block cryptographic operations. The execution logic is operatively coupled to the CBC block pointer logic. The execution logic executes the one of the cryptographic operations.

Description

200536329 IX. Description of the invention: [Cross-reference of related applications] The priority application of this application is 10/82681 4 according to the US patent application, and the application date is 04/16/22004. [Technical field to which the invention belongs] The present invention relates to the field of microelectronics, and more particularly, to a device and method for performing a transparent password block serial mode cryptographic operation in a microprocessor or other device. [Previous technology] * Early computer systems are independent of other computer systems. Therefore-applications executed in early computer systems, so: library: all input data, may be located in the computer system, or from; = design Provided at execution time. The application is the result of the execution from the input two, and the output data is written in μ, a disk or other bits ... written in a tape drive, a large number of storage devices in the computer system of the building. A row of two rows in the same computer system is already in the form of a file two, or the output data is stored previously in a removable or transportable large 200536329 volume storage device, which can then be provided to a different , Or even incompatible computer systems for use by applications. In these early computer systems, the need to protect sensitive data has been identified, while in other tribute security measures, cryptographic programs have been developed and used to protect sensitive data that has not been disclosed. Generally, these password programs will be stored in a mass storage device for encryption: decryption. In recent years, users have found connected computers to provide access to shared data. Together, the network structure, operating system, and lean data transfer protocol have similarly developed the ability to access shared data to not only support, but even play a prominent and important role. On the 5th, a computer workstation Of users can read files from different workstations or network file servers, use the Internet to get news and other information, send and receive electronic messages (also email) between hundreds of computers, and receive The supplier's computer system provides credit card or bank function information to conduct transactions with the supplier, or to perform the aforementioned activities on the wireless network used in the eight, w 厶 Acupoint 5 are quite common. As a result, the need to protect sensitive information itself and its disclosure has increased dramatically. Increasingly, a user is obliged to protect sensitive information during a given period of time in a given computer. 200536329 Current news headline # 拍 $ Only the thriller regularly increases the computer power, such as the email of La Qieyu Congbei's queen 4 question, hacker attack, personal data restoration project, online post fighting machine, η & gt Public issues, such as fraud and credit card fraud, are on the line. However, because of the premeditated cyber terrorism and the invasion of individuals by means of incursions and the influence of personal privacy, the relevant agencies have determined a corresponding new half. ^ ^ ^… Strict implementation and public education programs. However, none of the reactions have played a role in compromising the processing of computer information. Originally, only the government's concerns, the financial system, military and intrigue issues, now become ordinary citizens from their home A sloppy, paged theme when a computer reads electronic material or performs a live deposit account access. In the area of message security, some technologies and devices have been gradually developed so that messages can only be received by specific objects. The so-called cryptography. When it is particularly used to protect information, it is used to transfer sensitive information when it is stored or transmitted between computers (known as "cleartext" or text) (Plaintext) to an incomprehensible form (such as "ciphertext"). The process of converting plaintext to ciphertext is called "encrypti ο η" "," Encipher ing ", or" cipher ing ", and the transmission process of cipher text to plain text is called" decryption "," deciphering ", 200536329 or ' Inverse ciphering,

Adding unencrypted original messages in other ways does not allow the recipient to unencrypt the message, so the recipient cannot remove or start access to the message. A technology encrypts or decrypts these steps or rules with password-protected, mathematical operations, and specially designed applications. Some variants are used to encrypt or decrypt data. The first type of operation mentioned here (such as public key encryption operation · rsa operation) uses two encryption passwords (a public key (pubHc key) and a private key (Private key)) to encrypt data or Decrypt. Mentioned some public key operations, a type of public key encryption used to transmit data to recipients. The user's public and private keys have a mathematical calculation relationship, and the recipient must use their private funds to decrypt the transmitted data to recover the data. Although such encryption operations are widely used today, the speed of encryption and decryption operations is still too slow, even if only a small amount of data is encrypted and decrypted. The second type of operations, such as symmetric key 200536329 algorithms, provide a degree of data security and are faster. These operations are called symmetric key operations, because they use encrypted gold for encryption and solution # 自, 胛 in the flood. There are three main types of public knowledge

Encryption operation: teach "'&", "A" data encryption dard DES "Double Data Encryption Standard Rules (Triple DES)" and advanced encryption standard rules (仏 叩 州 ⑽ 如 池) Heart purchase. Because these calculations protect high-sensitivity data, 'it is now used by the US government and its agencies. However, it is expected that one or more of these technologies will become a commercial or private communication standard in the future. According to these symmetric key operations, the plaintext ^ text system is separated into a special size to encrypt or unravel the bull's case. 1 28-bit size advanced encryption standard rules complete encryption operations, and use 128, 192 And 256-bit encryption keys. Other symmetric golden wheel operations allow advanced encryption standards for 192 & 256-bit data sets. Mention the block encryption operation 1 024 bits το The plaintext message is encrypted as eight 128-bit bytes. All symmetric key operations use the same form of product: the first two encrypt a plaintext block. And mentioned-generally more commonly used symmetric remnant operations,-a kind of original encryption key expanded into a variety of gold eleven "Golden Record Catalog"), prepared 丄 丄 丄 Ώ 鳊 recorded) mother one if the operation Adding a "round" (rUnd) is done in a plaintext block. For example, Jin ’s 200536329 brother Yiyi Jinyu used to complete Fang Rimu ’s first operation of the last round in the plaintext block, and in the second round, Spear J used the second key of Jinyu ’s directory to A second result is produced. A kind of special unit that says the number of subunit rounds of A rounds of special features is completed "the final result of generating a cipher text body. Advanced Encryption Standard For each operation of the rule operation, there are terms such as sub-bit (or s-b0x), shift shift (ShiftRows), mixed block (MixC0i_), and add round key (AddRoundKey). During each round, the decryption of a ciphertext block is completed. Except for completing the ciphertext input conversion password and the conversion operation (such as mixing, shifting), the final result of each round is a plaintext block. '' Data encryption standard rules and triple data encryption standard rules utilize different characteristics of the secondary operation, but the secondary operation works with these advanced encryption standard rules because it is used to convert a plaintext block into a ciphertext block in a similar way. Cryptographic operations are performed on multiple consecutive test groups, all of which are symmetric. These modes include electronic code book (ECB) mode, cipher block chaining (CBC) mode, cipher feedback (CFB) mode, and output feedback (0FB) )mode. During the completion of this operation, some modes utilize an additional initialization vector and some use 200536329 yuan to encrypt the ciphertext output in the first plaintext block as an additional input to the encrypted second position in the second plaintext block. . For more related technical details, please refer to Federal Information Processing Standards Publication 46-3 (FIPS-46-3), October 25, 1999, which discusses data encryption standard rules and triple data encryption standard rules in detail; and see FIPS-197, November 26, 2001, provides a detailed explanation of advanced encryption standards. The aforementioned standard rules were promulgated and claimed by the National Institute of Standards and Technology (NIST). In addition, for individual talent orders, white papers, tool kits and countermeasures, please refer to the Computer Security Contingency Center (CSRC) of the National Institute of Standards and Technology. The website address is http: // · // csrc · nist · g〇v /. Those skilled in the art will recognize that most applications can be effectively executed on a computer to perform encryption operations (such as encryption and de-encryption). Things _ consistently, some operating systems (such as Microsoft⑧, WindowsXP®,

Linux) directly provides encryption / decryption services in the original encryption form, encryption application program interface and the like. However, there are still some shortcomings in computer encryption technology today. Please refer to the first figure directly to highlight and discuss these shortcomings below. Figure 1 is a block diagram of a computer encryption application today. 00, 12 200536329 describes a first computer workstation m, a second computer workstation 102, a network slot storage device, and a first computer workstation connected to the area ... 05. The router 107, or other (WAN) 110, such as the Internet, and a wireless network router, are connected to the local network 105 by an interface formed by the standard 802.u. A notebook computer 104 is connected to a wireless network router 108 using a wireless network. WAN 11 〇 Another important point: a second router 111 provides a third computer workstation ⑽ interface. As mentioned above, ‘today ’s users face multiple issues of computer information security during work. For example, under the control of today's multi-tasking operation system, a workstation 101 user can simultaneously complete several tasks, each of which requires a password operation. Workstation I " The user needs to perform encryption / encryption application 112 (such as the ministry or by the operating system) has stored the zone file on the network slot storage device. While the file is being stored, the user can send an encrypted message to the second user at the second computer workstation 102: he also needs to execute the encryption / decryption application 11 2. Plus: The message can be instant (such as an instant message) or non-instant (such as a sub-mail). In addition, the user can also access or provide his / her final number 200536329 (such as credit card number, financial transfer, etc.) or other forms of sensitive data from the third computer workstation 3) via the wide area network 110. When leaving the company and entering any one of the drought-separating resources on the local area network 105, 101, 102, 106, 107, 108, 109 workstation 101, the user using the third computer workstation 103 can use a computer or Back off the computer 103. Each of the foregoing actions requires an example consistent with the execution of the encryption / decryption application 112. In addition, the wireless network 1 09 is now routinely provided in coffee shops, airports, schools, and other public places. Therefore, the user of the laptop 104 can encrypt and decrypt both his / her message transmission / reception, and other information. The user immediately needs to encrypt or decrypt all messages via the wireless network to the wireless network router 108. Those skilled in the art can understand that each of the above activities requires an encryption operation on the station 1 0 1 1 04, and accordingly there is a need to perform an immediate encryption / decryption review in the application 112. Therefore, at the end of the month 101-104 make a cow-work ν can complete hundreds of encryption operations at the same time no matter what, Cun Bian _ ^ in some computer systems 101-104 at least one or more workers That is, the encryption / decryption application program ι12 and the encryption operation method u complete a a, "system. For example, it is slow to execute through a software process. Each plus and minus completes the same function through the hardware. The program U2 all needs — segment 200536329 time 'and the current q running on the computer 1G1 — 1G4 may have to be suspended during this period, and the encryption operation (such as plaintext, ciphertext, mode, gold_) parameters must pass the operating system To the encryption / decryption application program 112, perform the encryption operation. And because the encryption operation must include special group data several times, the encryption / decryption application #presentation (112) execution includes the execution of multiple computer extensions; The operating speed has an adverse effect. For example, ——: As far as a skilled technician can perceive, sending a small encrypted e-mail in Micr〇s〇ft⑧〇 100 will be better than sending a Unencrypted e-mail is 5 times slower. In addition, the limitations of the current technology are caused by delays in operating system interference. Most applications do not provide integer surplus generation or encryption / decryption components. They implement operating system components or Embedded applications are used to complete these tasks. The operating system is scheduled according to the needs and interruptions of other running applications. Furthermore, the present invention notes that the completion of cryptographic operations on the current computer system 1011104 is related to the The completion of floating-point mathematical operations before the appearance of the special-purpose floating-point unit in the microprocessor is similar. The early floating-point nose was implemented by software, so the execution speed was very slow. Just like floating-point operations, passwords are executed by software. The operation is quite slow. With the improvement of floating-point technology, floating-point instructions are provided for execution on a common floating-point processor. 200536329 With Tiger, "J processing is faster than implementation of floating-point operations. When iron it ★ Secret * 7 / amine field ..., dagger also increases the cost of the system. Samples' Today's code coprocessor is an expansion board or through parallel

