TW200536330A - Apparatus and method for performing transparent output feedback mode cryptographic functions - Google Patents

Abstract

The present invention provides an apparatus and method for performing cryptographic operations on a plurality of input data blocks within a processor. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction, OFB mode logic, and execution logic. The cryptographic instruction is received by a computing device as part of an instruction flow executing on the computing device. The cryptographic instruction prescribes one of the cryptographic operations. The one of the cryptographic operations includes a plurality of OFB block cryptographic operations performed on a corresponding plurality of input text blocks. The OFB mode logic is operatively coupled to the cryptographic instruction. The OFB mode logic directs the computing device to update pointer registers and an initialization vector location for each of the plurality of CFB block cryptographic operations. The execution logic is operatively coupled to the OFB mode logic. The execution logic executes the one of the cryptographic operations.

Description

200536330 IX. Description of the invention: [Related reference patents]

The priority of this case is quoted from US Patent Application No. 10/826745, the application date is April 16, 2004, and the name is "APPARATUS AND METHOD FOR PERFORMING TRANSPARENT OUTPUT FEEDBACK MODE CRYPT0GRAPIC FUNCTIONS," in other fields 'In particular, it is related to a kind of method and method of cryptographic calculation in the microprocessor ^ penetrative round-out feedback mode. [Previous technology] The early electricity and moon theft, so it is separated from other computer systems. What you need to operate the application independently = run on an early computer system or run into the computer system at runtime and reside in the computer system. After execution, the C programmer provides the application. The application may be file-based Forms, lean materials—generally t tapes, magnetic disks, or other prints that are printed on the paper as part of the system can be used as subsequent storage devices. In this way, the output file program's round-in file or f An application running on a computer system is stored in a file before it can be moved or stored ^ It is stored in a different but two-phase: on the storage device, it can be stored in one file. These early systems are used by applications on different systems. And in other areas, gradually understand the protection and development of sensitive information needs to be developed and used to protect, and the cryptographic procedures are the sensitive data that reveal the way. Generally come to 200536330: The output data stored in a large number of misplaced devices will be used to connect the network computer with the data that has been enjoyed for nearly a year to improve the data transmission network structure, operating system, and the ability to access the shared data by developing the plot士 取 = 工; today: a user of a computer workstation can:: files on the network or network file feeder, use the network and receive electricity: other information, send credit cards between hundreds of computers or Bank function information, to advance and respond to the conflict between the two, and dwellings ^ j. The use of wireless network technology to protect sensitive data is becoming more and more serious. The case is becoming more and more powerful, which has aggravated the issue of computer information security. Reconstruction projects, online fraud, and information planning, for these purposes; the new law should be appropriate, strict V line and potential = what kind of reaction is now in the computer information properly = home computer read: now it becomes-ordinary citizens from Its Remarkable subject. A type of mail or live deposit account access 200536330 In the area of message security, some technologies and devices have been gradually developed so that messages can only be received by specific objects, that is to say, cryptography ( crypt〇graphy). When it is especially used to protect information, it is used to transmit sensitive information when it is stored or transmitted between computers (known as "clear " text" or "plaintext" To an unknown form (such as "ciPhertext"). The transmission process from plain text to cipher text ^ "encryption", "encrypting", or "ciphering", and the transmission process from cipher text to plain text is called "decryption" "," Deciphering ", or inverse cipher ing. In the category of cryptography, establish several steps and rules to allow users to complete cryptographic operations without requiring high knowledge or effort. And enable these users to send or otherwise provide their messages to other users in an encrypted form. Along with the encrypted message, the sender mentions one, and the recipient has an encrypted password that cannot make the recipient unencrypt the message. " Recipients are not able to remove or otherwise access the yttrium plus undisturbed original message. A technology encrypts or decrypts these steps or rules with password-protected, mathematical operations, and specially designed applications. These different categories are used to encrypt or decrypt data. The first type of operation mentioned here (such as public cryptographic operations: RSA operation) uses two types of encryption passwords (a public key (public key) and a private key (private key)). Data is encrypted or decrypted. Mention is made of some public key operations, a type of public key encryption used to transmit data to recipients. The user public and 200536330 ::: also have a mathematical calculus relationship. The recipient must use 1, ί, ㈣ to send the data to decrypt it to recover the data. Although this type of alpha transport is widely used today, the speed of encryption and decryption operations is still too fast, even if only a small amount of data is encrypted and decrypted. The second type of difference, such as symmetric key algorithms, provides a fair amount of data security and is faster. Appropriate operations are called symmetric metal calculations because they use encryption keys for encryption and decryption of messages. There are three main public key divergences in public knowledge: data encryption standard rules (dataencrypti⑽ standard, DES), triple data encryption standard rules (Tripie DES), and standard rules (advance (ji〇n ^ andard, AES): Because these calculus strengths protect high-sensitivity shellfish, they are now used by the US government and its agencies. But it is expected that at least one of these technologies will become a commercial, private communication standard in the future. According to these symmetry For key operation, plaintext and fork text are separated into a special size for encryption or decryption. For example, the advanced encryption standard rules in the 128-bit size range complete the encryption operation, and use 128, 192, and 256 bits. Element encryption key. Other symmetric key operations allow advanced encryption standards for 192 and 256-bit data sets. When referring to block encryption operations, a 10-24-bit plaintext message is encrypted like eight 128-bit bytes. All The symmetric key operation uses the same form of sub-operations to encrypt one and one text blocks, and mentions the more commonly used symmetric golden 1 operation, one and the first encryption. The key expands a variety of keys (such as a "key directory"), each of which is encrypted in a clear text block if it meets the secondary operation. For example, the first key of the gold directory is used to complete the The first encrypted round of the last operation of the plaintext block was 200536330 rounds, of which the second round used the second key of the key directory to produce a second result. A specific number of sub-unit rounds were completed to produce a final version of the fork text body Result. The secondary operations in each round of advanced encryption standard rule calculations still have terms such as sub-bit (or S-box), shift (ShiftRows), mix (MixCol⑽), add round key (AddRoundKey), etc. During each round, a kind of ciphertext block decryption is completed. Except for completing the ciphertext input conversion password and conversion operations (such as mixed columns, shifting), the result of each _ round is a plaintext block. 口 ~ Data encryption standard Rules and triple data encryption standard rules use different characteristics of the secondary operation, but the secondary operation works with these advanced encryption standard rules because it is used in a similar way to convert-plain text blocks into one Text blocks. Α Completes cryptographic operations on multiple consecutive test groups. All symmetric golden coins use the same modes. These modes include electronic code book (ECB) mode, cipher block series (cipher block chaining (CBC) mode, cipher feedback (CFB) mode, and output feedback (0FB) mode. During the completion of this operation, some modes utilize an additional initialization vector and some uses are completed in the first The ciphertext output of the plaintext block encrypted first position is an additional input to the encrypted second position completed in the second plaintext block. For more related technical details, please refer to Federai Information Processing Standards Publication 46-3 (FIPS-46-3), October 25, 1999, which discusses in detail the data encryption standard rules, triple data encryption standard rules j, and see FIPS -1 97, November 26, 2001, which gave a detailed explanation of the advanced 200536330. The aforementioned standard rules were promulgated and advocated by the National Institute of Standards Institute (National Institute of Standards, China, Japan, NIST). In addition, the “individual ancestors” 7 i white paper, set of tools and countermeasures can refer to the Computer Security Contingency Center (csrc) of the National Institute of Science, Technology, and Technology. Xi = Technicians can perceive that most applications can effectively perform encryption operations (such as encryption and de-encryption) on the computer. In fact, some operating systems (such as Microsft, ⑽, X) provide encryption / decryption services directly in the house, the original encryption form, the encryption application program interface, and the like. However, today's computer encryption technology is still missing. ft is directly involved in highlighting and discussing these deficiencies below. ^ Figure 1 is a diagram of the architecture of today's computer encryption application 100, depicting the first computer workstation m ηR solid computer connected to the m-domain network — computer workstation 102, a network file storage device 1 and 6, 6, a The first route is 1 η 7 bucket, 廿, WAN, 11 ^ ^ route is 107, or other interfaces formed with a wide area network (WAN) 11 such as the Internet, and a wireless network router ιEEH8G2.U It is also connected to the local network 105 and wireless computers of type 104, and the network router i 08. The wide area network i 丨 another important point, the second: the second route H " provides a third computer Workstation ', interface. As mentioned above, today ’s users ’brain information security issues during work. For example, under the control of multiple jobs: U system, a workstation 101 user can synchronize 6 jobs, each of which is Requires password calculation. Workstation ': Use 200536330 to encrypt / decrypt application 112 (such as part of the operating system =, == Already: Save: Road: Time Storage = Use ί 加 ΐ = Electrolyte, the second self-possible of Workstation 102 This is the Sri encryption / decryption operation 112. Encryption :, Instant (An instant messaging) message) Further, from the third computer user may work; ^ two sons

110 access or provide his / her final information (such as letter financial transfer, etc.) or other forms of sensitive information. Company A enters any network 105 in the local area network: source 10, 102, 106, 107, 108, 1 () 9, working as a second child. Working with a third computer, Jing can represent household electrical communication ^ computer 103. Each of the foregoing actions requires an example that corresponds to performing operation 112. In addition, wireless internet is being offered sadly in coffee shops, airports, schools, and i

