TWI247241B - Microprocessor apparatus and method for performing block cipher cryptographic functions - Google Patents

Microprocessor apparatus and method for performing block cipher cryptographic functions Download PDF

Info

Publication number
TWI247241B
TWI247241B TW93110904A TW93110904A TWI247241B TW I247241 B TWI247241 B TW I247241B TW 93110904 A TW93110904 A TW 93110904A TW 93110904 A TW93110904 A TW 93110904A TW I247241 B TWI247241 B TW I247241B
Authority
TW
Taiwan
Prior art keywords
cryptographic
compilation
register
logic
mode
Prior art date
Application number
TW93110904A
Other languages
Chinese (zh)
Other versions
TW200512648A (en
Inventor
Thomas A Crispin
Henry G Glenn
Terry Parks
Original Assignee
Ip First Llc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US10/674,057 external-priority patent/US7321910B2/en
Application filed by Ip First Llc filed Critical Ip First Llc
Publication of TW200512648A publication Critical patent/TW200512648A/en
Application granted granted Critical
Publication of TWI247241B publication Critical patent/TWI247241B/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/3017Runtime instruction translation, e.g. macros
    • G06F9/30178Runtime instruction translation, e.g. macros of compressed or encrypted instructions
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/3017Runtime instruction translation, e.g. macros

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The present invention provides an apparatus and method for performing cryptographic operation on a plurality of input data blocks within a processor. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction and execution logic. The cryptographic instruction is received by logic within a processor, wherein said cryptographic instruction prescribes one of the cryptographic operations. The execution logic is coupled to said logic. The execution logic is coupled to said logic. The execution logic performs the one of the cryptographic operations.

Description

12472411247241

[發明說明] [0001]本發明已在2003年4月18日於美國申請臨時 案,案號 60/464394(Docket CNTR.2222 ),並於 20 03 年9 月 29日提出美國正式申請案,序號10/674057。 [發明所屬之技術領域] [ 00 02 ]本發明係與微電子領域相關,特別是一種應 於微處理器中加密的裝置和方式。 “ [先前技術] [0003] 跑一個運用 統内或是由 後產生的輸 或者是以一 電腦糸統一 被下一個在 案使用或者 存介面,它 體使用。這 其中一樣資 保護敏感的 體通常把儲 [0004] 間的作業 輸入資料 程式運行 是以白紙 被寫入磁 置中。這 統中執行 是被存入 同但相容 對保護敏 密碼編譯 許可的被 案做加密 者們才發 早期電 程式所 軟體工 出資料 個檔案 部份的 同一個 如果這 就能被 些早期 料保密 資料以 存介面 多年後 腦系統 需要的 程師在 則通常 的型式 儲存裝 電腦系 個檔案 其他不 的系統 措施, 免未經 上的檔 ’使用 都是獨 是内建 時輸入 黑字的 帶,印 個輸出 的應用 一個可 的電腦 感的資 應用軟 公開。 或解密 現將網 立作業 於早期 。應用 列印方 碟或是 的檔案 程式當 以被移 系統中 料已有 體也被 這些密 的動作 路連線 的,因為 的電腦系 程式執行 式呈現, 其他屬於 可以接著 作輸入# 動式的儲 的應用敕 認知。 開發出來 碼編譯軟 〇 多台電腦[Description of the Invention] [0001] The present invention filed a provisional case in the United States on April 18, 2003, file number 60/464394 (Docket CNTR.2222), and filed a formal US application on September 29, 2003. No. 10/674057. [Technical field to which the invention pertains] [00 02] The present invention relates to the field of microelectronics, and more particularly to an apparatus and method for encryption in a microprocessor. "[Prior Art] [0003] Running a system of internal or post-production or a computer is unified by the next use or storage interface, which is used in the same way. The operation of the input data program between the stores [0004] is written into the magnetic file in white paper. This execution is the same as the encrypted ones that are compatible with the protection sensitive password compilation license. The software program is the same as the file part of the software. If this can be used as a system for the early years, the system needs to be stored in the system. , Free of the file on the 'use' is the tape that is input when the built-in is black, the application of the printed output is a soft computer application. Or the decryption is now working in the early stage. The printed disc or the file program is connected to the system by the internal movement of the system. The line presents, for the other part of the application can then store the Edict of cognitive input #-acting type. Developed code to compile soft square multiple computers

五、發明說明(2) 透過t分享資料的這個優勢。所以,網政加 統,資料傳送規約也相對^所以’網路架構,作業系 分享之外,它們所提供的、展▲。至今,除了能支援資料 在的使用者使用—個^ w寸加功能也很顯要。例如說,現 另一個網路伺服器上=作台去取得另-個工作台上或 他資料,與其他數百案,透過網際網路取得新聞和其 應商的電腦系統提供的電腦傳送電子郵件,連接供 餐廳,機場和其他公^卡或是銀行資料來購買物品,在 作,已經習以為常了 了 :所透過無線網路來做上述的動 常的重要。i用者透^以保護敏感資料的傳輸也變的非 率也曰已遽增。= :出去的資料需要保護的頻 客,身分盜用,反長揭發給社會大眾濫發郵件,駭 腦資料安全問題。這此卢Ιρ位置欺偽和信用卡詐欺等電 純屬意外的無心之過:^ Q隱私的動作的背後動機有時是 行動。相關單位以制~ %時則是深思熟慮的網路恐怖攻擊 幕等行動來H 法律,嚴格執行規範和教育大 侵害電腦資料的浪潮這些動作都還是無法成功杜絕 情報單位憂心的問題已::=政府,金融機構,軍方和 使用網路銀行服務變成母一位在家檢查電子郵件, [_5]資訊安最擔心的問題之-了。 提供特定2解;域中一項將資料加密,並起只 伴鳟雷Ϊ 式的保護技巧就是密碼編譯學。在 辨識的型式。(^稱鼻〜plaintest,cleartext)轉成無法 稱為岔文,Clphertext)。將本文轉換成 1247241V. Description of the invention (2) This advantage of sharing information through t. Therefore, the network administration and the data transmission protocol are also relative to each other. Therefore, the network architecture and the operating system share the information provided by them. So far, in addition to the users who can support the data, the function is also very important. For example, there is another network server that is used to get another workbench or his data, and hundreds of other cases, through the Internet to get news and computer software provided by the computer system of its business. Mail, connecting restaurants, airports and other public cards or bank information to buy items, is already used to it: it is important to do the above through the wireless network. The uselessness of i users to protect the transmission of sensitive data has also increased. = : The data that needs to be protected needs to be protected, the identity is stolen, and the long-term disclosure is sent to the public to spam emails. This Lu Yu ρ position bullying and credit card fraud and other electricity is purely unintentional: ^ The motivation behind the Q privacy action is sometimes action. When the relevant units use ~%, it is a well-thought-out cyber-terrorism attack screen and other actions to the H law. Strict implementation of the norms and education of the infringement of computer data. These actions are still unable to successfully eliminate the worry of the intelligence unit::=Government , financial institutions, the military and the use of online banking services turned into a mother to check e-mail at home, [_5] information security most worried about the problem. Provide a specific 2 solution; one of the domain's data is encrypted, and the only Thunder-style protection technique is cryptography. In the type of identification. (^ said nose ~plaintest, cleartext) can not be called 岔文, Clphertext). Convert this article to 1247241

岔文的私序被稱為「加密」(encryption)而將密文轉回本 k 文的程序則被稱為「解密」(decrypti〇n)。 · [0006]在密碼編譯這個領域中,幾項方式和規約被開 · ^出=便使用者不需要有太多密碼編譯知識或是花太多力 里便能將資料以加密過的型式送出給不同的使用者。除了 力11欲、的^料之外’使用者通常會提供收件者一個用來解密 的密碼金鑰。,,密碼金鑰讓接收者能復原加密資料或者有 時候是提供收件者取得未加密資料的管道。以上所述的步 ,常是透過密碼保護,數學演算法和加密解密的應用 程式等方法位敏感資料加密和解密。 _ [ 0007 ]目前有很多種類型的演算法被應用於資料的 =^密上。某個類型中的特別一個演算法(公開金鑰加 岔廣异法,RSA Rivest-Shamir-Adelman演算法類之一)用 了兩個金鑰(〇1^1)1:〇§1^1)}^(31^7)。 一個公開金鑰 (Pu^l ic Key)和一個私密金鑰(private key)用來加密或 f密。根據一些公開金鍮演算法則,接收者的公開金鑰 疋由寄出者用來將資料加密以便送給接收者的。因為使 ^ f的公開和私密金鑰間有某種特定的數學關係,接收者 疋要用私密金錄來解開收到的資料,還原原本的資料。 雖然此類的加密演算法受到廣泛的使用,但是它處理加密 和,欲的速度十分的慢。就連處理小量的資料都是十分 的慢。還有一類演算法,稱做對稱加密演算法,不但與第 =類f算法等級的資料保密性,而且執行的速度快上許 夕這類演异法會叫做對稱加密演算法的原因就是它是用The private sequence of the text is called "encryption" and the procedure for transferring the ciphertext back to the text is called "decrypti". · [0006] In the field of cryptographic compilation, several methods and protocols are opened. If the user does not need to have too many cryptographic compilation knowledge or spend too much effort, the data can be sent out in encrypted form. For different users. In addition to the power of the user, the user usually provides the recipient with a cryptographic key for decryption. The cryptographic key allows the recipient to recover the encrypted data or sometimes provide a conduit for the recipient to obtain unencrypted data. The steps described above are often used to encrypt and decrypt bit-sensitive data through password protection, mathematical algorithms, and encryption and decryption applications. _ [ 0007 ] There are currently many types of algorithms that are applied to the =^ secret of the data. A special algorithm in a certain type (public key plus wide method, one of the RSA Rivest-Shamir-Adelman algorithm classes) uses two keys (〇1^1)1:〇§1^1 )}^(31^7). A public key (Pu^l ic Key) and a private key (private key) are used to encrypt or f secret. According to some public auction algorithms, the recipient's public key is used by the sender to encrypt the data for delivery to the recipient. Because there is a certain mathematical relationship between the public and private keys of ^f, the recipient will use the private record to unlock the received data and restore the original data. Although such encryption algorithms are widely used, they handle encryption and are very slow. Even processing small amounts of data is very slow. There is also a kind of algorithm, called symmetric encryption algorithm, which not only has the confidentiality of the data of the level of the f-class algorithm, but also the speed of execution. The reason why such a different method is called a symmetric encryption algorithm is that it is use

第8頁 1247241 五、發明說明(4) 同一組加密編譯鑰來加密和解密。目前公家機關内使用 的主要二種単一金餘加密演算法(single-key cryptographic algorithms:數據加密標準(Data Encryption Standard,DES),三度資料加密標準 (Triple Data Encryption Standard , Triple DES)和高 階加密標準(Advanced Encryption standard,AES)。 因為這些肩算法的保護強度’現在美國政府的相關單位都 採用這三種演算法來保密資料。相信不久的將來,這其中 一項或一項以上也會成為商業和私人交易中使用的標準。 根據這些對稱加密演算法則,本文和密文都被裁成一定大 小的片段,在進行加密和解密。例如說高階加密標準 (AES)對128bits大的片段進行加密,並使用128_,192和 256-b 11s大小的加密編譯鑰。 [〇〇〇8]所有的對稱金鑰加密演算法(symmetric key 將本文加密的次要運算(Sub-〇Peration)步驟 :::二f據那些比較常使用的對稱加密演算法, 金鑰程序表,key sche=擴張至上數個的金鑰’(也就是 编嗖B士膝 π 士 dUle) ’母個金鑰都會被用在密碼 編澤日守將一段本文加密 / rrnnnH、。楚 ^ 要運异中的其中一回合 運算完的結果變成是第—人 資料(input text)。莖—门人、富々 弟一口。的輸入 二個金鑰做運算,#^一5運算就使用金鑰程序表中第 定的幾回合後就成為齋守二個、,,α果°本文在經過特 中,每-回合中的:要中在:階,密標準(AES)運算法 要運异中的運鼻在相關文獻資料中可Page 8 1247241 V. INSTRUCTIONS (4) The same set of encryption compiler keys are used for encryption and decryption. At present, the two main types of data encryption algorithms (Single-key cryptographic algorithms: Data Encryption Standard (DES), Triple Data Encryption Standard (Triple Data Encryption Standard, Triple DES) and high-order encryption algorithms are used in public organizations. Advanced Encryption Standard (AES). Because of the protection strength of these shoulder algorithms, the relevant units of the US government now use these three algorithms to keep confidential information. I believe that one or more of these will become in the near future. Standards used in commercial and private transactions. According to these symmetric encryption algorithms, both the text and the ciphertext are cut into segments of certain size for encryption and decryption. For example, the High-Level Encryption Standard (AES) encrypts 128-bit large segments. And use 128_, 192 and 256-b 11s size encryption compiler keys. [〇〇〇8] All symmetric key encryption algorithms (symmetric key will be encrypted in this sub-〇Peration step:: : two f according to the more commonly used symmetric encryption algorithm, key program table, key sche = expansion to the upper number The key '(that is, the compilation of B's knee π 士士 dUle) 'Mother key will be used in the password compilation, the Japanese syllabus will encrypt this paragraph / rrnnnH,. Chu ^ one of the rounds of the operation The result becomes the first-input text. The stem-doorman and the rich-spoken brother take a bite. Enter the two keys to do the operation, and the #^-5 operation uses the first few rounds in the key program table. Became the two,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,

Haim 第9頁 1247241 五、發明說明(5) 被稱為子位元(SubByte,或S-box), 移列 (ShiftRows),混攔(MixColums),和回合金鍮(round key)加入(AddRoundKey)。位一段密文解碼的步驟事實上 和加密是很相似的,就是把加密文當作輸入值,並且在每 回合進^亍反向澤碼和反向運鼻’最後*—回合的輸出直就 是本文。 [ 00 0 9 ]數據加密標準(DES)和三度資料加密標準 (Tr i p 1 e-DES)應用的次要運算在小細節上不太相同但是它 們與AES運算法基本上是十分類似,因為它們用相似方式 將本文片段轉為一段段的密文。 [0 0 1 0 ]所有對稱加密演算法將多個連續片段資料加密 的模式都是一樣的。這些包括了編輯方塊連鎖(cipher block chaining mode,CBC),電子書碼(eiectronic code book ’ECB) ’ 編碼回授(cipher feedback mode, CFB)和輸出回授(0UtpUt feedback mode,OFB)。其中有 些模式品要一個另外的初始化向量(initialization vector)才能進行次項運算,有些則是會將第一組加密編 譯後的密文加入第二組本文加密的運算中·若深入探討每 一個密碼編譯演算法和當下對稱加密演算法中每個次項運 算步驟則就已超出本發明應用的範圍了。關於數據加密 標準DES和三度資料加密標準Triple des詳細的實施規範 探討,讀者們可以參考西元1 999年1〇月25日的Federal Information Processing Standards Publication 46-3 (FI PS-46-3),西元2001 年11 月26 日的 FederalHaim Page 9 1247241 V. Invention Description (5) It is called SubByte (or S-box), ShiftRows, MixColums, and round key join (AddRoundKey) ). The step of decoding a ciphertext is actually very similar to encryption. It is to treat the ciphertext as the input value, and the output of the reverse zebu code and the reverse nose 'last*-round is straight every turn. This article. [00 0 9 ] The secondary operations of the Data Encryption Standard (DES) and the Triple Data Encryption Standard (Tr ip 1 e-DES) applications are not the same in small details but they are basically similar to the AES algorithm because They convert the fragment of this article into a ciphertext of a segment in a similar manner. [0 0 1 0 ] All symmetric encryption algorithms encrypt the pattern of multiple consecutive fragment data. These include cipher block chaining mode (CBC), eiectronic code book 'ECB' cipher feedback mode (CFB) and output feedback (0UtpUt feedback mode, OFB). Some of the models require an additional initialization vector to perform the secondary operation, and some add the first set of encrypted ciphertexts to the second set of encrypted operations. If you delve into each cryptographic compilation Each of the sub-term operations in the algorithm and the current symmetric encryption algorithm is beyond the scope of the application of the present invention. For a detailed discussion of the data encryption standard DES and the three-dimensional data encryption standard Triple des, the reader can refer to the Federal Information Processing Standards Publication 46-3 (FI PS-46-3) on January 25, 1999. Federal, November 26, 2001

I圓I round

第10頁 1247241 五、發明說明(6)Page 10 1247241 V. Description of invention (6)

Information Processing Standards Publication 197 (F IP S - 1 9 7 )中則有A E S洋細的探討。上述的刊物都是由 National Institute of Standards and Technology (NIST)所發行編譯的,在此附為參考讀物,所涵蓋的近乎 範圍。除了這些刊物外,NIST的Computer SecurityIn the Information Processing Standards Publication 197 (F IP S - 1 9 7), there is a discussion of A E S. The above publications are compiled by the National Institute of Standards and Technology (NIST) and are hereby incorporated by reference. In addition to these publications, NIST's Computer Security

Resource Center(CSRC)網站 http://csrc.nist· gov/ 内 也提供單元教學,白皮書,toolkits和相關文章等。 [0 0 1 1 ]熟知這方面技術的讀者應該都了解電腦系統上 有很多軟體都能用來執行密碼編譯的動作(也就是加密和 解密)。事實上,有些作業系統(例如微軟視窗χρ,The Resource Center (CSRC) website http://csrc.nist· gov/ also provides unit teaching, white papers, toolkits and related articles. [0 0 1 1] Readers of this technology should be aware that there are many software on the computer system that can be used to perform cryptographic compilation (ie, encryption and decryption). In fact, some operating systems (such as Microsoft Windows ,ρ,

Linux)透過密碼編譯基元(cryptographic primitives), 密碼編譯應用軟體介面(cryptographic application program interface)和其他類似介面提供直接加密/解密 服務。當下的發明人發現現今電腦編譯密碼技巧上在多 方面有許多缺陷。請讀者們現在看到圖一,圖中標示出 這些缺失,以下將探討這些問題。 [0 0 1 2 ]圖一為現今電腦密碼編譯應用的方塊圖。圖 1 0 0顯示第一台電腦1 0 1連接到區域網路1 〇 5。另外接到網 路105的還有第二台電腦,網路檔案儲存裝置,第一個路 由器107或是其他連接至廣域網路11〇(wide area network, WAN),比如說網路,的介面,和一個無線路 由器108,例如符合IEEE 802。1 1規範的無線路由器。 在廣域網路110(wide area network)另一端接的是第二個 路由器111,用來提供與第三台電腦1〇3的介面。Linux) provides direct encryption/decryption services through cryptographic primitives, cryptographic application program interfaces and other similar interfaces. The inventors of the present have discovered that there are many drawbacks in many aspects of computer compiling cryptography. Readers are now looking at Figure 1, which shows these shortcomings, which are discussed below. [0 0 1 2] Figure 1 is a block diagram of the current computer password compilation application. Figure 1 0 0 shows that the first computer 1 0 1 is connected to the local area network 1 〇 5. In addition, there is a second computer connected to the network 105, a network file storage device, a first router 107 or other interface connected to a wide area network (WAN), such as a network. And a wireless router 108, such as a wireless router compliant with the IEEE 802.11 specification. Connected to the other end of the wide area network 110 is a second router 111 for providing an interface to the third computer.

第11頁 1247241 五、發明說明(7) [0013]如前文所述,現今使用者在一段使用電腦時會 需要保密電腦資料的時候越來越頻繁。例如說,在作業" 系統控制之下’電腦1 〇 1的使用者可能同時進行多樣工 作,而每樣工作都需要密碼編譯作業。電腦1(Π的使用者 需要執行加密/解密(透過作業系統服務或著是作業系統行 使的)將一個檔案存入網路儲存裝置106。在儲存檔案的同 時’使用者也可能將加密過的資訊傳給第二台電腦丨〇 2的 使用者,這個動作將也需要應用程式112執行加密和解密 的工作。加岔傳出的資訊有可能是即時的(例。即時訊 息)或不是即時的(例如。電子郵件)。另外,使用者可能 是在電腦103上透過無線區域網路丨1〇在存取個人的金融資 料(例如,信用卡卡號,金融交易,等)或是其他重要資、 料。電腦103也可但表一個家庭辦公室或是遠端電腦 103,其中電腦使用者101不在辦公室内,而是使用使用網 路來存取區域網路105上1〇1,102,1〇6 , 1〇7 , 1〇8和1〇9 内部身料。以上所述的行為都需要呼叫應用程式丨丨2來執 行相關加密和解密的動作。此外,無線網路109已被廣泛 的佈局在咖啡廳,機場,學校等公共場所,所以手提電腦 1 04的使用者除了必須將接收或傳送給別的使用者的資料 加密或解密外,所有透過無線網路1〇9傳給無線路由器1〇8 的資料也都要加以加密/解密。 [0 0 1 4 ]熟知此技術領域的人士可以了解當電腦1 〇 1 一 1〇4需要進行密碼編譯的動作時,應用程式112會被乎叫, 然後進行加密或解密的動作。所以未來電腦1〇1_1〇4有可Page 11 1247241 V. INSTRUCTIONS (7) [0013] As mentioned earlier, today's users will need to keep their computer data more and more frequently when using a computer. For example, a user of Computer 1 〇 1 under Jobs" System Control may perform multiple tasks at the same time, and each job requires a password compilation job. The computer 1 (the user of the user needs to perform encryption/decryption (through the operating system service or the operating system) to store a file in the network storage device 106. While the file is being stored, the user may also encrypt the file. The information is passed to the user of the second computer ,2, and this action will also require the application 112 to perform encryption and decryption work. The information transmitted may be instant (eg, instant message) or not instantaneous. (e.g., email). In addition, the user may be accessing personal financial information (eg, credit card number, financial transaction, etc.) or other important materials on the computer 103 via the wireless local area network. The computer 103 can also be a home office or a remote computer 103, wherein the computer user 101 is not in the office, but uses the network to access the area network 105 on the 1,102,1,6, 1〇7, 1〇8, and 1〇9 internal body. The behavior described above requires calling application 丨丨2 to perform related encryption and decryption actions. In addition, wireless network 109 has been widely used. The layout is in public places such as cafes, airports, schools, etc., so the users of the laptop 104 must pass the wireless network 1〇9 to the wireless router in addition to encrypting or decrypting the data received or transmitted to other users. The data of 1〇8 must also be encrypted/decrypted. [0 0 1 4] Those skilled in the art can understand that when the computer 1 〇 1 〇 1 needs to perform cryptographic compilation, the application 112 will be affected. Call, then encrypt or decrypt the action. So the future computer 1〇1_1〇4 has

第12頁 1247241Page 12 1247241

五、發明說明(8) 能必須同時進行上百個密碼編譯運算V. Description of invention (8) It is necessary to perform hundreds of cryptographic operations at the same time.