Port or other peripheral interface (such as 丨 T USB) connected to the host processor's external device. j £ jian Qiantian Eight Miles§ of course makes cryptographic operations more robust than pure software implementations. A 1-code coprocessor adds cost to the system configuration, it requires additional power, and reduces the 2 ::::: ability. Since the data path is not on the same module as the main microprocessor, the common password is easily monitored. The door processing is more straightforward. Therefore, the present invention understands that people need to process a special cryptographic hardware today. In this way, applications that require cryptographic calculations can directly pass an early-warning, unique U 畨 code instruction. The processor performs the cryptographic operation. Function to reduce the interference and management of the work of Guangming, which also provides such Shanghai people ~ And this password is only allowed for Nonghao to be used in the application special level. The specified code hardware can be compatible with the arrow and the password. At the same time, the code hardware and the related password refer to ^ ^ 7 The way that the system is in the same way as the previous operating system. The main operation of the dream department is 4 + i kinds of execution start codes, codes, and methods, so that effective defense can support a variety of cryptographic algorithms, support, "夂After verifying and testing the special 16 200536329 cryptographic algorithm implemented in it, it allows users to provide keys and self-produced daily keys 'support multiple data block sizes and key lengths' to provide programmable blocks Encryption / decryption modes, such as ⑽, CBC, CFB, and _, etc., and can efficiently perform block cipher functions on a large number of data blocks when using the above-mentioned programmable products Giriyama / Uniong, Fork. [Summary of the Invention] The present invention is to solve the above-mentioned problems and disadvantages of the conventional technology. The present invention provides a better technique for enabling cryptographic operations to be performed in a microprocessor. In one embodiment, a microprocessor is provided for performing: code operations. The device includes a cryptographic instruction circuit, the Yima block serial block index logic circuit, and an execution logic circuit. The cryptographic instruction provided by the code grabbing instruction circuit is received through a computing device and used as a command stream for the execution of the computation on the computing device. The code command also specifies a cryptographic operation. Cryptographic operation includes a plurality of cipher block serial block block cipher operations, and these cipher block serial blocks 堍 笫 J dagger tails are processed in the corresponding plurality of input text blocks. Cryptographic block serial block indicator logic circuit and cipher finger Hexue 7 circuit are combined together. The cipher block 17 200536329 indicates the calculation of the serial block index logic circuit. The intermediate result of the M Ih £ block cipher operation in the open register update index register and each of the plurality of cipher block strings. Implement logic circuits and passwords. ^ 1 ^ The logic circuits of the current block index are combined with each other, and the execution logic-branch circuit executes a password instruction. Another embodiment of the present invention is a device for performing a cryptographic operation. The device includes a cryptographic unit and a cryptographic block serial block index logic circuit embedded in the device. Cryptographic note: In the instruction stream received, a cryptographic instruction for cryptographic operation is specified to respond and execute a kind of cryptographic operation. This cryptographic operation package is purely a cipher block block string block block cipher operation. The password block serial block password operation is processed in the corresponding input text blocks. The combination of the password Q block serial block indicator logic circuit and the crypto unit is combined with the password block serial block indicator logic circuit to instruct the device to update the contents of the index register and temporarily store each password block serial block password. The result of the operation. Another embodiment of the present invention is also a method of code calculation. The party and the “encryption device” execute the secret code — the method includes responding to the received cryptographic command and: a cryptographic operation whose cryptographic instruction specifies a cryptographic operation, and the execution includes the completion of a corresponding number of transactions. Password block serial mode block operation for each input text sub-block. The method 200536329 also includes writing a current input text block to an initial orientation position so that the next password in the next input text block Block tandem mode block operation, using the current input text block as an equivalent initialization vector. [Embodiment] The following describes the application of the conventional technology to manufacture or use the specific applications and requirements of the present invention enumerated Examples. However, the various modifications mentioned in the embodiments are used to highlight the differences from the conventional technology. This general principle can be applied to other embodiments. Therefore, the present invention is not limited to specific embodiments. In view of the above Regarding the technical background of cryptographic procedures and related technologies used to encrypt and decrypt data in today's computer systems, I: goalkeeper refer to heading 2 Continue to explore these technologies and their limitations. Next, continue to discuss the present invention with reference to Figs. 3-14. Please see Fig. 2 '-A block diagram 200 describes a technique for performing cryptographic operations on the above-mentioned contemporary computer system. Block diagram 2 〇〇 Includes a microprocessor 201 'which is from an application corresponding memory' is called a part of the application memory 203, :::, and accesses data. Program control and access from this body 203 The accesses are managed by the operating system 202 residing in the area protected by 200536329 in the unified memory. As mentioned above, one or two if-a running application (such as an e-mail: program or a file storage program) A cryptographic operation needs to be performed. The running application must instruct the microprocessor 201 to execute a certain number of instructions to complete the cryptographic operation. These instructions may be a subroutine of the application program that is being executed. They may also Is an embedded program linked to that running application, and

It may be a service provided by the operating system 202. Regardless of their combination, a person familiar with the technology will understand that these instructions will reside in some designated or allocated memory area. For the purpose of Yun Qing, these storage areas will be revealed in the application memory 203, and include a cryptographic key generation program 204,

It can generate or receive a cryptographic key and can expand the key into a key directory 205 for use in crypto round operations. For multi-block encryption operations, a one-block encryption program 206 will be triggered. The encryption program 206 executes instructions that can access multiple blocks. The multiple blocks include a plaintext block 210, a key directory 205, and more detailed cryptographic parameters 209 such as the mode and the location of the key directory. If required by the specified mode, an initialization vector Mg will also be accessed by the application program 206. The encryption program 206 executes some instructions to generate the relevant ciphertext block 211. Similarly, the block decryption operation is performed for 20 200536329, * η π 7 ^ and the block decryption borrows 4 *, 207. % Fork program 207 転 multiple blocks contain cipher text 2 :: instructions for multiple blocks, the password for the fine decryption operation counts to the second directory 2 ° 5 'more detailed mountain text ZU9, if the model cloud The initialization vector 208 is also required in combination with the enemy, and is initially instructed to access the stomach. The branching program 207 executes these ^ to generate a corresponding plaintext block 210. It is worth noting that a specific number of fingerprints, cryptographic keys, and encryption or decryption need to be performed. The production specification includes a promise: a block of ££. The above-mentioned nps quantity m makes the number of instructions to be determined ::: estimated. Therefore, a person familiar with the technology needs hundreds of instructions to complete-a person of Jane 1 counts, each of them must! ^ Accounting and Auditing 4 Cryptographic Operations Department 1. The asset hunting is performed by the processor 201, and then the required cryptographic operations are completed. H For Hr, performing these operations is a code operation, which is redundant for the main purpose of the application currently being executed (such as case management, instant messaging, case access, credit card transactions). ‘: This’ The user currently running the application feels that the completion of the current :: program is not efficient. In the case of independent or embedded encryption and decryption programs 206, m, starting and managing these programs 206, 207 are also subject to other bands of the operating system 202, such as support for interrupts, exceptions and乂, and the events of mentalization 200536329 and so on. Furthermore, for every cryptographic operation required on a computer system, borrow + 9 n /. An example of the K-L'-I formula 204, 206, and 207 is separately arranged in the memory 203.疋 ', ^ Β However, as mentioned above, it can be expected that 疋 ’requires a micro-processing of ZU 1 and passwords to manage the inventory, which will continue to increase over time.算 运 # "The inventor of the present invention noticed these problems and the limitations of the system's cryptographic technology, and confirmed that it is provided in :: programs; later in the microprocessor, execute the password ^ one: method requirements. The operation, therefore, The present invention provides a U-processor 'to perform cryptographic operations via a dedicated cryptographic unit:! Setup and related methods. When the cryptographic unit is activated, the cryptographic operations are performed programmatically via early coding instructions. Figure 3 -1 2 Discuss the present invention.

m 〇 λ ^ ..... /

> Mission 3, a block diagram 300 depicts a microprocessor device that executes a fork code operation in accordance with the present invention. The block diagram 3 0 0 describes an individual processing state 3 01, which is transmitted to a system memory 321 through a memory bus 31 9. The microprocessor 301 includes a translation logic circuit 303 that receives instructions from a 7 temporarily stored as 302. Translation = logic circuit 303 can be a logic circuit, device, or microcode (ie, ^ ^ order or local instruction), or a combination of logic circuit, device, or microcode 'or can translate instructions to the relevant microinstruction sequence 22 200536329 Equivalent component. The elements that are translated in the dry-bound, rw sequel circuit 303 may be executed by other elements 301 in the thunder circuit. In U processing code is a term, t 矣 -L 7 u ^ means a large number of micro instruction. A microinstruction (or, "ground means :) is an instruction at the execution unit level. For example, ... 7 is executed directly by the streamlined & order set computer microprocessor. For a complex set of instructions, + +, 口Wrongful month self-policing processors, such as an X86 compatible micro