= Place, so the laptop 104 user has an encrypted solution, whether it is his / her message transmission / reception to other users immediately, and to encrypt or decrypt all messages via wireless network 109 to wireless router 108. Those skilled in the art can understand that each of the above activities performs encryption operations on workstations 101-104, and accordingly there is a need to execute an instant encryption / decryption application 112. Therefore, the brain can perform hundreds of encryption operations at the same time-anyway, there are some restrictions on the computer system 10 ^ 04 that perform at least one or more immediate encryption / decryption operations ^ 1 2 to complete the encryption operation method . For example, through a software program ^ 12 200536330, one of the aforementioned functions is relatively slower than the classic one. Each encryption / decryption / encryption is more than 70% of the same function to perform 丨 mouth training mountain / explanation operation ii 2 requires | I, and is on the computer 101-1〇4 & The execution must be suspended within Asian time. The S-stroke mode may be in this mode, the key, etc.) The parameter must be operated in 112, and the encryption operation is performed to encrypt / decrypt the special group of data several times. Encryption / Decryption 4: =, including the execution of multiple computer extension instructions, because: (?) Operating speed has an adverse effect on the speed. For example, ^ system, please see the Microsoft® 〇utlOOk® transmission of a sub-message It is 5 times slower than sending an encrypted encrypted e-mail message to an unencrypted e-mail. In addition, the limitation of the current technology is caused by the delay. Most of the delays are caused by the delay of system interference. Components' They execute the components of the operating system; Ϊ: Ϊ complete these tasks. The operating system is scheduled according to the requirements of the application: application requirements and interruptions. The password operation on 101-104 is completed. Although the computer system, the mining-mountain ^ Fan Department, dedicated sub-point in the microprocessor The floating-point arithmetic of the floating-point mathematical operation τ search period before the early appearance of the floating-point arithmetic is implemented by software, so 2 = 2 = 22 early f. Just like floating-point arithmetic-like, code execution is performed by software: Ϊ 目 目 当Slow. With the improvement of floating-point technology, floating-point two ;: executed on a net-point coprocessor, the floating% yaw point operation is faster than the software implementation: two, = 丁 牙 έ from a 丄, L It also increases the cost of the system. Similarly, the form of external devices such as parallel ports or other peripheral interface processors exists today. This material point # 然 使 = 200536330 is denser, and the execution of the operation is higher than that of ordinary software. See the same processor to increase the cost of the system configuration == Second, and reduce the reliability of the system. By: the main microprocessor that 婵 —direction, Bedin Shiyou Road is not like ΪΨ ^ ^ on the same module, so The implementation of the password crypt is the same as that of the processing 1. It is easier to be intercepted. %%, the inventor of the case of the lonely case learned that people need to manage it today; use two special cryptographic hardware, which requires a password finger; Refers to:? Directly through a separate, micro-code and password instruction circuit control. == 样Functions to reduce interference with the operating system and use: to make it better to be able to cry at the privileged level of the application. Six πt fork code hardware can work with the current popular microprocessing; work; Lee: "Code hardware and Related password instructions should be provided and first