[0015]發明者發現電腦系統1〇 1 — 1〇4同時呼叫—個或 一個以上加密或解密應用程式112的做法有下列缺點。3例 如說,若可以使用一個專門的硬體來處理這些功能,硬^ 處理的速度會比用軟體快。每次應用程式11 2需要進行力 密解密時’電腦101-1 04正在執行的工作就必須#先暫停%^ 傳送密碼編譯動作所需的參數(本文,密文,模式,金錄) 給電腦作業系統,然後電腦作業系統在將這些資^料傳給應 用程式112來完成密碼編譯動作。由於應用軟體112在編〜 譯一段資料時需要執行許多回合的子運算,因此,電腦要 執行的指令數目繁多且讓整個作業系統處理的速度顯著下 降。熟習此技術領域者能了解為什麼在微軟Outl〇〇’k環境 中發出一封加密電子郵件後所需的傳輸時間會是未加 件的五倍之多 [0016] 介入電腦作業系統會的延誤時間也會影響現在 使用這項技術。目前應用軟體内大多沒有完整的金鑰產生 或加密/解密功能,所以都是靠作業系統或是插件軟體[0015] The inventors have found that computer systems 1 - 1 - 4 simultaneously calling one or more encryption or decryption applications 112 have the following disadvantages. For example, if you can use a special hardware to handle these functions, hard processing will be faster than using software. Every time the application 11 2 needs to perform the decryption decryption, the work that the computer 101-1 04 is performing must be #1 pause %^ to transfer the parameters required for the password compilation action (this article, ciphertext, mode, gold record) to the computer. The operating system, and then the computer operating system passes these resources to the application 112 to complete the cryptographic compilation action. Since the application software 112 needs to perform a number of rounds of sub-operations when editing and translating a piece of data, the number of instructions to be executed by the computer is large and the processing speed of the entire operating system is significantly reduced. Those skilled in the art can understand why the transmission time required to send an encrypted e-mail in the Microsoft Outl〇〇'k environment is five times that of the unfilled [0016] delays in intervening in the computer operating system. It will also affect the use of this technology now. At present, most of the application software does not have complete key generation or encryption/decryption functions, so it depends on the operating system or plug-in software.

lug-in software)來完成這些作業。而要獲得作業系 統資源,要向作業系統發出中斷指令(interrupt)或是由 正在執行的應用軟體對作業系統提出要求。 [0017] 發明者也發現電腦系統^卜丨〇4密碼編譯作業 方式與較早期微處理器内處理浮點運算單位還沒成立專門 處理單位前是很像的。早期的浮點運算是由軟體處理,所 以執行速度很慢。密碼編譯透過軟體處理的速度也是报Lug-in software) to complete these tasks. To obtain operating system resources, an interrupt is issued to the operating system or the operating system is requested by the executing application software. [0017] The inventors have also found that the computer system ^ 丨〇 4 cipher compilation operation mode is very similar to the processing unit of the floating point operation in the earlier microprocessor. Early floating-point operations were handled by software, so execution was slow. The speed of password compilation through software processing is also reported

第13頁 .1247241 五 發明說明(9) 忮。隨著浮點運算的技術 ^ — 央處理器的輔助處理器。:*巧運算指令被整核入中 整個系統的價格升古 θ = 口入洋點數輔助處理器使得 許多。以也理浮純的速度比軟體快上 大多是透過平行戶槔處理器辅助處理硬體, 流排)插卡式或是外掛式f匯流排介面(如通用性串列匯 處理器可縮短電腦f 類的中央處理器的輔助 增加系統的價格和耗電量 理時間。但除了 低,資料安全性成為考量 :統的穩定度降 竊聽。 曰曰片上,所以它們之間的連接管道可能被 必I的。、^此一個内建於微處理器中的密碼編譯硬體是 C €始:每個硬體應讓應用軟體只需發一個指令便能完成 $ 4”、. „學。發明者認為這種硬體能減少介人電腦作業系胡 理想中此發明能提供應用軟體執行密碼編譯指 :的:先權1 了需要與目前市面上較普遍的微處二 目令,還要忐支援較老舊的作業系統和應用軟體。更要 止竊聽機制。此硬體應該支援多種不同的密碼編譯 演算法,且能夠認證和測試硬體上的密碼編譯演算法。 此發明需要能夠切換本身運作模式,例如允許使用者選擇 提供自己的金鑰或選擇由硬體發行金鑰及支援切換不同大 小的資料片段及金鑰大小。最後,此硬體所使用的加密/ 解密模式應該都可以被選擇,例如是否用電子書碼Page 13 .1247241 V Description of invention (9) 忮. With the technology of floating-point arithmetic ^ — the auxiliary processor of the central processor. : * The operation command is being re-introduced into the whole system. The price of the whole system rises θ = the number of ports into the ocean point auxiliary processor makes many. The speed of the pure float is faster than the software. Most of them are processed by the parallel processor to process the hardware, and the plug-in or plug-in bus interface (such as the universal serial bus processor can shorten the computer). The auxiliary processor of class f increases the price and power consumption of the system. But in addition to the low, data security becomes a consideration: the stability of the system is reduced by eavesdropping. On the chip, the connection between them may be necessary. I. The password compilation hardware built into the microprocessor is the beginning of C €: each hardware should let the application software only need to send one instruction to complete $ 4", . Learn. Inventor It is believed that this kind of hardware can reduce the interoperability of the computer operation system. This invention can provide the application software to perform the password compilation: the first right 1 needs to be more common with the current market, and the support is better. Old operating system and application software. It is more important to stop eavesdropping. This hardware should support a variety of different cryptographic compilation algorithms and be able to authenticate and test cryptographic compilation algorithms on hardware. The mode of operation, for example, allows the user to choose to provide their own key or choose to issue the key by hardware and support the switching of different sizes of data fragments and key sizes. Finally, the encryption/decryption mode used by this hardware should be Choose, for example, whether to use an e-book code

(ECB),編輯方塊連鎖(CBC),編碼回授(CFB)或輸出回授(ECB), edit block chain (CBC), code feedback (CFB) or output feedback

第14頁 1247241Page 14 1247241

(〇 F B)做密碼編譯。 [發明内容] [0 0 1 9 ]此項發明紐 i 、, 度名认似占 解決了先别技術上面臨的問題,提佯 -個優秀的微處理器内建密碼編譯技術。一實二中太供 發明是一個微處理器内密编嗜 實 U中本 譯邏輯和執行邏輯,轉羅輯收、:。裝置内包含了轉 的密碼編譯指令轉,tf;:到…譯指令後將收到 的步驟。執行邏輯和轉二對上的微電腦指令,指示運算 輯從轉譯邏輯接受到微\#邏\的運作是相連的,執行邏 算。 電腦指7和步驟後才能開始作運 理器裝置,此裝置有一 ί 一個處理密碼編譯程序的微處 這個微處理器裝置J含譯指令和-個轉譯邏輯。 密碼指令提供給微處理:=碼編譯指令和轉譯邏輯。 指令流程中。這個密碼“J處J器會將接到的指令加入 密碼編譯指令轉譯成相二二扣不處理器運作。轉譯邏輯將 行的步驟。 ’的微電腦指令,指示處理器該執 [ 002 1 ]本發明從某個 序的裝置。這個裝置勺人又有不疋一個處理密碼編譯程 輯。微處理器内的邏輯^你3 了…一個密碼編譯指令和執行邏 出需要執行哪一個密碼編咢^碼編譯指令後,從指令解讀 作是連接,所以執行邏W ^,執行邏輯和處理器是動 譯動作。 時就會執行那個特定的密碼編 1247241(〇 F B) Do password compilation. [Summary of the Invention] [0 0 1 9] The invention of New Zealand, the name of the name seems to account for solving the problems faced by the prior art, and an excellent microprocessor built-in cryptographic compilation technology. One real two is too much for the invention. The invention is a microprocessor-embedded and customary U-translated logic and execution logic. The device contains the cipher compilation command to transfer, tf;: the steps that will be received after the translation command. Execute the logic and transfer the microcomputer instructions on the second pair to indicate that the operation is connected from the translation logic to the micro-#logical operation, and the logic is executed. After the computer refers to 7 and steps, the processor device can be started. The device has a micro-processing device for processing the cipher. The microprocessor device J has a translation command and a translation logic. The cryptographic instructions are provided to the microprocessing: = code compile instructions and translation logic. In the instruction flow. This password "J J will convert the received command into the password compile command into a two-two button without processor operation. The translation logic will take the step. 'Microcomputer command, instruct the processor to execute [002 1] Invented from a certain order of the device. This device scoop people have no need to deal with a password compile program. The logic inside the microprocessor ^ you 3 ... a password compile instruction and execution logic need to execute which password is compiled ^ After the code compile instruction, the instruction is interpreted as a connection, so the execution logic W ^, the execution logic and the processor are the translation operations. The specific password is executed 1272441

[0022]本項發明也可被視為一個在微處理器中執行密 碼編譯的方法。這個方法包括了如何接收和執行密碼 譯指令。 [實施方式] 、[0036 ]惟以下所述者,僅為本發明較佳實施例而已, 並f用來限定本發明實施之範圍。即凡依本發明申請專 ,範圍所作的均等變化與修飾,皆為本發明專利範圍所涵[0022] The invention can also be viewed as a method of performing cryptographic compilation in a microprocessor. This method includes how to receive and execute cryptographic instructions. [Embodiment] [0036] The following is only the preferred embodiment of the present invention, and is intended to limit the scope of the present invention. That is, the equivalent changes and modifications made by the scope of the application of the present invention are covered by the scope of the invention.

[ 0 037 ]以下内容將參考圖二延續之前密碼編譯運算之 相關技術背景以及其缺點探討。接下來請參照圖三-十 一:— 本發明提供了一個效能和機制優越的裝置和方法來 執行密碼編譯運作。此發明降低介入作業系統的必要性。 除此之外,此發明也滿足了其他要求,如獨立完整性,與[ 0 037 ] The following will refer to Figure 2 for a discussion of the technical background and its shortcomings of the previous cryptographic compilation operations. Next, please refer to FIG. 3 - 11: - The present invention provides an apparatus and method with superior performance and mechanism to perform cryptographic compilation operations. This invention reduces the need for an interventional system. In addition to this, the invention also meets other requirements, such as independent integrity, and

老舊架構相容性,運算法及模式切換性,駭客抵禦性,^ 及可測試性。 — AOld architecture compatibility, algorithm and mode switching, hacking, ^ and testability. — A

[0 0 3 8 ]現在請看圖二,圖二描繪的是現今電腦系統 行密碼編譯的方塊圖。方塊圖2〇〇内包含了一個微處理 個微處理器2〇ι負責從系統記憶體中應用程式記 區 /取得與應用程式相關的指令和存取相關的資料。 f : ί式5己憶區2〇3中的軟體控制和資料存取機制通常朝 疋:糸,記憶中作業系統202處理。作業系統2〇2被存放 糸己憶中受到保護的區塊中。如前文中描述,一個應 程式在執行中需要做譯碼編譯的動作時(例如說一個電^[0 0 3 8 ] Now look at Figure 2, which depicts a block diagram of the current computer system password compilation. Block 2 contains a microprocessor. The microprocessor 2 is responsible for accessing application-related instructions/access-related data from the system memory. f : The software control and data access mechanism in the ί5 memory area 2〇3 is usually processed by the operating system 202 in memory. The operating system 2〇2 is stored in the protected area. As described in the previous section, an application needs to do the decoding and compiling action during execution (for example, an electric ^

第16頁 1247241 五、發明說明(12) ---- 郵件程式或是儲存檔案的軟體),必須通知微處理 , 然後由微處理器201完成一連串數量龐大的指令 :碼:譯。這些指令有些是這個執行中應用^式:二子程 序’有些是連接到這個執行程式的軟體插件程序或著也 有:能是作”統202所提供的服務。無論這些指;源自 何處’都位在記憶體中一個特定的區域中。為方便对〜, 記憶體中這些不同區域的片段圖中都被包在在 ^ : 9 憶區203内。應用程式記憶區203中還包含了一 ^固產生^鑰 的軟體204。這個金鑰產生軟體通常付責產生和接受金餘 的工作,也將金鑰展開成金鑰程序表205。如果使用的加 密模式需要,加密的軟體206會去讀取初始化向量2〇8。加 後軟體執行内部指令來完成本文加密的動作,最後輸出密 文211。解密的流程大致上是一樣的,當需要解讀一段密 文時,解密軟體207被呼叫。解密軟體2〇7執行執行特定的 指令來取得密文211,金鑰程序表2 05以及密碼編譯參數。 其中密碼編譯參數能提供密碼編譯的詳細細節。如果使用 的解密模式有需要,解密軟體2〇7會去讀取初始化向量2〇8 並執行那裡面的指令來完成密文解密的動作,輸出本 210。 [ 0 0 39 ]加密,解密和產生金鑰的動作應該可以用更 少的指令就完成。之前提出由FIps出版的規範中便有提供 幾個不同的虛擬碼來預估完成一項簡單密碼編譯工作微雷 腦處理器所需要執行的指令數量。而現在使用的技術所♦ 處理編譯密碼的指令數量高達上百個以上。除此之外,而Page 16 1247241 V. Invention Description (12) ---- Mail program or software for storing files), must notify the microprocessor, and then the microprocessor 201 completes a series of huge instructions: code: translation. Some of these instructions are in the implementation of this type of application: two sub-programs 'some are software plug-ins connected to the executable program or there are: can be made "the service provided by the system 202. No matter these refers to; from where" It is located in a specific area of the memory. For convenience, the fragment maps of these different areas in the memory are enclosed in the ^ : 9 memory area 203. The application memory area 203 also contains a ^ The firmware 204 is generated. The key generation software usually pays for the work of generating and accepting the gold balance, and also expands the key into the key program table 205. If the encryption mode used is required, the encrypted software 206 will read The initialization vector 2〇8. After the software executes the internal instruction to complete the encryption operation, and finally outputs the ciphertext 211. The decryption process is substantially the same, and when the ciphertext needs to be interpreted, the decryption software 207 is called. 2〇7 executes a specific instruction to obtain ciphertext 211, key program table 205 and cryptographic compilation parameters. The cryptographic compilation parameter can provide detailed details of cryptographic compilation. If the decryption mode used is needed, the decryption software 2〇7 will read the initialization vector 2〇8 and execute the instructions there to complete the ciphertext decryption operation, outputting this 210. [0 0 39 ] Encryption, decryption and generation The action of the key should be completed with fewer instructions. It was previously proposed that the specifications published by FIps provide several different virtual codes to estimate the need to perform a simple cryptographic compilation. The number of instructions. The number of instructions used to process compiled passwords is now more than one hundred. In addition,

第17頁 1247241 五、發明說明(13) &那些執行中的應用軟體(檔案管理,簡訊, f端::存取,信用卡”軟體)的角度來看 : 密碼編譯既不是軟體本身主要的用途, < 二 〜 叩且又十分耗味 甚至會使軟體的使用者錯覺應用軟體不夠有效率。=三 軟體206,解密軟體207是軟體插件的架構,則情兄备f被 糟’因為電腦作業系統的工作項目又增加了支援呼; 理206 ’207軟體。作業系統必須支援中斷,例外等其^ 況。除此之外,電腦系統上每一個同時正在進行的 編譯都會需要在記憶203内安排一些空間給軟體2〇4,2〇6 和207。而且未來微處理器202所需處理的密碼編譯工Page 17 1247241 V. Invention Description (13) & The implementation software (file management, newsletter, f-end:: access, credit card) software perspective: Password compilation is neither the main use of the software itself , < 2 ~ 叩 and very tedious and even make the user of the software illusion that the application software is not efficient enough. = Three software 206, decryption software 207 is the software plug-in architecture, then the brothers are f The system's work items have added support calls; the 206 '207 software. The operating system must support interrupts, exceptions, etc. In addition, every simultaneous compilation on the computer system will need to be arranged in memory 203. Some space is given to the software 2〇4, 2〇6 and 207. And the password compiler that the microprocessor 202 needs to process in the future.

量只會有增無減。 P IThe amount will only increase. P I

[0040 ]發明者有鑒於現今電腦系統處理密碼編譯的這 ,缺陷’冑會需要-個内建微處理器,並能改善密碼編譯 處理速度的裝置及方法的必要性。此單位透過一個單一的 =碼編譯指令便啟動編譯程序。關於此發明,我們將參昭 圖二-十二來做更深入的解釋 田⑽現在請看圖三,圖三是依照本發明原理的微處 f β岔碼編譯運算裝置方塊圖。圖300顯示微處理器301 if記憶體匯流排319與系統記憶321結合。微處理器3〇1 ^了,澤邏輯303。轉譯邏輯3〇3從指令暫存器3()2接收 指令。密碼轉譯邏輯3〇3的構成可以是一個邏輯、電路、 裝置、微扣令碼(就是微指令或原生指令)或是一個邏輯、 Ϊ路政ϊ ί :微指令碼或其他可以達到同樣功效元件的結 口 ' 成對照的微指令碼的元件。構成密碼編譯[0040] The inventors have in view of the fact that today's computer systems handle cryptographic compilation, and the drawbacks would require a built-in microprocessor and the need for improved means and methods for cryptographically compiling speeds. This unit starts the compiler with a single = code compile command. With regard to this invention, we will make a more in-depth explanation with reference to Figures 2 - 12. Field (10) Referring now to Figure 3, Figure 3 is a block diagram of a micro-f 岔 code compilation operation device in accordance with the principles of the present invention. Diagram 300 shows microprocessor 301 if memory bus 319 is combined with system memory 321. The microprocessor 3〇1 ^, Ze logic 303. The translation logic 3〇3 receives the instruction from the instruction register 3()2. The composition of the password translation logic 3〇3 can be a logic, a circuit, a device, a micro-decryption code (that is, a micro-instruction or a native instruction), or a logic, a 指令 ϊ : micro-instruction code or other components that can achieve the same function. The junction is the component of the microinstruction code. Compose password compilation