Processing x86 instructions will be translated into related micro-instructions, which can be directly executed by at least one early processor in a complex instruction set computer microprocessor. The translation logic circuit 3G3 is connected to a micro-instruction queue 3. on the "04". There are several micro-instruction entries 305,306. The micro-instructions are provided by the micro-instruction queue 304 to the register stage logic circuit which is temporarily stored as a group 307. Register = 307 has a plurality of registers 3008 — 313, and these temporary inner valley systems are established before performing a specified ❸ cryptographic operation. The register 308-3 1 2 points to the corresponding location 32 3 327 in the memory 321, and the homepage stores the data required to perform the specified cryptographic operation. The register stage is connected to the manned logic circuit 314, and it is connected to the data retrieval cache 315, which is the completion of $ password calculation data #. The greed cache 315 is connected to the memory 321 through the memory bus 319. The execution logic circuit 328 is connected to the load logic circuit 314 23 200536329, and executes the specified operation by the micro instruction transmitted from the previous stage. The execution logic circuit 328 includes a logic circuit, a device, or a microcode (that is, a microinstruction or a local instruction), or a combination of a logic circuit, a device, or a microcode, or a microcapacitor provided to it. Said to be the equivalent component of different shipments. The elements that perform operations in the execution logic circuit 328 may be shared by other circuits, microcode, etc., that is, perform other functions in the microprocessor. The execution logic circuit 328 includes a cipher unit 316, and the cipher unit 316 loads data required for the operation from the load logic circuit 314.丄 八 丄 丄… 码 码 于 于 々 a 7 7 to drive the fork code unit 316 to perform the specified cryptographic operation on the plural: sub-block 326 to generate a logic circuit / password unit 316), 1 θ 4 set Or microcode (that is, microinstruction or local refers to a combination of 1 ::: logic circuits, devices, or microma, or any code that performs code operations, etc.)-batches are shipped in fee code unit 316 The 7L pieces of # may be shared by 1, that is, by /, his circuit, microcode, etc. 17 in the embodiment of the microprocessor 301 ~ into other functions. In-his execution unit ^ Zaofan 316 and execution logic An a 328 of its parallel execution diagram below) 'such as integer units, floating-point units, etc., which contains the logic of the electronic circuit invention-"unit," an embodiment of a circuit, device, or microcode (that is, microinstruction or local Refers to 24 orders), or a logic circuit, a combination capable of performing the specified operation π code, or an equivalent element of the two Γ functions on a special unit. These are performed in the specified operation or γ > , May be executed by other elements of Thunder ’s fixed function: Γ, microcode, etc. Common, that is, in the micro embodiment,-integrator or operation. For example, in a real (that is, a micro-instruction or local means $ way, a set or a combination of micro-code or micro-code, or: 5 疋 a logic Circuit, device

-The floating point unit contains the equivalent element of the logic :: π: instruction. Or a local instruction), or a device or micro, ie, a combination of micro-instructions, Mr # ... a U or microcode group, a component that executes an integer instruction within a sequence of foreign points, etc. Early, that is, destroy, _ _, σ to share the circuit, microcode, etc., P is executed in the early point of /-in the embodiment, M single: in the χδ6 system compatible 16 and χ86 integers unit,

/ Yu Dianwu, a χδ6 multimedia extension unit and a stream extension unit are executed in parallel. According to the present invention, the one-phase system embodiment means that this embodiment can execute correctly: most applications designed to be executed on a χδ6 microprocessor, > if the result reaches a correct result, the application program can It is executed exactly. The alternative χδ6 compatible embodiment expects that Mima executes in parallel with a subset of the above-mentioned χ86 execution units. 25 200536329 The code unit 316 is connected to the storage logic circuit 317, and a corresponding plurality are provided. Output text block 327. The storage logic circuit 317 is also connected to the data cache, and block 327 is sent to the system memory 321 for storage. The storage circuit 31 7 is connected to the write-back logic circuit 3 m. When the specified cryptographic operation is completed, the write-back logic circuit 318 will update the register 307 of the temporary buffer group 307 to win. In one embodiment, the ^ instruction is synchronized with a clock signal (not shown) and flows through each of the above-mentioned logical stages 3202, 303, 304, 307, 314, 316_318, so that 'these operations can be parallel Execute, just like-assembly line 0 ^ system memory 321 _,-the application needs to specify the code to run the nose and can pass a single password instruction 322 to instruct ^ processing 3G1 to perform cryptographic operations. Take the -Cryptography (XCRYPT) command as an example. In the embodiment of the complex instruction Huadian, the cryptographic instruction 322 includes an instruction of one finger. In the reduced instruction set computer embodiment, the micro-instructions of ... designation-cryptographic operation are used. In the second case, the ㈣ instruction encodes redundant or unused instructions in the existing instruction set architecture. In the -χ86 compatible embodiment, the cryptographic instruction 322 is a "胄 4-byte instruction, which contains an χ86 repeat 26 200536329 (REP) preamble (that is, 0xF3), followed by 2 succeeded cards r A 70 , And unused x86 running horses (for example, 0x〇FA7), plus j in Bo Bol Yisha ... a group of 70, which specifies the formula used in cryptographic calculations. In one embodiment of the Tektronix & Block Cryptographic Module, in accordance with the present invention, it is executed under the system permission level that provides authentication, and therefore an application or In the following, the end of the system should be controlled by the system 32: write to the program instruction stream to provide to the microprocessor.

It only needs to use the code calculation system in Qiandai 2—the password command you refer to 3 is 30. The completion of the calculation will be completely transparent to the operating system.

During the μ operation, the operating system 320 causes an application program to be executed on the U processor 30. During the execution of the application program, as a part of the instruction stream, the -password instruction 322 is provided by the memory 3 8 21 Take the logic circuit 302. However, before the execution of the password instruction 322, the instruction in the program stream instructed the microprocessing = 30 to initialize the contents of the register 308-31 2 so as to point it to the locations 323-327 in the memory 321, these The location package ^ a cryptographic control character 323, an initial cryptographic key 324 or-a key directory 324, an initialization vector 325 (if necessary), input text 326 and output text 327 for operation. The register 308_312 needs to be initialized before executing your code instruction 322. Because ^ 27 200536329 the code instruction 322 needs to indicate the register 3 08 — 312 and an additional register 31 3, so it is necessary to execute the password instruction 3 2 2 The initial register 308-3] 2, and the additional register 313 contains a block count, which is a block of data encrypted or decrypted in the input text 326. In this way, the 'translation logic circuit 3G3 fetches the cryptographic instruction from the fetching logic circuit' and translates it to a sequence corresponding to the microinstructions to instruct the microprocessor 301 to execute the specified cryptographic operation. Operation one corresponds to the first complex number of the micro-instruction circuit series: the micro-instruction circuit 305-306 'specially instructs the crypto unit 316 to load the data provided by the load logic circuit 314, that is, the number of specified crypto rounds is started, and A corresponding rotating data block is generated, and the corresponding output data block is provided to the storage logic circuit 317 ', which is stored in the output text 327 of the memory 321 via the data cache 315. In the sequence corresponding to the microinstructions, a second plural microinstruction (not shown) is intended to be executed by the other execution units in the microprocessor 301 to perform other necessary operations to complete the specified cryptographic operation, such as management No architecture register (not shown), = Includes temporary results and counters, updates the turn-in and output indicators to 31 and 312, and updates the initial vector index after encryption / decryption in "Roll-in Article" 326. Store _ 31〇 (if needed cleaning), handle interrupt pending and so on. In the embodiment, the temporary cry 28 200536329 308-31 3 is a structural register. A structural register 3008 3i3 is defined as a register in an instruction set architecture (ISA) for a special microprocessor. In one embodiment, the cryptographic unit 316 is divided into several stages, thereby allowing pipelined continuous input of text 326. The block diagram 300 of FIG. 3 provides the necessary components of the present invention. Therefore, most of the logic circuits in the microprocessor 301 are omitted in the block diagram 300 for clarity. However, those skilled in the art will understand that the microprocessor 300 is composed of many stages and logic elements according to a specific implementation, and for clarity. For example, 哉 λ, deer station ^ J load logic circuit 314 may implement an address generation phase, followed by a cache interface phase and an access line alignment phase. However, on the basis of several input texts 326—the complete month in the invention is instructed via a single order— ',, #according to this a di々—the password refers to 322, and the password refers to the circuit and code calculation port Lao Wei Kai /, test the operating system 320, and the execution of the password instruction circuit-Beijing eight _ ^ find the code to grab the early Wu 31 6, in parallel in the microprocessor 301 Zeng-Zai-Jian Fan Cheng. The focus of the present invention is the implementation of the s ~~ points of the cipher unit 3116, similar to the implementation configuration of a microprocessor to make the exclusive floating hardware earlier than a few years ago. 29 200536329 The operation of the code unit 31 6 and the related cryptographic instruction 322 is completely compatible with the old operating system 320 and applications at the same time, which will be described in more detail below. Referring now to FIG. 4, a schematic diagram illustrates an embodiment of a micro-cryptographic instruction 400 according to the present invention. The microcode instruction includes an optional leading field 401, followed by a repeat leading field 402 ', followed by an opcode block 403, and then a block password mode block 404. In one embodiment, the contents of these blocks 401-404 are consistent with the x86 instruction set architecture. Other embodiments are generally compatible with other instruction set architectures. "Operational optional" pre-blocking 401 is used in many instruction set architectures to enable or disable certain processing characteristics of a main microprocessor, such as indicating 16_bit or 32_bit operations , Instructing to process or access specific memory segments, and more. Repeated pre-stop block 402 indicates that the cryptographic operation specified by the micro-crypto instruction circuit is completed on a plurality of input data blocks (that is, plain text or cipher text). Repeated pre-blocking 402 also implies that—a suitable microprocessor uses the content of a plurality of wooden temporary states as an indicator of the position in the system memory. The system memory contains data for specific cryptographic operations and ^ Number. As described above, in the -χ86 compatible embodiment, the value of the stop 402 is repeatedly set to 0xF3. Furthermore, according to the 200536329 structure agreement of χ86, the cryptographic instruction is quite similar to the x86 repeating instruction such as REP · MOVS. For example, when the X 8 6 compatible microprocessor embodiment of the present invention is executed, repeating the preceding field instruction instructs the block calculation variables stored in the structure register ECX and the register ESI The source address indicator in (indicates the input data used for cryptographic calculations) and the destination address indicator (in the memory indicates the output data area) stored in the register EDI. In the χ86 compatible embodiment, the present invention makes it known to repeat the contents of the instruction, referring more to the control character index stored in the register EDX, the cryptographic key index stored in the register EBX, and Index of the initialization vector stored in the register EAx (if required by the specified chip mode). The operation code block 403 specifies that the microprocessor completes the cryptographic operation, and it is also specified in the control characters stored in the memory. This record system indicates through the control character indicators. The present invention calculates a better selection value of the operation code block 403 as one of the reserved or unused operation codes in the existing instruction set architecture, so as to maintain the consistency of the microprocessors conforming to the old operating system and the application software. For example, as described in the month 'J, the opcode field 403 implements a value of 0x0FA7 to instruct the cryptographic operation to be performed as specified. The block password mode block is 40-40. A special block dense stone horse mode is specified to execute during the specific cryptographic calculation, as shown in Figure 5. # ’31 200536329 FIG. 5 shows a table 500, which shows the values of exemplary block cipher mode blocks according to the electronic structure of FIG. 4 in green. A value of 0xC8 specifies that cryptographic operations can be accomplished by using an electronic code book (ECB) message mode. The value OxDO specifies that the cipher operation can be completed using cipher block chaining (cipher block chaining). The value ΟχΕΟ specifies that the cipher operation can be completed using cipher feedback (CFB). The value 〇χΕ8 specifies that the password operation can be completed using output feedback mode (〇utput feedback, 〇fb). All other values of block 404 in block cipher mode are retained. These modes are described in the aforementioned FIPS text. Next, ® 6 shows a block diagram that describes the cryptographic unit H7 in x86-compatible microprocessing @ _ in accordance with the present invention. The microprocessor 600 includes a retrieval logic circuit 601. The retrieval logic circuit 601 has a structure (not shown) to obtain a structure for execution. The fetch logic circuit 601 is connected to the translation logic circuit 602. The translation logic circuit 602 includes a logic circuit, an element or a microcode (in other words, a microstructure or an ontology structure) or a logic circuit, an element, a combination, or a related, ordered, special-effect element using the translation structure to the microstructure. The components that perform the interpretation in the translation logic circuit 602 may be shared with other circuits, microcode, etc. This circuit, 32 200536329 microcode is used to perform other functions in the microprocessor 600. The translation logic circuit 602 includes a translator 603, a translator 6 03 connected to the microcode read-only memory L 64, and a series of password blocks connected to the translator 63 and the microcode read-only memory 604. Block index logic circuit 640. The interrupt logic circuit 626 is connected to the switching circuit 602 via a bus. Most software and hardware interrupt signals are handled by the interrupt logic circuit 626. The interrupt logic circuit 626 means that the interrupt is not transmitted to the translation logic circuit.-Connected to the micro processor, the continuous phase is transferred = Jie 600 includes a register stage 6 〇5, addressing stage 606, loading stage 607, execution stage 608, storage stage 618, and write back stage & 619. Each of the successive stages contains logic circuits that perform specific functions related to the execution of instructions provided by the fetch logic circuit 60, and these structures are described under similar names in the microprocessor of FIG. The embodiment shown in FIG. 6 is characterized by an execution logic circuit in an execution phase 608. The execution phase 608 includes parallel execution units 61, 612, 614, 616, and 617. An integer unit 61 receives an integer micro-instruction circuit from the micro-instruction array 609 for execution. -The floating-point unit 612 receives the floating-point micro-instruction circuit from the micro-instruction queue 61 for execution. — The multimedia extension set unit 614 receives the multimedia extension set from the micro-finger slice 614 33 200536329 micro instruction for execution. -The stream extension set unit 616 receives the stream extension set micro instruction from the micro instruction array 615.