Uti: Cheng; compatible way. The most important thing is to provide A-code different devices and methods, so as to effectively resist dagger eavesdropping, and support a variety of cryptographic algorithms. Support: Verification and testing in 2 special cryptographic algorithms, allowing the use of iiL and more. The generated gold gun supports multiple data, /, and key lengths, and provides programmable block encryption / decryption 2: J t electronic code book type, password block serialization, password feedback exchange: 6 2 times, Pull-type, etc., and can effectively perform block-in-code function on a large amount of data when using the above-mentioned programmable area ciphertext mode. SUMMARY OF THE INVENTION An embodiment of the present invention provides a device for performing cryptographic operations in a microprocessor. The device includes-the password refers to the power supply, the second is the feedback mode logic circuit and the execution logic circuit. The i code 7 circuit is used to generate a cryptographic instruction, which is calculated by $ 2 and used as a knife of the instruction stream executed on the computing device. The start and code instructions specify a cryptographic operation. This kind of secret =: grant block password operation, and output feedback block: ί: execute the corresponding multiple input text block echo mode logic circuit and password instruction circuit to closely set the update index register and each One should output the dislocation vector position. The execution logic circuit and the output feedback branch logic circuit are closely combined to execute the cryptographic instructions. 2. Kedian will implement a device book; it is: a kind of ^ device that performs cryptographic operations. Haiyuzhi includes a full-named output feedback mode logic circuit embedded in a device. Cryptographic unit two ", and-password instructions to specify that the operation in ^ includes several password feedback block passwords;" password "= code operation is performed on the logarithm: combined in-from. Output back Authorization mode logic: "early: dense" The contents of the new index register and the more cryptographic operation of each device-the location of the initialization vector. Several output feedback blocks Another embodiment of the present invention is a method of the < operation. The method includes responding to receiving :: preparing to perform one of several cryptographic operations on the password line, and executing the code instruction and executing the Y instruction in the Shima instruction to specify 200536330 code, and this execution step includes completing the corresponding operation in the second and second zones Several output feedback modes in the block. Block operation-one output returns "into a block-type block operation on an f-word block. An equivalent initialization is written in to the position of an initialization vector. [Embodiment] The following describes the examples of the present invention that are made or used by applying specific technology and specific applications and requirements in the text. However, the modifications are used to highlight the differences from the conventional technology. -The general principles can be applied to other implementations of the present invention and are not limited to specific embodiments. ^ Through the technical background of the above-mentioned cryptographic procedures and the current technology of computers = encryption and decryption related technologies, I: Will ^ = Figure 2 to continue ~ to explore these technologies and their limitations. Next, the present invention will be discussed with reference to Figures 3-14. The present invention provides a device and method for a cryptographic program executed on a modern computer system: The machine, the device and the method show better performance, and thus meet the above-mentioned goals of limiting the intervention of the operating system, the old style, the compatibility of the computer structure, the algorithms and model work, the prevention of hacking, and the testability Flyer, please see Figure 2 '. A block diagram 200 describes the technique for performing cryptographic operations on the above-mentioned alternate computer system. Block diagram 2 includes a microprocessor (micropr〇cess〇r) 201, It is a part of the system memory corresponding to ^ application programs. ^ Use the memory (applicati0n mem〇ry) m ^ to order the circuit and access the data. The instruction circuit provides at least one finger: take two 16 200536330 to indicate a cryptographic operation. And the instruction circuit includes a logic circuit, a device, or a microcode (ie, a microinstruction or a native instruction), or a combination of a logic circuit, a device, or a microcode. 'Because the instruction circuit is not the focus of the present invention, This is no longer described in detail. The control of the program and the data accessed from the application memory 2 0 3 are operated by the operating system (operat) residing in a protected area of the system memory. ing system) 02. As discussed above, if a running application (such as an e-mail (emaii) program or a file storage program) needs to perform a cryptographic operation, the running application must refer to φ = Microprocessor 201 executes specific instructions to complete the password operation. These instructions may be a subroutine of the application program, they may also be internal programs linked to the running application program, or they may be It is a service provided by the operating system 202. No matter how they are combined, a person familiar with the technology will understand that these instructions will reside in some designated or allocated memory area. For the purpose of discussion, these storage areas will be disclosed in the application memory 203 and include a cryptographic key generat'in application · 204, which generally generates or receives a key and The key is expanded into a key directory (key scheduU) 205 for use in password round operations. For multi-block encryption operations, a block encryption program (encryption applicati) 206 will be activated. The encryption program 206 executes instructions to access plaintext 210, a key directory 205, and cryptographic parameters 209 such as a mode and a key directory location for more detailed encryption operations. If the specified module 17 200536330 is needed, an initialization vector (i.208 will also execute these instructions by the encryption program 206 & ization vector) to generate the relative translation. Similarly,-block decryption program m execution number: let is, and perform ^ = ghost decryption operation. , And-initialization vector: parameter take). The decryption program m executes this 4b, which means that f will be stored in block 21o.払 払 7 so that the corresponding plain text is generated. What happened to note that a specific instruction must be executed? Password block. The above fjps specification package ;, ^, ί: And the number of instructions to be determined can be. None, Xin, and 50 technicians will understand that it takes hundreds to complete-a simple block encryption operation; Calculate the password required to complete the calculation. For the current operation of a password = email, remote file access, letter 2 and so on), it is an unnecessary operation. Therefore, currently, users who run applications feel that the currently running programs are not efficient. In the case of independent or embedded encryption and decryption applications 206, 207, start and manage these processes: 206, 207 are also subject to other requirements of the operating system 202, such as support for interrupts, exceptions, and Incidents that worsen the problem. Furthermore, for each cryptographic operation of a union required on a computing system, an example of the formula 204, 206, and 207 is 200536330 = On: Set 2 to 1 = 3. As mentioned above, it can be expected that, with the parallel operation of cryptographic algorithms, these problems and the current computer system and method are described. The implementation of cryptographic operations is crying out. Therefore, the present invention provides a microprocessing, bifurcation code unit, and a method for performing cryptographic operations and related methods. When the cryptographic unit is activated, cryptographic operations are performed in m-formation '. The invention will now be discussed with reference to Figures 12 to 12. 4. Figure 3. A block diagram 300 depicts a microprocessor device that performs cryptographic operations in accordance with the current month. The block diagram 300 describes two microprocessors 301, which are connected to a system memory 321 through a memory bus 319. The microprocessor 301 includes translation logic 303 to receive an instruction circuit from an instruction register 302. The instruction circuit provides at least one instruction for indicating a password, and the instruction circuit includes a logic circuit, a device, or a microcode (that is, a microinstruction or a native instruction), or a logic circuit, a device, or a microcomputer. Since the combination of codes is not the focus of the present invention, it will not be described in detail here. f The translation logic circuit 303 includes a logic circuit, device, or microcode (that is, a micro instruction or a native instruction), or a combination of a logic circuit, a device, or a microcode, or it can be translated to the relevant microcomputer. The equivalent unit of an instruction sequence. In translating logic 19, 200536330, the unit may be used by other circuits and microprocessors 301 to perform other functional purposes. Microcode is a term that means -7. A micro-instruction (or native instruction) is-an instruction that is earlier than,. For example, micro-instructions have been streamlined to reduce the amount of electricity from C reduced instrurfi ηη. +, ^ ^ ^ STructlon set computer, RISC)) ^ is performed. For a complex instruction set computer (CISC) microprocessor, such as an x86-compatible microprocessor, the x86 instructions are translated into related microinstructions, and these microinstructions can be stored in the complex instruction set computer microprocessor. Directly executed by at least one unit. The translation logic circuit 303 is connected to a microinstruction queue 304. The microinstruction queue 304 has several micro instruction entries (raicro instructioonentries) 305, 306. The microinstruction is provided by the microinstruction queue 304 to the register stage logic circuit including a register group 307. Register group (^ magic to "file) 307 has a plurality of registers (registers) = 8-313, and the contents of these registers are created before performing a specified cryptographic operation. Registers 3〇8-312 points to the corresponding location in memory 321 (c〇rresponn / ing locations) 323-327, which stores the data needed to execute the specified password operation. The register stage is connected to Load logic 314, which is connected to the data cache 31 5 'is used to recover the data for performing the specified cryptographic operation. The data cache 31 5 is connected to the memory through the memory bus 31 9 Body 321. Executing logic circuit (executionicogic) 328 and load logic circuit (load logic) 314 are connected and the operation circuit designated by micro-instruction execution communicated through the last 20 200536330 stage includes a logic circuit , Device,:, serial or local instructions), or a logic; t instruction combined 'or can be executed by micro instructions provided to it; 22 $: 4 effective early 7G. May be executed in the execution logic circuit 328 Shared by other circuits, microcode, etc. It is received by the input logic circuit 314, which is used to perform the data required for the early code calculation. The microinstruction order ~ ding t = the number of input text blocks 326 are executed, and the relevant output text n is generated. Different, with a micro instruction or a local instruction), or a logical 4: or (that is, a combination of codes, or an equal 4 or micro: unit that can perform cryptographic operations, the unit that performs cryptographic operations in 316. Commonly used by microcode, that is, crying in this microprocessing: f other functions. In one embodiment, the poor: complete other implementations of its circuit 328 within 3 1 "Shan Shanwei", early two 316 and execution Logic elements, floating-point units, etc. are executed in parallel, such as integer single-the embodiment includes a logic circuit path :: Waizhong-"Single combination, or can be a circuit, device or micro early. These are in -A special unit: or an equivalent specified function element of a specified function may perform the specified operation or execution, that is, 1 circuit, microcode, etc. executed in the microprocessor 301 are the same, in one embodiment — 敕 tf! /, Other functions or operations. For example, the positive number 70 series contains logic circuits, 200536 330 J set or T code (that is, a combination of microinstructions or native instruction circuits, devices, or microcodes, η T, or a logical equivalent unit. A floating-point unit: a line containing integer instructions (that is, a microinstruction or this Machine instructions), or θ2 circuits, devices, or a combination of microcode or microcode, or equivalent units of & ^ capable of executing fixed logic circuits and devices to execute integer instructions within integer units. In an embodiment where the floating point unit can share the capacitor x86 system, 宓 = foreign point instruction. In phase integer units, a x86 floating-point unit, an early 316 and an x86 extension set unit, and an x86 stream. Two X86 multimedia. According to the present invention, one compatible = two early elements are executed in parallel. The embodiments can correctly implement most of the :: two fingers this practice. If you get a correct social result, this method is correct. The available embodiment expects a cryptographic unit to perform if μ @ ^ & selection of a subset of x86 phases in parallel execution. The X86 execution unit logic circuit "tore = is connected to a block of output text 327 keys. Corresponding plurals are stored, and ten storage logic circuits 317 are also connected to the material cache 31 5 which sends the output text data 3 2 7 to the system, first. [Thinking 3 21 places for storage. The storage logic circuit 3! 7 is cleaned and connected to the write back logic circuit 318. 菖 才 说 疋 氆 's code operation is complete. The write back logic circuit 318 will update the temporary register in the register group 307. Registers 308-313. In one embodiment, the micro-instruction system is synchronized with a clock signal (not shown), and flows through the logic stages 302, 303 '304, 30 7, 314, 316-318, so that these operations can be performed in parallel, just like an assembly line. 22 200536330 In system memory 321, an application that needs to specify a cryptographic operation can pass a separate cryptographic instruction ((^ ryptographic instruction ) 322 direct drive micro ^ 1 to perform this operation. Here is a password (XCRYPT) instruction ^ as an example. In a complex instruction set computer embodiment: password, order 322 contains a finger that specifies a password operation =. In the reduced instruction set computer In the embodiment, the cryptographic instruction 322 includes a microinstruction that specifies a cryptographic operation. In one embodiment, 322 utilizes redundant or unused spoons in the existing instruction set architecture. Encoding. In a χ86 compatible embodiment, Cryptographic instructions, renunciation ^ r 4-byte instructions, which consists of a χ86 heavy 稷 just set (ie 0xF3), followed by 2 bytes unused stone! 0 side) 'plus! Bytes indicate a specific block ciphertext mode used when performing ί: ΐt, code calculations. The system permission level of the system is used to = be used by a program or under the control of an operating system and system 320. , Write to the program instruction stream, and make it available to the 301. Because the specified cryptographic operation is performed only two or two = ^ state 322 driving micro-processing H 301 g 卩 γ n, the male code is commanded to the operating system For 320, the operation will be completely transparent. The system 32 is executed on the micro-processing H 301. During the execution of the program instruction, the-part of the instruction stream is provided to the fetch logic circuit 302 during the password instruction period. However, before the memory 322, the The ^ password instruction causes the internal register 30 of the initial register 308-3 [2]. Today, M causes it to point to locations 323-327 in 23 200536330 memory 321, these locations contain a password control character (CryPt〇graphic contr〇i word) 323, an initial cryptographic key 324 or a key schedule 324, an initialization vector 325 (if necessary), for operation input Input text 326 and output text 327. It is necessary to initialize the temporary state 308-31 2 before executing the password instruction 322, because the password instruction 322 directly uses these registers 3008_312 and an additional register 313 for storing a block number without checking. The number of blocks refers to the input text area. The number of data blocks in 326 that need to be encrypted or decrypted. In this way, the translation logic circuit 303 retrieves the cryptographic instruction from the retrieval logic circuit 302 and translates it into a series of corresponding microinstructions that drive the microprocessor 3101 to designate cryptographic operations. In the corresponding system = a first group of micro-instructions 3 05_3 06 in the #f is the driving password to download the data provided by the download logic circuit 314 = the number of password rounds to generate-corresponding input ^ 2枓 S block and store the corresponding output data area by the data cache 315 to store the data in the f sub-area 327 of the memory 321. In one of the corresponding series of micro-instructions, J (not shown) drives the other executives of the microprocessor 301 (shown in figure 2) to perform other necessary operations to complete the specified escape code operation, such as adding capital / Solution, batch you ten mountains in / Solution where a set of input text 326 = g temporary storage of intermediate results and count of non- ^ (P0inL ^^ (Work 2 '3: Bu 312' update initialization vector index register v initlSll23ti 〇n VPpfnr * 4- ector pointer register) 310 24 200536330 (if necessary) and handle the current interrupt, etc. In one example, the register 308_313 is a structure register, and the structure temporary register 308 31 3 refers to In the instruction set architecture (instructi⑽set = J_hLtecture, ISA), a single microprocessor is used to implement a single microprocessor-defined embodiment, the password is a single 1¾ segment, thereby allowing pipelined continuous input text block 326. The block diagram 300 of Figure 3 The basic group used to describe the present invention is early: therefore, for the sake of clarity, the logic circuits in the current microprocessor 3101 are ignored by the block diagram 300. However, the operator will understand that Depending on the specific implementation today j The β 3 () 1 series contains many stages and logic circuit units, but for the purpose of clear expression, the logic Leila qm 'is gathered and loaded together. For example, it includes an address generation stage, but it is worth noting It is in the plural; the alignment phase. A 22-element arithmetic on several input text blocks 326 of Jia-Du-Mu is transparent according to the present invention through the perspective of a separate password instruction. The dedicated password unit 31 6 of the system 320 goes to “Shi”, “Shi”, the line is coded through the processor 301, and the code is 316 series and micro ^ ^ ^ ^ :) ;, ^ ^ f ^ ^ 31 β 66 香 # 加 ', planted reconstruction, special floating-point "hard system for code early" :: 3 2 2 operation provided by the previous microprocessor and previous work ^ 31 6 and related passwords The instruction issuing operation is completely compatible. 320 and Application Refer now to Figure 4, below. The confession is not intended to show that according to the invention "-^ Microcode deduction ^ 400 according to the present invention includes an optional embodiment. The password instruction field) 401, then a block 〇ptl0nal prefix field 402, followed by a repeatprefix (repeatprefix, 〇PC〇defield mode field) 404, a horse-shaped block ( The content of bl〇Ck Cipher and the χ86 instruction are in: ^ In the embodiment, block 404 and 404 to accommodate other instruction sets; The reconfigurable embodiment is still in its infancy, and the current w and $ t are many The instruction set architecture's leading field 401 is implemented in these operating characteristics, # &,# this or disables the search of the main microprocessor, performs 16-bit or 32-bit operations, and performs two or two special memories. Segments, etc. Repeat the preblock 402 into the data block (that is, the plain text 'will also imply a suitable element in the plurality of input bits 402. Repeat the contents of the preblock block register to use multiple frames lb ^, as the 'private' in the memory of the system, the memory contains a specific number. As mentioned above, in the -χ86 compatible second reality: two shells to send the code command disk Μηνς 4, Words of knowledge, x86 repeats such as blood PMOVS are similar to Aita. For example, 'when implementing the present invention In the embodiment of the microprocessor, the preceding stop finger is repeated; the source address indicator in the block calculation register Esi of the structural register Ecx (indicates that the password is imported into the greed) is stored and stored in the temporary register. The destination address in the register EDI:: indicates the output data area in the production memory). In the χ86? Embodiment, the present invention makes the repeat of the content of the instruction sequence more: 26 200536330 There is a control in the temporary storage f EDX Character index, index of the cryptographic key stored in BX, and index of the initialization vector stored in the temporary cry: (if specified). &Amp; required for the old-fashioned chip, the different code block 403 specifies micro The processor completes the password operation, and is delimited in the control characters stored in the memory, =? Is indicated by the control character indicator. This = use the field to delete, "瞀" is stored in the instruction set structure One of the spare or unused shipping codes to keep old jobs

Application software conforms to the consistency of the microprocessor. For example, as described above, the operation code field 403 performs a value of 0 × 〇FA7, and 2 ° indicates a cryptographic operation. Block cipher mode block: Two or two special block cipher modes' are executed during specific cryptographic calculations, as shown in Figure 5. A table 500 'is shown in the table 500. This table 500 shows the value of the cryptographic mode field of the non-standard block structure according to FIG. 4. The number = 0xC8 private password operation can be obtained by using an electronic codebook,