1247241 五、發明說明(14) 邏輯303的元件可以與微處理器3〇1内執行其 路、微指令碼、等元件共用。根據本應用範圍, 指:5複數個?指,。微指令(也可以被稱做原生指令;指 的是密碼編譯單元層次可勃彳千的户人 隹運瞀♦揷奖拙古令。比方說,精簡指令 ί 行微指令,而加強指令集運算處理 器,如Χ86相谷的處理器,則先將指令翻譯成微指令铁後 ^由内部一個或一個以上的單位執行。轉譯邏輯303和指 々佇列304耦接。指令佇列3〇4中有複數個微指令3〇5, 3〇6,這些微指令是由微指令佇列3〇4交給暫存器階段邏輯 的。其中暫存器階段邏輯包含了暫存器檔案3〇7。微指令 從指令佇列移動至暫存邏輯區。暫存邏輯包含了一個暫存 檔Μ7 ,暫存檔307内有複數個的暫存器3〇8 —313。這些暫 存器會在進行編碼編譯運算前將運算所需要的資料載一入。 每,暫存器都指向記憶體321中323一327其中含有編譯密碼 運异7需要的資料。暫存區邏輯與載入邏輯314耦接。載 ^邏輯與快取記憶資料3 1 3耦接,從快取記憶資料3 1 3讀取 密碼編譯運算所需要的資料。資料快取記憶透過記憶匯流 排3 1 9與記憶體耦接並且執行收到的指令。執行邏輯3 2 8的 2成可以是一個邏輯、電路、裝置、微指令碼(就是微指 令或原生指令)或是一個邏輯、電路、裝置、微指令碼或 ^他可以達到同樣功效元件的結合,執行指令所指示的運 f °構成執行邏輯3 〇 3元件可以是和微處理器3 〇 1内別的功 =共用的。執行邏輯328包含了一個密碼編譯單位316。 禮碼編澤單位3 1 6從載入邏輯3 1 4接收密碼編譯運算所需資1247241 V. INSTRUCTIONS (14) The components of logic 303 can be shared with the components of the microprocessor 3〇1, such as their execution, microinstruction code, and the like. According to the scope of this application, refers to: 5 multiple? Means, Micro-instructions (can also be referred to as native instructions; refer to the cryptographic compilation unit level can be tens of thousands of households 隹 瞀 揷 拙 拙 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 The processor, such as the processor of the Χ86 phase, first translates the instruction into a micro-instruction, and then executes it by one or more internal units. The translation logic 303 and the fingerprint array 304 are coupled. The command queue 3〇4 There are a plurality of microinstructions 3〇5, 3〇6, which are handed over to the scratchpad stage logic by the microinstruction queue 3〇4, wherein the scratchpad stage logic contains the scratchpad file 3〇7 The microinstruction moves from the instruction queue to the temporary storage logic area. The temporary storage logic includes a temporary archive Μ7, and the temporary archive 307 has a plurality of temporary registers 3〇8-313. These registers are compiled and encoded. Before the operation, the data required for the operation is carried in. Each of the registers points to the memory 321 323-327 which contains the data required for compiling the password. The temporary storage area logic is coupled to the loading logic 314. ^ Logic and cache memory data 3 1 3 coupled, from cache memory Material 3 1 3 reads the data required for the cryptographic compilation operation. The data cache memory is coupled to the memory through the memory bus 3 1 9 and executes the received instructions. The execution logic 3 2 8 can be a logic, A circuit, device, microinstruction code (that is, a microinstruction or a native instruction) or a logic, circuit, device, microinstruction code or a combination of components that can achieve the same function, and the execution instruction indicates the operation logic 3 The 〇3 component can be shared with other functions in the microprocessor 3 。 1. The execution logic 328 includes a cryptographic compilation unit 316. The gift code compilation unit 3 1 6 receives the cryptographic compilation operation from the loading logic 3 1 4 Required capital

第19頁 1247241 五、發明說明(15) 料。微指令指示密碼編譯單位316對複數個輸入 3 2 6進行彼碼編譯’並輸出對應的複數個輪出文—& 327。密碼編譯單位316的構成可以是一個邏輯, 裝置,微指令碼(就是微指令或原生指令)或是— 電路,I f,微指令碼或其他可以達到同樣功效^ 合,處理密碼編譯。構成密碼編譯邏輯303元件可 微處理器301内執行其他功能的線路、料#人 疋 共用二一實施例中密碼編譯單位316與執行邏 净點單位和整數單位等執行單位平行執行(未 〇 「單位」的實施例的構成可以是一個邏輯、雷7三一 微指令碼(就是微指令或原生指令)或是一 、t置、 裝置、微指令碼或其他可以達到同樣功效元路嫌 成此單位的元件可以是和微處理器3〇1内 的π B。構 線路、微指令碼、等元件共用。一 f γ彳丁,、他功能的 的構成可以是一個邏輯、電路、裝 :?1中,整數單位 指令或原生指令)或是一個邏輯、"^電路、曰令碼(就是微 或其他可以達到同樣功效元件的妹人 ^置、微指令碼 一個浮點Κ立的構成可以是一個纟^ ^整數指令。 令碼(就是微指令或原生指令)或 、裝置、微指 置、微指令碼或其他可以達到 k輯、電路、裝 浮點指令。構成整數單位内執行I $凡人件的結合,執行 和浮點運算單位中處理浮點運算指人 '々的元件可以是 令碼、等共用。一與χ8β架構相容 、〃元件的線路、微指 單位3 1 6與一 X 8 6整數單位,一 X R Α : 化例中’密碼編譯 早 Χ86洋點單位,-χ86 ΜΜΧ單 I晒Page 19 1247241 V. INSTRUCTIONS (15) Materials. The microinstruction instructs the cryptographic compilation unit 316 to perform a code compilation on a plurality of inputs 3 2 6 and output a corresponding plurality of rounds of texts & 327. The cryptographic compiling unit 316 can be composed of a logic, a device, a microinstruction code (that is, a microinstruction or a native instruction) or a circuit, an I f, a microinstruction code or the like to achieve the same function, and to handle cipher compilation. The cryptographic compiling logic 303 component can perform other functions in the microprocessor 301. The cipher compiling unit 316 is executed in parallel with the execution unit such as the execution logic unit and the integer unit. The embodiment of the unit may be a logic, a Ray 7-three micro-instruction code (that is, a micro-instruction or a native instruction) or a t-set, a device, a micro-instruction code or the like that can achieve the same effect. The unit component can be shared with the π B in the microprocessor 3〇1. The circuit, the microinstruction code, and the like are shared. A f γ 彳 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , 1, in the integer unit instruction or native instruction) or a logic, "^ circuit, 曰 码 code (that is, micro or other can achieve the same function of the element of the girl set, micro-instruction code a floating point stand Is a 纟 ^ ^ integer instruction. The code (that is, micro-instruction or native instruction) or device, micro-finger, micro-instruction code or other can reach k series, circuit, floating point instruction. In-bit execution I $ mortal component combination, execution and floating-point arithmetic unit processing floating-point operations means that the person's components can be shared by code, etc. One is compatible with χ8β architecture, 〃 component line, micro finger unit 3 1 6 and an X 8 6 integer unit, an XR Α : In the example, 'password compilation is earlier than 86 ocean point units, -χ86 ΜΜΧ single I

βϋ 第20頁 1247241 五、發明說明(16) =和一 X86SSE單位平行運作。根據本發明範圍,—鱼 x86相容結構的實施例可以支援大多數為χ86處理器^ 二Τ。判斷軟體是否正確被執行的方法為檢查執1行軟、’、、 後是否得到正確的結果。其他與χ86相容的實施 碼編譯單位視為χ86執行單位十的一個子單位。^ 费 單位316與儲存邏輯317耦接並提供輸出複數個對應文字, 段327。儲存邏輯又與資料快取記憶耦接315。資料 記憶315將輸出文字資料327分送至記憶體321中儲存。、 存邏輯317與寫回邏輯318耦接。密碼編譯運算完成播宜 回邏輯318更新暫存器檔案3〇7中暫存器3〇8_313之内容二 一實施例中微指令配合時脈信號(未顯示)流向前述的 邏輯階段 302、303、304、307、317、 這樣運算可以如同生產線作業般同時執行多個運算。 [ 0 042 ]系統記憶體321内,一應用程式若需要執行密碼 編譯運算,可向微處理器301發出一個密碼運算指令322 了 以下稱為XCRYPT指令322。在加強指令集運算實施例中, XCRYPT指令322包含了 一個指示密碼編譯運算的微指令。 在精簡指令集運算實施例中,XCRYPT指令322包含了一個 指示密碼編譯運算的微指令。一實施例中,XCRYPT指令 3 22用了 一個現有指令集中多出或為使用的指令運算碼。 一x86相容的實施例中,XCRYPT指令322是一個4位元指令 包含一 x86前置(prefix)(也就是0xF3),一指令集内為被 使用過的2位元運算碼(就是〇x〇FA7),和——位元區塊解 密模式。一實施例中XCRYPT指令32 2依照應用軟體被允許Βϋ Page 20 1247241 V. Description of invention (16) = Parallel operation with an X86SSE unit. In accordance with the scope of the present invention, an embodiment of a fish x86 compatible structure can support most of the χ86 processors. The method of judging whether the software is correctly executed is to check whether the line is soft, ', and whether the correct result is obtained. Other implementations that are compatible with χ86 code compilation units are considered to be a subunit of χ86 execution unit ten. The fee unit 316 is coupled to the storage logic 317 and provides an output of a plurality of corresponding characters, segment 327. The storage logic is coupled to the data cache memory 315. The data memory 315 sends the output text data 327 to the memory 321 for storage. The memory logic 317 is coupled to the write back logic 318. The cryptographic compilation operation is completed, and the playback logic 318 is updated. The register file 3〇7 is the contents of the temporary register 3〇8_313. In the embodiment, the microinstruction cooperates with the clock signal (not shown) to flow to the aforementioned logic stages 302, 303, 304, 307, 317, this operation can perform multiple operations simultaneously as a production line job. [0 042] In the system memory 321, an application may issue a cryptographic operation instruction 322 to the microprocessor 301 if it is necessary to perform a cryptographic operation. Hereinafter, the XCRYPT instruction 322 is referred to. In an enhanced instruction set operation embodiment, the XCRYPT instruction 322 includes a microinstruction that indicates a cryptographic compilation operation. In the reduced instruction set operation embodiment, the XCRYPT instruction 322 includes a microinstruction that indicates a cryptographic compilation operation. In one embodiment, the XCRYPT instruction 3 22 uses an instruction code that is either extra or used in an existing instruction set. In an x86-compatible embodiment, the XCRYPT instruction 322 is a 4-bit instruction that includes an x86 prefix (ie, 0xF3), and is used within a set of 2-bit operands (ie, x) 〇FA7), and - bit block decryption mode. In one embodiment, the XCRYPT instruction 32 2 is allowed in accordance with the application software.

1247241 五、發明說明(17) = —人,可以直接將XCRYPT指令322直接微處理器301 系^ 2程或是由作業系統320寫入。因為只軟體或作業 f ^只需要下一個指令322就能完成密碼編譯,所以密碼 、、爲澤的作業細節對作業系統都是透明的。 /0043 ]電腦系統的運作模式,是由作業系統3〇2呼叫 士订固應用軟體320。應用軟體下令執行XCRYpT指令322 你 ,扣令取得邏輯302内。當然,軟體裡還會有其 他私々拓=微處理器3〇1先將記憶體321中323 —327的密碼 制字元323,初始密碼編譯控制金鑰324或金鑰程序 t 始向量325(若需要的話)。等著被處理的輸入 =子326和輸出文327會被複製至對應的暫存器323 —π? 中。此初始晝暫存器308-31 2的動作一定要在埶行 成。因為執行KRYPT322指令時會用到暫 L 中所有的資料。另外還有一個暫存器,一個 負α貝名錄輸入文字有幾個片段還需要被加密/解密的暫存 ^Λ5/303從提取邏輯302取得指令,轉譯成對應 二二,:第 個扣7會私不希碼編譯單位31 6將資料從 二ΐϊί人,然後開始執行指定次數的密碼編譯。執 出標會透過資料快取記憶315存入記憶 扣317的文字區327 °第二組複數個的指 :年構二ϊ ΐ;處理器301内其他執行單位(未顯示)。 ^ 子°、吊包含臨時結果和計數器更新輸入和輸出1247241 V. INSTRUCTIONS (17) = - Person, the XCRYPT instruction 322 can be directly programmed into the microprocessor 301 or written by the operating system 320. Because only the software or job f ^ only needs the next instruction 322 to complete the password compilation, the password, and the details of the job are transparent to the operating system. /0043] The operating mode of the computer system is determined by the operating system 3〇2 to subscribe to the application software 320. The application software orders the execution of the XCRYpT instruction 322, and the deduction is obtained in the logic 302. Of course, there will be other private extensions in the software: the microprocessor 3〇1 first cryptographic characters 323 of 323-327 in the memory 321, the initial cryptographic control key 324 or the key program t vector 325 ( If needed). Waiting for the processed input = sub-326 and output 327 will be copied to the corresponding register 323 - π?. The actions of this initial buffer 308-31 2 must be performed. Because all the data in the temporary L is used when executing the KRYPT322 instruction. In addition, there is a temporary register, a negative alpha shell directory input text has several segments and needs to be encrypted/decrypted temporary storage ^ 5 / 303 from the extraction logic 302 to obtain instructions, translated into corresponding two two,: the first buckle 7 Will not be able to compile the unit 31 6 to the data from the two people, and then start the specified number of password compilation. The execution will be stored in the text area of the memory buckle 317 through the data cache 315. 327 ° The second group of multiple fingers: the second structure of the year; the other execution units in the processor 301 (not shown). ^ child °, hang contains temporary results and counter update input and output

1247241 五、發明說明(18) 指標暫存器311-312。若有應用到初始向量暫存器的更新 資料。其中一實施例便是暫存器3 08-3 1 3為架構暫存器。 [ 0044 ] —實施例中,密碼編譯單位316被分為複數個 階段,允許連續輸入的文字片段32 6被管線化。 [0 0 4 5 ]圖三所顯示的元件為解釋本發明的必要元 件。許多現今的微處理器301内部的邏輯沒有在圖3〇〇内 中顯示。熟習該項技術者會發現,為了能清楚說明發 明’許多微處理器301内包含的邏輯在圖300中都被簡化 了。 這是為了方便敘述。如載入邏輯314可以包括一個 地址產生步驟,接者一個快取記憶介面階段。然後再接著 了個快取記憶對齊階段。但是有一點很重要,本發明對 複數個輸入文字片段進行密碼編譯326,作業系統只要透 過單一個指令便能完成。本發明始密碼編譯工作的細節 動作完全透明化,而且和微處理器3〇1内其他執行邏輯同 時進行運算。密碼編譯單位316和相關的XCRYPT指令322 運作完全和現今較老舊作業系統運算相容。 [ 0 046 ]現請參考圖四,這是密碼編譯指令的方塊 密碼編譯指令400包含了 一個前置攔位4〇ι,一個重 則置攔位4 〇 2,一個運算碼欄位4 〇 3,一個區塊解密模式 j位404。 一實施例中,攔位40卜404的内容與x86指令^ 構相容。 [0047 ]運算時,許多指令集結構都採取加入了一個 、擇性的前置欄位4〇 1。此欄位内容用來指示處理器開啟 ,關閉一些運算功能。例如直接作16位元或2〇位元運算 麵1247241 V. INSTRUCTIONS (18) Indicator registers 311-312. If there is an update to the initial vector register. One of the embodiments is that the scratchpad 3 08-3 1 3 is an architectural register. [0044] In the embodiment, the cipher compilation unit 316 is divided into a plurality of stages, allowing the continuously input text segments 32 6 to be pipelined. [0 0 4 5 ] The elements shown in Figure 3 are necessary elements for explaining the present invention. The logic inside many of today's microprocessors 301 is not shown in Figure 3A. Those skilled in the art will recognize that the logic contained within many of the microprocessors 301 is simplified in the diagram 300 in order to clearly illustrate the invention. This is for the convenience of the narrative. The load logic 314 can include an address generation step followed by a cache memory interface stage. Then there is a cache memory alignment phase. However, it is important that the present invention cryptographically compiles a plurality of input text segments 326, and the operating system can be completed by a single instruction. The details of the initial password compiling operation of the present invention are completely transparent, and are simultaneously operated with other execution logics in the microprocessor 3.1. The cryptographic compilation unit 316 and associated XCRYPT instructions 322 operate completely compatible with today's older operating system operations. [0 046] Please refer to Figure 4, this is the block compile instruction. The block cipher command 400 contains a pre-block 4〇ι, a re-blocking block 4 〇2, and an opcode field 4 〇3. A block decryption mode j bit 404. In one embodiment, the contents of the block 40 404 are compatible with the x86 instructions. [0047] When computing, many instruction set structures have been joined with an optional pre-column 4〇1. This field is used to instruct the processor to turn on and turn off some computing functions. For example, directly for 16-bit or 2-bit operations

第23頁Page 23

1247241 五、發明說明(19) 2功此和直接處理或存取特定片段的功能等。重複前置 位402的内容代表密碼編譯動作需要被重複執行的次 數0 一 [0048 ]運算碼攔位403指微處理器去執行控制字元指 不的f碼編,運算,這個控制字元實際上是被存在記憶體 内,一控制字指標指向控制字在記憶體中的位置。運算 碼的值會被設定為一個現有指令集内少用的值。如此一 來,幸乂老舊的作業系統及應用軟體也能使用。例如說, 一個x86相容系統就可以將此值設為〇x〇FA7。區塊解密模 式攔位404指示哪一項密碼運算作業需被執行。請看圖 五。 [ 0 049 ]圖五是一個區塊密碼欄位值與微處理器運算動 作對照表例子。如圖所示,若區塊密碼欄位内的值為 0x08時,微處理器就會用電子書碼(ECB)模式來完成密碼 編譯動作。當欄位内的值為OxDO時,微處理器就會以編 輯方塊連鎖(CBC)模式。ΟχΕΟ表示微處理器應使用編碼回 授(CFB)模式,0χΕ8表示使用輸出回授(〇fb)模式。以上 所述各模式在F I PS文獻中均有詳細的描述。 [ 0050 ]現請看圖六。圖六所要表現的是一個在Χ86相 容的微處理器60 0中的密碼編譯單位6 1 7之發明實施例。微 處理器600内有一個指令取得邏輯601。指令取得邏輯6〇1 從記憶體(未顯示)取得指令。轉譯邏輯602由一個邏輯, 電路,微指令碼(microcode)(就是微指令 instructions 或原生碼,native instruction)妒置戋1247241 V. INSTRUCTIONS (19) 2 The function of directly processing or accessing a specific segment, etc. The content of the repeated preamble 402 represents the number of times the cipher compilation operation needs to be repeatedly executed. [0048] The opcode intercept 403 refers to the microprocessor executing the control character to indicate the f code, operation, and the actual control character. The upper is stored in the memory, and a control word indicator points to the position of the control word in the memory. The value of the opcode will be set to a value that is rarely used in an existing instruction set. In this way, the old operating system and application software can be used. For example, an x86-compatible system can set this value to 〇x〇FA7. Block decryption mode block 404 indicates which cryptographic operation needs to be performed. Please see Figure 5. [0 049] Figure 5 is an example of a block password field value and a microprocessor operation. As shown in the figure, if the value in the block password field is 0x08, the microprocessor will use the electronic book code (ECB) mode to complete the password compiling action. When the value in the field is OxDO, the microprocessor will edit the block chain (CBC) mode. ΟχΕΟ indicates that the microprocessor should use the code feedback (CFB) mode, and 0χΕ8 indicates that the output feedback (〇fb) mode is used. The various modes described above are described in detail in the F I PS literature. [0050] Please see Figure 6. Figure 6 shows an embodiment of the invention of a cryptographic compilation unit 161 in a microprocessor 60 compatible with Χ86. There is an instruction fetch logic 601 within the microprocessor 600. The instruction fetch logic 6〇1 fetches the instruction from the memory (not shown). The translation logic 602 is set by a logic, a circuit, a microcode (that is, a micro instruction or a native instruction).