In the embodiment, the password unit 617 is connected to the stream extension unit 616 through the loading bus delay signal 621 and the storage bus 622. The crypto unit 617 shared the stream extension unit: «令 许 列 615. In another-alternative embodiment, independent parallel operations of the cryptographic units Η? Are performed in a similar manner to the units 610, 612, and 614. The integer unit 61 is connected to a χ86 flag (EFLAGS) register 624. The flag register contains χ bit 625, which is used to indicate whether the cryptographic operation is being processed. In one embodiment, the X bit 7L 625 is the 30th bit ranked in the x86 flag register 624. In addition, the integer unit 61 receives the machine-specific register 6-28 to identify the state of the E bit 629: whether the crypto unit 617 is present in the microprocessor 600. The integer early element receives a D bit 631 in the characteristic control register 630, and enables or disables the crypto unit 617. The micro-processing embodiment 301 shown in FIG. 3, and the microprocessor 600 in FIG. 6 specifically describe some components to clearly represent the origin of the x86_compatible embodiment and clearly gather or delete other headers of the microprocessor. Q In the dagger style, the artist can easily know other metadata caches (not shown), bus interface units (not shown in 34.200536329), clock generation and distribution logic circuits (not shown) required to complete the interface. Drawing) and so on. In the operation, the instruction logic circuit 601 is used to obtain the instruction circuit from the memory (not shown) and provide the instruction to the translation logic circuit 602 in synchronization with the clock signal (not shown). The translation logic circuit 602 translates each instruction circuit to a corresponding array of microinstruction circuits. These microinstruction queues are continuously provided to the microprocessor at subsequent stages 605-608, 618, and 619. Each micro-instruction circuit in the micro-instruction sequence instructs the execution of a sub-operation. This sub-operation needs to complete a comprehensive operation. This comprehensive operation is performed by corresponding instruction circuits. These corresponding instructions can be used as the following instruction circuits: Borrow From the generation of the address in the addressing stage; the two-phase addition transport code in the integer unit 61. This integer unit 61 is obtained from the designated register (not shown) in the register stage 60. ; Store the results produced by one of execution units ㈣, 612, 614, 616, 617, which are executed by the storage stage 618. According to the translated finger # T two translation logic circuit 602, the translator 603 will directly generate a micro-Z π sequence, or obtain the sequence from the microcode read-only memory 604 =, or the translator 603 will directly generate a sequence And learn the existing sequence portion from the microcode read-only memory 604. The micro-finger 7 is synchronized with the clock signal through successive phases 605_608, 618, and 619. When the microinstructions reach the execution stage 608, 35 200536329 they and their opcodes and designated execution units 61〇, 6i2, 614, 616, 617 (obtained from the scratchpad in the scratchpad stage 605, or Generated by the logic circuit in the address stage 606, or obtained by loading (6G7 from the data cache) together and executed by the execution circuit 632, which is performed by the corresponding microinstruction queue 6009 , 6 ", 613, 615 instead of micro instructions. The execution units 610, 612, 614, 616, 617 execute micro instructions and provide the results to the storage stage 618. In one embodiment, the microinstruction encloses a block indicating whether it is executed in parallel with other operations. In response to the second-mentioned acquisition of the cryptographic instruction 'translation logic circuit 602 generates related microinstructions', these microinstructions point out the logic circuit in the subsequent stages of the microprocessor_ 605-608, 618, 619 to implement the: Operation. The operation number-most relevant micro-instructions are transmitted = code unit 6Π and instructed to the crypto unit 617 "The information provided by the manned exchange 620, or the input data of a block is loaded and a predetermined number of encryption loops are started" to generate One area outputs the data, or provides the output through the storage bus 622: the generation block of the material, and is stored in the record body through the storage stage 618. The second most relevant microinstructions are transmitted to other implementations: ㈣ , Chuan, chuan, 616 to perform other sub-operations, these sub-elements: ^ and yuan into predetermined cryptographic operations, these predetermined cryptographic operations can be. 36 200536329 Test E bit 629, enabling η you-double this 0 bit Fan 631, Set the χ bit 625 to indicate whether the cryptographic operation is being performed, and update the register in the register 60 (that is, the calculation register, the input text index temporary storage ϋ 'input ^ word index temporary processing is interrupted The interruption indicated by the logic circuit 6 2 6 6 2 7. Complement μ μ ^ "Research through the integer unit micro instruction in the micro instruction sequence of the parent wrong password unit, the next day Μν and u7 related micro instructions are provided as multiple input data Block specific Code operations are performed so that integer operations can be performed in parallel with cryptographic unit operations. Microinstructions are included in the relevant microinstructions to allow response to interrupt 627 and return from interrupt 627. Since all password parameters and data indicators are stored in χ86 In the structure register, their state will be saved when processing interrupts, and the state will be restored when returning from the interrupt. Therefore, when an interrupt occurs, program control will jump to the corresponding interrupt service routine. As a program As part of the control jump, the χ bit 625 will be cleared of the key key and the control financial data ^ and then valid. When returning from the interrupt, the program control system is transferred back to the password instruction 'and used as part of its related micro instruction , Special micro instructions will test) (The state of bit 625 depends on whether the figure and control character data are valid. If it is valid, Cheng cuts in: The specific input block before the occurrence continues to be processed, If the state of X-bit 625 indicates that the key data and control character data are not valid anymore, 200536329, it will re-enter the memory, and will be transferred to Song Yu A- 』M When the interruption occurs, the key of the lean block is being executed according to the present invention-Rite 疋. According to the present invention, the execution of the cryptographic command is: 兀. The initial test of 625 is to determine the validity of the cryptographic unit =: data If the key data is metadata, then the input flutter; = 鍮 data and control block are loaded, and executed on: the rotating data area pointed to ^ ^ password operation is performed on the money person data block. In addition, the input data block-the execution of the charge does not need to be shipped with your heart. Instead of loading the key data and control character data first, if you have a new key and control word line Before the new password instruction, the χ bit 62 must be cleared. ^ Consecutive password instructions with the same key data and control word data are executed. In this case, there is no need to clear the χ bit 625 after initializing the Golden Butterfly :: Control subfeed. For example, with a high memory bus speed, users can divide the encryption / decryption of 500 input data blocks into 5 password instructions, each of which can process 100 input data blocks. Using the code selection block serial mode, the password block serial block indicator indicates that the logic circuit 640 will complete the cryptographic operation. Cryptographic block serial area 38 200536329 The block index logic circuit 640 ensures that the relevant micro instructions work properly and allows the intermediate results of the index register and the block password operation sequence on the series of input text blocks to be at s _ Before interruption 627, it can be updated, the code block serial block index logic circuit ". The instruction is inserted into the micro-instruction circuit of 4 buckle" I ^ ", so that the cryptographic operation of the input data of the first block is performed. Input and output in memory 2: The block index is changed to point downwards-input and output data: block. In addition, the 'password block string block index logic circuit 64' is not inserted into the corresponding micro instruction stream The micro instruction makes the change area: count β to indicate that the cryptographic operation on the current input data block has been completed. A person familiar with the technology understands that the cryptographic operation under the cryptographic block string: formula uses an initialization vector, which It is used by Yidi :: Moontext block to generate a first-ciphertext block. For the first-second ciphertext block, the first ciphertext block will be used as the equivalent initialization vector of the second Ming = block. , Followed by Therefore, the password area: Column Block Index Logic Circuit 640 identifies the cryptographic block serial die encryption and provides a sequence of micro instructions to update the structure register: the 'mark' to ensure the area behind the first plaintext block. Block, using a suitable ciphertext block as its equivalent initialization vector. For the cipher block serial mode decryption, a person familiar with this technology knows the use of an initialization vector and a first ciphertext block, 39 200536329 to A first plaintext block is generated. In order to generate the next plaintext block, the first ciphertext block will be initialized to the same as the second ciphertext block to 1, and will continue in sequence. Therefore, the cipher block string area The block logic circuit 640 recognizes the cipher block serial mode decryption and provides a sequence of micro instructions. When the corresponding plaintext block is generated, each ciphertext block is temporarily stored, and the temporarily stored ciphertext block is stored. Write back to the memory area pointed to by the initialization vector index register, so that the next plaintext block can be used as an equal amount of initialization vector. Now referring to the chart in FIG. The last name structure of a typical microinstruction 700 that performs codon operations in the processor. The microinstruction m includes a microoperation code field 701,-:: temp register block 702 and a register 襕. The code block 701 indicates a specific sub-operation to be executed and indicates that the logic circuit of the sub-section is executed by the microprocessor 600. The micro-computing code center: two predetermined micro-instructions are based on the eitai ... special The value indicates that the password unit is executed according to the present invention. In one embodiment, there are two special values. —: (XLOAD) indicates that data is to be retrieved from the memory location: the cutting address is temporarily stored by the data The body position specified by the device stop 702. The data will be loaded into: the register of the level 70 of the register, 200536329, and the temporary state is indicated by the register stop 703 Data (such as cryptographic key data, control characters, data retrieved, and initialization vectors) are provided to the Mimar unit. fEnter text information 7 01—brother of one M-code operation code block—value storage USTOiO system indicates that the data generated by ^ will be April from the code unit system from the data temporary storage 1 to a §memory body Location, its address ... The structure indicated by field 702 is temporarily stored. In a plural phase, the password list is bad ... it shows that the round funding :::: = register is stored in the memory. The output data block is provided by the password unit :: block 704. The user's temperature is provided by the early-in-a-box material a, ,, ... stored in the logic circuit for access. According to the present invention: the descriptions of the load and misstore microinstructions of the crypto unit will be discussed in Figs. 8 and g. Looking at FIG. 8 'Table 800 describes the value of a register field 703 containing a human micro instruction according to Equation 7 of FIG. As discussed in the previous section, translating a password into a person is as shown in the other columns. The micro-instruction sequence contains a sequence of micro-instructions and-from Λ to generate a micro-instruction sequence and the-group is executed by the microprocessor :::: unit: the-group of micro-finger functional units execute two parallel. Micro-phase 7. The second group of micro-finger combinations — such as updating the counter, temporarily testing and setting the temporary registers in the special temporary structure of the machine, counting. The second group of instructions provides 2:; :: state ... sub-transport number and input data. 41 200536329