Ϊ 完成 and done. The value 〇xDO specifies that the password operation can be completed using the password ^ ^ serial mode. The value 〇χΕ〇 specifies that the cryptographic operation can be completed using the mountain code feedback mode. The value 〇χΕ8 specifies that the cryptographic operation can be completed using the output feedback (output feedback) mode. All other values of block cipher mode block 404 will be guaranteed. These modes are described in the aforementioned FIPS text. Turning now to FIG. 6, a schematic diagram depicts a cryptographic unit 617 in a χ86 compatible microprocessor 600 in accordance with the present invention ^. Microprocessing for 600 includes a capture from execution memory (not shown) 27 200536330

Circuit 602 includes a microcode ROM (translator on microcode ROM 604) and translation logic 602. Circuit 602 contains logic circuits, devices or microcode instructions, or It is a logic circuit, device ic) 601. The fetch logic circuit 601 'or the instruction can be translated into a microinstruction sequence. The translation logic circuit 602 performs translation and is shared by other circuits, microcodes, etc., which perform other functions therein. The translation logic power supply mode logic circuit (output feedback mode logic) 640 is connected to the translator 603 and the microcode read-only memory 604 at the same time. The interrupt logic circuit (interrupt iogic) is connected to the translation logic circuit 602 through a bus 628. Several software and hardware interrupt signals 627 will be processed by the interrupt logic circuit 626, which will indicate to the translation logic circuit 602 that the interrupt is being processed. The successive stages of the translation logic circuit 60 connected to the microprocessor 600 include a register stage 605, an address stage 606 ', a loading stage (iod stage) 607, and an execute stage ) 6 08, store stage 61 8 and write back stage 61 9. Each successive phase includes a logic circuit that performs a specified function. These specific functions are related to the execution of the instructions provided by the fetch logic circuit 601, and these structures are described by similar names in the microprocessor of FIG. The x8 6 compatible embodiment 60 depicted in FIG. 6 shows execution logic 632 in execution stage 608, which includes execution units 610, 612, 614, 616, 617 in parallel 200536330. Integer unit 610 receives integer microinstructions from micro instruction queue 609 for execution 'floating point unit (f 1 oat i ng po i nt un it) 61 2 receives floating point microinstructions from microinstruction queue 611 For execution, Multi-media Extensions (MMX) 614 receives micro-instruction queue 61 3 from the micro-instruction queue 61 3 Streaming SIMD Extensions (SSE) 61 6 Instruction column 61 5 receives a stream extension set of micro instructions for execution. It is shown in a typical X86 embodiment that a cryptography unit 617 is connected through a load bus 620, a stall signal 621 and a store bus 622 To the stream extension set unit 616. The crypto unit 617 shares the micro instruction queue 615 of the stream extension unit. The reconfigurable embodiment attempts to isolate the parallel operation of unit 617, just like units 61, 612, and 614. An integer unit 610 is connected to an X86 flag register (EFLAGS register) 624. The flag is temporarily, and includes an X-bit 625. The state of the X-bit indicates whether the cryptographic operation is being processed. . In one embodiment, the X bit 625 is the 30th bit of an x86 flag register 624. In addition, the integer unit 610 accesses a machine-specific register (machine spec ^ ic register? 628 to calculate the state of an E-bit 629. The state of the bit 629 indicates whether a code unit 617 exists in the microprocessor 600). The integer unit 61 also accesses the D bit 63 in the feature control register 63 to open or close the crypto unit 617. It is the same as the microprocessor shown in FIG. 301—Likewise, the microprocessor 600 of FIG. Β describes the necessary components of the present invention in the X 8 6-phase trough embodiment, and clearly gathers or ignores some of the microprocessor. A person familiar with the technology will understand that Other components must also be used to complete the interface such as data cache (not shown), bus interface unit (not shown), clock generation and frequency division logic (not shown), and so on.

In operation ', by fetching the logic circuit 601, the instruction circuit is obtained from the memory (not shown) and provided to the translation logic circuit 602 in synchronization with the clock signal (not shown). The instruction circuit provides at least one instruction for instructing a cryptographic operation, and the instruction circuit includes a logic circuit, a device, or a microcode (that is, a microinstruction or a local instruction (nat i ν (instruction)), or a logic circuit or device Or the combination of microcode ', since the instruction circuit is not the focus of the present invention, it will not be described in detail here. The translation logic circuit 602 translates the corresponding sequence of each instruction circuit to the microinstruction circuit. These microinstructions are: ^ Synchronized to a clock signal, it is continuously provided to the post-processor stages 605-608, 618, and 619. Each of the microinstruction sequences

ί The circuit instructs the execution of the sub-operation. This sub-operation needs to complete all operations, and the operation is different, and this comprehensive operation is specified by the corresponding instruction circuit. = Some corresponding instructions can be the same as the instruction circuit below. Bits, generated; two-phase addition in the integer list * 61〇: = two This integer soap 61 is obtained from the register stage 605 = = (not shown); the storage execution unit 61 is stored. , 6 2 疋

The result produced by one of Li, 616, 617, this storage is executed by H 618. According to the translated instructions, = translator 6 ° 3 directly generates microfinger 4 ;: ^ and then the sequence from microcode read-only memory 604, or 30 200536330 to generate a part of the sequence and get from microcode: two Part of the existing sequence. Micro-instructions are the same as the clock message = the subsequent stages 605_6〇8, 618, and 619, and then ΐ ΐ ϊ When reaching the execution stage 6 ° 8, they and their operation horses and execution units 61 & 61 2 61 4 61 6 61 7 (In the register stage 605, the logic shoes Lei Bajiao from the temporary stage 606 are a 4 produced in the A from the data, or by loading the stage cache 607: Acquire) The logic circuit 6 is executed by changing the corresponding microinstruction sequence _, 611 fiu # to the microinstruction. The execution units 610, 612, ΓΓ7 execute microinstructions and provide the results to the storage phase 6 army 1i. In one embodiment, the microinstruction includes a stop indicating whether it is executed in parallel. 〃 辑 电 ί ϊ Γ Γ got a cryptographic command to respond 'in the translation logic 600, the micro instruction of Zhuo Lipan, which drives the cryptographic operation of the microprocessor: I! 0 220, 618, 619 make the execution of the specified β1? ^ 1, and the relevant microinstructions are sent directly to the two. Π's data 1 = Γ-given number of two years; the heart chase out the data block to Jiancunhui = ί 3 The storage logic circuit 618 is stored in the memory. The relevant micro-instructions are sent to other brothers. 'And ..., the execution is completed and the specified password is executed: / try E bit, start bit 625 to indicate that a password operation manager is currently sighing the X register Register in stage 605 (for example, count S; deposit new 31 200536330 input text index register, input interrupt logic circuit text 4 'temporary fasting'), etc. through the unit microfinger 627. The interleaved password system is provided as a multi-session micro-instruction, and the relevant micro-instructions are executed so that the specific password operation on the solid input data block is completed. The microinstructions can be executed in parallel with the operation of the crypto unit. It should be interrupted 627 and the relevant microinstructions from it ^ ^ are allowed to return and the data are stored. # Return. Because all the password parameters are interrupted, he = ί Χ86 in the structure register, and will be restored when the interrupt returns. = Will be saved and the state will be switched from the system to the corresponding interrupted material control and control characters are L Qing off, to represent a cryptographic instruction of the key, and as its related micro instruction to determine the gold 4 = ::will! : The status of the bit 625 is valid, and the program is: Whether the system is effective. If there is a block to continue; r Lu, the specific input data area before the interruption occurred = = :: fruit χ bit coffee state indicates that the key reading interruption will occur again; 'will be re-opened to the memory and control word. The key order for processing special round-in data blocks is always 2 According to the present invention, a full initial test in a cryptographic finger unit 617 is performed to determine the validity of the key data iL in the cryptographic key control data. Sex. If the gold wheel data / secondary system data is invalid, you can read it from memory and execute it on the input breeding block. In addition, the input data block 32 200536330 loads and executes the specified cryptographic operations and data and control character data. And I enter the key without a battle. If a new Jin Yu and Ββ ^ are new: secret, the instruction must be cleared before; the bit; 625: = is executed. Continued here: The code command can also control the character data to be rotated after birth: 3 Initialize the key data and V Tangguo also drop X bit 625 / month. For example, for the speed of the second bus, the user can divide the encryption / decryption of 500 = 分成 into 5 password instructions, each of which can process 100 input data blocks. The mother 640 uses the "feedback mode" round-out feedback mode logic circuit ^ 作 逸 1 运 # _pattern logic 640 ensures that the relevant text: on the block: = =; = column =: is updated. Output back模式: flow: so that the data area in the execution output area is changed to point down-input and input 浐 奸 ii ii j :, the output feedback mode logic circuit 640 refers to 々Insert into the corresponding micro-instruction stream, the number of benefits to indicate the current input data 6 ^ 2. 10%.-A person familiar with the technology: I hope that in the second: the encryption operation has been completed using a preliminary τ; η out Feedback; the following block is used to generate-the first _ ciphertext = ^ n a Ming Zuo was used to initialize the vector to produce ';' two other ciphertext operations, then, by the first-ciphertext to ΐ ;; ;, Output block. Reject or generate-first dense block; No .: Mutual & block of plaintext block No.-ciphertext output block 33 200536330