1247241 五、發明說明(20) 是其他可以將指令轉成對照的微指令碼的元件。轉譯邏 輯602内的轉譯元件可以與微處理器600内其他功能元件共 用。如圖所示,轉譯邏輯602内包含了一個互相麵接的轉 譯器603和微指令碼唯讀記憶體604。 中斷邏輯626透過 匯流排633耦接轉譯邏輯602。 軟/硬體所發出的中斷要求 信號627都由中斷邏輯626處理。中斷邏輯626轉達指令轉 譯邏輯602中斷。如圖六所示,指令轉譯邏輯與以下連串 性階段耦接。包括暫存器階段605,位址階段606,載入 階段607,執行階段608,儲存階段618以及寫回階段619。 圖六所描繪的執行階段6 08内包含了 一個執行邏輯632。 執行邏輯632内有多個同時作業的執行單位,單位61〇, 612 ’614,616和617。整數單位610負責執行微指令佇列 609内的整數微指令,浮點單位612負責執行微指令佇列 6 11内的浮點微指令,μ Μ X單位61 4負責執行指令仵列6 1 3 内的ΜΜΧ微指令,SSE單位616負責執行微指令佇列61 5内 的S S Ε微指令。S S Ε單位61 6和密碼編譯單位6 1 7麵接。兩 單位中間有一個載入匯流排620,一個閒置信號621和一個 儲存匯流排622。密碼編譯單位61 7和SSE單位共用同一個 指令佇列6 1 5。另一個實施例的做法是將密碼編譯單位 617設為一個如單位610,612及614相同的完全獨立的單 位。整數單位610和x86 EFLAGS暫存器是耦接的。 EFLAGS暫存器包含了一個X位元625。這個X位元内的值描 目前是否有密碼編譯運算正在作業。X位元6 2 5實施例中 的其中一項是x8 6 EFLAGS暫存器624中的第30個位元。另1247241 V. INSTRUCTIONS (20) are other components of a microinstruction code that can be converted into a control. The translation elements within translation logic 602 can be shared with other functional elements within microprocessor 600. As shown, translation logic 602 includes a translator 603 and microinstruction code read memory 604 that are interfacing. Interrupt logic 626 is coupled to translation logic 602 via bus 633. The interrupt request signal 627 from the soft/hardware is processed by the interrupt logic 626. Interrupt logic 626 relays instruction translation logic 602 to an interrupt. As shown in Figure 6, the instruction translation logic is coupled to the following series of stages. Including register stage 605, address stage 606, load stage 607, execution stage 608, save stage 618, and write back stage 619. An execution logic 632 is included in the execution phase 6 08 depicted in FIG. Execution logic 632 has multiple execution units for simultaneous operations, units 61 〇, 612 '614, 616, and 617. The integer unit 610 is responsible for executing the integer microinstruction in the microinstruction queue 609, the floating point unit 612 is responsible for executing the floating point microinstruction in the microinstruction array 6 11 , and the μ Μ X unit 61 4 is responsible for executing the instruction queue 6 1 3 The SE microinstruction, SSE unit 616 is responsible for executing the SS Ε microinstruction in the microinstruction array 61 5 . S S Ε unit 61 6 and password compilation unit 6 1 7 face to side. There is a load bus 620, an idle signal 621 and a storage bus 622 in between the two units. The cryptographic compilation unit 61 7 and the SSE unit share the same command queue 6 1 5 . Another embodiment is to set the cipher compilation unit 617 to a completely separate unit such as units 610, 612 and 614. The integer unit 610 and the x86 EFLAGS register are coupled. The EFLAGS register contains an X bit 625. The value in this X-bit is currently whether there is a cryptographic compilation operation in progress. One of the X-bit 6 2 5 embodiments is the 30th bit in the x8 6 EFLAGS register 624. another

第25頁 1247241 五、發明說明(21) 外,整”6:0會讀取暫存器m中資料來分析_継位 疋629的H E位兀中的值指示密碼編譯單元61 7是否存 在於微f理㈣〇内。1數單位610也會讀取一個"立元 631。這個位το位於特徵控制暫#器63〇@,用來開啟和 關閉密,編,單位617。%圖三微處理器實施觸卜圖 六的微處理裔600為了能清楚表達發明特徵,圖中口 出一些微處理器的構造,其他部分則被匯集在一起或、、、著已 被省略。熟知此項技術的人士可以理解元件,例如責 資料快取記憶(未顯示)的介面,匯流排介面單位(未顯示) 以及時鐘發生器和分散邏輯等其他微處理器的單位都被省 略0 甚百- d,算過程中,指令取得邏輯配合時鐘訊號(未 頦不)將扣々從記憶體(未顯示)提至轉譯邏輯6〇2。轉譯 邏輯602將指令轉編為對㈣微指令然後配合時鐘訊號轉 供給微處理器600内605 —608,618及619等單位。每個指 二對,的連串微指令指示微處理器該做的子動作來完成 =項,令。例如一個由位址階段606執行的位址產生指 I就包含了先從暫存器階段605特定的兩個暫存器(未顯 =^内取得兩個運算元,然後再於整數單位61〇相加兩個 舁所有執行單位610, 612, 614,616及617所產 ^9的/果都由儲存邏輯618負責存入記憶體中。轉譯邏輯 會判&斷指令的類型,然號使用轉譯器6〇3直接產生一連 令’或是轉譯邏輯602會由微指令碼唯讀記憶體 提提取一連貫的微指令。或著轉譯邏輯602會產生 1247241 五、發明說明(22) 部分的微指令,剩下的再從微指令碼唯讀記憶中提出。 微指令按照時鐘速度的在微處理器600中遵循605 - 608, 6 1 8和6 1 9各階段的順序執行。當微指令移動到執行階段 608時,執行邏輯632將微指令發送至執行單位61〇, 612, 614, 616,及617所執行運算產生的結果接著進入 儲存階段6 1 8。在一實施例中,微指令包含了標明範圍了 指令,不論能不能與其他運算同時進行。 [ 00 52 ]轉譯邏輯602接收到XCRYPT指令後,產生對應 的為指令,指揮微處理器6〇〇内其他邏輯605-608,618, 61 9來執行到的密碼編譯運算指令。前面幾個複數個的 微指令會直接被分派到密碼編譯單位61 7内來指揮單位61 7 從載入排匯流載入需要的資料。或是載入一個片段的輸 ^資料,開始進行指示次數的密碼編譯回合。也有可能 是將一段輸出資流透過儲存排匯流622傳到儲存邏輯61 8, 然後再存入記憶體中。接下來第二組複數個指令會被分 =^執仃單位61 〇, 612, 614和6 1Θ來執行其他必要的子 。例如測試E位元629,設定D位元631,將χ位元625 叹定為顯示密碼編譯運算正在執行中,將χ位元625 =值:定為顯示密碼編譯運算正在執行中。更新暫存器内 J暫存:、數2器,輸入文字指標暫存器,•出文字指 存階段6〇5範圍内的工作,處理由中斷邏輯 bZb送來的中斷要求62?, ^ ^ 的齋π 等工作。為了實現最有效率 整數單-)Υ關私令,微指令的順序會被特別排列成將 凡微指令穿插於密碼編譯微指令中,已達成整數運Page 25 1247241 V. Invention Description (21) In addition, the whole "6:0" will read the data in the register m to analyze the value in the HE bit 継 of the 継 疋 疋 629 indicating whether the cryptographic coding unit 61 7 exists in Micro-f (4) 。. 1 unit 610 will also read a " 立元631. This bit το is located in the feature control temporary # 63〇@, used to open and close the secret, edit, unit 617.% Figure 3 The microprocessor implements the micro-processing 600 of the sixth diagram in order to clearly express the characteristics of the invention, and some microprocessors are constructed in the figure, and other parts are put together or have been omitted. The person skilled in the art can understand the components, such as the interface of the data cache (not shown), the bus interface unit (not shown), and other microprocessor units such as the clock generator and the decentralized logic are omitted. During the calculation process, the instruction fetch logic cooperates with the clock signal (not before) to extract the deduction from the memory (not shown) to the translation logic 6〇2. The translation logic 602 transcodes the instruction into a (4) microinstruction and then cooperates with the clock signal. Transfer to the microprocessor 600 6 Units 05-608, 618, and 619. Each of the two pairs of micro-instructions instructs the microprocessor to perform a sub-action to complete the = item, such as an address generation instruction performed by the address stage 606. I includes the two registers specified first from the register stage 605 (two operands are not displayed in the ==^, and then two integer units 61 〇 are added to all execution units 610, 612, 614 The /9/fruit produced by 616 and 617 are stored in the memory by the storage logic 618. The translation logic will judge the type of the instruction and the instruction will directly generate a conjunction or translation using the translator 6〇3. The logic 602 extracts a coherent microinstruction from the microinstruction code read only memory. Or the translation logic 602 generates the microinstruction of the 1247241 V invention description (22), and the remaining rewrite memory from the microinstruction code. The microinstruction is executed in the order of clock speeds in the microprocessor 600 following the stages 605 - 608, 6 1 8 and 61. When the microinstruction moves to the execution stage 608, the execution logic 632 sends the microinstruction. To the execution units 61〇, 612, 614, 616, and 617 The result of the execution of the operation then proceeds to the storage phase 618. In one embodiment, the microinstruction includes instructions that indicate the range, whether or not it can be performed concurrently with other operations. [0052] After the translation logic 602 receives the XCRYPT instruction, The corresponding instruction is generated, and the other logic 605-608, 618, 61 9 in the microprocessor 6 is commanded to execute the cryptographic operation instruction. The first plurality of micro instructions are directly assigned to the cryptographic unit 61. 7Incoming Command Unit 61 7 Load the required data from the loading queue. Or load a fragment of the data, start the password compilation round of the indicated number. It is also possible to transfer a portion of the output stream to the storage logic 61 through the storage stream 622 and then store it in the memory. Next, the second set of multiple instructions will be divided into =^ to execute the units 61 〇, 612, 614 and 6 1Θ to perform other necessary sub-segments. For example, test E bit 629, set D bit 631, and set bit 625 to indicate that the cipher compilation operation is being executed, and set χ bit 625 = value: to display the cryptographic operation is being executed. Update the temporary storage J temporary storage:, the number 2 device, input the text indicator register, • the text refers to the work in the range of 6〇5, and handle the interrupt request sent by the interrupt logic bZb 62?, ^ ^ The work of Zhai π and so on. In order to achieve the most efficient integer--) private order, the order of the micro-instructions will be specially arranged to intersperse the micro-instructions into the cryptographic-compilation micro-instructions, and the integer arithmetic has been achieved.

第27頁 1247241 五、發明說明(23) "" ' '一' --- 算與密碼編譯運算平行執行。微指令中包含了從暫停 斷627中恢復所需要的微指令。所有指向密碼編譯參數 (cryptographic parameter)和資料的指標都位於χ86架 暫存器内,收到中斷要求時,指標都會被儲存,中斷二 後,資料計參數會被恢復。從中斷中回覆時,會有組 為指令負責測試X位元的狀態,判斷是否有密碼編譯運算 正在進行。如果有,微處理器會開始繼續處理接到中 斷要求時正在處理到一半的輸入資料。微指令的排列順 序會允許在處理中斷627前先把指標暫存器及正在進行密 碼編譯的未完成結果先更新至暫存器内,然後再進行中 斷0Page 27 1247241 V. Invention Description (23) "" ' 'One' --- Calculation and password compilation operation in parallel. The microinstructions contain the microinstructions needed to recover from the pause 627. All indicators pointing to cryptographic parameters and data are located in χ86 scratchpads. When an interrupt request is received, the indicator will be stored. After interrupt 2, the data meter parameters will be restored. When replying from an interrupt, the group is responsible for testing the state of the X bit and determining if a cryptographic operation is in progress. If so, the microprocessor will begin processing the incoming data that is being processed halfway through the interrupt request. The order of the microinstructions will allow the indicator register and the incomplete result of the ongoing code compilation to be updated to the scratchpad before the interrupt 627 is processed, and then the interrupt is 0.

= 053 ]現在請看圖七,圖七是一個微指令結構的範 例。攻個微指令700就是用來指示像圖六所見的微處理器 來執行密碼編譯運算的指令。微指令7〇〇包含了一個微運 算碼欄位701, 一個資料暫存器欄位7〇2和一個暫存器攔 位703^。微運算碼攔位701提供了微處理器6〇()該執行那些 子運算程序,和每階段所要使用的邏輯。在本發明中, 特定的值是被指定到微指令以供解碼單元運作使用。第 一個值(XL0AD)指示從記憶體中資料暫存器攔位7〇2指向 的位置中的資料。這個資料應被載入暫存器欄位7〇3所只 是在密碼編譯單位中的位置。這個提出的資料(例如密碼 編#金鑰資料,控制字,輸入文字資料,初始化向量)是 提供給密碼編譯單位用的。第二個微運算碼攔位7〇 1的 值(XST0R),指示密碼編譯單元運算產生的結果應存入記= 053 ] Now look at Figure 7. Figure 7 is an example of a microinstruction structure. The attack microinstruction 700 is used to instruct the microprocessor as shown in Figure 6 to perform cryptographic compilation operations. The microinstruction 7〇〇 contains a microcode field 701, a data register field 7〇2, and a scratchpad block 703^. The micro-opcode block 701 provides the microprocessor 6() to execute those sub-operations, and the logic to be used at each stage. In the present invention, a particular value is assigned to the microinstruction for use by the decoding unit. The first value (XL0AD) indicates the data in the location pointed to by the data scratchpad block 7〇2 in the memory. This information should be loaded into the scratchpad field 7〇3 only in the location of the password compilation unit. This proposed material (such as password code #key data, control word, input text data, initialization vector) is provided to the cryptographic unit. The second micro-opcode blocks the value of 7〇 1 (XST0R), indicating that the result of the cryptographic unit operation should be stored in the record.

第28頁 1247241 五、發明說明(24) " ' ' ' "一· 隐體中為料暫存器欄位γ 〇 2所指向的位置。針對多階結構 的=碼編譯單位,暫存器攔位7〇3的内容指示在複數個輸 出貝料片段那一個應該被存入記憶體中。輪出資料片俨 被放在資料欄位7〇4,供給儲存邏輯讀取。接下來,表又 圖八與圖九,將更進一步探討XL〇AD和XST0R在密碼編; 位中的執行流程。 亨 [0054 ]現請參考圖八,表格8〇〇是如先前所述, 器轉譯xcmT指令得到一組為指令。這組微 微 垃引面第一組複數個微指令由密碼編譯單元直接執行, 位m二組的複數個微指令則是由-個或是多個其他單 新計ίϊ行臨數個微指令所進行的動作包括更 态 時暫存器,結構暫存器,測試和設定嫌 i二:ϊί器的位元狀態等。卜組複數個的微指令則 ΪΞί;:二密碼編?參數,和輸入資料給密碼4 ί體中提出的金錄程序表),記 密,儲存輸出文字資料。一 …或解 單位載入祕连丨—次土、丨、XL0AD微&々4日示密碼編譯 表,^ ^子負广、,載入密碼編譯金鑰或金鑰程序 ίι始谁栽”始化向量資料,載入輸入文字資料和指- 欄丁抢碼編澤運异。當微指令微XLOAD時,暫存装下 字ΓΛ:的值0_0指示密竭編譯單位將控制字載入Λ …⑲指這個指令在管線 載控制 個暫存器内存控制字指標。ii個浐^/、 遇 控制字的付署。截Λ、跋紅 k個和k h向記憶體中 載邏輯從快取記憶體中提出這個控制 ΗPage 28 1247241 V. Description of invention (24) " ' ' ' " I. The position in the hidden register field γ 〇 2. For the = code compilation unit of the multi-level structure, the contents of the scratchpad block 7〇3 indicate that the one of the plurality of output beaker segments should be stored in the memory. The rounded data piece is placed in the data field 7〇4 and is stored in the storage logic. Next, the table and Figure VIII and Figure 9 will further explore the execution flow of XL〇AD and XST0R in the cipher code; HENG [0054] Referring now to Figure 8, Table 8 is a set of instructions for translating xcmT instructions as previously described. The first group of micro-instructions of the micro-grain is directly executed by the cipher-compilation unit, and the plurality of micro-instructions of the m-group of the m-th group are one or more other new instructions. The actions performed include the state-of-the-art register, the structure register, the test and the setting of the bit state of the device. The micro-instructions of the group are ΪΞί;: two passwords? Parameters, and input data to the password file file in the 4 ί body, record, store the output text data. A ... or solution unit loaded secret link 丨 - second earth, 丨, XL0AD micro & 々 4th day to show the password compilation table, ^ ^ sub-negative, loading the password compilation key or key program ίι start who planted Initialization vector data, loading input text data and pointing - column rushing code editing and shipping. When the micro-instruction micro XLOAD, temporary storage of the word ΓΛ: the value 0_0 indicates that the exhausted compilation unit loads the control wordΛ ...19 means that this instruction controls the memory control word indicator of the scratchpad in the pipeline. ii 浐^/, the control word is paid. Paraplegia, blush k and kh to the memory load logic from the cache memory This control is proposed in the bodyΗ

第29頁 1247241 五、發明說明(25) 字,放入資料欄位704。相同的’暫存器欄位值⑽1〇〇指示 密碼編譯單位載入資料攔位7 0 4中的輸入文字資料。然後 再進行密碼編譯運算。如同控制字元’輸入資料是透過 一個存在結構暫存器内的指標提出。 [ 0055 ] —實施例中,暫存器欄位〇b 100和OblOl可被 視為一個兩階段的密碼編譯單位。連續的輸入文字資料 可被管線化。第一個XL0AD微指令將第一段輸入文字放入 IN-1,第二個XL0AD微指令將第二段輸入文字放入ΙΝ-0, 第二個X L 0 A D微指令也會啟動密碼編譯單位執行密碼編譯 運算。 [0 0 5 6 ]如果密碼編譯運算所使用的是使用者自行產 生的金鑰程序表,則XL0AD微指令的數目與使用者自行產 生的金鑰程序表中金输的數目相對應。使用者自行產生 的金鑰程序表會被分送到密碼編譯單位内,此單位會依照 猶碼編譯進行的狀況從金输程序表中載入該回合所使用的 金餘。 [ 0057 ] XL0AD微指令暫存器攔位7〇3中其他值都為 留值。 、 —” [ 0058 ]現請看圖九,圖九中表格中顯示XST〇R微指 令暫存器欄位703的對照表。XST〇RE指令指示密碼編譯 位將處理好的輸出文字片段(加密過或解密過的)存 欄位702所指示的記憶體内的位置。根據本發明,翻 ,先產生二個XL0AD微指令載入一段輸入文字’然後再發 出XST0R將該輸入文字所產生的對應輸出文字儲存。暫存Page 29 1247241 V. Description of the invention (25) Word, placed in the data field 704. The same 'scratchpad field value (10) 1 indicates that the cryptographic unit loads the input text in the data block 7 0 4 . Then perform the password compilation operation. Just as the control character 'input data is presented through an indicator in the existing structure register. [0055] In the embodiment, the register fields 〇b 100 and OblOl can be regarded as a two-stage cryptographic unit. Continuous input text data can be pipelined. The first XL0AD microinstruction puts the first input text into IN-1, the second XL0AD microinstruction puts the second input text into ΙΝ-0, and the second XL 0 AD microinstruction also starts the cipher compilation unit. Perform a password compilation operation. [0 0 5 6 ] If the cryptographic compilation operation uses a user-generated key schedule, the number of XL0AD microinstructions corresponds to the number of gold inputs in the user-generated key schedule. The user-generated key program table will be distributed to the cryptographic compilation unit. This unit will load the gold balance used for the round from the gold output program table according to the status of the yam code compilation. [0057] The other values in the XL0AD microinstruction register stall 7〇3 are reserved. -" [0058] Please refer to Figure 9. The table in Figure 9 shows the comparison table of the XST〇R micro-instruction register field 703. The XST〇RE instruction instructs the password-compiled bit to process the output text segment (encrypted). The position in the memory indicated by the storage field 702 is over or decrypted. According to the present invention, two XL0AD micro-instructions are first generated to load an input text 'and then XST0R is issued to output the corresponding input of the input text. Text storage. Temporary storage

第30頁 1247241 五、發明說明(26) ------- 器欄位70 3的值〇bl 〇〇指示密碼編譯單位提供内部暫存= output-〇, 0UT 一 〇中的輸出文字片段供給儲存邏輯做= 存。OUT-0的内容是IN-〇中輸入文字片段的對應。相 的’暫存攔位Obi 01指向的内部暫存器,其内办 疋I N-1中輸入資料的對應。載入金鑰和控制字資料後, 下XL0AD.IN-1,複數個輸入文字片段可以被管線化的 入密碼編譯單位。XLOAD.IN-0微指令(xload.IN-0也是於 示密碼編譯單位開始執行密碼編譯運算), 疋9 XST0R.0UTPUT-1 , XSTOR.OUT-O , XLOAD.IN-1 , XLOAD.IN-0(開始替下一個輸入文字片段進行運算), 等。Page 30 1247241 V. Invention Description (26) ------- The value of the field 70 3 〇 bl 〇〇 indicates that the cryptographic unit provides internal temporary storage = output-〇, 0UT output text segment Supply storage logic to do = save. The content of OUT-0 is the correspondence of the input text segment in IN-〇. The internal temporary register of the phase of the temporary storage block Obi 01, which corresponds to the input data in the I N-1. After loading the key and control word data, the next XL0AD.IN-1, a plurality of input text segments can be pipelined into the cipher compilation unit. The XLOAD.IN-0 microinstruction (xload.IN-0 also starts the cryptographic compilation operation in the cipher compilation unit), 疋9 XST0R.0UTPUT-1, XSTOR.OUT-O, XLOAD.IN-1, XLOAD.IN- 0 (starts to operate on the next input text segment), and so on.