Go to the password list Tt and instruct the cryptographic unit to generate the key catalogue into the surplus catalogue retrieved from the memory), carry it and encrypt it) enter text data, and store and output text data. —Truncate instructions provide loading control character data for the password unit, load: code key or key directory 'load initialization vector data, load binary: word data, and load input text data and drive the password list : Execution: Ding: 疋 's cryptographic operations. At a value _10 of a load microinstruction register, the designated password unit loads a control character into its own internal control character register. Due to this instruction line, the structure control character pointer of the register stage is temporarily fetched to obtain the address of the control character in memory. The address logic circuit translates the address into a physical address for memory access. The load logic circuit retrieves the control word 70 from the cache and places the control character in the data field 704.

:: Passed to the crypto unit. Similarly, the bad bit i of the register indicates the Mimar unit to load the cryptographic operation at the bad bit 7.4 of the data. Same as: 2: 4: and ::: After loading and executing the specified ^ child is almost the same ’Input data is accessed through -storage = construct the index in the register. The value of the data indicates that the input data provided by the user will be loaded into the internal temporary storage input-the input data will be stored in the register. The data in the register can be 42 200536329 text input data (when pipelined), Can be an initialization vector. The values Obl 10 and Obl 11 indicate that the cryptographic unit is loaded with a cryptographic key or a low-order bit and a high-order bit of a key in the user-generated key list, respectively. According to the present invention, the user refers to the completion of a specified function or a specified operation, and the user may be an application, an operating system, a machine, or a person. Therefore, in one embodiment, the user-generated key catalog can be created by the application. In an alternative embodiment, the user-generated key directory may be created by a person. In one embodiment, the values of the register fields OBBLOO and 0B101 are divided into two stages of a fork code unit, and consecutive round-text data blocks can be pipelined. Therefore, in order to pipeline the two consecutive input data blocks, a first load microinstruction execution provides a first input text data block to round-in, and then

Then execute the second load microinstruction to provide a second input sub-lean block to input -0 and instruct the crypto unit to start the specified crypto operation. ^ If a user-generated key directory is used to perform cryptographic operations, then the load microinstruction corresponding to the number of keys in the user-generated key directory will be sent to the crypto unit, which is used to load Every key in the key catalog. 43 200536329 Crying while loading microinstructions, 4 to keep. ^ Replace all other values of 703 to a tea according to Fig. 9 'Table_Representation according to the format of Fig. 7-the value of the register 0703 which is used to store microinstructions instructs the cryptographic unit to produce ^ ： 广 子 U # The whole life (ie, encryption or decryption) of the poor material is provided to the storage logic circuit, and the memory designated by its storage 702 is imitated at the address booth. Therefore, after the root logic circuit translates and sends instructions to the U-turn-in text block, it issues a command for a specific round. The value of the register block 703 is bl (^ 一 / memory, and its internal is connected to the one-finger password unit 2) The output register will lift the output text block to A to store the logic circuit into the sub-output -0's The content is related to the input value of the second block. Similarly, refer to the register 1 and the contents of the internal output-1 register and the input to the input-1. Data: Γ, Off: Yes. Therefore, load gold ^ ^, '^ send password micro-instructions to enable multiple input text sub-blocks to rely on one code micro-instruction; ^ pipelined' these are hidden H round-in Ί, load. Input-0 (load out-bu save · wheel ", man. Input -1, Ά ^ began to run the next two round text blocks 44 200536329 count) and so on. Now look at the figure 10. According to the present invention, the chart focuses on the control character format 1 0 0, where the control character specifies the password parameter for the cryptographic operation. The control character 1 000 is programmed into the memory by the user, and the cryptographic operation is being performed Previously, the indicators were provided by a structure register suitable for a microprocessor Therefore, as part of the administrative instruction sequence related to the password deduction order, a micro instruction is loaded to instruct the micro-processing to read a structure register containing an indicator, convert the indicator to a physical address, and remove the memory (cache ) Read control character 1 000 and load control character 1 000 into the internal control character register of the password unit. Control character 1 000 includes a reserved stop (RSVD) 1001, a Key size block (KSIZE) 1 002, one encryption / decryption block (E / D) 1 003, one intermediate result block (IRSLT) 1004 ', one gold record generation field (KGEN) 1005, one > shell Alien Hold (ALG) 1 0 0 6 and a Round Count Block (RCNT) 1 007 〇 · All values in reserved field 1 0 0 1 are reserved. The content of the gold surplus size field 1 002 is used to specify To complete the encryption or decryption of the cryptographic key size. In one embodiment, the key size field is either a 128-bit gold record, or a 192-bit gold balance, or a 2 56-bit key. The encryption / decryption block 003 specifies whether the cryptographic operation is an encryption operation or a decryption operation. The key generation stop 1005 45 200536329 indicates that the memory is provided by a user to generate gold eyes; Luo 3 — a single cryptographic key, if it is — ”, 、 after a single, the code Jinyu Guren, micro The instruction will be combined with the cryptographic golden wheel _ ,,, and '°. The algorithm block 1 006 specifies: 鍮 Expands to the key directory. In one :: i〇〇6m 寅 The algorithm is for the purpose ~ 法 τ "Method block standard, Miyazaka , One tongue, one month ... The standard algorithm for encryption of data encryption standards. Alternatively, two :: method or advanced encryption examples include other algorithms, mouth: n ael password algorithm, Twfish fish algorithm and so on. The round count stops the meat of 1007 and 4m ^ ul. The internal office of ulJ7 completes the number of password rounds given by the mother-enter text block according to the given algorithm. = Cryptographic algorithm standard specifies a fixed number of Dammam rounds for each input text block 'but provides a round count stopper to change the number of rounds specified by the standard. In one implementation = type The hard type division can specify 0 to 15 rounds for each block. Finally, the content of the middle = fruit field 1 004 specifies whether the ^ advance / decryption of an input text block is based on the algorithmic cryptographic standard specified by algorithm block 1 006 and the round specified by block 1 007 Number of executions = 3, whether the encryption / decryption is based on the algorithm of algorithm blocking 1 006, and the execution is performed with the number of rounds specified by round counting blocking 1 007, and the execution result of the last round is an intermediate value instead of Most 46 200536329 final results. A person familiar with the blocking technique will hope that in each round, many cryptographic algorithms perform the same sub-operations, except for the execution of the last round. Therefore, programming the intermediate result stop 1 04 to provide an intermediate result instead of the final result allows the programmer to change the intermediate steps of the execution algorithm. For example, you can verify the performance of the algorithm by performing one round of encryption on one text block, then two rounds on the same text subblock, and then three rounds, etc. to obtain cumulative intermediate results. The ability to provide programmable round counting and intermediate results enables users to verify the performance of cryptographic codes, detect failures, and explore the utility of different key structures and round counts. The cipher according to the present invention will be described in detail with reference to FIG. 11 ′.