Μ — In the conventional embodiment, the output feedback mode logic circuit 640 identifies a private output feedback mode encryption or decryption operation, and provides an equivalent initialization of a plaintext block to the output feedback mode. The department is very similar to the author, except that the plaintext block and the ciphertext output block are generated. The previous one refers to the initialization vector and the subsequent equivalent initial ^ series to update the indicators in the structure register to ensure that the return to the first plaintext or ciphertext block is followed by the initialization vector. ~ T From the alternative embodiment, the output feedback mode logic circuit 6 ^ 0 identifies a specified output feedback mode encryption or decryption operation, and provides & release instruction series 1) in the current plaintext block and A mutually exclusive operation is performed in its corresponding f before ciphertext block to generate an equivalent initialization vector that can be used by the next block; 2) The equivalent initialization vector is stored in the pointer pointed to by the initialization vector index register Memory, place, 3) Update the index in the structure register to ensure that the subsequent blocks of the first plaintext or ciphertext block are given the appropriate equivalent initialization vector. Referring now to FIG. 7 ', the diagram illustrates the structure of a typical microinstruction 700 that performs codon operations in the microprocessor of FIG. The micro instruction 700 includes a micro opcode field 701, a data register field 702, and a register field 703. The micro-operation code block 701 indicates a specific sub-operation to be performed, and indicates that 34 200536330 has the microprocessor 6 00 to defend the early ^ product you Lei 踗 ^ at least one stage of the logic operation According to the cryptographic unit of the present invention, the "== circuit provides at least one instruction, and the instruction circuit includes a logic circuit 4 'and ΐ:; i = ve lnstructlon)), or the key point of a logical invention, so no more instructions The circuit is not an example of this yoke. There are two special values. — The first row indicates that the memory location is to be re-entered (xying). ”I The content of the structure register represented by 7: 2: f ;: is specified by the register block 703. Re-fetching (for example, key data, Becollization vector obtained from Kizumi Treasure) is provided with 仏 'code list _, f-enter text data, initial first-believe the birth of the micro-operation Shima block 701 The data will be stored in a self-confidence body J: the temporary register block 702 produced by the unit; its address is the 7M Γ code premature embodiment order, temporarily storing the crying block 703 instruction array Exported funds to stop Zhao Zhong. The output data block is composed of dense memory and memory 2): "Provided to the misstored logic circuit in memory 7. The month is related to the cryptographic unit ## χ < according to this test and described, will be in s and A more detailed k of the stored microinstructions will be discussed in Figs. 8 and 9.-Article d: 'Human VGG describes the format 700 according to Fig. 7 to make the circuit provide at least one instruction' temporary = .03 ,. microfinger eight Use a different password to calculate, 35 200536330 = logic fe circuit, device or microcode (that is, a micro instruction short failure, Zhuang ®, lnstructl0n)), or a combination of logic ^ clothes or microcode, because The instruction circuit is not as heavy as :: 2: It will not be described in detail here. 4ί Order sequence: Upper: The translation of the instruction will cause a micro-finger group to be less than the human: 7 The queue contains a cryptographic unit The first section of execution; two or two groups of two and one micro instructions, the second group of micro instructions are & Cry, device, structure is temporarily crying, day 丨 丨 τ must be stored in the next day & temporary storage & v temporary storage. 0, measurement and setting Sub-operations such as crying on the machine's special temporary storage device :: Tsai-up into a key to the password unit and drive the password unit to load and encrypt the key (the directory of the key obtained by the n-fork memory), the text resource 1 (or unpack) input text data, and store output character information. The micro-instruction provides loading control-driven secrets for the password unit, and loads the input text data and blocks the value in 703. Executed on the pipeline, temporarily stored ;: Second to this physical address, = The second logic circuit translates the address to fetch the control word%, / this sub-fetch. Load the logic circuit from the cache. FF characters are placed in the data block and the value of the field 0bl00 drives the crypto unit ^ 36 200536330 Provided in the data slot 7 〇 4 to Λ a 〃 Load, execute the specified secret rules, and then The data will be stored in the same way; the same as the U control character, enter 0bl01 to indicate that the data field 7 is accessed. The input data valued to the internal register 1 will be loaded and the data can be rotated to -1. Bei Cai ten J loaded into the input -1 register to enter text data ( Or it is-initialization vector. = Two-line. During the process of processing), you can also open eight to enter, the value 〇bno and this 111 represents the password list: a full key :: f key or the user generated gold The low and high bits of each Meng Yu in the key directory refers to the completion of a specified function of the Seven Communist Party-> The user of this watch can be-application: to; made: body, use

Ul In one embodiment, the user generates a key and the target is created in an i-style manner. In an alternative embodiment, the author-generated gold list is created by a person. / # In / examples of real yoke, the values of the register items 0bl00 and 0bi0l!;:,: The code unit is divided into two phases, and the continuous input text block is enough to be executed by the pipeline. Therefore, in order to make two consecutive blocks perform a pipeline operation, a first-loading micro-finger 7 executes,., A input -1 provides a first input text data block, and then executes a second load micro-instruction to Input_〇 provides a first input text data block, and at the same time drives the cryptographic unit to start the specified cryptographic operation. The Disco user-generated key directory is used to perform cryptographic operations. Then several load micro-instructions corresponding to the number of keys in the user-generated key directory will be sent to the crypto unit, which are used to enter Every time the alloy record in the gold record directory. All other values in the register field 703 of the load micro instruction are reserved to 37 200536330. According to FIG. 9, the table 900 shows the value of the register block 703 that stores the microinstruction according to grid 2 in FIG. 7. Micro-finger kt, at least one instruction, which is used to indicate a cryptographic operation,: The path contains a logic circuit, device or microcode (ie micro: reassuring: = uveinstructlon)), or a combination of logical = or 楗 code, because The instruction circuit is not the ^ list of the present invention and will be described in detail. The stored microinstruction 3 is supplied to the storage logic circuit 'stores it in the data temporarily 22 f logic electricity. Therefore, according to the present invention, the translation circuit evaluates the relevant input word for the instruction: the specified output k Enter the micro-^^ section〗 文 子 & block developed a storage; ^ > the value of the device block 703 〇_instruction password ΐ :: 2 邛 output-0 output 10 The temporary register will output the text ^: store. The content of output 0 is related to the input and input text blocks. ^ ^ = 物 〇 !, the internal output-i register :: capacity ^ input text data is also related. Therefore, #I ~ the key and the control word to open the surname — μ u. After loading the sub-subsidiary Wubei, load a plurality of from to load. Enter in the person Λ and sub-blocks ~ 〇 You can also drive the password unit code (load. Enter the small storage 'output-heart two: / save' output to the following two input text blocks ^ input. Input-0 (open code micro instructions, make it through @ 二二二The sequence of sending the secrets is performed through the early 7G pipeline. See Fig. 10. According to this post, a typical control character 柊 + f 7 is described again by the charter (control word f〇rmat) 38 200536330 i :; the two-system Λ element specifies the cryptographic parameters for cryptographic operations. " i 子 兀 1 〇〇〇 is a user-edited Kou Shan number & cryptographic operations before, it refers to # 彳 Memory ''s and The execution register provides. Therefore, "as—3: the structure of the microprocessor contains logic circuits for code calculations, and instruction circuits (nati: + or microcode (that is, microinstructions or 1 point 'will not be explained in detail here. Re-fetch) Read the control word control character register. Mu Yue 丨-loaded to the fork code unit Internal (RSVD) block ° ° 〇〇〇1 work 1 child ^ 1 000 includes a reserve _, an encryption / decryption; 'Ε = ^ (ΚδΙΚΕ) block 1 005, a pyrazine i / ΑΤ 们 金Key generation UGEN) Total number ⑽r r r) Hall ^ mt ^^ λ ^ This is the day when the i28 is used to generate encryption or decryption. In one embodiment, the key size block is either a η result, or Is a 192-bit key, or is-is the mt encryption / decryption field ι03 specified cryptographic operation ^ encryption operation. The key generation block ι05 indicates whether the second is a user generated surplus directory or -In the case of a single key in the morning, the micro-instruction will be sent to the crypto unit with the key of 39,39,363,530, so that the drive unit will expand the key to the key directory according to the crypto algorithm specified by the algorithm. In one embodiment, the algorithm specified by algorithm block 1006 is the Data Encryption Standard (DES) algorithm discussed so far, and the Triple-data Encryption Standard (Triple-DES) ) Algorithm or advanced encryption standard (Advanced

Encryption Standard (AES) algorithm. Alternative embodiments attempt to include other algorithms, such as Rijndael ciphertext, ^ wo + fi ^ sh ciphertext, and so on. The content of round count block 1007 completes the number of password rounds given by each input text block according to a given algorithm. Although the above password algorithm standard specifies each input text area, = number of password rounds, but provides a round count field of 0 0-7 to allow programmers to change the number of rounds specified by this standard. In the 1 :: Shi: column, the programmer can assign 0 to 15 to 22 for each block, and the content of the intermediate result field 1 004 specifies whether an encryption / decryption is based on the algorithm field ”——— 山 马 / Bayan law standard to round count field 1

The player who performed the number of rounds, or the one specified by the solution item 1 006, and Miyazaki Dosan / Solution 4: Is it based on the return of the ALG, the number of rounds is ~ 开, and the number of rounds is 1 007, and the second is the last; : The execution result of the round is that in the middle of each round, I, ^ people who are familiar with the technology will hope to do it, except that the σ code algorithm performs the same sub-operation results to block 1 004 pedestrians. Therefore, 'for intermediate results, the program' for: f result instead of final result 'can be passed in an intermediate step of a different method. For example, a round of encryption is performed on the subblock of the text, then 200536330 and then the same The text block is superior to get the accumulated intermediate knot to provide programmable round number and intermediate verification password encoding performance, to detect the utility of the structure and the number of rounds. Perform two rounds, and then 3 rounds of results to verify the performance of the algorithm. The function of the result The user can malfunction and explore different key structures. Referring to FIG. 11, a block diagram details the cryptography unit 110 according to the present invention. The crypto unit n (j " 〇 includes a micro-instruction bus 1114 A micro-operation code register 1103 for receiving a password micro-instruction circuit (ie, loading and storing micro-instructions). The password micro-instruction circuit provides at least one cryptographic instruction, which ^ indicates a cryptographic operation, and the instruction circuit includes a logic circuit, a device, or a Microcode (i.e., microinstruction or native instruction (in ns true tion)), or a combination of logic circuit, device, or microcode, because The instruction circuit is not the focus of the present invention, so it will not be described in detail here. The password unit 丨 丨 〇〇 also has a _ control word register (1041), an input