[0059]現請看圖十’圖十是一個控制字元1〇〇〇的格式 例子。控制字元中包含了指示密碼編譯運算所用的密碼 編譯參數。控制字元1 〇 〇 〇是由使用者編製入記憶體中: 在進行进碼編澤運鼻刖’指向控制字元的指標位於一個会士 構暫存器内。所以XCRYPT指令對應的一組微指令中,° LOAD微指令指示微處理器讀取含有該指標的架構暫存器, 並將指標轉成實體位址,從記憶體(快取記憶體)取出控制 字1 0 0 0 ’放入密碼編譯單位内部的控制字暫存器。控制 字1 000包含了一個保留的RSVD攔位1001,一表示金鑰大小 的KSIZE欄位2002, 一加密/解密E/D欄位1003,一中間 結果IRSLT欄位1 004, 一金鑰產生KGEN欄位1 005, 一演 算法ALG欄位1 006和一回合數計數RCNT欄位1 00 7。 [ 0060 ]所有保留欄位1001的值都要被保留。KSIZE欄[0059] Now look at Figure 10 'Figure 10 is an example of the format of a control character 1〇〇〇. The control character contains the cryptographic parameters used to indicate the cryptographic compilation operation. Control character 1 〇 〇 〇 is programmed into the memory by the user: The indicator pointing to the control character in the input code is located in a faculty register. Therefore, in a set of micro-instructions corresponding to the XCRYPT instruction, the LOAD micro-instruction instructs the microprocessor to read the architecture register containing the indicator, and converts the indicator into a physical address, and takes control from the memory (cache memory). Word 1 0 0 0 ' Put the control word register inside the cipher compilation unit. Control Word 1 000 contains a reserved RSVD block 1001, a KSIZE field 2002 representing the size of the key, an encryption/decryption E/D field 1003, an intermediate result IRSLT field 1 004, and a key generation KGEN Field 1 005, an algorithm ALG field 1 006 and a round count RCNT field 1 00 7. [ 0060 ] All values of reserved field 1001 are to be retained. KSIZE column

第31頁 1247241Page 31 1247241

位1 002的值表示加密或解密所用的金鑰的大小。一實^ 例中,KSIZE攔位1 002指示金鑰究竟是128位元,19^位' 還是256位元。ε/D欄位1〇〇3註明這個密碼編譯運算式加70 密或是解密運算。KGEN欄位1 005指示記憶體中金: 用者產生的金鑰程序表還是一個單一金鑰。如果記憶體 中的是單一金鑰,則微指令會把這個密碼編譯金鑰,〜根 ALG欄位1 0 06内容指定密碼編譯演算法展開成一金鑰裎X序 表。一實施例中,ALG攔位1 006指定AES演算法,所以迄 今為止’我們所作的討論都是針對Tripie-j)Eg和Mg演算 法。其他應用不同密碼編譯演算法之實施例,如The value of bit 1 002 indicates the size of the key used for encryption or decryption. In a real example, the KSIZE block 1 002 indicates whether the key is 128 bits, and the 19^ bit is still 256 bits. The ε/D field 1〇〇3 indicates that this cipher is compiled with 70 ciphers or decrypted operations. The KGEN field 1 005 indicates the gold in the memory: the user generated key program table is still a single key. If there is a single key in the memory, the micro-instruction will expand the password compilation key, and the root ALG field 1 0 06 content specifies the password compilation algorithm into a key sequence. In one embodiment, the ALG block 1 006 specifies the AES algorithm, so so far our 'discussions are for Tripie-j) Eg and Mg calculus. Other embodiments that apply different cryptographic compilation algorithms, such as

Rijndael Cipher,Twofish Ciper,等。RCNT 攔位 1〇〇7 的内容指示密碼編譯時遵循所用的演算法對每個文字片段 所需重複進行密碼編譯的回合數。雖然以上所述之密碼 編譯演异法的規範指示對不同的輸入文字片段進行固定次 數回合的密碼編譯,但是RCNT攔位1〇〇7允許程序編製員將 RCNT攔位1 007之值設為可以依照使用的演算法而改變。 一實施例中程序編製員指定要對每段文字進行〇至15回合 密碼編譯。最後,IRSLT欄位1 〇 〇 4内容註明對輸入文字 加密/解密的回合次數是否參照RCNT攔位1〇〇7和ALG欄位 1 0 0 6注明的演鼻法或是根據A L G搁位1 〇 〇 6中註明的演算 法,RCNT欄位1 0 0 7做的演算數目產生的只是一個中間結 果,並不是最後結果。熟知此項技術的人能了解,許多 密碼編澤演异法會重複進行同一個子運算,最後一回合時 再做不同的運异。所以I R S L T欄位1 〇 〇 4所提供的是一個中Rijndael Cipher, Twofish Ciper, et al. The contents of RCNT Block 1〇〇7 indicate the number of rounds that the password is compiled to follow for the repeated compilation of the ciphers required for each text segment. Although the specification of the cryptographic comprehension algorithm described above indicates a cryptographic compilation of a fixed number of rounds of different input text segments, the RCNT interception 1〇〇7 allows the programmer to set the value of the RCNT block 1 007 to Change according to the algorithm used. In one embodiment, the programmer specifies that each piece of text is to be comcoded to 15 rounds of cryptography. Finally, the IRSLT field 1 〇〇 4 indicates whether the number of rounds for encryption/decryption of the input text refers to the RCNT block 1〇〇7 and the ALG field 1 0 0 6 to indicate the nose method or according to the ALG shelf 1 The algorithm described in 〇〇6, the number of calculations done in the RCNT field of 1 0 0 7 produces only an intermediate result, not the final result. Those skilled in the art will appreciate that many cryptographic algorithms will repeat the same sub-operation, and will do different things in the last round. So I R S L T field 1 〇 〇 4 is provided in one

1247241 五、發明說明(28) 間結果,並且運許程序編製員能夠在進行下一步動作前對 這個中間結果先加以確認。例如如最後結果是對中級结 果增值而來的’可以先對文子進行一回合加密,然後再對 同樣一個文字片段進行二回合的密碼編譯,然後再進行三 回合’專專。這個可以設定的密碼編譯回合設定功能和 中間結果功能始使用者能夠評估密碼編譯的效能,解決問 題,也是一個研究不同金鑰結構和回合次數的工具。 [0 0 6 1 ]現請看圖十一,一個密碼編譯單位丨丨〇 〇的方 塊圖。密碼編譯單元包含了 一個微程序碼暫存器丨丨〇 3。 微程序碼暫存器11 0 3透過微指令匯流排11丨4接收微指令。 (如XLOAD和XSTOR等微指令)密碼編譯單位11〇〇也包含了 一個控制字元暫存器1104, 一 inpUt 一〇暫存器,一 input-1 暫存器 1106,一 key-0 暫存器 11〇7,和一 key一1 暫 存器1108。載入匯流排1111遵照XL〇AD微指令在微指令暫 存器1103中的内容將資料載入存器11〇4 —11〇8中。密碼編 譯單位11〇〇還包含了一個與所有暫存器11〇3-11〇8和金鑰 隨機存取記憶體1102耦接的區塊解密邏輯11〇1。區塊解 密邏輯提供一停止信號1113和一區塊結果至〇111:1)111: — 〇暫 存器1109和ouput-l暫存器111〇。輸出暫存器11〇9111〇 會將内部内容循序的透過儲存匯流排1112送至微處理器。 一實施例中微指令暫存器1103是32位元大,而其他暫存器 1104-1110則是128位元大。 ^ [0 0 6 2 ]在運异中,密碼編譯微指令依序的被送至微 才曰令暫存器1103,另外,控制字暫存器11〇4和輸入暫存器1247241 V. The results of the invention (28), and the programmer can confirm the intermediate result before proceeding to the next step. For example, if the final result is to add value to the intermediate result, you can first encrypt the text for one round, then compile the same text fragment for two rounds, and then perform three rounds. This configurable password compile round setting function and intermediate result function enable users to evaluate the performance of password compilation, solve problems, and also a tool for studying different key structures and rounds. [0 0 6 1 ] Now look at Figure XI, a block diagram of a cryptographic compilation unit 丨丨〇 。. The cryptographic unit contains a microcode register 丨丨〇3. The microprogram code register 11 0 3 receives the microinstruction through the microinstruction bus bar 11丨4. (such as XLOAD and XSTOR micro-instructions) cryptographic unit 11〇〇 also contains a control character register 1104, an inpUt one register, an input-1 register 1106, a key-0 temporary storage The device 11〇7, and a key-one register 1108. The load bus 1111 loads the data into the memory 11〇4-11〇8 in accordance with the contents of the XL〇AD microinstruction in the microinstruction register 1103. The cryptographic unit 11〇〇 also includes a block decryption logic 11〇1 coupled to all of the registers 11〇3-11〇8 and the key random access memory 1102. The block decryption logic provides a stop signal 1113 and a block result to 1:1111:1) 111: - 〇 register 1109 and ouput-l register 111 〇. The output registers 11〇9111〇 will internally send the internal content to the microprocessor through the storage bus 1111. In one embodiment, the microinstruction register 1103 is 32 bits large, while the other registers 1104-1110 are 128 bits large. ^ [0 0 6 2 ] In the case of the difference, the cipher-compilation micro-instruction is sent to the scratchpad 1103 in sequence, in addition, the control word register 11〇4 and the input register

12472411247241

1105-1106其中之一或金鑰暫存器11〇7 —11〇8其中之一也會 被跟著一起送至微指令暫存器内。一配合圖八和九所討 論之實施例中,控制字先在XL〇AD微指令發出後備載入控 制字元暫存器1 1 04内。接下來密碼編譯金鑰或金鑰程序 表在接下來的XLOAD微指令下指揮下也被載入。如果要載 入的是一個128位元大小的密碼編譯金鑰,貝彳XL〇AD微指令 會安排KEY-〇 1107來儲存這個金鑰。若是金鑰大小大於 128位元,則XLOAD會安排KEY-〇 1107和KEY - 1 1108來儲存One of the 1105-1106 or one of the key registers 11 〇 7 - 11 〇 8 is also sent to the microinstruction register. In the embodiment discussed in connection with Figures 8 and 9, the control word is first loaded into the control character register 1 1 04 in the XL 〇 AD micro-instruction. The cryptographic key or key program is then loaded under the command of the next XLOAD microinstruction. If you are loading a 128-bit cryptographic key, the 彳 彳 〇 AD microinstruction will arrange KEY-〇 1107 to store the key. If the key size is greater than 128 bits, XLOAD will arrange KEY-〇 1107 and KEY-1 1108 to store.

此金鑰。如果載入的是一使用者產生金鑰,接下來的 XLOAD微指令會安排KEY-〇 1107。每個金要程序表中的金 鑰都會依序被排列在金鑰隨機讀取記憶體丨丨0 2中,以供 每個密碼編譯回合中使用。接下來輸入文字資料(若不需 要初始化向量)會被載入IN-1暫存器1106。XLOAD中的一 個微指令會指示IN-〇暫存器11〇5將輸入資料載入並且根據 控制字暫存器1104中的内容,應用在IN-1暫存器或是在兩 個輸入暫存器1105-11〇6内的初始化向量開始對暫存器内 的資料進行密碼編譯工作。(如果輸入資料被管線化)收 到XLOAD微指令指定in-ο暫存器1 0 0 5後,區塊解密邏輯便 遵循控制字的内容開始進行密碼編譯。如果需要展開單 一密碼編譯金鑰,那麼區塊解密邏輯便會產生金鑰程序表 内的每一把金鑰,並且將它們存在金鑰隨機讀取記憶體 1102内。不管區塊解密邏輯是否需要產生金鑰程序表或 是金鑰程序表已經從記憶體内載入,密碼解密第一回合所 用到的金鑰一定是被存在區塊解密邏輯11 〇1中的快取記憶This key. If a user generates a key, the next XLOAD microinstruction will arrange KEY-〇 1107. The keys in each of the golden program tables are sequentially arranged in the key random read memory 丨丨0 2 for use in each cipher compilation round. The next input text (if no initialization vector is required) will be loaded into the IN-1 register 1106. A microinstruction in XLOAD will instruct the IN-〇 register 11〇5 to load the input data and apply it to the IN-1 register or to the two inputs based on the contents of the control word register 1104. The initialization vector in the 1105-11〇6 starts the cryptographic compilation of the data in the scratchpad. (If the input data is pipelined) After the XLOAD microinstruction specifies the in- scratchpad 1 0 0 5, the block decryption logic begins the cryptographic compilation following the contents of the control word. If a single cryptographic key needs to be expanded, the block decryption logic will generate each key in the key program table and store them in the random read memory 1102. Regardless of whether the block decryption logic needs to generate a key program table or the key program table has been loaded from the memory, the key used for the first round of password decryption must be fast in the block decryption logic 11 〇 1 Take memory

第34頁 1247241Page 34 1247241

體内’這樣第一區塊的密碼解譯回合就可以直接進行,無 $再從金鑰隨機讀取記憶體丨丨02取得。一但區塊解密邏 輯開始動作,便會對一塊或一塊以上的輸入文字進行密碼 編譯運算,逐次的從金鑰隨機記憶體中提取所要用到的金 餘。密碼編譯單位11 0 〇對指定的輸入片段文字進行特定 ,密碼編譯運算。下達XL〇AD和XST〇R微指令來對輪入文 字進行加密或解密。執行XST〇R微指令時,若輸出資料 (OUT-0或OUT-1 )還沒準備好,則區塊解密邏輯會設一個停 止信號111 3。 一但輸出資料產生完成並且已被存入對應 的暫存器1109-1110内,那麼暫存器裡的内容就會被轉入 儲存匯流排111 2。 [ 0063 ]現請看圖十二。圖十二是一個AES演算法區塊 解密邏輯1200的方塊圖。區塊解密邏輯12〇〇包含了一個 回合计异引擎勤(roun(j engine)i22〇,一個回合計算引擎 勤控制器1 2 1 0。回合計算引擎1 22 0透過匯流排1 2 11 -1 2 1 4 和匯流排121 6-1 218與回合計算引擎控制器121〇耦接。回 合計算引擎控制器可以存取微指令暫存器12〇1,KWH暫 存器1 2 0 4來讀取金鑰資料,微指令和密碼編譯運算參數。The cryptographic interpretation round of the first block in the body can be directly performed, and the memory 丨丨02 is randomly read from the key. Once the block decryption logic starts to operate, one or more pieces of input text are cryptographically compiled, and the gold used in the key random memory is successively extracted. The password compiling unit 11 0 进行 performs specific and cryptographic operations on the specified input fragment text. The XL〇AD and XST〇R microinstructions are issued to encrypt or decrypt the rounded text. When the XST〇R micro-command is executed, if the output data (OUT-0 or OUT-1) is not ready, the block decryption logic sets a stop signal 111 3 . Once the output data has been generated and stored in the corresponding scratchpad 1109-1110, the contents of the scratchpad are transferred to the storage bus 111 2 . [0063] Please see Figure 12. Figure 12 is a block diagram of an AES algorithm block decryption logic 1200. The block decryption logic 12〇〇 contains a round-counting engine (roun(j engine)i22〇, one round-calculated engine engine controller 1 2 1 0. The round calculation engine 1 22 0 passes through the bus bar 1 2 11 -1 2 1 4 and bus bar 121 6-1 218 are coupled to the round calculation engine controller 121. The round calculation engine controller can access the microinstruction register 12〇1, and the KWH register 1 2 0 4 to read Key data, microinstructions, and passwords compile arithmetic parameters.

暫存器1205 - 1206中的内容,供給回合計算引擎1220,然 後回合計算引擎1 220再將對應的輸出文字傳到輸出暫存 器1 207-1 208内。輸出暫存器12〇7 —12〇8透過匯流排1216一 1217與回合計算引擎控制器121〇耦接。這樣回合計算引 擎控制器就能讀取每一密碼編譯回合的結果,再供給回合 計算引擎1 220,讓回合計算引擎122〇能透過匯流排 画The contents of the registers 1205 - 1206 are supplied to the round calculation engine 1220, and the round calculation engine 1 220 then passes the corresponding output text to the output registers 1 207-1 208. The output registers 12 〇 7 - 12 〇 8 are coupled to the round calculation engine controller 121 through the bus bars 1216 - 1217. Such a round calculation engine controller can read the result of each cipher compilation round and supply it to the round calculation engine 1 220 to allow the round calculation engine 122 to pass through the bus program.

麵 第35頁 1247241 五、發明說明(31) NEXT IN1 218進行下一回合的密碼編譯運算。密碼編譯金鑰 透過匯流排1 2 1 5從金鑰隨機讀取記憶體(未顯示)中被提 出。ENC/DEC 1211信號指示回合計算引擎進行加密(s — Box)或解密(反向S-Box)。 RNDCON匯流排1212指示回合計 算引擎進行第一AES回合或中級AES回合或是最後一回合的 AES。 GENKEY信號1214設定時代表回合計算引擎1 220需 要將從匯流排1 2 1 3取得的金鑰展開成金鑰程序表。金鑰 匯流排1213也是用來提供金餘的,她會將每一回合所需要 用的金鑰提供給回合計算引擎1220。 [0064]回合計算引擎1220與第一個暫存器reG-0 1224耦接,内包含了第一 x〇R邏輯金鑰1221。第一個暫存 器1222與S-Box邏輯1223搞接。S-Box邏輯1223與移列邏 輯1 224 (Shift Row logic)耦接。移列邏輯1 224與第二 個暫存器REG -1 1 225耦接。第二個暫存器REG-1 1 225與 混攔(Mix Column)邏輯1226耦接。而混欄邏輯與第三個 暫存器REG-2 1 227耦接。第一金鑰邏輯1221,S-Box邏 輯1 2 2 3 ’移列邏輯1 2 2 4及混欄邏輯1 2 2 6作為執行名稱相子 程序運算。混欄邏輯1 226用途為對在進行中級密碼運算 回合中時加入的資料進行AES X0R運算,使用金鑰匯排流 1213所提供的回合金錄。 當ENC/DNC狀態指示進行解密 時第一金鑰邏輯1221,S-Box邏輯1 223,移列邏輯1224 及混欄邏輯1 226也用來進行對應的逆AES子程序運算。熟 知此技藝人士可以了解進行中級回合時資料會根據控制字 元暫存器1202内容所指示之區塊解密模式,將資料反饋至Page 35 1247241 V. INSTRUCTIONS (31) NEXT IN1 218 performs the cryptographic compilation operation for the next round. The cryptographic key is extracted from the random read memory (not shown) through the bus 1 2 1 5 . The ENC/DEC 1211 signal indicates that the round calculation engine performs encryption (s - Box) or decryption (reverse S-Box). The RNDCON bus 1212 instructs the round calculation engine to perform the first AES round or the intermediate AES round or the last round of AES. When the GENKEY signal 1214 is set, it represents that the round calculation engine 1 220 needs to expand the key obtained from the bus 1 1 1 3 into a key schedule. The key bus 1213 is also used to provide the gold balance, and she will provide the key required for each round to the round calculation engine 1220. [0064] The round calculation engine 1220 is coupled to the first register reG-0 1224 and includes a first x〇R logical key 1221. The first register 1222 is coupled to the S-Box logic 1223. S-Box logic 1223 is coupled to Shift Row logic. The shift logic 1 224 is coupled to the second register REG -1 1 225. The second register REG-1 1 225 is coupled to the Mix Column logic 1226. The mix logic is coupled to the third register REG-2 1 227. The first key logic 1221, the S-Box logic 1 2 2 3 'shift logic 1 2 2 4 and the hash logic 1 2 2 6 are used as the execution name phase subroutine operation. The mix logic 1 226 is used to perform an AES X0R operation on the data added during the intermediate cryptographic operation round, using the return alloy record provided by the key exchange 1213. The first key logic 1221, the S-Box logic 1 223, the shift logic 1224, and the hash logic 1 226 are also used to perform the corresponding inverse AES subroutine operations when the ENC/DNC status indicates decryption. Those skilled in the art will appreciate that the data will be fed back to the block decryption mode indicated by the contents of the control character register 1202 during the intermediate round.