Unit 1 1 0 0. The fork code unit 1 1 0 0 includes a micro-code register 1103 for receiving password micro-instructions (ie, loading and storing micro-instructions) through a micro-instruction bus 1114. The crypto unit 1100 also has a 7-character register 1104, an input_0 register ιι5, and an input-1 register Π06, and a key-zero register 11. 7, a full key-1 register UG8. The data is provided to the memory 11-104-1108 through the manned bus i⑴, as specified by the contents of the load microinstruction in the microinstruction register 1103. °° What code is as early as 70 U00 is connected to all temporary storage 1111G3-_ and gold 鍮 random storage 47 200536329 block poor code logic circuit 11 01 of cryptographic key RAM 110. The block cipher logic circuit provides a delay k number 111 3 ′ and provides the block result to a round-out—q temporary cry 1109 and an output-1 temporary register 1110. The output registers 1109-1110 send their contents through a storage bus 1112 to a successive stage suitable for a microprocessor. In one embodiment, the 'microinstruction register UI03 is 32 bits, while the other registers 1104-1110 are all 128 bits. In Lu Yiyun, the password microinstruction is sequentially transmitted to the microinstruction register 1103, and at the same time, one of the control character register 1104 or the input register 1 1 05-1 1 06, or the key register The data specified in one of the registers 1107-108 is also transmitted. In the embodiment discussed with reference to Figs. 8 and 9, a control character is first loaded into the control character register 1104 through a load micro-processor 7. Then load the password gold record or the gold record directory with confidence afterwards. If a _ 1 2 8-bit fork code key is loaded, the micro-instruction can be loaded as soon as the micro-instruction is loaded to the specified register golden record _〇 11〇7. If the 128-bit: I key is loaded, then a load microinstruction is provided in addition to the specified register key — 011 1 07, and also provided with the register key 1 U 0 8 One loads the microinstruction. If the user generates a gold directory to be carried, the 48 200536329 subsequent loading microinstruction specified by the register key -G 1107 will be provided. Each key loaded in the directory is stored in turn in the key random access memory = their corresponding password rounds are used. Following this, the round robin (if no initialization vector is needed) will be loaded into the round -1 register n06. If the initialization vector is needed, it will be loaded into the round-in register via a load microinstruction. The loading micro-instruction acting on the input-zero register 1105 instructs the password unit to load the input text data into the input-0 register 1105, and starts to act according to the parameters provided by the control character register 1104. , Use the initialization vector of input -1 or two input registers (if the input data is pipelined) to perform the password round of register 1105 input 2 text data. After receiving the input human-instruction micro-instruction of -0 1105, the block cipher logic circuit starts to execute the specified cryptographic operation through the inner valley of the control sub-element. If a single cryptographic balance needs to be expanded, the block cryptographic logic circuit generates each gold m in the key directory and stores them in the key random access memory ⑽. Regardless of whether the block cipher logic circuit ηι generates the gold key catalog or the gold key catalog is loaded from the memory, the first round of alloy key system is cached in the block cipher logic circuit 11 〇1, so that the first The block password round can be executed without accessing the key random access memory 1102. Once started, 49200536329 = constant: is the text block into at least one wheel to continue operation until the operator ..., as, as requested from the golden = Random Access Memory recorded in Shu 1〇2: Alloy taken back key. The Mimar unit 1100 performs a specified block cryptographic operation on a specified block. Even: lose: :: force zone !: can be loaded and stored through corresponding and continuous ::: execution, encryption or decryption. t—After the stored microinstruction is executed, if the output data of the accused (i.e. output, 0 < the output is not complete H 'at this time, the block password logic circuit generates a delayed signal when the output data is generated and is placed in-the corresponding The output of the temporary storage benefit " 〇9- " at 10 o'clock, the contents of the register 1109_111〇 is transferred to the storage bus u 丨 2. Now looking at FIG. 12, a block diagram illustrates the use of the An example of a block cipher logic circuit 1 2 GG that performs cryptographic operations on the order encryption standard. The block cipher logic circuit 1 2⑽ includes = over-confluence # 1211 — 1214 and bus 1216 — 1218 connected to the back. Engine controller 12 丨 〇 Round Engine 1 220. The Round Engine Control Line 1210 accesses a micro-instruction register 1201, a control word 疋 Temporary 1 202, a key—0 Temporary ι2 03, and a key 丄 2 Store state 1 204 to access the key data, micro-finger ▽ and parameters that indicate cryptographic operations. The contents of the input register ι205-120 are provided to 200536329 Round Engine 1 220 and Round Engine 1 220. Roll out text provided to output register 1 207-1 208 The output register 1 207-1 208 is connected to the round engine control state 1 21 0 through the bus 1216-121 7, in order to reassure that the round engine controller can access the result of each consecutive password round, which is through the bus NEXTIN 1218 provides the next round of ciphers to the round engine 122. The key of the golden access random access memory (not shown) is accessed through the bus 1 2 ^ 5. (ENC / DEC) encryption / decryption signal丨 211 instructs the round engine to use sub-transactions to perform encryption (such as S — B 0x) or decrypt (such as reversing S-Box). The content of the round count (RNDCON) bus 1212 drives the round engine 1 220 to execute a The first advanced encryption standard round, an intermediate advanced encryption standard round, or the last advanced encryption standard round. A single generation key (GENKEY) signal 1214 is used to privately turn the engine 1 220, according to the bus 丨 21 3 The provided key generates a key directory. When its corresponding round is executed, the gold bus 1 21 3 is provided to the round engine 1 2 2 0 for each round. The round engine 1 220 includes a connection to a Temporary register 0122 The first key xqr logic on 2 — the memory is connected to a logic circuit 12 and the second logic circuit 1223 is connected to the shift logic circuit 1 224. 200536329 The shift logic circuit 1 224 is connected to a second temporary storage Temporary register η 1 2 25. The second register 1 225 is connected to the mixed logic circuit 1 226, and the mixed logic circuit 1 226 is connected to a third temporary register 2 1 22 7. The first key logic circuits 1221, s-B0χ logic circuit 1 223, shift logic circuit 1 224, and block logic circuit 1226 in the advanced encryption standard ρ I ps discussed above are all in the input text. Perform sub-operations like their name on. The mixed column logic circuit 1 226 needs to pass the key bus 1213 during the middle round, and uses the alloy key to perform the advanced encryption standard X0R function on the input data. First Key Logic Circuit 1221, s — Logic Circuit 1 223, Shift Logic Circuit 1 224, and Mixed Logic Circuit 6 also use encryption / decryption-like bears 211 to perform their corresponding inversions during decryption. Advanced encryption standards. A person familiar with the technology understands that the intermediate block data is fed back to the round engine 1 220 according to the special block encryption mode specified by the content of the control character temporary 2 1/02. The initialization vector data (if required) is provided to the return bow 1 220 via the bus NEXXIN 1218. ° In the embodiment shown in Fig. 12, the round engine system is divided into: Stage · Temporary-〇1 222 and Temporary-1 1 225 is the first-and 'Temporary -1 1 225 and Temporary Cun-2 1 227 is the second stage 52 paragraph 200536329. The data of the middle round is synchronized with μ ## π # ~ guanidine Lb (not shown) and is transmitted linearly between stages. When the data field code is completed on an input data block, the relevant output data g Beco is stored in the corresponding output temporary cry 1 207-1 208. The execution of a micro-finger 7 ilU and 7 storage causes an internal load of a designated output register 1 207-1 208 to be provided to a storage bus (not shown). A method for protecting the state of a cryptographic parameter during an interrupt event according to the present invention is described in Fig. 13 flow chart. When the instruction stream is executed by the 't-microprocessor according to the present invention, the process starts at block 1302. The instruction flow is not—it must include a cryptographic instruction as described here. Subsequently, the process processes decision block 1 304. When judging block 13 04, an evaluation is made to determine whether an interrupt event (for example, maskable interrupt, non-maskable interrupt, page fault, task switching, etc.) A request has occurred to change the current finger 7 μ (interrupt handler '') to handle the interrupt event. If so, the process executes block 1 306. If it is not, the process loops at block 1 034, where the instruction will continue to execute until an interrupt event occurs. According to the present invention, at block 1306, because of an interrupt event, before the program control is handed over to the corresponding interrupt handler 53 200536329, the interrupt logic circuit instructs to clear the X bit in the flag register. . Clearing the X bit ensures that when returning from the interrupt handler, if-the block crypto operation is in progress, it indicates that at least one interrupt event has occurred, and the block of the input data block pointed to by the input index register contents Before cryptographic calculations continue, control character data and key data must be reloaded. The flow then proceeds to zone 1 308. At block 1 308 ', according to the present invention, all structural registers containing indicators and counters related to performing block cryptographic operations are stored in memory. Those skilled in the art understand that the 'storage register' is in the behavior of the data computing device before transferring the program control to the interrupt handler. Thus, the present invention utilizes the purpose of the pre-funded structure to provide transparency of execution throughout the interruption event. When the register is stored, the process proceeds to block ⑶. In block CDG, the program flow is transferred to interrupt processing and the flow proceeds to block 1 3 丨 2. At block 1312, the method is completed. Familiar with this solution, the method of Fig. 13 starts with the interruption processer 1302. -After returning, insert the block from the block and now refer to the figure "'Flowchart' again. According to the case of this interruption event, Qian Jianren's data area 54 200536329 will be executed on the block. Ma £ block string mode password The calculation method flow starts at block 1402, and the password operation is guided according to the male and code instructions, so that $ is opened in this series mode β in the Ma Yun ^ Use the password block: formula to start execution. The execution of the password can be- After the execution, it is returned to the interrupt handler which has been executed. The command. The process then proceeds to block 1404. Entering: 2 14 04 'According to the present invention, the data in the memory via-lose = temporary: ... the content points to. A block is loaded from the script and activated with a specified ㈣ present ... 疋 heart code is different. A specific input refers to a secret /// is calculated by a specified special password (for example, encrypt or decrypt a specified block password mode ( For example, ㈣, password block series, CFB, or 0 FB), or the table a soil y 1 μ) determined. For example, 'if-encryption operation 2 uses 0FB mode' then input for loading data Pointer register is pointed to memory-initial Vector register. If the -decryption operation uses ㈣ mode, then the input index register used to load the data is a register pointing to the next password block in the memory. Encryption operation, pointing down-the register of the Japanese and Japanese blocks will be used as the input index temporary storage 55 200536329, and the data block pointed by the initialization vector index register will be used to generate the corresponding cipher text area Block. If you specify a code block serial mode decryption operation, it points to the storage of the next ciphertext block: it will be used as the input indicator temporary storage n, and the data area pointed to by the mentalization vector indicator temporary storage device. The block is then used to generate the corresponding plaintext block. The process then proceeds to the judgment block [406].

