TWI250450B - Microprocessor apparatus and method for providing configurable cryptographic key size - Google Patents

Abstract

The present invention provides an apparatus and method for performing cryptographic operations on a plurality of input data blocks within a computing device, where the size cryptographic key that is employed is programmable. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction and execution logic. The cryptographic instruction is received by a computing device as part of an instruction flow executing on the computing device. The cryptographic instruction prescribes one of the cryptographic operations, and also one of a plurality of cryptographic key sizes. The execution logic is operatively coupled to the cryptographic instruction. The execution logic executes the one of the cryptographic operations. The execution logic has a cryptographic key size controller that employs the one of a plurality of cryptographic key sizes during execution of the one of the cryptographic operations.

Description

1250450 IX. Description of invention: [Related reference patent]

This application refers to the priority of the corresponding US patent application, which is No. 1 0/826475, and the filing date is April 16, 2004, entitled " MICROPROCESSOR APPARATUS AND METHOD FOR PROVIDING CONFIGURABLE CRYPTOGRAPHIC KEY SIZE It is also cited from the following US temporary application cases.

No. Application No. 60/506971 (CNTR.2070) 9/29/2003 MICROPROCESSOR APPARATUS AND METHOD FOR OPTIMIZING BLOCK CIPHER CRYPTOGRAPHIC FUNCTIONS 60/507001 (CNTR.2071) 9/29/2003 APPARATUS AND METHOD FOR PERFORMING OPERATING SYSTEM TRANSPARENT BLOCK CIPHER CRYPTOGRPHIC FUNCTIONS 60/506978 (CNTR.2072) 9/29/2003 MICROPROCESSOR APPARATUS AND MENTOD FOR EMPLOYING CONFIGURABLE BLOCK CIPHER CRYPTOGRAPHIC ALGORITHMS 60/507004 (CNTR.2073) 9/29/2 (8) 3 APPARATUS AND METHOD FOR PROVIDING USER-GENERATED 1250450

KEY SCHEDULE IN A MICROPROCESSOR CRYPTOGRAPHIC ENGINE 60/507002 (CNTR.2075) 9/29/2003 MICROPROCESSOR APPARATUS AND METHOD FOR PROVIDING CONFIGURABLE CRYPTHOGRAPHIC BLOCK CIPHER ROUND RESULTS 60/506991 (CNTR.2076) 9/29/2003 MICROPROCESSOR APPARATUS AND METHOD FOR ENABLING CONFIGURABLE DATA BLOCK SIZE IN A CRYPTOGRAPHIC ENGINE 60/507003 (CNTR.2078) 9/29/2003 APPARATUS FOR ACCELERATING BLOCK CIPHER CRYPTOGRAPHIC FUNCTIONS IN A MICROPROCESSOR 60/464394 (CNTR.2222) 4/18/2003 ADVANCED CRYPTOGRAPHY UNIT 60/ 506979 (CNTR.2223) 9/29/2003 MICROPROCESSOR APPARATUS AND METHOD FOR PROVIDING CONFIGURABLE CRYPTHOGRAPHIC KEY SIZE 60/508927 10/3/2003 APPARATUS AND METHOD FOR 1250450

(CNTR.2226) PERFORMING OPERATING SYSTEM TRANSPARENT CIPHER BLOCK CHANING MODE CRYPTOGRAPHIC FUNCTIONS 60/508679 (CNTR.2227) 10/3/2003 APPARATUS AND METHOD FOR PERFORMING OPERATING SYSTEM TRANSPARENT CIPHER FEEDBACK MODE CRYPTOGRAPHIC FUNCTIONS 60/508076 (CNTR.2228) 10 /3/2003 APPARATUS AND METHOD FOR PERFORMING OPERATING SYSTEM TRANSPARENT OUTPUT FEEDBACK MODE CRYPTOGRAPHIC FUNCTIONS 60/508604 (CNTR.2230) 10/3/2003 APPARATUS AND METHOD FOR GENERATING A CRYPTOGRAPHIC KEY SCHEDULE IN A MICROPROCESSOR This application is the following US patent application The continuation of the case, and a common transferee and co-inventor.

No. Application 曰 Name 10/674057 (CNTR.2224) 9/29/2003 MICROPROCESSOR APPARATUS AND METHOD FOR PERFORMING 1250450

BLOCK CIPHER CRYPTOGRAPHIC FUNCTIONS This application is also associated with the following U.S. patent applications and has a common assignee and co-inventor.