第36頁 1247241 五、發明說明(32) 回合計算引擎1 220。若需要初始化向量資料時,初 向量會透過排匯流NEXTIN1 218被傳回回合計算^丨^始化 1 220。 學 [0 0 6 5 ]圖十二是一實施例。如圖所示回合計* 被分割為兩個階段:REG-0 1 222和REG-1 1 225間的丨擎 階段和REG-1 1 225和REG-2 1 227間的第二階段。第〜 回合的資料被放在兩個階段中,配合時鐘信號(位中階 動。當密碼編譯運算完成一塊輸入資料,輸出資料\不)移 對應的輸出暫存器1 207-1 208。執行XSTOR微指令^存入 存器1207-1208將内含資料傳送至儲存匯流排(未顯二使暫 [ 00 66 ]雖然本發明已以較佳實施例揭露如上。τ 。 本發明目前實施例皆以x86架構作為基準,因為χ86架 個杈多人热悉的架構,因此以χ8 6架構講述較方便。本 發明也可以同樣被應用在其他架構上,如p〇werp(:, MIPS,或其他指令集架構完全不同的系統上。 ^ [ 〇 0 6 7 ]本發明可以應用於微處理器以外的電腦系統 ^,編#運算上。本發明所使用的指令模式可以輕易的 2轉換利用於別種微處理器以外的電腦處理系統上。本 ^明可以被包含於微處理器的周邊晶片組内,如北橋,南 :)紙\是被製作成一個與微處理器相連,#門負責處理密 广,譯的密碼編譯微處理器。當微處理器看見密碼編譯 目=動作時就把卫作交給這個密碼編譯微處理器。本發 陣;::嵌入式控制器,I業用控制器,信號處理器, 陣列處理器,以及其他處理資料用的處理器内。本發明 1247241 五、發明說明(33) 可被實現成一個只包含實施密碼編譯運算所需的必要原 件,而成為一個低成本和低耗電量的密碼編譯運算執行 器。例如通訊系統内處理加密/解密的處理器。求明確起 見其他的處理元件以上一蓋撐微處理器。 [00 68 ]另外,本發明至今雖都以128-位元大小之區塊 考慮’但是其他不同大小的區塊也能應用。只要將輸入 資料’輸出資料,金鎗和控制字元暫存器的大小做調整即 可0 [0 0 6 9 ]本發明目前應用範圍雖然都屬於較廣泛應用 的DES, Triple-DES和AES演算法,但是叫鮮為人知的 區塊密碼模式,如 MARS Cipher,Rijndeal cipher, Twofish cipher ^ Blowfish Cipher ^ Serpant Cipher 和RC6 cipher 〇 [0 0 7 0 ]雖然目前討論範圍都以區塊密碼編譯演算法 和其演算法想關技巧來表現本發明的密碼編譯功能,在此 需聲明本發明可以完全的被應用於其他密碼編譯演算法 上。只要是能夠執行一密碼編譯運算,加密或解密,並且 微處理器内包含一個專門在收到密碼編譯指令後進行密碼 編譯功能即可。 [0 0 7 1 ]另外,針對以上所討論的回合計算引擎,發 明者聲明该回合計算引擎中管線化處理輸入片段的階段不 限於以上所述的兩個階段。該回合計算引擎可的館現階段 可為兩個或兩個以上。 [0 0 7 2 ]最後’雖然目前針對本發明的討論目前限於 1247241 五、發明說明(34) 單一個密碼編譯單位處理複數個區塊密碼編譯演算法,在 此需聲明本發明可以包含多個平行密碼編譯單位,與一微 處理器中其他執行單位耦結。其中複數個密碼編譯單位可 以是分別處理不同區塊演算法。例如第一個單位負責處理 高階加密標準AES演算法,第二單位處理數據加密標準DES 演算法,等等以此類推。Page 36 1247241 V. INSTRUCTIONS (32) Round calculation engine 1 220. If the vector data needs to be initialized, the initial vector is transmitted back to the round calculation through the queue NEXTIN1 218. [0 0 6 5] Figure 12 is an embodiment. The round meter* is divided into two phases as shown: the engine phase between REG-0 1 222 and REG-1 1 225 and the second phase between REG-1 1 225 and REG-2 1 227. The data of the first round is placed in two stages, in conjunction with the clock signal (in the middle of the bit. When the cipher compile operation completes an input data, the output data is not), the corresponding output register 1 207-1 208 is moved. Executing the XSTOR micro-instruction memory 1207-1208 to transfer the embedded data to the storage bus (not shown) [0066] although the present invention has been disclosed above in the preferred embodiment. τ. The present embodiment of the present invention The x86 architecture is used as the benchmark. Because of the architecture of 86 people, the architecture is more convenient. The invention can also be applied to other architectures, such as p〇werp(:, MIPS, or The other instruction set architecture is completely different on the system. ^ [ 〇 0 6 7 ] The present invention can be applied to a computer system other than a microprocessor, and the instruction mode used in the present invention can be easily used for 2 conversion. On other computer processing systems other than microprocessors, this can be included in the peripheral chipset of the microprocessor, such as North Bridge, South:) Paper\ is made into a microprocessor, #门处理The secret, translated password compiles the microprocessor. When the microprocessor sees the password compilation target = action, it will give the security to the password to compile the microprocessor. This array;:: embedded controller, I industry control Signal The processor, the array processor, and other processors for processing data. The invention 1247241 V. The invention description (33) can be implemented as a necessary original only for implementing the cryptographic operation, and becomes a low cost and low A power-competing cryptographic comprehension executor, such as a processor that handles encryption/decryption in a communication system. For the sake of clarity, other processing elements are covered by a microprocessor. [0068] In addition, the present invention has been Blocks of 128-bit size are considered 'but other blocks of different sizes can also be applied. As long as the input data 'output data, the size of the gold gun and control character register can be adjusted 0 [0 0 6 9 Although the current application range of the present invention belongs to the widely used DES, Triple-DES and AES algorithms, it is a little-known block cipher mode, such as MARS Cipher, Rijndeal cipher, Twofish cipher ^ Blowfish Cipher ^ Serpant Cipher and RC6 cipher 〇[0 0 7 0 ] Although the current discussion scope uses the block cipher compilation algorithm and its algorithm to describe the cryptographic work of the present invention. It is to be noted here that the present invention can be fully applied to other cryptographic compilation algorithms, as long as it is capable of performing a cryptographic compilation operation, encryption or decryption, and the microprocessor contains a password specifically for receiving the cryptographic compilation command. In addition, for the round calculation engine discussed above, the inventor states that the stage of pipelined processing of input segments in the round calculation engine is not limited to the two phases described above. The engine can be at the current stage of two or more. [0 0 7 2 ] Finally 'Although the current discussion of the present invention is currently limited to 12247241. 5. Description of the invention (34) A single cryptographic unit handles a plurality of block cipher compilation algorithms, and it is stated herein that the present invention can include multiple A parallel cipher compilation unit that is coupled to other execution units in a microprocessor. Among them, a plurality of cipher coding units can separately process different block algorithms. For example, the first unit is responsible for processing the high-order encryption standard AES algorithm, the second unit is processing the data encryption standard DES algorithm, and so on.

[ 0 073 ]需陳明者,以上所述乃是本創作之具體實施 例及所用之技術元理,若依本創作之功能作用仍外超出說 明書籍圖示所涵蓋之精神時,均應在本創作之範圍内,合 予陳明。[ 0 073 ] Persons who need to be identified, the above are the specific examples of the creation and the technical principles used. If the function of the creation is beyond the spirit of the illustrated book, it should be Within the scope of this creation, it is given to Chen Ming.

第39頁 1247241Page 39 1247241

[圖示之簡單說明] [〇〇23 ]以下解釋及圖片能幫助了解本發明的這些還有 其他物件,特徵和優點: 一 [0 0 2 4 ]圖一描述習知密碼編譯應用的方塊圖。 [0 0 2 5 ]圖_描述編譯密碼運算的技術的方塊圖。 [0 0 2 6 ]圖三為根據本發明一處理密碼編譯之微處理器 裝置方塊圖。 σ [〇 0 2 7 ]圖四為根據本發明一獨立密碼編譯指令集之方 塊圖。 ^ [ 0028 ]圖五為根據本發明一區塊解密模式攔位 照表例子。 容微處理器内密碼編 [ 00 29 ]圖六是根據本發明χ86相 譯單位的方塊圖。 中包含欄位的 碼編譯相關的 [0 0 3 0 ]圖七是根據本發明密碼編譯指令 示範圖,此指令指示圖六中微處理器進行密 次項運算。 [ 003 1 ]圖八是根據本發明几(^])微指令中暫存器 值和運算動作的對照表,XL0AD微指令的格式如圖^ ^ 不 〇 [0032]圖九是根據本發明XST0R微指令中 值和運算動作的對照表,XST0R微指令的格式如圖;^ ^位 示。 [0033 ]圖十是根據本發明一個控制字元格 控制次元指示密碼編譯運算的密碼編譯參數。 n千1 1247241 圖式簡單說明 [ 0 034 ]圖十一是根據本發明密碼編譯單位的方塊圖。 [ 003 5 ]圖十二是根據本發明AES區塊解密邏輯的方塊 圖。 [圖號說明] 1 0 0電腦密碼編譯應用方塊圖 1 0 1電腦工作站 1 0 2電腦工作站 1 0 3電腦工作站 104筆記型電腦 1 0 5區域網路 106儲存裝置 1 0 7第一個路由器 1 0 8無線路由器 1 0 9無線網路 11 0廣域網路 111第二個路由器 112加密/解密軟體 2 0 0電腦系統執行密碼編譯方塊圖 2 0 1微處理器 202作業系統 2 0 3記憶 204產生金鑰的軟體 205金鍮程序表[Simple description of the illustration] [〇〇23] The following explanations and pictures can help to understand the other objects, features and advantages of the present invention: [0 0 2 4] Figure 1 depicts a block diagram of a conventional cryptographic compilation application. . [0 0 2 5 ] Figure _ depicts a block diagram of a technique for compiling cryptographic operations. [0 0 2 6 ] Figure 3 is a block diagram of a microprocessor device for processing ciphers in accordance with the present invention. σ [〇 0 2 7 ] Figure 4 is a block diagram of an independent cipher compilation instruction set in accordance with the present invention. ^ [0028] Figure 5 is an example of a block decryption mode block according to the present invention. Unicode in the microprocessor [0029] Figure 6 is a block diagram of the 相86 translation unit in accordance with the present invention. Code Compilation Related to Fields Contained [0 0 3 0] FIG. 7 is an exemplary diagram of a cryptographic compile instruction according to the present invention, which instructs the microprocessor of FIG. 6 to perform a sub-term operation. [0031] FIG. 8 is a comparison table of register values and operation actions in several (^)) microinstructions according to the present invention. The format of the XL0AD microinstruction is as shown in the figure. [0032] FIG. 9 is an XST0R according to the present invention. The comparison table of the micro-instruction median value and the operation action, the format of the XST0R micro-instruction is as shown in the figure; Figure 10 is a cryptographic compilation parameter indicating a cryptographic compilation operation for a control character cell control sub-dimension in accordance with the present invention. n thousand 1 1247241 Schematic description of the figure [0 034] Figure 11 is a block diagram of a cryptographic unit according to the present invention. [0035] Figure 12 is a block diagram of the AES block decryption logic in accordance with the present invention. [Illustration number] 1 0 0 computer password compilation application block diagram 1 0 1 computer workstation 1 0 2 computer workstation 1 0 3 computer workstation 104 notebook computer 1 0 5 area network 106 storage device 1 0 7 first router 1 0 8 wireless router 1 0 9 wireless network 11 0 wide area network 111 second router 112 encryption / decryption software 2 0 0 computer system execution password compilation block diagram 2 0 1 microprocessor 202 operating system 2 0 3 memory 204 generate gold Key software 205 metal file program table

第41頁 1247241 圖式簡單說明 2 0 6加密軟體 207解密軟體 2 0 8初始化向量 2 0 9密碼編譯參數 210本文 211密文 30 0微處理器密碼編譯運算裝置方塊圖 微處理器 301XCRYPT 指令 3 0 2轉譯邏輯 303微指令佇列 304微指令 305微指令 306暫存器檔案 3〇7暫存器 308暫存器 309暫存器 ❿ 310暫存器 311暫存器 312暫存器 313載入邏輯 3 1 4資料快取記憶 3 1 5密碼編譯單位Page 41 1247241 Simple description of the schema 2 0 6 encryption software 207 decryption software 2 0 8 initialization vector 2 0 9 cryptographic compilation parameters 210 211 ciphertext 30 0 microprocessor cryptography computing device block diagram microprocessor 301XCRYPT instruction 3 0 2 translation logic 303 micro-instruction array 304 micro-instruction 305 micro-instruction 306 register file 3 〇 7 register 308 register 309 register ❿ 310 register 311 register 312 register 313 load logic 3 1 4 data cache memory 3 1 5 password compilation unit

第42頁 1247241 圖式簡單說明 3 1 6儲存邏輯 317寫回邏輯 3 1 8記憶匯流排 3 1 9作業系統 3 2 0系統記憶體 321XCRYPT 指令 322控制字元 3 23初始化金鑰/金鑰程序表Page 42 1247241 Schematic description 3 1 6 Storage logic 317 Write back logic 3 1 8 Memory bus 3 1 9 Operating system 3 2 0 System memory 321XCRYPT instruction 322 Control character 3 23 Initialization key/key program table

3 2 4初始化向量 325輸入文字 326輸出文字 4 0 0密碼編譯指令方塊圖 401選擇性前置欄位 402重複前置欄位 403運算碼欄位 4 0 4區塊解密模式欄位3 2 4 initialization vector 325 input text 326 output text 4 0 0 password compile instruction block diagram 401 selective pre-field 402 repeat pre-field 403 opcode field 4 0 4 block decryption mode field

500區塊密碼欄位值與微處理器運算動作對照表 6 0 0密碼編譯單位發明實施例 601指令取得邏輯 6 0 2轉譯邏輯 6 0 3轉譯器 604微指令碼唯讀記憶體 6 0 5括暫存器階段 6 0 6位址階段500 block password field value and microprocessor operation action table 6 0 0 code compilation unit invention embodiment 601 instruction acquisition logic 6 0 2 translation logic 6 0 3 translator 604 micro instruction code read only memory 6 0 5 Register stage 6 0 6 address stage

第43頁 1247241 圖式簡單說明 607載入階段 608執行階段 60 9微指令佇列 6 1 0整數單位 6 11微指令佇列 6 1 2浮點單位 61 3微指令佇列 614MMX單位Page 43 1247241 Schematic description of the schema 607 loading phase 608 execution phase 60 9 microinstruction queue 6 1 0 integer unit 6 11 microinstruction queue 6 1 2 floating point unit 61 3 microinstruction array 614MMX unit

6 1 5微指令佇列 616SSE單位 6 1 7密碼編譯單位 6 1 8儲存階段 6 1 9寫回階段 6 2 0載入匯流排 621閒置信號 6 2 2儲存匯流排 624EFLAGS暫存器 625X位元 626中斷邏輯 627微指令 628MSR暫存器 629E位元 630FCR暫存器 6 3 1 D位元6 1 5 micro-instruction queue 616SSE unit 6 1 7 password compilation unit 6 1 8 storage phase 6 1 9 write back phase 6 2 0 load bus 621 idle signal 6 2 2 storage bus 624EFLAGS register 625X bit 626 Interrupt logic 627 microinstruction 628MSR register 629E bit 630FCR register 6 3 1 D bit

第44頁 1247241 圖式簡單說明 6 3 2執行邏輯 6 3 3匯流排 700微指令結構的範例 7 0 1微運算碼欄位 7 0 2貧料暫存1§棚位 7〇3暫存器欄位703 800XLOAD值對照表 900XSTOR值對照表 1 0 0 0控制字元格式 1001RSVD 欄位 1 0 02金鑰大小的KSIZE欄位 1 003加密/解密E/D欄位 1 004中間結果IRSLT欄位 1 005金鑰產生KGEN欄位 1 00 6演算法ALG欄位 I 007回合數計數RCNT欄位 II 0 0密碼編譯單位方塊圖 11 0 1區塊解密邏輯 11 0 2金鑰隨機存取記憶體 11 0 3微程序碼暫存器 1104控制字元暫存器 1105input-0 暫存器 11 0 6 i npu t - 1 暫存器 1107key-0暫存器 第45頁Page 44 1247241 Simple illustration of the diagram 6 3 2 Execution logic 6 3 3 Bus 700 Example of micro-instruction structure 7 0 1 micro-code field 7 0 2 poor material temporary storage 1 § shed 7 〇 3 register column Bit 703 800XLOAD value comparison table 900XSTOR value comparison table 1 0 0 0 control character format 1001RSVD field 1 0 02 key size KSIZE field 1 003 encryption/decryption E/D field 1 004 intermediate result IRSLT field 1 005 Key generation KGEN field 1 00 6 algorithm ALG field I 007 round number count RCNT field II 0 0 cryptographic unit block diagram 11 0 1 block decryption logic 11 0 2 key random access memory 11 0 3 Microprogram code register 1104 control character register 1105input-0 register 11 0 6 i npu t - 1 register 1107key-0 register page 45

1247241 圖式簡單說明 1108key-l暫存器 1109output-0 暫存器 1110ouput-l 暫存器 II 11載入匯流排 III 2儲存匯流排 II 1 3停止信號 III 4微指令匯流排 1 20 0AES演算法區塊解密邏輯方塊圖 1201微指令暫存器 1 202CW暫存器 1 203KEY-0暫存器 1 204KEY-1暫存器 1 205 IN-0暫存器 1 206 IN-1暫存器 1207OUT-0 1208OUT-1 1210回合計算引擎勤控制器 1 2 11加密/解密匯信號 1212RNDCON 匯流排 1 2 1 3金鑰匯流排 1 2 1 4金鑰產生信號 1 2 1 5匯流排 1 2 1 6匯流排 1 2 1 7匯流排1247241 Schematic description of the 1108key-l register 1109output-0 register 1110ouput-l register II 11 load bus III 2 storage bus II 1 3 stop signal III 4 micro-command bus 1 20 0AES algorithm Block Decryption Logic Block Diagram 1201 Microinstruction Scratchpad 1 202CW Scratchpad 1 203KEY-0 Scratchpad 1 204KEY-1 Scratchpad 1 205 IN-0 Scratchpad 1 206 IN-1 Scratchpad 1207OUT-0 1208OUT-1 1210 round calculation engine duty controller 1 2 11 encryption/decryption sink signal 1212RNDCON busbar 1 2 1 3 key busbar 1 2 1 4 key generation signal 1 2 1 5 busbar 1 2 1 6 busbar 1 2 1 7 bus

第46頁 1247241 圖式簡單說明 1218NEXTIN 匯流排 1 220回合計算引擎勤 1221第一XOR邏輯金鑰 1 222暫存器REG-0 1 223S-Box 邏輯 1 224移列邏輯 1225暫存器REG-1 1 2 2 6混欄邏輯 1 227暫存器REG-2 第47頁Page 46 12472241 Schematic description 1218NEXTIN bus 1 220 round calculation engine 1221 first XOR logic key 1 222 register REG-0 1 223S-Box logic 1 224 shift logic 1225 register REG-1 1 2 2 6 Mixed logic 1 227 register REG-2第47页

Claims (1)