In judging d block coffee, -evaluate ㈣ to decide whether to set the X bit in _ flags temporary storage 11. If the X bit is set, it means that the control character: key directory currently loaded into a cryptographic unit according to the present invention is valid. If the X bit is cleared, it means that the control character and key directory system loaded into the crypto unit is invalid. As mentioned indirectly above, referring to Fig. 13, when an interrupt event occurs, the x-bit in X office-P is cleared only by 7 °. In addition, as mentioned above, when you need to load one-both must be loaded, in the ㈣ or key directory or both

3 () must be cleared before the incoming and code instructions are dispatched. In a first compatible embodiment using the X86 flag (EFLAGS) register, execute-followed by a pus with a POPFD instruction. Those skilled in the art understand that X bit is cleared in ^ order. However, familiar with /, he can replace other instructions in the embodiment. The y page is used to clear χ / 70 ° If the X bit is set, the process 56 200536329 bit is cleared, and the process will proceed to block 1412. If that proceeds to block 14 0 8. In block 1408, since an X bit that was removed by Pan slightly from ^ has been listed; — · an interruption event has occurred, or — a new control word ⑲ / or key data will be loaded ', so a control_ dagger Controlling Fan is loaded from memory. In one embodiment, the manned control characters prevent Mi Shima from performing the specified cryptographic operations as described in block 1404 above. in

In a typical embodiment, starting in block 14G4-Cryptographic Operation 'allows optimization of complex block cryptographic operations by assuming the use of currently carried human characters and full-key data. Therefore, the current input data block is entered, and the i-cipher operation is started before checking: the state of the X bit in block 2 406. The flow then proceeds to block 1 41 0. In block 1410 ', the key data (that is, a key or a complete key directory) is loaded from memory. In addition, according to the newly loaded control characters and key directory, in block 丨 4 The input block and initialization vector (or equivalent initialization vector) mentioned in 〇4 are loaded again and the cryptographic operation is started. The flow then proceeds to block 1412. In block 1412, an evaluation is used to determine whether a cryptographic block serial encryption operation or a cryptographic block serial decryption operation is specified. 57 200536329 If designated as encryption, the process proceeds to block 〖42〇, if designated as decryption, the process proceeds to block 1 41 4. At block 1 420, an output block (ciphertext) corresponding to the loaded input block (plaintext) is generated. The process then proceeds to block 1 422. In block 1414, the input data block (current ciphertext block) loaded in block 1404 or block 1410 is stored in an internal temporary source TEMP. The process then proceeds to block 141 6. At block 1416, an output block (plaintext) corresponding to the input block (ciphertext) is generated. The process then processes block 1418. In block 1418, the content of the internal register TEMp (the current ciphertext block) is written to the memory location pointed to by the initialization vector index register content to decrypt a subsequent ciphertext block, and Use the current block of the ciphertext as an equivalent initialization vector. The process then proceeds to block 1422. The steps described in blocks 1414, 1416, and 1418 are required to be guaranteed to be in a state that allows a cryptographic instruction executed using the cryptoblock serial mode to be interrupted at any time. For example, in one embodiment, the '-wrong page during-the execution of the password instruction may occur at any point. 58 200536329 In block 1 422, the output block generated is stored in memory. The process then proceeds to block 424. In block 1424, the valleys of the input and output block indicator registers are modified to point to the next input and output data block. In addition, the contents of the block count register are modified to indicate the completion of the cryptographic operation on the current input data block. In the embodiment discussed in FIG. 14, the block count register is decremented. However, those skilled in the art understand that alternative embodiments use block counting registers to perform calculations and tests to allow pipelined execution of input text blocks. The process then proceeds to decision block 426. In decision block 1426, an evaluation is used to determine whether an input data block is to be executed. In the embodiment described here, for illustrative purposes, the block counter is used to determine whether it is equal to zero. If there are no blocks to be executed, the process proceeds to block 1430. If a block is to be executed, the process starts at block 1 428. In block 1428 ', when the content is pointed through the input indicator register, the next area of the input data is loaded. The process then processes block 141 2. The method is completed at block 14 3 0 ′. Those who are familiar with this technology hope that the steps discussed in blocks 1416, 1418, 142059 200536329, 1 4 2 2 and 1 4 2 4 can occur along their special axe path in different orders or they can be parallel occur. Although the present invention and its objects, features, and advantages' have been described in detail, other embodiments should also be covered by the present invention. For example, the present invention has discussed in detail the embodiments compatible with the x86 system. However, this way of discussion is because the χ86 system is widely understood, so it provides ample means to learn this month. The invention still includes other instruction set architectures such as PowerPC, MIPS, and the like, and others are completely new. The instruction set architecture is adapted to the embodiment. The invention also encompasses the execution of cryptographic operations in a computing system element rather than in the microprocessor itself. For example, according to the present invention, the code instruction can be easily used in the embodiment of the crypto unit, instead of being used as a part of the computer system like the integrated circuit in the μ processor. The pre-powered embodiment of the present invention will be integrated into a microprocessor around the microprocessor or as an executive — say film, and (for example, North Bridge, South Bridge) order from the master to the heart ^ processing ', Here refers to the application to the funnel " " processor. It is expected that the present invention will use array processing and: industrial controllers, signal processors, and other devices that are also included here. The present invention describes an embodiment of a group of components 200536329 necessary for performing cryptographic operations. Such an encryption / decryption process is crying, as a power option in a communication system to perform cryptography, 'cost, low-port double #. In order to clarify the mentioned optional processing element 月 月 哭 cry as described above. In addition, although the present invention is described in m, it is only necessary to change the number of rounds to be described. The text owes to the rounds, the size of the rounded character register, and the silver key and & In particular, only different block sizes are present. The two-data encryption standard and three-data encryption standard encryption standard are described in detail in the present invention. The present invention also includes the less-known block cipher methods, such as the delete password algorithm and RUndaei 21 ⑽Cryptographic Algorithms, Blowfish Cryptographic Algorithms', such as cryptographic algorithms and ⑽cryptographic algorithms. The present invention provides a block cipher device and supports it in a microprocessor. . The set of implementation methods' cryptographic operations in microblocks can be triggered by the execution of separate instructions. 〃 Now, the present invention has been described in accordance with the block cipher algorithm and the related technology of performing block code execution. It is worth noting that the present invention completely includes other forms other than block ciphers. Provides a single instruction, which can be instructed by the user. A compatible 嘁 processor performs a cryptographic operation such as encryption or decryption. At 61 200536329, this microprocessor includes a designated cryptographic unit. The designated cryptographic unit is completed by the instruction circuit. Specified password function. Moreover, the discussion of the round engine here provides a 2-level slave device, and the two input data blocks can be executed in a pipelined manner. The inventors point out that other embodiments may have more than 2 stages. It is expected that the pipeline phase division of more input data blocks is consistent with the other phases in the symmetric microprocessor.

Finally, although the present invention has been discussed as a separate cryptographic unit supporting a multi-block cryptographic algorithm, the present invention also includes providing a number of cryptographic units connected in parallel with other execution units in a compatible microprocessor. Each of these cryptographic units is used to execute a specific block cryptographic calculation unit configured as an advanced encryption standard, a data encryption standard, and so on. law. For example, the first and second units are configured so that those familiar with the technology should understand the easy-to-use and reveal clear concepts and embodiments to serve as the basis for completing the purpose of the present invention or to modify other structures, and perform various operations based on this. Changes, substitutions, and alterations do not depart from the spirit and scope defined by the scope of the patents claimed in the present invention. [Schematic description] 62 200536329 Figure 1 shows the current password library Li Feng uses it intentionally. FIG. 2 is a schematic diagram describing a micro-rapping technique for performing cryptographic cryptographic operations. FIG. 3 is a schematic diagram illustrating a processor device for executing a processor according to the present invention. FIG. 4 is a schematic diagram illustrating a micro-crypto instruction embodiment according to the present invention. FIG. 5 is a numerical table of a micro-crypto instruction code pattern according to FIG. 4. Fig. 6 is a block diagram detailing a cryptographic unit in a processor according to the present invention. FIG. 7 is a schematic diagram illustrating a typical microinstruction that performs a codon operation in the microprocessor of FIG. 6. Figure 8 is a numerical description based on the format shown in Figure 7—the man-made micro-instruction temporary buffer port table. FIG. 9 is a diagram illustrating a micro-instruction temporary storage port according to the format of FIG. 7. Table of values of the stop. Code Figure 10 is a diagram of a typical control word format used to specify cryptographic parameters for cryptographic operations in accordance with the present invention. 1X4 Fig. 11 is a detailed block diagram of a cryptographic unit according to the present invention. Fig. 12 is a block diagram of a block cryptographic logic operation according to the present invention. Encryption is performed according to the advanced encryption standard. Fig. 13 is a flowchart illustrating a method for viewing the state of a password parameter in an interrupt event according to the present invention. Fig. 14 is a flow chart describing a method for completing a special step, $ μ ^^ X line code, and block cascade mode in the input data block under at least one interrupt event according to the present invention. Key component symbols] 100 Block diagram 102 Second computer workstation 104 Notebook 106 Network file storage device 108 Wireless router 110 Wide area network 112 Encryption / decryption application 201 Microprocessor 203 Application memory 205 Key directory 207 Block Decryption program 209 Password parameters 101 First computer workstation 103 Third computer workstation 105 Local area network 107 First router 109 Wireless network 111 Second router 200 Block diagram 202 Operating system 204 Mima Golden Record generation program 206 Block encryption program 208 Initialization vector 210 plaintext block