-0 register 1105, and an input-1 register 1106, a = input -0 register 1107, a key-1 register 丨 108. Data system ^ Overload bus (1〇ad bus) 1111 is provided to the temporary cry 1 1 04-1 1 08, as specified in the microinstruction register 1103 . The cryptographic unit Π 0 0 also includes a block cipher logic (block cipher logic) 1101 connected to all temporary cry 1 1 03-1 1 08 and key random access memory (key ram) 1102. The block cipher logic circuit provides a stal i signal 1113, and provides the block result to an output-zero register 1109 and an output-1 register mo. The output registers 41 200536330 1109-1110 send their content through a storage bus (s1; 〇re bus) m2 to a sequential stage suitable for a microprocessor. In one embodiment, the micro-instruction register is 32-bit, and the other registers are 104-m0. In operation, the password micro-instruction is sequentially transmitted to the micro-instruction register 11 03, and at the same time the control character register 1 〇 04 or one of these input temporary states 1105-1106, or the remaining balance The data specified in one of the registers 1 1 07-1 1 08 is also transmitted. In the embodiments discussed with reference to Figs. 8 and 9, a control character is first loaded into the control character register 1 1 via a load microinstruction. The key or key directory is then loaded by a subsequent load microinstruction. If a 128-bit key is loaded, the specified register key -0 1107 can be provided as soon as a micro-instruction is loaded. If more than 128 bits of gold are loaded, then a load microinstruction is provided in addition to the designated temporary benefit key-0 1107, and one of the load microinstructions specified by the register key j 1108 is also provided. If the user-generated key directory is loaded, subsequent load microinstructions specified by the register key_〇 11〇7 will be provided. Each key in the key catalogue of the carried person is stored in turn in the key random access memory 1102 and used in the corresponding password round. Following this, the input file (if no initialization vector is needed) will be loaded into the input register tU〇6. If the initialization vector is needed, it will be loaded into the input register 0106 via the = load microinstruction. Function • Load the micro-instruction-driven password unit entered in the 0 register 1105 to enter the input text into the input ―0 register 1105, and start to use the parameters provided by the control character register 1104. -1 initialization vector or two input registers 1105_n〇6 42 200536330 = data processing is pipelined) to perform register input-0 password round of text data. After receiving the input -〇η〇5 "two into micro instructions, the block cipher logic circuit 1101 passes, the content of the control character starts to execute the specified password. 1 3 separate keys need to be expanded, block cipher The logic storage generates each key in the key directory and accesses them to the memory 1102. Regardless of whether the block is generated by the code logic circuit 1101 or the key directory is loaded first, the first round of alloy The key system is cached in the area 101 'so that the first block secret mother can return: ... and the random access memory 1102 to access the key can execute the startup once, the block password logic circuit 1101 The predetermined cryptographic operation is performed in at least one word until the operation is completed, as is required by the cryptographic algorithm used. ^^^^. The machine access memory 1102 continuously intercepts and retrieves the alloy gamma and male-code Shaner 1100 performs one or two block cryptographic operations on the specified input text block. Successive rounds of text blocks can be used. Two = Response and continuous load and store microinstructions to perform encryption or solution: material L -Λ after the microinstruction is executed 'if the specified input is lost The second output (that is, output -0 or output -n has not been completely generated, at this time, the block generates a delay signal 1113. When the output '.' Is placed in a corresponding output register 1109-1110 ^ 1112, the storage state U 09111 The content of 〇 is transferred to the storage confluence, Kasaki Hi Figure 12, a block diagram illustrating a block cipher logic circuit (block cipher 1〇gic) using the standard and performing cryptographic operations according to the present invention 12 〇〇 Example. Block secret 43 200536330 code logic circuit 1 2 0 0 includes a bus engine controller (rundund engine controller) 1210 connected via bus 1 211 -1 21 4 and bus 1216-1218. Rouncj engine 1 220. The round engine controller 1210 accesses a micro instruction register 1201, a control word register 1202, and a gold lose -0 register 1 203, and key— 丨 temporary register ι204 to access key data, microinstructions, parameters, etc. that are not cryptographic operations. Input register 1 205-1 206 content is provided = round Engine 1 220 and Round Engine 丨 22〇 The corresponding output and text are provided to the output register 120-7-1 208. The output register 1 207-1 2 08 is connected to the round engine controller 1 21 0 through the bus 1216-1217 to ensure the round engine control The device is able to access the result of each successive password round, which is provided to the round engine 122 0 for the next password round through the bus NextIN 21 8. The key of the random access memory (not shown) is accessed through the bus 1 2 丨 5. Encryption / decryption (ENC / DEC) signal 1211 drives the round engine to use sub-operations to perform encryption (e.g., s-B0χ) or decryption (e.g., inverted S-Box). Round count (RNDCON) bus 1212 · = Content-driven round engine 1 220 executes a first advanced encryption standard = round, an intermediate advanced encryption standard round or a last advanced standard round. The GENKEY signal 1214 is used to guide the round engine 1 220 to generate a gold list based on the Menglun provided by the bus 1213. When its corresponding round is executed, the golden wheel bus 1 213 is provided to the round engine 1 2 2 0 for each Θ person ^ gold loss. The σ round engine 1 220 includes a first key x0r logic circuit 1221 connected to a first register 44 200536330 -0 1222. The first temporary storage unit 1222 is connected to the s-Box logic circuit 1223, and the S-B0x logic circuit 1 223 is connected to the shift logic circuit (Shift R0w 100g). The shift logic circuit 1 2 24 is connected to a second temporary register -1 1 225. The second register 1 225 is connected to a mixed column logic circuit (Mix Column 10gic) 1 226, and the mixed block logic circuit 1 226 is connected to a third register to temporarily store a 2 1 227. In the advanced encryption standard FIps standard discussed above, the first key logic circuit 1221, S — B0X logic 1 223 shift logic circuit 1 2 2 4 and mixed logic circuit 1 2 2 6 are input text Perform the same sub-operation on the data as their name ^ Shift logic circuit 1 226 needs to pass the gold exchange during the middle round, row 1213 uses the back alloy key to perform the encryption standard X0R function on the input data. The first key logic circuits 122i, s ~ ΐ? Two-way two logic circuits m are also used to perform their corresponding inverse advanced encryption standard sub-operations through the encryption / decryption signal ι211 during the decryption period. It is known that the technician hopes to give back to the round engine 1220 according to the special block encryption mode specified by the content of the control character temporary cry. The initialization vector data 122 and 0) are provided to the round engine through the bus NEXTIN 1218. In the embodiment shown in FIG. 12, the synthesis engine: stage: temporary storage, and temporary storage _1 1 225:; ==:, The temporary storage -1 1 225 and the temporary storage _2 1 227 are synchronously transmitted on the second line of the second clock signal (not shown). When the litigation code operation is completed on the -input data block ^ 45 200536330 1, the relevant output data is stored 1 207-12 08. — The contents of the micro-instruction "乂: == 出 暂" are stored (not shown in the figure). Gu Yitu, to a storage bus in the middle of the early morning; 描述 = describes the invention in accordance with the invention, when-= =

, Office begins execution. The instruction flow is not; it is the password instruction described by 2 = Chen. Then, the process processes the judgment block and twists ... "Mask interrupt, non-maskable interrupt, page (middle: Γ: change, etc.) requires that the current pointer iHf be changed to handle the interrupt event. If so, stream two executes block 1 306. If not, the process sends a loop in the judgment block, and the instruction will continue to execute until an interruption event. According to the present invention, at block 1 306, because an interruption event occurred, the program control was transferred to the corresponding Before interrupt processing, the interrupt logic circuit instructs to clear the ^ bit in the flag register. The X-bit clearing guarantees that when returning from the interrupt handler, if a block cipher operation is in progress, it will be indicated at least one: an interrupt event is occurring, and the direction indicated by the input index register contents Before the block password operation of the input data block continues, the 俨 f character data and key data must be reloaded. 'Process block 1 308 with 2. In block 1 308, according to the present invention, all the structure registers containing indicators and counters related to execution 46 200536330 = == different operations are linked to the body. Those familiar with the technology hope that before transferring control, the structure register is a typical behavior in the current data # 2 Zhizhi Fancheng. As a result, this event provided "1310." After the temporary storage benefit of Tian was saved, the process was processed to the block and the 'program flow system was transferred to the interrupt processor. Block 1 31 2. In block 1 31 2, the method is completed. The method in Figure 13 should be familiar. The method starts from the interrupt handler: then: 1 3 0 2. The block of Jiao Dan-Ren Xiao Zhang now refers to Figure 4 In the case of a t-time interruption event, the flow chart describes: == = to "said: the method of cryptographic operation in feedback mode. / Guai private starts at block 1402, according to the instruction; the instruction instructs the cryptographic operation to use output feedback. Modal x-type gate = dense first execution, second execution, or from a process such as r health 丨 — Interrupt event execution interruption order: The interrupt handler is executed and returned to 7 places. > Gong Cheng then processed to block u04. 1 mountain code is deducted in block 1404 'According to the present invention, the content of the input index register -f hidden body via-the input body is loaded, and The start of a block is from the memory index temporary crying is calculated by 54 = ^, code operation (specific input unhook) and the specified block Cryptographic mode two, for example, 'encrypted or code block series, password port electronic code book type, secret code "output feedback". Example 47 200536330 If the female is added to the operation, use the output ^ ^ ^ ^ ^ ^ ^ ^ ^ ^ Register and one are initialized in the connection type, then enter this data. For a round of return two :: f = are used to install the temporary crying operation and point-by-point blanket operation, input indicator 3, you know The next sentence will be selected as the output feedback mode and selected as a ^ ^ ^ block. For the next ciphertext monster to be decrypted, σ ° is both encrypted and decrypted, and initialized to store c. At the position of the initialization vector in the grant. To :: Sub-m ”before-the output ciphertext of the block = li about-use electron ° if-the decryption operation is specified so that it is marked with = = to load the data The input refers to the temporary cry:,: ί :: ΐ 向 Memory order, a child of a cipher text block ^ ^ ^ Wang 处理 post-processing to judge block 1 406. In decision block 1 406, an evaluation is used to set the χ bit in the β flag register. If 在 is not present, it indicates that it is currently loaded into a j-break setting according to the present invention, that is, and the key element β4 ΛΛ is contained in the control character that is early in the code. As mentioned indirectly above, refer to the "if head; system" X bit is cleared when the fault event occurs:] Bu 3, f: f, when a new control needs to be loaded: Bu, As mentioned above, when both must be loaded, send the secret J key directory or two X bits. In the X86 compatible embodiment that must be cleared before using the X86 flag, the 30-bit POPFD is used. After the instruction is executed, there is-a bar X position. However, those skilled in the 48 200536330 will hope that in other alternative embodiments, other instructions must be used to clear the X bit. If x The bit is set, and the process will process block 141 2. If the X bit is cleared, the process will process block 1 408. At block 1408, because a cleared χ bit has indicated that an interrupt event has occurred , Or a new control character and / or key is expected to be loaded, so a control character is loaded from memory. In one embodiment, loading a control character prevents a cryptographic unit from executing such as The specified cryptographic operation described in the above block 1404. In this typical embodiment, it is started in block 1404 A Miru code calculation system allows optimization of the complex block cryptographic operation by assuming the use of currently loaded control characters and gold record data. Therefore, when the shovel input data block is loaded, and the cryptographic operation is in the check judgment area The state of the X bit in block 1 406 has already begun. The process then proceeds to block 1 41. At block 1410, the key data (that is, a key or a complete key directory) is retrieved from memory. In addition, according to the newly loaded control character and key directory, the input block and initialization vector (or equivalent initialization vector) described in the block are reloaded and executed for cryptographic operations. The process then processes block 141 2. At block 1412 'the input data block (current ciphertext block or current plaintext block) loaded into block 1404 or block 1410 is saved to an internal temporary store TEMP. The process then processes block 1414. At block 1414, an output block corresponding to the loaded input block is generated. For output feedback encryption, the input block is output as a plaintext block The block is a phase The corresponding ciphertext area is 49 200536330. For the output feedback decryption, the input block is a ciphertext block and the rotation block is a corresponding plaintext block. The process follows the processing block 1416. In the area In block 1416, an equivalent initialization vector IVEQ is generated by the output block being mutually exclusive with the TEMP content. The flow then processes block 1418. In block 1418, the equivalent initialization vector IVEQ is written to the initialization vector index register IVPTR The memory, location to which the content points, and therefore the feedback model for the output specified by the subsequent input block ^