1247241 六、申請專利範圍 1 · 一種微處理器内處理密碼編譯運算的裝置,包括; 翻譯邏輯,用來接受密碼編譯指令,該指令指示需要進 行的密碼編譯運算’翻澤邏輯負責將密碼編譯指令轉 #為一組微指令,指示需要做的子運算;以及 執行邏輯,與翻譯邏輯耦接,負責接收微指令並進行子 運算。 2· ^申請專利範圍第1項所述之裝置,其中一密碼編譯運 算係具有系統特權以持行應用程式。 3·如申請專利範圍第1項所述之裝置,其中密碼編譯運算 包含了 : 加费運算’對複數片段的本文加密,變成複數的密文 片段。 4 ·如申請專利範圍第1項所述之裝置,其中密碼編譯運算 包含了 一解密運算,對複數片的密文解密,變成複數片 的本文。 5·如申請專利範圍第1項所述之裝置,其中密碼編譯使用 高階加密標準演算法。 6. 如申請專利範圍第1項所述之裝置,其中密碼編譯指令 指示該密碼編譯運算中所使用之片段編譯模式。 7. 如申請專利範圍第6項所述之裝置,其中片段編譯模式 包含了電子書碼(Electronic code book,ECB)模 式。 8·如申請專利範圍第6項所述之裝置,其中片段編譯模式 包含了 編輯方塊連鎖(cipher block chaining mode,1247241 VI. Application Patent Range 1 · A device for processing cryptographic operations in a microprocessor, comprising: translation logic for accepting a cryptographic compile instruction, the instruction indicating a cryptographic compile operation to be performed. Turn # is a set of microinstructions indicating the sub-operations to be performed; and execution logic, coupled with the translation logic, responsible for receiving the microinstructions and performing sub-operations. 2· ^ The device described in claim 1 of the patent scope, wherein a cryptographic compilation system has system privileges to hold the application. 3. The apparatus of claim 1, wherein the cryptographic operation comprises: a fee-adding operation s encrypting the snippet of the plural snippet into a ciphertext fragment of a plurality. 4. The apparatus of claim 1, wherein the cryptographic operation includes a decryption operation to decrypt the ciphertext of the plurality of slices into a plurality of slices. 5. The apparatus of claim 1, wherein the cryptographic compilation uses a high-order encryption standard algorithm. 6. The apparatus of claim 1, wherein the cryptographic compile instruction indicates a fragment compile mode used in the cipher compilation operation. 7. The apparatus of claim 6, wherein the fragment compilation mode comprises an electronic code book (ECB) mode. 8. The device of claim 6, wherein the fragment compilation mode includes a cipher block chaining mode ( 第48頁 1247241 六、申請專利範圍 CBC)模式。 9 ·如申請專利範圍第6項所述之裝置,其中片段編譯模式 包含了編碼回授(cipher feedback mode,CFB)模式。 10·如申請專利範圍第6項所述之裝置,其中片段編譯模式 包含了輸出回授(output feedback mode,0FB)模式。 11 ·如申請專利範圍第1項所述之裝置,其中密碼編譯指令 指示對複數個的文字片段進行多種密碼編譯運算的一 種。 1 2 ·如申請專利範圍第1項所述之裝置,其中密碼編譯指令 是X 8 6指令格式。 1 3 ·如申請專利範圍第1項所述之裝置,其中密碼編譯指令 間接指向微處理器内複數個暫存器。 1 4·如申請專利範圍第1 3項所述之裝置,其中所述複數個 暫存器包含了 : 一第一暫存器,其中含有第一個指標指向第一個記憶 體位置,此第一記憶體位置是複數個輸入文字片段 中第一個文字片段之位置。 1 5·如申請專利範圍第1 3項所述之裝置,其中所述複數個 暫存器包含了 : 一第二暫存器,其中含有第二個指標指向第二個記憶 體位置,此第二記憶體位置是記憶體中儲存複數個 輪出文字片段的位置,這些輸出文字片段是輸入文 子片段經歷過密碼編譯運算的結果。 1 6 ·如申請專利範圍第1 3項所述之裝置,其中所述複數個Page 48 1247241 VI. Patent application scope CBC) mode. 9. The apparatus of claim 6, wherein the fragment compilation mode includes a cipher feedback mode (CFB) mode. 10. The apparatus of claim 6, wherein the fragment compilation mode includes an output feedback mode (0FB) mode. 11. The apparatus of claim 1, wherein the cryptographic compile instruction instructs one of a plurality of cryptographic operations on a plurality of text segments. 1 2 The apparatus of claim 1, wherein the cryptographic compile instruction is an X 8 6 instruction format. 1 3 The apparatus of claim 1, wherein the cryptographic compile instruction indirectly points to a plurality of registers in the microprocessor. The device of claim 13, wherein the plurality of registers comprise: a first register, wherein the first indicator points to the first memory location, the first A memory location is the location of the first text segment of a plurality of input text segments. The apparatus of claim 13, wherein the plurality of registers comprise: a second register, wherein the second indicator points to a second memory location, the first The two memory locations are locations in the memory in which a plurality of rounded text segments are stored. These output text segments are the result of the cipher compilation operation of the input text segments. 1 6 · The device of claim 13, wherein the plurality of devices 第49頁 1247241 申請專利範圍 暫存器句冬*Γ· , 乂 了· 从、十、仏X 4穿片段的總數0 一個第二暫在5§,直中是敫逃輸入文子 A A 17^ 士 臂存器其中^夕酤罢夂中所述複數個 •如申請專利範圍第1 3項所述之裝置,” 暫存器包含了· — -個第四暫存器,其中第四暫存器的内容== 指標,指向第三個記憔艚位置,這個記憶體位置疋 费碼編譯金鑰在記憶艘中的位置。 1 8 ·如申請專利範圍第1 7項戶斤述之裝置’密瑪編#金餘資 料包含了 一密碼金输。 1 9 ·如申請專利範圍第1 7項户斤述之裝置,密碼編譯金鑰資 料包含了一金鑰程序表。 20·如申請專利範圍第13項戶斤述之裝置,其中複數個暫存 器包含了: 一個第五暫存器,其中第五暫存器内中包含了第四指 標’指向第四個記憶體位置,這個記憶體位置是初 始化向量在記憶體裡的位置。 21·如申請專利範圍第13項所述之裝置,其中複數個暫存 器包含了: 一個第六暫存器,其中第六暫存器内中包含了第五 標,指向第五個記憶體位置,$個記憶體位曰 制字疋的位置,此控制字70是密碼編譯表控 22·如申請專利範圍第21項所述之裝置,其批 :。 含了·· 11制子元包 加密/解密攔位,組態為指示密碼蝙譯運算進行加Page 49 1247241 Patent application scope register winter sentence *Γ· , 乂了 · From, 十,仏X 4 The total number of pieces worn by a 0 is a second temporary at 5 §, straight is the escape input text AA 17^ In the arm storage device, the plurality of devices described in the 酤 酤 • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • • The content == indicator, pointing to the third record location, this memory location is the location of the code compilation key in the memory ship. 1 8 · If the patent application scope is the 17th item玛编#金余资料 contains a password for gold. 1 9 · If you apply for the patent scope of the 17th item, the cryptographic key data contains a key program table. 20·If you apply for a patent 13 devices, wherein the plurality of registers include: a fifth register, wherein the fifth register contains a fourth indicator 'pointing to the fourth memory location, the memory location Is the position of the initialization vector in the memory. 21·If you apply for a patent The device of claim 13, wherein the plurality of registers comprise: a sixth register, wherein the sixth register includes a fifth target, pointing to a fifth memory location, and a memory location 曰The position of the word 疋, the control word 70 is a cryptographic compilation table control 22, as described in claim 21 of the scope of the patent application, the batch: including: 11 sub-package encryption/decryption block, configuration Added to indicate the password translation operation 第50頁 1247241 六、申請專利範圍 密或解密動作。 23.:;請專利範圍第丨項所述之襄置’纟中執行邏輯包 一ΪΤΪΓ單位’組態為接收第—組複數個微指令, ^個輪入文字片段分別執行複數回合的密碼編 ’產生複數個輸出文字片段,其中複數個密 馬、、扁澤回合由密碼編譯單位中控制字元控制。 24·利範圍第23項所述之製置,其中密碼編譯單 區塊密碼邏輯,組態為對複數個輸入文字片段分別進 行複,回合的密碼編譯運算,產生複數個對應的輸 出文^片段,以及金鑰隨機存取記憶體,與區塊密 碼邏輯運作上耦接,組態為儲存金鑰程序表,此金 餘程序表包含了複數回合的金鑰,分別與複數個密 碼編5筆回合對應,組態為提供區塊密碼邏輯複數個 金鑰已完成複數個密碼編譯回合。 25·=申請專利範圍第23項所述之裝置,其中區塊密碼邏 輯被分割為二個或二個以上的階段,同時向二個或二 個以上複數個文字輸入片段進行密碼編譯。 26·如申凊專利範圍第23項所述之裝置,其中執行邏輯更 進一步包含: 一整數單位,與密碼編譯單位平行耦接,組態為接收 第二組複數個微指令,並執行密碼編譯運算所需執 行的複數個整數運算。 画 第51頁 1247241 六、申請專利範圍 27·如申請專利範圍第23項所述之裝置,其中微指令包含: 一第一組微指令,組態為土是密螞蝙譯單位分別載入 複數個的輪入文字和進行複數個的密碼編^回合。 28· —個微處理器裝置,用來實施密螞編譯運瞀,包含了: 一密碼編譯指令,屬於微處理器執行的指:流程中的 一步驟,其中此密碼指令指示微處理器進&amp;行一個特 定的密碼編譯運算, 一轉譯邏輯,組態為將密瑪編譯指令轉譯為相對的微 指令碼,指示需要執行的次項運算。Page 50 1247241 VI. Patent application scope Confidential or decryption action. 23.:; Please refer to the section "Performance logic package one unit" described in the third paragraph of the patent scope to receive the first group of multiple microinstructions, and ^ round the text segment to perform the complex round of the cipher 'Generate a plurality of output text segments, in which a plurality of Mima, and Bianze rounds are controlled by control characters in the cipher compilation unit. 24. The method of claim 23, wherein the cipher is compiled into a single block cipher logic, configured to complex a plurality of input text segments, and a round cryptographic operation to generate a plurality of corresponding output text segments. And the key random access memory, coupled with the block cipher logic operation, configured to store a key program table, the golden remainder program table includes a plurality of round keys, and a plurality of ciphers respectively Round correspondence, configured to provide block cipher logic multiple keys have completed multiple comma compilation rounds. 25. The apparatus of claim 23, wherein the block cipher logic is divided into two or more stages, and two or more plural character input segments are cryptographically compiled. The device of claim 23, wherein the execution logic further comprises: an integer unit coupled in parallel with the cryptographic unit, configured to receive the second plurality of microinstructions, and perform cryptographic compilation The integer number of integer operations required to perform the operation. Painting No. 51 1247241 VI. Application No. 27 The apparatus described in claim 23, wherein the microinstruction comprises: a first set of microinstructions, configured as soil is a secret array unit respectively loaded into the plural The rounded text and the multiple passwords are edited. 28·- A microprocessor device for implementing a secret compilation operation, comprising: a cryptographic compilation instruction, belonging to a microprocessor execution: a step in the process, wherein the password instruction instructs the microprocessor to enter &amp; A specific cryptographic compilation operation, a translation logic, configured to translate the grammar compilation instructions into relative microinstruction codes indicating the secondary operations that need to be performed. 29.如申請專利範圍第28項所述之裴置,其中密碼編譯運 算包含了: 對應的複數個密 其中密碼編譯運 一加密運算,將複數個本文片段轉成 文片段。 30. 如申請專利範圍第28項所述之裝置, 算包含了: 一解密運算,將複數個密文片段轉成對應的複數個本 文片段。 31 ·如申請專利範圍第2 8項所述之裝置,其中一密碼編譯 運算是按照高階加密標準AES演算法來完成。29. The device of claim 28, wherein the cryptographic compilation operation comprises: a corresponding plurality of ciphers, wherein the cipher is compiled into a cryptographic operation, and the plurality of snippet segments are converted into snippet segments. 30. As claimed in claim 28, the apparatus comprises: a decryption operation, converting a plurality of ciphertext segments into corresponding plurality of text segments. 31. The apparatus of claim 28, wherein a cryptographic operation is performed in accordance with a high-order encryption standard AES algorithm. 3 2 ·如申請專利範圍第2 8項所述之裝置,其中密碼編譯指 令指示以區塊密碼模式完成密碼編譯運算。 3 3 ·如申請專利範圍第3 2項所述之裝置,其中區快密碼模 式包含了電子書碼(eleCtr〇nic code book,ECB)模 式。 胃3 2 The apparatus of claim 28, wherein the cryptographic compile instruction instructs completion of the cryptographic operation in the block cipher mode. 3 3 · The device described in claim 3, wherein the zone fast password mode includes an eleCtr〇nic code book (ECB) mode. stomach 第52頁 1247241Page 52 1247241 34 ·如申請專利範圍第3 2項所述之裝置,其中區快密碼模 式包含了編輯方塊連鎖(cipher block chaining , C B C)模式。 3 5 ·如申請專利範圍第3 2項所述之裝置,其中區快密碼模 式包含了編碼回授(cipher feedback mode ,CFB)模 式。 3 6 ·如申請專利範圍第3 2項所述之裝置,其中區快密碼模 式包含了輸出回授(output feedback,0FB)模式。34. The device of claim 3, wherein the zone fast cipher mode comprises a cipher block chaining (C B C) mode. 3 5 . The device of claim 3, wherein the zone fast cipher mode comprises a cipher feedback mode (CFB) mode. 3 6 · The device described in claim 3, wherein the zone fast password mode includes an output feedback (0FB) mode. 3 7 ·如申請專利範圍第2 8項所述之裝置,其中密碼編譯指 令指示對複數個文字片段所進行的密碼編譯運算。 38·如申請專利範圍第28項所述之裝置,其中密碼編譯指 令格式是x86指令格式。 3 9 ·如申請專利範圍第2 8項所述之裝置,其中密碼編譯指 令係間接指向微處理器内複數個暫存器。 40·如申請專利範圍第39項所述之裝置,其中複數個暫存 器包含: 一第一暫存器,其中含有第一個指標指向第一個記憶 體位置,此第一記憶雜位置是複數個輸入文字片段 中第一個文字片段之位置。3 7. The apparatus of claim 28, wherein the cryptographic compile instruction instructs a cryptographic operation on a plurality of text segments. 38. The device of claim 28, wherein the cryptographic compilation command format is an x86 instruction format. 3 9. The device of claim 28, wherein the cryptographic compilation instruction is directed to a plurality of registers in the microprocessor. 40. The device of claim 39, wherein the plurality of registers comprises: a first register having a first indicator pointing to a first memory location, the first memory location being The position of the first piece of text in the input text segment. 41·如申請專利範圍第39項所述之裝置,其中複數個暫存 器包含了: 一第二暫存器,其中含有第二個指標指向第二個記憶 體位置,此第二記憶體位置是記憶體中儲存複數個 輸出文字片段的位置,這些輸出文字片段是輸入文41. The device of claim 39, wherein the plurality of registers comprise: a second register having a second indicator pointing to a second memory location, the second memory location Is the location where a plurality of output text segments are stored in the memory, and the output text segments are input texts. 1247241 六、申請專利範圍 字片段經 4 2 ·如申請專利 歷過密碼編 範圍第39項 譯運算的結果。 所述之裝置,其中複數個暫存 器包含了: 一個第三暫存器,其中的内容是敘述輸入文字片段的 總數。 4 3 ·如申請專利範圍第3 9項所述之裝置,其中複數個暫存 器包含了: 一個第四暫 標,指 碼編譯 指 密 4 4 ·如申請專利 鍮包含了一 4 5 ·如申請專利 瑜包含了一 46·如申 器包 一個 標 始 47·如申 器包 一個 標 制 請專利 含了: 第五暫 ’指向 化向量 請專利 含了: 第六暫 ’指向 字元的 存器,其中 向第三個記 金鑰在記憶 範圍第43項 密碼金鑰。 範圍第43項 金餘程序表 範圍第39項 存器,其中 第四個記憶 在記憶體裡 範圍第39項 存器,其中 第五個記憶 位置,此控 第四暫存器的内容包含了第三 憶體位置’這個記憶體位置是 體中的位置。 所述之裝置’其中密碼編譯金 所述之裝置’其中岔碼編譯金 〇 所述之裝置’其中複數個暫存 第五暫存器内中包含了第四指 體位置’这個§己憶體位置是初 的位置。 所述之裝置’其中複數個暫存 第六暫存器内中包含了第五指 艘位置,這個記憶體位置是控 制字元是密碼編譯參數之一。1247241 VI. Scope of application for patents Fragment of the word 4 2 · If applying for a patent, the result of the translation of the 39th cryptographic code. The device, wherein the plurality of registers comprises: a third register, wherein the content is a total number of the input text segments. 4 3 · The device described in claim 39, wherein the plurality of registers include: a fourth temporary indicator, the code compilation refers to the secret 4 4 · If the patent application contains a 4 5 · such as Applying for a patented yoga contains a 46. If the application package is a standard starting 47. If the patent application package is a standard, please include the patent: The fifth temporary 'pointing vector, please include: the sixth temporary 'pointing to the character's deposit The cryptographic key of the 43rd item in the memory range to the third record key. The 43rd item of the range 43th gold program table range, wherein the fourth memory is in the memory of the 39th item, the fifth memory position, the content of the fourth register contains the first The position of the memory of the three memory is the position in the body. The device described in the device of the cryptographic compilation method, wherein the device described in the weight compilation file is in which a plurality of temporary storage fifth registers contain a fourth finger position. The body position is the initial position. The device </ RTI> wherein the plurality of temporary storage sixth registers contain a fifth location, and the memory location is one of the cryptographic parameters of the control character. 12472411247241 其中控制字元包 六、申請專利範圍 48.如申請專利範圍第47項所述之裝置 含了·· 一加密/解密攔位,組態為指示密碼編譯運算進行力口〜 或解密動作。 % 49·如申請專利範圍第28項所述之裝置,更包括: 執行邏輯,與轉譯邏輯在運算中耦接,組態為接收 應的微指令並進行子程序運算。 50·如申請專利範圍第49項所述之裝置,其中執行邏輯 含了: t 一密碼編譯單位,組態為接收第一組複數個微指令, 對複數個輸入文字片段分別執行複數回合的密竭編 譯指令,產生複數個輸出文字片段,其中複數個密 碼編譯回合由密碼編譯單位中控制字元控制。 5 1 ·如申請專利範圍第50項所述之裝置,其中密碼編譯單 位包含了: 區塊密碼邏輯,組態為對複數個輸入文字片段分別進 行複數回合的密碼編譯運算,產生複數個對應的輸 出文字片段,以及 金鑰隨機存取記憶體,與區塊密碼邏輯運作上搞接, 組態為儲存金鑰程序表,此金鑰程序表包含了複數 回合的金鑰,分別與複數個密碼編譯回合對應,組 態為提供區塊密碼邏輯複數個金鑰已完成複數個密 碼編譯回合。 5 2 ·如申請專利範圍第5 1項所述之裝置,其中區塊密碼邏Among them, the control character package is six. The scope of patent application 48. The device described in item 47 of the patent application includes an encryption/decryption block, which is configured to instruct the cryptographic operation to perform a force-to-peer or decryption operation. The device of claim 28, further comprising: execution logic coupled to the translation logic in the operation, configured to receive the microinstruction and perform the subroutine operation. 50. The device of claim 49, wherein the execution logic comprises: t a cryptographic unit configured to receive the first plurality of microinstructions, and to perform a complex round of the plurality of input text segments respectively. The instruction is compiled to generate a plurality of output text segments, wherein the plurality of password compilation rounds are controlled by control characters in the cryptographic unit. 5 1 · The device according to claim 50, wherein the cryptographic unit includes: block cipher logic configured to perform a complex round cryptographic operation on a plurality of input text segments, respectively, to generate a plurality of corresponding The output text segment, and the key random access memory, are logically connected with the block cipher logic, and configured to store a key program table, the key program table includes a plurality of round keys, and a plurality of passwords respectively Compile round correspondence, configured to provide block cipher logic multiple keys have completed multiple comma compile rounds. 5 2 · The device described in claim 51, wherein the block cipher logic 1247241 六、申請專利範圍 輯被分割為二個或二個以上的階段,同時向二個或二 個以上複數個文字輸入片段進行密螞編 53·如申請專利範圍第5〇項所述之裝置,其中執行邏輯更 包含了 : 一整數單位,與密碼編譯單位平行轉接,組態為接收 第二組複數個微指令,炎執行密碼編譯運算所需執 行的複數個整數運算。 54.如申請專利範圍第5〇項所述之裝置,其中執行邏輯更 包含了 : 一第一組微指令,組態為土是密碼蝙譯單位分別載入 複數個的輸入文字和進行複數個的密碼編譯回合。 55·如申請專利範圍第28項所述之装置,其中應用轉體具 有系統特權以持行應用程式。 5 6 · —實行密碼編譯運算之裝置,包含了 一密碼編譯指令,屬於微處理器執行的指令流程中的 一步驟,其中此密碼指令指示微處理器進行一個特 定的密碼編譯運算, 一轉譯邏輯,組態為將密碼編譯指令轉譯為相對的微 指令碼,指示需要執行的次項運算。 5 7·如申請專利範圍第56項所述之裝置,其中密碼編譯運 算包含了: 一加密運算,將複數個本文片段轉成對應的複數個密 文片段。 58·如申請專利範圍第56項所述之裝置,其中密碼編譯運1247241 6. The scope of the patent application is divided into two or more stages, and at the same time, two or more plural text input segments are subjected to the secret editing. 53. The device described in claim 5 The execution logic further includes: an integer unit, parallel to the cryptographic unit, configured to receive the second plurality of microinstructions, and to perform a plurality of integer operations required to perform the cryptographic operation. 54. The device of claim 5, wherein the execution logic further comprises: a first set of microinstructions configured to load a plurality of input words and perform plural numbers The password is compiled round. 55. The device of claim 28, wherein the application swivel has system privileges to hold the application. 5 6 · The device for performing cryptographic compilation operations, comprising a cryptographic compile instruction, is a step in the flow of instructions executed by the microprocessor, wherein the cryptographic instruction instructs the microprocessor to perform a specific cryptographic operation, a translation logic , configured to translate the cryptographic compilation instructions into relative microinstruction codes indicating the secondary operations that need to be performed. 5 7. The apparatus of claim 56, wherein the cryptographic operation comprises: an encryption operation to convert the plurality of fragments into a corresponding plurality of ciphertext fragments. 58. The device of claim 56, wherein the password is compiled and shipped 第56頁 1247241 、申請專利範圍 算包 一解 文 59·如申 算是 6 0.如申 令指 6 1 ·如申 式包 式。 62.如申 式包 mode 63·如申 式包 式。 64·如申 式包 式。 65.如申 令指 66·如申 令格 67.如申 含了: 密運算’將複數個密文片段轉成對應的複數個本 片段。 請專利範圍第5 6項所述之裝置,其中密碼編譯運 按照高階加密標準AES來完成。 請專利範圍第5 6項所述之裝置,其中密碼編譯指 示微處理器以區塊密碼模式完成密碼編譯運算。 請專利範圍第6 0項所述之裝置,其中區塊密碼模 含了電子書碼(electron ic code book,ECB)模 請專利範圍第6 0項所述之裝置,其中區塊密碼模 含了編輯方塊連鎖(cipher block chaining ’ C B C )模式。 請專利範圍第6 0項所述之裝置,其中區塊密碼模 含了編碼回授(cipher feedback mode,CFB)模 請專利範圍第6 0項所述之裝置,其中區塊密碼模 含了輸出回授(output feedback mode,0FB)模 請專利範圍第6 0項所述之裝置,其中密碼編譯指 示對複數個文字片段所進行的密碼編譯運算。 請專利範圍第6 0項所述之裝置,其中密碼編譯指 式是x86指令格式。 請專利範圍第5 6項所述之裝置,其中碼編譯指令Page 56 1247241 Scope of application for patents A package of explanations 59. If the application is 6 0. If the application is 6 1 · If the application is packaged. 62. For example, the application package mode 63· is as the application package. 64·If the application is packaged. 65. If the application refers to 66. If the application is 67. If the secret operation is performed, the ciphertext segment is converted into a corresponding plurality of segments. Please refer to the device described in the 56th patent, in which the cryptographic compilation is performed according to the high-level encryption standard AES. The device of claim 56, wherein the cryptographic compilation indicates that the microprocessor completes the cryptographic operation in block cipher mode. The device described in Item 60 of the patent scope, wherein the block cipher module includes the device described in the electronic ic code book (ECB) model patent range No. 60, wherein the block cipher module contains Edit the cipher block chaining 'CBC' mode. The device described in claim 60, wherein the block cipher module includes a device as described in item 60 of the cipher feedback mode (CFB), wherein the block cipher module includes an output. The output feedback mode (0FB) is a device described in claim 60, wherein the cryptographic compilation instruction performs a cryptographic operation on a plurality of text segments. The device described in claim 60, wherein the cryptographic compilation mode is the x86 instruction format. Please refer to the device described in claim 56, wherein the code compiling instruction 第57頁 1247241Page 57 1247241 六、申請專利範圍 指示間接指向微處理器内複數個暫存器。 68·如申請專利範圍第67項所述之裝置’其中複數個暫存 器包含了: 一第一暫存器,其中含有第一個指標指向第一個記憶 體位置,此第一記憶體位置是複數個輸入文字片段 中第一個文字片段之位置° 69·如申請專利範圍第67項所述之裝置,其中複數個暫存 器包含了: 一第二暫存器,其中含有第二個指標指向第二個記憶 體位置,此第二記憶體位置是記憶體中儲存複數個 輸出文字片段的位置,這些輸出文字片段是輸入文 字片段經歷過密碼編譯運算的結果。 70.如申請專利範圍第67項所述之裝置,其中複數個暫存 器包含了: 一個第三暫存器,其中是敘述輸入文字片段的總數。 71·如申請專利範圍第6 了項所述之裝置,其中複數個暫存 器包含了: 一個第四暫存器,其中第四暫存器的内容包含了第三 指標,指向第三個記憶體位置,這個記憶體位置是 密碼編譯金鑰在記憶體中的位置。 7 2 ·如申請專利範圍第7丨項所述之裝置,其中密碼編譯金 鑰資料包含了 一密碼金鑰。 73·如申請專利範圍第71項所述之裝置,其中密碼編譯金 鑰資料包含了一金鑰程序表。Sixth, the scope of application for patents Indirect pointing to a plurality of registers in the microprocessor. 68. The device of claim 67, wherein the plurality of registers comprise: a first register, wherein the first indicator points to a first memory location, the first memory location Is the position of the first text segment of the plurality of input text segments. 69. The device of claim 67, wherein the plurality of registers comprise: a second register, wherein the second file contains a second The indicator points to a second memory location, which is a location in the memory in which a plurality of output text segments are stored. These output text segments are the result of the cryptographic compilation operation of the input text segment. 70. The apparatus of claim 67, wherein the plurality of registers comprises: a third register, wherein the total number of input text segments is recited. 71. The device of claim 6, wherein the plurality of registers comprise: a fourth register, wherein the content of the fourth register includes a third indicator, pointing to the third memory Body position, this memory location is the location of the cryptographic key in memory. 7 2 . The device of claim 7, wherein the cryptographic keying material contains a cryptographic key. 73. The device of claim 71, wherein the cryptographic keying material comprises a key schedule. 第58頁 1247241 六、申請專利範圍 74·如申請專利範圍第67項户斤述之裝置,其中複數個暫存 器包含了: 一個第五暫存器,其中第五暫存器内中包含了第四指 標,指向第四個記憶艘位置,這個g憶體位置是初 始化向量在記憶體裡的位置。 75·如申請專利範圍第67項所述之裝置,其中複數個暫存 器包含了: 一個第六暫存器,其中第六暫存器内中包含了第五指 標,指向第五個記憶體位置,這個記憶體位置是控 制字元的位置,此控制字元是密碼編譯參數之一。 76·如申請專利範圍第項所述之裝置,其中控制字元包 含了: 一加密/解密攔位,組態為指示密碼編譯運算進行加 密或解密動作。 7 7·如申請專利範圍第56項所述之裝置,其中更包含·· 一轉譯邏輯,組態為將密碼編譯指令轉譯為相對的微 指令碼,指示需要執行的次項運算。 78·如申請專利範圍第77項所述之裝置,其中執行邏輯更 包含: -密碼編譯單位,組態為接收第—組複數 個;入文字片段分別執行複數回合的密:編 澤才曰令,產生複數個輸出文字片段,其 碼編譯回合由密碼編譯單位中 ^ ’ 79.如申請專利範圍第78項所 子:控希卜 衣罝 其中密碼編譯單 第59頁 !247241 ----- 仇包含了 : 區塊密碼邏輯,組態為對複數個輸入文字片段分別進 行複數回合的密碼編譯運算,產生複數個對應的輸 出文字片段,以及金鑰隨機存取記憶體,與區塊密 碼邏輯運作上耦接,組態為儲存金鑰裎序表,此金 鍮程序表包含了複數回合的金鑰,分別與複數個密 碼編譯回合對應,組態為提供區塊密碼邏輯複數個 金鍮以完成複數個密碼編譯回合。 •如申请專利範圍第7 9項所述之裝置’其中區塊密碼模 式邏輯被分割為至少二個的階段,並同時向至少二個 文字輸入片段進行密碼編譯。 81·如申請專利範圍第78項所述之裝置,其中執行邏輯更 包含: 一整數單位,與密碼編譯單位平行耦接,組態為接收 第二組複數個微指令,I執行密碼編譯運算所需執 行的複數個整數運算。 82·如申請專利範圍第78項所述之裝置,其中微指令包 含: 一第一組微指令,組態為必是密碼編譯單位分別載入 複數個的輸入文字和進行複數個的密碼編譯回合。 83·如申請專利範圍第56項所述之裝置,其中一密碼編譯 運算係具有系統特權以持行應用程式。 84· —個在微處理器内實行密瑪編譯運算的方法,包含·· 接收一個密碼編譯指令,其中密碼編譯指令指定至少Page 58 1247241 VI. Application for Patent Range 74. For example, the device of claim 67, wherein a plurality of registers contain: a fifth register, wherein the fifth register contains The fourth indicator points to the fourth memory vessel position, which is the position of the initialization vector in the memory. 75. The device of claim 67, wherein the plurality of registers comprise: a sixth register, wherein the sixth register includes a fifth indicator, pointing to the fifth memory Position, this memory location is the location of the control character, which is one of the password compilation parameters. 76. The apparatus of claim 1, wherein the control character comprises: an encryption/decryption block configured to instruct the cryptographic operation to perform an encryption or decryption operation. 7 7. The apparatus of claim 56, further comprising: a translation logic configured to translate the cryptographic compilation instructions into relative micro-instructions, indicating sub-operations to be performed. 78. The device of claim 77, wherein the execution logic further comprises: - a cryptographic compilation unit configured to receive the first plurality of copies; and the input text segments respectively perform a plurality of rounds of secrets: , generate a plurality of output text fragments, the code compilation round is compiled by the cipher unit ^ ' 79. As claimed in the 78th item of the patent scope: control Xi Bu Yi 罝 密码 编译 编译 第 第 第 59 page 247241 ----- Enemy contains: block cipher logic, configured to perform complex round cipher compilation operations on a plurality of input text segments, generate a plurality of corresponding output text segments, and key random access memory, and block cipher logic The operation is coupled and configured to store a key sequence table. The gold program table includes a plurality of round keys, corresponding to a plurality of password compilation rounds, configured to provide block cryptography logic plurals. Complete multiple password compilation rounds. • The apparatus of claim 7, wherein the block cipher mode logic is divided into at least two stages, and at least two character input segments are simultaneously cryptographically compiled. 81. The device of claim 78, wherein the execution logic further comprises: an integer unit coupled in parallel with the cryptographic unit, configured to receive the second plurality of microinstructions, and the I cryptographic compiling operation A number of integer operations to be performed. 82. The device of claim 78, wherein the microinstruction comprises: a first set of microinstructions configured to be a cryptographic compilation unit to load a plurality of input words and to perform a plurality of cipher compilation rounds. . 83. The device of claim 56, wherein the cryptographic compilation system has system privileges to hold the application. 84· A method for performing a mega-compilation operation in a microprocessor, comprising: receiving a cryptographic compile instruction, wherein the cryptographic compile instruction specifies at least 第6〇頁 1247241 六、申請專利範圍 密碼編譯運算動作,以及執行被指定之密碼編譯運 算。 85·如專利申請範圍第84項所述之方法,其中接收更包含: 指定一項加密的密碼編#運算動作,其中加密運算包 含了將複數個本文片段加密’產生複數個加密文字 片段。 8 6.如專利申請範圍第84項所述之方法,其中接收更包含: 指定一向解密的密碼編譯運算動作,其中解密運算包 含了將複數個加密片段解密’產生複數個本文文字 片段。 87·如專利申請範圍第84項所述之方法,其中執行更包含: 遵照AES (Advanced EncryPti〇n Standard)演算法完 成密碼編譯運算。 88·如專利申請範圍第84項所述之方法,其中接收更包含: 在密碼編譯指令中指定密碼編譯運算所使用的區塊解 密模式。 8 9 ·如專利申請範圍第8 8項所述之方法,其中區塊解密模 式包含了電子書碼(electronic code book,ECB)模 式。 9 0 ·如專利申請範圍第8 &amp;項所述之方法,其中區塊解密模 式包含了編輯方塊連鎖(cipher block chaining mode , CBC)模式。 9 1 ·如專利申請範圍第88項所述之方法,其中區塊解密模 式包含了編竭回授(cipher feedback mode,CFB)模Page 6 1247241 VI. Scope of Patent Application The cryptographic compilation operation and the execution of the specified password compilation operation. 85. The method of claim 84, wherein the receiving further comprises: designating an encrypted cryptographic code operation, wherein the encrypting operation comprises encrypting the plurality of text segments to generate a plurality of encrypted text segments. 8. The method of claim 84, wherein the receiving further comprises: specifying a cryptographic compilation operation that is decrypted in a first direction, wherein the decrypting operation includes decrypting the plurality of encrypted segments to generate a plurality of text segments. 87. The method of claim 84, wherein the performing comprises: performing a cryptographic compilation operation in accordance with an AES (Advanced Encry Pti〇n Standard) algorithm. 88. The method of claim 84, wherein the receiving further comprises: specifying a block decryption mode used by the cryptographic operation in the cryptographic compile instruction. 8. The method of claim 8, wherein the block decryption mode comprises an electronic code book (ECB) mode. The method of claim 8 wherein the block decryption mode includes a cipher block chaining mode (CBC) mode. 9. The method of claim 88, wherein the block decryption mode includes a cipher feedback mode (CFB) mode. 1247241 ττ、Ψ-导利範圍1247241 ττ, Ψ-guided range --- 式。 92.如專=申請範圍第88項所述之方法,其中區塊解密模 式匕 3 了輸出回授(output feedback mode,OFB)模 式。 、 9 3.=專利申請範圍第8 4項所述之方法,其中接收包含了 逸馬、扁# #曰令說明一項要對複數個文字片段進行的密 碼編譯運算。 94. 如專利申請範圍第84項所述之方法其中接收包含了 以x86指令模式指示區塊密碼模式。 95. 如專利申請範圍第84項所述之方法,其中接收更包含 間接讀取微處理器中複數個暫存器。 96. 如專利申請範圍第95項所述之方法,其中間接讀取更 包含: 子片段之位置。 其中間接讀取更 9 7·如專利申請範圍第95項所述之方法 包含: 讀取一第一暫存器,其中第一暫存器的内容含有第一 個指標指向第一個記憶體位置,此第一記憶體位置 是複數個輸入文字片段中第一個文字片段位置。 讀取一第二暫存器,其中第二暫存器的内容含有第二 個指標指向第二個記憶體位置,此第二記憶體位置 是記憶體中儲存複數個輸出文字片段的位置,這些 輸出文字片段是輸入文字片段經歷過密碼編譯運算 的結果。 98·如專利申請範圍第95項所述之方法,其中間接讀取更--- Type. 92. The method of claim 88, wherein the block decryption mode 匕 3 has an output feedback mode (OFB) mode. 9. The method of claim 8 of the patent application scope, wherein the receiving comprises an escape horse, a flat ##曰令, a password compiling operation for a plurality of text segments. 94. The method of claim 84, wherein the receiving comprises indicating a block cipher mode in an x86 command mode. 95. The method of claim 84, wherein the receiving further comprises indirectly reading a plurality of registers in the microprocessor. 96. The method of claim 95, wherein the indirect reading further comprises: a position of the sub-segment. The indirect reading is further as described in claim 95. The method of claim 95 includes: reading a first register, wherein the content of the first register contains the first indicator to point to the first memory location The first memory location is the position of the first text segment in the plurality of input text segments. Reading a second register, wherein the content of the second register includes a second indicator pointing to a second memory location, where the second memory location is a location in the memory storing a plurality of output text segments. The output text segment is the result of the input text segment undergoing a cryptographic compilation operation. 98. The method of claim 95, wherein the indirect reading is further 1247241 六、申請專利範圍 包含: 讀取一第三暫存器,其中第三暫存器的内容含有輸入 文字片段的總數。 9 9.如專利申請範圍第95項所述之方法,其中間接讀取更 包含: 讀取一第四暫存器,其中第四暫存器的内容包含了第 三指標,指向第三個記憶體位置,這個記憶體位置 是密碼編譯金鑰在記憶體中的位置。 其中密碼編譯金 其中密碼編譯金 其中間接讀取更 1 0 0 .如專利申請範圍第9 9項所述之方法 鑰資料包含了 一密碼金鑰。 1 0 1.如專利申請範圍第99項所述之方法 餘資料包含了一金鑰程序表。 10 2.如專利申請範圍第95項所述之方法 包含·. 讀取一第五暫存器,其中其中第五暫存器的内容中包 含了第四指標,指向第四個記憶體位置,這個記憶 體位置是初始化向量在記憶體裡的位置。 10 3.如專利申請範圍第95項所述之方法,其中間接讀取更 包含: 讀取一第六暫存器,其中第六暫存器的内容中包含了 第五指標,指向第五個記憶體位置,這個記憶體位 置是控制字元的位置,此控制字元是密碼編譯參數 之一,在此,該控制字元可以被用來指定至少一該 些密碼編譯運算中所使用之至少一密碼編譯參數。1247241 6. The scope of application for patents includes: reading a third register, wherein the content of the third register contains the total number of input text segments. 9. The method of claim 95, wherein the indirect reading further comprises: reading a fourth register, wherein the content of the fourth register includes a third indicator, pointing to the third memory Body position, this memory location is the location of the cryptographic key in memory. Among them, the password compile gold, which is the password compile gold, and the indirect read is more 1 0 0. The method described in the ninth item of the patent application scope contains a cryptographic key. 1 0 1. The method described in item 99 of the patent application scope contains a key program table. The method of claim 95 includes: reading a fifth register, wherein the content of the fifth register includes a fourth indicator, pointing to the fourth memory location, This memory location is the location of the initialization vector in the memory. The method of claim 95, wherein the indirect reading further comprises: reading a sixth register, wherein the content of the sixth register includes a fifth indicator, pointing to the fifth Memory location, which is the location of the control character, which is one of the cryptographic parameters, where the control character can be used to specify at least one of the at least one of the cryptographic operations used A password compilation parameter. 第63頁 1247241 六、申請專利範圍 '~ -- 1 0 4 ·如專利申請範圍第1 〇 3項所述之方法,其中透過护^制 字元指示密碼編譯運算的參數值更包含··在控元 加密/解密攔位中註明密碼編譯運算是加密 b ^ ^ 運算。 艰疋解搶 105·如專利申請範圍第84項所述之方法,其中更加包含· 將密碼編譯指令轉譯為一連貫的微指令,指^ ^ ^被 執行的子程序運算。 而 1 0 6 ·如專利申請範圍第84項所述之方法,其中執行更包 含: ^ 將第一組複數個連續微指令分送至密碼編譯單位;然 後在密碼解譯單位内,對複數個輸入文字片段’做'複 數回合的密碼編譯,產生對應的複數傭輸出文字片 段其中複數個密碼編譯回合由密碼編譯單位中控制 字元控制。 1〇7·如專利申請範圍第106項所述之方法,其中上述對複 數個輸入文字片段做複數回合的密碼編譯步驟更加包 含: 在密碼編譯單位内儲存一金鑰程序表,其中此金鑰程 序表包含了複數回合的金鑰,分別與複數個密碼編 譯回合對應; 使用複數個回合的金要來為區塊密碼邏輯來完成複數 個密碼編譯回合。 1〇8·如專利申請範圍第1〇6項所述之方法,其中執行更包 含:Page 63 1247241 VI. Patent Application Scope '~ -- 1 0 4 · The method described in the first paragraph of the patent application, in which the parameter value of the cryptographic operation is indicated by the guard character. The control encryption operation in the control element encryption/decryption block is encrypted b ^ ^ operation. The method described in claim 84 of the patent application, which further comprises: translating the cryptographic compile instruction into a coherent microinstruction, which refers to the subroutine operation that is executed by ^^^. And the method of claim 84, wherein the executing further comprises: ^ distributing the first plurality of consecutive microinstructions to the cryptographic unit; and then in the cryptographic interpretation unit, the plurality of Enter the text segment to 'do' the complex round of the password compilation, and generate the corresponding complex commission output text segment. The multiple password compilation rounds are controlled by the control character in the password compilation unit. The method of claim 106, wherein the step of compiling the plurality of input text segments in a plurality of rounds further comprises: storing a key program table in the cryptographic unit, wherein the key The program table contains the keys of the complex rounds, corresponding to a plurality of comma compilation rounds; the use of a plurality of rounds of gold is required to complete the complex cipher compilation rounds for the block cipher logic. 1〇8· The method described in the first and sixth paragraphs of the patent application, wherein the execution further includes: 1247241 六、申請專利範圍 將第二組複數個連續的微指令分送至與密碼編譯單位 平行耦接的整數單位内,然後執行密碼編譯運算所 _ 需執行的複數個整數運算。 I 0 9.如專利申請範圍第1 0 5項所述之方法,其中轉譯包 括: 產生一第一微指令,指示密碼編譯單位分別將複數個 的輸入文字片段載入並開始進行密碼編譯回合。 II 0.如專利申請範圍第8 1項所述之方法,其中一密碼編譯 運算係具有系統特權以持行應用程式。1247241 VI. Application for Patent Range The second set of multiple consecutive micro-instructions are distributed to the integer units coupled in parallel with the cipher compilation unit, and then the complex integer operations to be performed by the cryptographic operation are performed. The method of claim 1, wherein the translating comprises: generating a first microinstruction, instructing the cryptographic unit to load a plurality of input text segments and start a cipher compilation round. II. The method of claim 18, wherein a cryptographic compilation system has system privileges to hold an application. 第65頁Page 65
TW93110904A 2003-09-29 2004-04-20 Microprocessor apparatus and method for performing block cipher cryptographic functions TWI247241B (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
US10/674,057 US7321910B2 (en) 2003-04-18 2003-09-29 Microprocessor apparatus and method for performing block cipher cryptographic functions