64 200536329 211 Ciphertext block 301 Microprocessor 303 Translation logic circuit 305, 306 Microinstruction entry 308-313 Register 314 Load logic circuit 316 Password unit 318 Write back to logic circuit 320 Operating system 322 Password instruction 324 Initial gold loss Or Jinyu directory 326 input text block 328 execution logic circuit 401 optional optional field 403 operation code field 500 table 601 fetch logic circuit 603 translator 605 register stage 607 loading stage 609 micro instruction queue Block diagram instruction register micro instruction queue register group data cache storage logic circuit memory bus _ system memory initial control character initialization vector output text block micro password instruction repeat front field block password Mode field instrument x86 compatible microprocessor translation logic circuit microcode read-only memory addressing stage execution stage integer unit 65 200536329 611 microinstruction queue 612 floating point unit 613 microinstruction queue 614 multimedia extension set unit 615 microinstruction Column 616 Stream extension set unit 617 Password unit 618 Storage stage 619 Write back Segment 620 Loading bus 621 Delay signal 622 Storage bus 624 Flag register 625 X-bit 626 Interrupt logic circuit 627 Software and hardware interrupt signal 628 Machine-specific register 629 E-bit 630 Feature control register 631 D bit 632 execution logic circuit 640 password block serial block index logic circuit 700 micro instruction 701 micro operation code field 702 data register field 703 register field 704 tribute place 800 table 900 table 1000 control character format 1001 reserved field 1002 key size field 1003 encryption / decryption field 1004 intermediate result field 1005 gold record generation field 1006 algorithm field 1007 round count field 1100 password unit 1101 block password Logic Circuit 1102 Key Random Access Memory

66 200536329 1103 microcode register 1105 input-0 register 1107 key-0 register 1109 output-0 register 1111 loading bus 1113 delay signal 1200 block password logic circuit 1202 control character temporary storage Register 1204 key-1 register 1205-1206 input register 1210 round engine controller 1216-1218 bus 1220 round engine 1222 first register temporary-0 1224 shift logic circuit 1226 mixed column logic circuit 1302 area Block 1306 Block 1310 Block 1402 Block 1406 Judgment Block 1104 Control Character Register 1106 Input-1 Register 1108 Key-1 Register 1110 Output-1 Register 1112 Store Bus 1114 Microinstruction Bus 1201 micro-instruction register 1203 key-0 register spring 1207-1208 output register 1211-1214 bus 1221 first key XOR logic circuit 1223 S-Box logic circuit 1225 second register temporary Store -1 _ 1227 third register temporary store-2 1304 judgment block 1308 block 1312 block 1404 block 1408 block 67 200536329 1410 block 1414 block 1418 block 1422 block 1428 block 1412 block 1416 block 1420 block 1426 judgment block 1430 block

68

Claims (1)

200536329 X. Scope of patent application: 1 · A device for performing cryptographic operations, including the first one: = ί circuit, the generation of which is connected to the -by "device, one of the service code refers to ♦, the password # 令 系 为In this: part of the instruction flow to be executed, the password refers to one of the three series of cryptographic operations and the cryptographic operation system contains: Α executes a plurality of block passwords on the corresponding ghosts in the input text area Serial block password operation; A block password is in series with the block indicator logic, and is connected to the password instruction circuit to drive the countermeasures to update the multiple index registers and each block's dense memory. A plurality of intermediate results of the serial block cryptographic operation; and a logic circuit which is connected to the block secret and a serial block index logic circuit for performing the cryptographic operation referred to. 丨 · The cryptographic operation described in item 丨 of the scope of patent application further includes: J or one of the middle / deduction == two-string mode encryption operation, whose operation includes adding blocks to generate corresponding plurals. Gans & described in item 1 of the scope of patent application + This cryptographic operation further includes a device on the side of Besso, which specifies: t column mode decryption operation, whose operation includes deciphering your text block to generate the corresponding Plural 69 200536329 4. As described in item 1 of the scope of patent application, the nest cipher operation is based on the advanced encryption standard, and it is fixed; 5. As described in item j of the scope of patent application; = a designation for execution Specify the password ;, ^ 狁 code command line mode. One-pronged code block string of the built-in 6. As described in item 丨 of the patent application-bit memory, which stores one m step-contains: logic circuit, the bit is connected to the side with ^ to perform operation a no. , The position: the use of the specified password to indicate whether the operation has been interrupted by an interruption event. The dress set according to item f6, wherein the bit is temporarily stored in a flag register. 8 .: The device described in item 6 of the scope of patent application, wherein the method includes: shifting program control to a process that handles the interruption '== 2 ::' and the execution system of the eighth middle in the current input text block is interrupted. 1 ^ # 9. The device as described in item 8 of the scope of patent application, wherein when the notification control returns the password instruction, it refers to the two main masters ^ ^ ^ ^ X The password calculation is performed on the side s 刖 input text area The executor in the block. 10 The device according to item i in the scope of patent application, wherein in each of them, corresponding to each of the passwords on the rounded text block, block serial block password operation completion date is designated, and the password area is designated The h serial block index logic circuit directs the computing device, ',,, and changes the index register to point to the next input and word block. The device described in item 1 of the scope of patent application, wherein the designated cryptographic block serial block index logic circuit instructs the computing device to store the output text block of gru through a erection 200536329 The contents of the register of the vectorization register point to "12." as described in Item 丨 of the scope of the patent application. The event includes an interrupt, an exception,-/, the interrupt switch. Error page, Or a task 1 3 · The installation instructions described in item 丨 of the scope of patent application are based on the X86 instruction format ', /, the password 14 · Step through the multiple instructions in the scope of patent application "step 1 And the plurality of temporary passwords in the computing device 15. The temporary storage is as described in item 14 of the scope of patent application. The temporary storage device includes: x set 'of these first temporary storage devices, wherein the first —Temporarily-points to the first of the-memory address!;:, Contains the memory address specified in the memory V-the first set of 'password' in the specified password, the first input text Block. Jin will be accessed when finished 16 temporarily as // Λ 利范The device of item 14, wherein the -second temporary: device, which causes the second temporary register to be the second index of the memory address of the second brother, and the second memory address is specified in the memory The second 'in the body is used to save the corresponding output text areas; the corresponding output text blocks are in the input text of plural L: fruit ... to complete the specified password operation: π The device according to item 14 of the scope of interest, wherein the third register, wherein the content of the third register is shown in Table 71 200536329, which is a plurality of text blocks within a plurality of input text blocks. 1 8 · As described in item 14 of the scope of patent application, wherein the registers include: 〇 a fourth register, wherein the content of the fourth register includes a pointer to a third memory address A third indicator, the second memory address designates a third 4th position in the memory for accessing the cryptographic key data used for the cryptographic operation of # 日 疋. # 19 勒 如The register described in item 14 of the scope of patent application includes: one T ΘI one first t temporary storage , Where the content of the fifth register includes a fourth to a fourth memory address :; the memory address is designated-in memory = set 'for one of the specified password applications The access of the initialization vector. The register as described in item 14 of the scope of the patent application includes: placing one of these sixth registers, wherein the sixth temporary memory points to the fifth memory address. -The content of 2 contains the memory address designation in the 4th and 5th: the first: the first position, used to complete the specified five-digit control character access to the password, which controls the use of the password A plurality of password tables for operation are designated 70. As described in item 丨 of the scope of patent application, f and the logic circuit includes: 97, where the execution code unit is in each-to-the-round text block 72 200536329 Soil = several cipher rounds, in each block, the Mamen are critically outputting text sub-area 22. One of the two: Ermahui 5 is designated by the interaction with the cipher unit ^ Control sub 7C. ^ A device for performing a Mima operation, including: in. The password unit in the device also executes m ”in the instruction stream of code operation. Refers to # ^ ^ uu of a person who should receive a password to know 7—the code operation system includes: This fork corresponds to a plurality of input text blocks, the previous password block is in series, the block password is in operation, and the dense stone is 1 = the single-row block indicator is logical, and it is connected to the middle of the operation. Serial block password 23. If the 22nd fault event in the scope of the patent application makes a program control transfer m, where -zhong 66 doudou, a W industry j transfer to a process to handle the interruption 侔 = Yun type ^, and its interruption The execution of the cryptographic operation in the currently entered text. When you return to the password instruction as described in item 23 of the scope of patent application ^ Program control returns to the password instruction:; Tian Youshu will be in the current input text block. In the device described in item 22 of the range, when each „block password operation on a plurality of input text blocks is completed, the secret number is specified to modify the indicator temporarily storing the nose counting device, and it is necessary to deduct the next input. And output 73 200536329 text sub-blocks. 26: / ΛSpecial: The device described in "Fan" Item 22, where the secret = second column second coffee logic circuit directs the calculation to set the output text block before "3: ^". To the memory location pointed to by the initial storage of the temporary storage benefit 1 through the initial dagger .: As in the 28th code of the 22nd patent application range—the instruction is based on the χ86 instruction format. A method of operation, the method includes: r: one of some code operations in response to the receive-password,: two ', where the password instruction indicates that the password is specified' the execution includes a corresponding plural Multiple password block blocks on each round of sub-blocks Operations; and the position of the aunt-style area vector, so that the other one makes the initialization more inclusive: an interruption of the 5 password operation includes: 1 command, write a current input text block to an initialization, so that At the next input text blocks, the next password block serial mode block uses the current input text block as an equivalent of _ amount. 29. Method as described in item 28 of the scope of patent application Transfer program control to a program flow for processing pieces; and interrupt the execution of the calculation specified on the current input text block. 30. The method described in item 29 of the scope of patent application, returns from program control It is not until the transfer of the password that the execution is performed on the current input text block. 74 200536329 3 1 · The method described in item 28 of the scope of patent application, wherein the receiving includes: according to the X 8 6 instruction format The cryptographic instruction. 3 2. The method according to item 28 of the scope of patent application, wherein the receiving includes: specifying a cryptographic block serial mode decryption operation as the designated cryptographic operation. 33. The method according to item 28 of the scope of patent application, wherein the execution includes: completing the specified cryptographic operation according to an advanced encryption standard algorithm. 34. The method according to item 28 of the scope of patent application, wherein the access _ Include: Specify a cipher block serial mode in the cipher instruction to complete the specified cipher operation. 75