Cryptographic operations are performed using a suitable equivalent initialization vector. The process then processes block 1 2 4 0. Now the steps described in blocks 14 丨 2, 1414, 1416, and 1418 are required to be guaranteed to be in a state, which allows the execution of a cryptographic instruction that uses block cryptography to give feedback mode is interrupted at any time. Example ^ In a conventional embodiment, a page fault can occur at any point during the line of a password instruction. At block 1 420, the generated output block is stored in memory. The process then processes block 1422. ° ^ In block I422, the internals of the input and output block index registers are modified to point to the next input and output data block. In addition, the contents of the block registers are modified to indicate the completion of the cryptographic operation on the current input data block. In the embodiment discussed in Figure ^, the block count registers are decremented. However, those skilled in the art will hope that alternative embodiments can also operate and test the contents of the block leaf number register. The process then processes a decision zone 1 424. Tail 50 200536330 In the determination block% ^ 1 input data block to be executed ―;!, Is used to determine whether an embodiment m is for illustrative purposes, and is zero. Without the f: 4 counter is used to decide if it waits 1426. The ghost is to be executed, and the process starts to process the block. At block 1426 ', the next input data block pointed to by the input index register vector and its load are loaded. The process then processes block 1412. Content and initialization effect initialization vector

At block 1 428, the method processing is complete. Those skilled in the art will hope that the steps discussed in blocks 14161418, weights, ancient private 14? And 1424 can occur in different orders along their special motion paths or they can occur in parallel. Although the present invention and Its objectives, features, and advantages have been described in detail, but other embodiments should also be encompassed by the present invention. For example, the present invention has been discussed in detail in the embodiment compatible with the X86 structure. But 'this way of discussion is because the x86 structure is widely understood, so it provides ample means to learn this book. The present invention still includes other instruction set architectures such as powerpc, μ IPS, and the like, and other Completely an embodiment of the new instruction set architecture. The invention also encompasses the execution of cryptographic operations in a computing system element rather than in the microprocessor itself. For example, the cryptographic instructions according to the present invention can be easily used in an embodiment of a cryptographic unit, which does not have to be used as a unified part of a computer system like integrated circuits in a microprocessor. It is expected that the embodiments of the present invention will be integrated around a 51 200536330 microprocessor—one that executes passwords such as 'Northbridge, Southbridge' or a slave-microcontroller. Here MiMa instructions are applied to embed Sue the processor. It is expected that the present invention will take a device such as a industrial controller, a signal processor, and a signal processor to describe the set of components necessary to perform a cryptographic operation as a device: The decryption processor, will indeed provide- Low cost; 提及 the inventor mentioned = Logic: for the sake of this case, the logic device. , -J, optional processing elements are as described above

That ’s it. The present invention is based on 128-bit blocks. However, different block sizes can be achieved by changing only one size of the input data, the output data, the key, and the temporary storage state. Data Encryption Standard, Triple Data Encryption Standard: Advanced encryption standards are prominently described in the present invention. The present invention indicates that the present invention also includes smaller well-known block cipher algorithms, t mars block cipher algorithms, and Rijndael block ciphers. Play Tw〇fi sh block male, code algorithm, Blowf i Sh block secret. Algorithm, snake block cipher algorithm and RC6 block cipher & method. It is to be fully appreciated that the present invention provides a dedicated block cipher, and supports a set of & methods implemented in a microprocessor where the microblock cipher operation can be initiated by a single instruction line. / In addition, although the present invention has been described in terms of a block cipher algorithm and related techniques for performing a block cipher function, it should be noted that the present invention fully includes the second form of passwords other than block ciphers 52 200536330. It should follow ... Provide a separate instruction, whereby the user can instruct a compatible microprocessor to perform a cryptographic operation such as encryption or decryption, where the microprocessor includes a dedicated cryptographic unit, cryptographic list 70 to complete the designated password function by instructions. Moreover, the discussion of the round engine here provides a two-stage device so that the two input data blocks can be executed in a pipeline. The inventors point out that other embodiments may have more than 2 stages. The phase division of the pipeline that is expected to support more input data blocks is consistent with the other phases in the symmetric microprocessor. Finally, although the present invention has been discussed as a single cryptographic unit that supports several block cipher_ algorithms, the present invention also includes a number of parallel connections provided with other execution units in a compatible microprocessor. Cryptographic unit, here, each of these cryptographic units is used to execute a specific block cryptographic algorithm. For example, a first unit is configured as an advanced encryption standard, a second unit is configured as a data encryption standard, and so on. Those who are acquainted with the technology should hope that they can easily use the disclosed clear concepts and embodiments as the basis for completing the purpose of the present invention or to modify other structures, and to do so. Without departing from the spirit and scope defined by the scope of the patent application attached to the present invention. [Schematic description] Figure 1 is a schematic diagram illustrating the current password application. FIG. 2 is a schematic diagram describing a technique for performing cryptographic operations. FIG. 3 is a schematic diagram of a microprocessor device for performing cryptographic operations according to the present invention. 53 200536330 Figure Intention 4 is an illustration of an embodiment of a micro-crypto instruction according to the present invention. Figure 5 is a numerical table of the micro-encryption cryptographic mode according to FIG. 4. Figure 6 is a block diagram illustrating the typical block diagram of the password unit in the processor according to the present invention. Figure 7 is a schematic diagram illustrating a typical microinstruction made by Figure 6 > leaching test: Taguchi σ: & Yene's execution codon operator entry is illustrated in the format of FIG. 7-Loading microinstruction temporary storage FIG. 9 is a numerical table according to the formatter entry of FIG. 7. Fragmented storage instruction temporary storage Figure 10 is a schematic diagram of a typical control word ^ format used to specify a plurality of secret parameters in accordance with the present invention. FIG. 11 is an HH / _ block cipher logic operation of a block circuit according to a detailed description of a cryptographic unit according to the present invention. "'The password is executed according to the advanced encryption standard. Figure 13 is a flow / map depicting the method of viewing password parameter status according to the present invention. Figure 14 is used in the interruption event to describe the multiple inputs in an event according to the present invention. Data block: The flow chart of the method of interrupted mode password calculation. Special output feedback 101 First computer workstation [Description of main component symbols]! 00〇 Block diagram 54 200536330 102 Second computer workstation 103 Third computer workstation 104 Laptop 105 LAN 106 Network File Storage Device 107 First Router 108 Wireless Router 109 Wireless Network 110 Wide Area Network 111 Second Router 112 Encryption / Decryption Application 200 Block Diagram 201 Microprocessor 202 Operating System 203 Application Memory 204 Password record generation program 205 Key directory 206 Block encryption program 207 Block decryption program 208 Initialization vector 209 Password parameter 210 Plain text block 211 Cipher text block 300 Block diagram 301 Microprocessor 302 Instruction register 303 Translation logic Circuit 304 microinstruction queue 305 ^ 306 microinstruction into t 307 temporarily Register group 308-31 3 register 314 load logic circuit 315 data cache 316 password unit 317 storage logic circuit 318 write back logic circuit 319 memory bus 320 operating system 321 system memory 322 password instruction 323 initial control word Yuan 324 Initial gold record or gold record 325 Initial vector record 326 Input text block 327 Output text block 328 Execute logic circuit