Publications (2)

Publication Number Publication Date
TW200512648A TW200512648A (en) 2005-04-01
TWI247241B true TWI247241B (en) 2006-01-11

Family

ID=34376785

Family Applications (1)

Application Number Title Priority Date Filing Date
TW93110904A TWI247241B (en) 2003-09-29 2004-04-20 Microprocessor apparatus and method for performing block cipher cryptographic functions

Country Status (2)

Country Link
CN (1) CN1332526C (en)
TW (1) TWI247241B (en)

Families Citing this family (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101882192B (en) * 2009-05-08 2012-08-22 晨星软件研发(深圳)有限公司 Circuit protecting device, method and layer
US9753863B2 (en) * 2014-12-27 2017-09-05 Intel Corporation Memory protection with non-readable pages
CN104679479B (en) * 2015-03-12 2017-10-24 中国人民解放军信息工程大学 A kind of multinuclear cipher processor of the scheduling controlling mechanism of task based access control numbering
CN106250099A (en) * 2016-07-18 2016-12-21 青岛大学 A kind of directly perform encrypted instruction the processor architecture of fixing decipherment algorithm
CN117668326B (en) * 2024-01-30 2024-04-30 深圳柯赛标识智能科技有限公司 Intelligent identification data processing method, system and equipment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6118870A (en) * 1996-10-09 2000-09-12 Lsi Logic Corp. Microprocessor having instruction set extensions for decryption and multimedia applications
US7270193B2 (en) * 2000-02-14 2007-09-18 Kabushiki Kaisha Toshiba Method and system for distributing programs using tamper resistant processor
TWI282066B (en) * 2002-08-22 2007-06-01 Ip First Llc Apparatus and method for extending data modes in a microprocessor

Also Published As

Publication number Publication date
CN1332526C (en) 2007-08-15
CN1538656A (en) 2004-10-20
TW200512648A (en) 2005-04-01

Similar Documents

Publication Publication Date Title
TWI303936B (en) Apparatus and method for generating a cryptographic key schedule in a microprocessor
US7321910B2 (en) Microprocessor apparatus and method for performing block cipher cryptographic functions
TWI336858B (en) Microprocessor apparatus and method for modular exponentiation
TWI351864B (en) Apparatus and method for employing cyrptographic f
US7532722B2 (en) Apparatus and method for performing transparent block cipher cryptographic functions
US7844053B2 (en) Microprocessor apparatus and method for performing block cipher cryptographic functions
TW200537886A (en) Apparatus and method for secure hash algorithm
US8060755B2 (en) Apparatus and method for providing user-generated key schedule in a microprocessor cryptographic engine
US7392400B2 (en) Microprocessor apparatus and method for optimizing block cipher cryptographic functions
US7502943B2 (en) Microprocessor apparatus and method for providing configurable cryptographic block cipher round results
US7529368B2 (en) Apparatus and method for performing transparent output feedback mode cryptographic functions
TWI274281B (en) Apparatus and method for performing transparent block cipher cryptographic functions
US7536560B2 (en) Microprocessor apparatus and method for providing configurable cryptographic key size
US7900055B2 (en) Microprocessor apparatus and method for employing configurable block cipher cryptographic algorithms
TWI247241B (en) Microprocessor apparatus and method for performing block cipher cryptographic functions
US7542566B2 (en) Apparatus and method for performing transparent cipher block chaining mode cryptographic functions
US7519833B2 (en) Microprocessor apparatus and method for enabling configurable data block size in a cryptographic engine
CN1661958B (en) Microprocessor apparatus of block cryptographic functions and method
US7529367B2 (en) Apparatus and method for performing transparent cipher feedback mode cryptographic functions
TWI253268B (en) Microprocessor apparatus and method for optimizing block cipher cryptographic functions
CN1652163B (en) Apparatus and method for performing transparent output feedback mode cryptographic functions
TWI250450B (en) Microprocessor apparatus and method for providing configurable cryptographic key size
TW200536332A (en) Microprocessor apparatus and method for enabling configurable data block size in a cryptographic engine
TW200536334A (en) Microprocessor apparatus and method for providing configurable cryptographic block cipher round results

Legal Events

Date Code Title Description
MK4A Expiration of patent term of an invention patent