55 200536330 400 Microcode instruction 402 Repeated pre-block 404 Block cipher mode block 600 x86 compatible microprocessor 602 Translation logic circuit 604 Microcode read-only memory 606 Addressing phase 608 Execution phase 610 Integer unit 612 Floating point unit 614 Multimedia extension set unit 616 Stream extension set unit 618 Storage stage 620 Loading bus 622 Storage bus 625 X bit 627 Software and hardware interrupt signal 629 E bit 631 D bit 640 Output feedback mode logic circuit 700 Microinstruction 702 Data register block 704 Data field 800 Table 1000 Control characters can be optionally preceded by field opcode block table access logic circuit translator register stage loading stage microinstruction Instruction queue Micro instruction queue _ Microinstruction 彳 Cryptographic unit writeback stage delay signal flag register interrupt logic circuit machine specific register characteristics control register Lu execute logic circuit micro movement nose code shelf temporary storage Device field table reserved field 56 200536330 1 〇 0 2 Golden wheel size stop 1 004 Intermediate result stop 1006 Calculation Block 110 0 Cryptographic unit 1102 Key random access record II 0 4 Control character register 1106 input—1 temporary storage ρ 1108 gold lose temporary storage III 0 output-1 temporary register 111 2 storage bus 1114 micro Instruction bus 1 2 01 Micro-instruction temporary crying 1203 gold lose-0 temporary 1205-1206 input register 1210 round engine controller% 1 21 6 -1 21 8 bus 1221 first golden round XOR logic circuit 1223 S- Box logic name ^ 1225 second register temporary 1 1 227 third register temporary 1 2 1 302 block 1 306 block 1 31 0 block 1402 block 1406 judge block 1 0 0 3 Encryption / decryption block 1 0 0 5 gold surplus block I 0 0 7 round count block II 01 block your code logic circuit 1103 micro op code register 1105 input-0 register 1107 gold surplus-0 Register 1109 output-0 register 1111 loading bus 111 3 delay signal 1200 block password logic circuit 1 2 0 2 control character register 1204 gold surplus -1 register 1207-1208 output register 1 211 -1 214 Bus 1 220 Round Engine 1 222 First Register Temporary 0 1 2 2 4 Shift Logic Circuit 1226 Mixed Logic Circuit 1 3 0 4 Judgment Block 1 308 Area Block 1 31 2 Block 1 4 0 4 Block 1408 Block

57 200536330 1 41 0 block 1 41 4 block 1 41 8 block 1422 block 1 426 block 141 2 block 1 41 6 block 1 420 block 1424 judgment block 1 428 block

58

Claims (1)

200536330 Applying for a patent Fangu 1. A device for two-wide-two cryptographic operations, including cryptographic instructions, which are provided by at least-cryptographic instructions' this leaf 瞀 is issued to t leaf alien equipment, as the password refers to the temple In other words, a part of the flow, "It's one of the multiple cryptographic operations of JL Φ Society ~ 7 Department of Mind", and ^ the central cryptographic operation system includes: 2 corresponding to a plurality of input text blocks, performing complex- 钤 屮 ⑽ " The operation of returning the block password in turn; secret = mode logic circuit, which is connected to the sum :: path 'to drive the computing device to update the index register m: Direction. Logic circuit 'It is connected to the round-out feedback block? 々Yu circuit' with the password operation specified by the &amp; line. 2 Wide application patent scope The password operation further includes: Specified in: fff mode encryption operation, this round of feedback area operation consists of adding a number of plaintext blocks to the corresponding multiple ciphertext blocks by Γ. • 的 The installation described in item 1 of the patent scope, Ganshan should be further advanced The steps include: Specifying in which-the round-robin feedback block mode decryption operation, the block block decryption operation includes a plurality of secrets; the area; = 59 200536330 to generate the corresponding plurality of plaintexts. As described in item 1; V, the operation of the password is completed according to the advanced encryption standard, &amp;, which is specified in 5. U method as described in the scope of patent application! Item U. The instruction specifies the execution of the specified cryptographic operation " Which of the passwords 6. The grant-back mode described in item 丨 of the scope of patent application. -= Register 'is connected to the execution logic. Further steps include: to store a bit, which is used for ^, which is used to calculate whether the secret has been specified by an interrupt event 1 : Please interrupt the cattle described in item 6 of the patent scope. The memory is a flag register. ^, Where the bit 8. As described in item 6 of the scope of the application for patent: ί: = package control to-process the assertion;: the interrupt slave, and the program executed in the current input text = event The code calculation system is interrupted. The secret code specified by the block ^ 9. When the password instruction is returned as described in item 8 of the scope of the patent application, the order will be executed when the current input text block is executed. The corresponding input text area names described in the scope of the patent application are placed in each of the given block mode passwords. 6: The first one of the output points back to the next input and the index register. , With 刖 's equivalent initialization vector. Straight lines 200536330 1 2 · The device according to item 11 of the scope of patent application, wherein the output feedback block mode logic circuit directs the computing device to pass a current input text block and a current rotation text The two blocks are mutually exclusive or different to generate the current equivalent initialization vector. 1 3 · The device as described in item 1 of Shenjing's patent scope, wherein the interruption event includes an interruption, an exception, a page fault, or a task switch. 14. The device according to item i in the scope of patent application, wherein the password instruction is specified in accordance with the x86 instruction format. 15. The device as described in item i of the patent application, wherein the password is referenced to a plurality of registers in the computing device. 16. The device as described in item i 5 of the scope of patent application, wherein the registers include: 二 ^ a first register, wherein the content of the first register includes a pointer to the first The _ index of the memory address. The first memory address specifies a ^ 1 ^ position in the memory. 俾 Access the input data blocks when the specified cryptographic operation is to be completed. 17. The register in the scope of the patent application includes: the device described in item 15, wherein the first and second registers, and the contents of the second register include the first register and the first register. A second indicator of the thinking body address, the second memory address is designated at the second position in the memory to save corresponding plural output text blocks, and the corresponding output text blocks are in plural Each input block completes the result of the specified cryptographic operation. 18. The device according to item 15 of the scope of patent application, wherein the 200536330 registers include:-the contents of the third register are different blocks. Multiple words in the text block of the SI round-in text = = If the 15th register of the scope of the patent application contains: ^ These registers are included: the content of the fourth register is one day. _ ^ Δ in the memory address of the two brothers] [Memory]: The two addresses are designated one in the memory: the first: set, for access to the two key data after completing the specified cryptographic operation. 5 连 #Used secrets = · As described in the 15th scope of the patent application, the registers include: which of these-the fifth register 'wherein the content of the fifth register is eight-pointing-the fourth memory position The fourth two of the address:: Note = The address is specified-the first in the memory: the setting, the fifth position contains the initialization vector. Ϊ́ ϊ: ϊ ί: The contents of the set include-after the designation is completed '&quot; Initialization vector used by Haima Ma Yunyun. The 4th effect of the earthquake application described in the scope of the patent application No. 15, the temporary register contains ... Device, where the content of the sixth register contains the fifth index of the first memory and the fifth memory address, the fifth memory address specifies a fifth in the memory = for completing the specified cryptographic operation Access control, access, where the control character is used to specify the password 62 200536330 22 as the multiple password parameters used by Shen Yun Λ. According to the scope of the patent application, the logic circuit contains the proposition of…, ^, in which a cryptographic unit is executed, and a plurality of lacquers are executed on the block IJ ^. The input text area rounds are determined by the secret. 23. A device for performing cryptographic operations, including people. 疋 一 ：;:; 2; = code unit, which is used to perform plural to 某: the cryptographic operation, which also responds Let ’s say that 6 is different—the password in the instruction stream refers to the eight passwords that were deducted. The password operation system includes: execute on the human text block, several output feedback mode block password one output:? The mode logic circuit 'is connected to the device to update the index register of the device, the contents of the initialization vector positions of the round-trip feedback mode block password operations. = • The device described in item 23 of Li Hengwei, wherein one of the ^ τ in the input text area is determined by the password calculation system is interrupted. Yu Youzhi only said 25. The device described in the scope of application for patent No. 24, i will report 5ΐ! ΊΓ] This! When the code command is specified, the password is specified: the calculation ρ is performed on the μ㊂ 刖 input text sub-block. 26. The device described in item 23 of the scope of patent application, 1-Each of the corresponding plural input text blocks: The 3 63 200536330 When the password calculation of the feedback block is completed, the input: The computing device modifies this indicator temporarily. Canton: 7 input and output text blocks. . The device described in item 23 of the Mingli range, the output block mode logic circuit in i instructs the computing device to store two equivalent initialization vectors to the initialization vector: Medium ': the position system includes a by-initialization vector; The memory location to which the memory is directed. 1 Valley 28 The code instruction described in item 23 of the scope of patent application is presupposed according to the x86 instruction format, and the fee is 29. As described in item 23 of the scope of patent application = grant block mode logic circuit guides the calculation J Prepared by Ϊ, and Ϊ: "The mutual exclusion or output of the text block is output and an equivalent initialization vector is generated. Serving the fly: a method for performing cryptographic operations on the -device towel, this method includes: multiple? Someone in cryptographic operations, in response to receiving the one in which the cryptographic command specified in the secret = different operations—the secret two, the execution includes:% ^ in a corresponding plurality of input text fields Block, two numbers: output feedback block mode block operation ^ Bayi equivalent initialization vector to an initialization direction ^, so that it will pass a number of output feedback block mode block operation in the next round of text: Operation 64 200536330 3 1 · As the patent application diagram # step contains: The method described in item 30, which further transfers program control w, by, by, to—a program user who handles an interruption event m »ΣΛ 田 上 Input text block refers to The implementation of the beta code code. Mind <3 Step 2. Including the method described in the "Scope of Patent Application", it is more advanced-in: private, control returns to the transfer after the transfer to the M 4 / βί Perform the execution on the current input text block 7 3. As claimed in patent scope 3. The receipt described in this item includes: Υ 垓 Connect Specify the password instruction according to the x86 instruction format. 34. If item 30 of the scope of patent application includes: J is the second one in which the connection specifies an output feedback mode encryption operation, by which the cryptographic operation is performed. Designation by Ma 35. The method as described in item 30 of the scope of patent application, the benefits include: ~ This connection designates an output feedback block mode decryption operation, and operates with a fixed password. At first glance 36. The method described in item 30 of the scope of patent application, the line includes: *, the implementation should be based on the advanced encryption standard algorithm to complete the specified operation. &lt; Read password 37. The method described in item 30 of the scope of patent application, further comprising: hard ~ step to generate the equivalent initialization vector. 65 200536330 38. The method according to item 37 of the scope of patent application, wherein the generating system comprises: a mutex or operation between a current input text block and a current output text block. 66