No. Application No. 10/730167 (CNTR.2224-C1) 12/5/2003 MICROPROCESSOR APPARATUS AND METHOD FOR PERFORMING BLOCK CIPHER CRYPTOGRAPHIC FUNCTIONS 10800768 (CNTR.2070) 3/15/2004 MICROPROCESSOR APPARATUS AND METHOD FOR OPTIMIZING BLOCK CIPHER CRYPTOGRAPHIC FUNCTIONS 10/727973 (CNTR.2071) 12/4/2003 APPARATUS AND METHOD FOR PERFORMING TRANSPARENT BLOCK CIPHER CRYPTOGRAPHIC FUNCTIONS 10/800938 (CNTR.2072) 3/15/2004 MICROPROCESSOR APPARATUS AND METHOD FOR EMPLOYING CONFIGURABLE BLOCK CIPHER CRYPTOGRAPHIC ALGORITHMS 10/800983 (CNTR.2073) 3/15/2004 APPARATUS AND METHOD FOR PROVIDING USER-GENERATED KEY SHEDULE IN A MICROPROCESSOR 1250450

CRYPTOGRAPHIC ENGINE HEREWITH MICROPROCESSOR APPARATUS (CNTR.2076) AND METHOD FOR ENABLING CONFIGURABLE DATA BLOCK SIZE IN A CRYPTOGRAPHIC ENGINE HEREWITH MICROPROCESSOR APPARATUS (CNTR.2223) AND METHOD FOR PROVIDING CONFIGURABLE CRYPTOGRAPHIC KEY SIZE HEREWITH APPARATUS AND METHOD FOR (CNTR.2226) PERFORMING TRANSPARENT CIPHER BLOCK CHAINING MODE CRYPTOGRAPHIC FUNCTIONS HEREWITH APPARATUS AND METHOD FOR (CNTR.2227) PERFORMING TRANSPARENT CIPHER FEEDBACK MODE CRYPTOGRAPIC FUNCTIONS HEREWITH APPARATUS AND METHOD FOR (CNTR.2228) PERFORMING TRANSPARENT OUTPUT FEEDBACK MODE CRYPTOGRAPIC FUNCTIONS HEREWITH APPARATUS AND METHOD FOR (CNTR.2230) NER SCH UL ED ED ED ED ED ED ED A device and method for performing a cryptographic operation in a binary device, which allows a password of 1 and a size to be used at the instruction level Of. Prior art computer systems need to be entered. When the file is generally available, the file's inductive information is developed. These data systems are written in non-applications. The type is used as the same data file's requirements for its access files and the use of code programs. The computer system and other programmers of the application executed by it will provide output data when executed, and the round capital contribution will be written to tape, CD or computer file format. Then, output the data-application input file; or the application of the brain system on the computer system in a large-scale storage or compatible storage system, and gradually understand the security measures of the protection sensitivity, the password program is exposed. Sensitive information. Generally speaking, after the output data is encrypted and decrypted, the user starts to send the point. Therefore, the network architecture and the operating system enable the data to be shared not only. In terms of capital, today's computer workstations operate independently, and in which When the application is executed, the output of the data form or a computer system of a large number of storage devices is stored in a cocoa as another difference. In these early days, and in other resources to protect unauthorized access to the storage devices, the existing information and the data transfer agreement for the sharing of information on the Internet are progressing, and the sharing is more prominent. Users can generally obtain files from different workstations 11 l25〇450 or network file servers, and other information, or can be in a lot of electricity (ie email), or can be with credit card or banking Information to use the drink to the waste, airport or other public places. Therefore, the slogan of sensitive information can be said to be a case of users using computer protection. The premeditated cyber terrorism related to the public, such as the various kinds of computer information security, such as slamming emails, Internet hackers, and identity theft credit card fraud, is not affected. + Education Temple clauses counterattack; However, in the computer information crisis, effective government, financial institutions, military units and inter-department became the general use of home computers and read. "The public is not allowed to be vigilant. It is not difficult to understand, existing Most of the resources of large and small companies have been able to make messages only specific to the object I (cryptography) in terms of their message security. When storing or transmitting in particular, the encryption uses a cleartext or "the eve of the text (such as "ciphertext" or can use the Internet to get new and send back and forth between the brain. It is not difficult to know that a vendor’s computer system is connected to provide a vendor with a product order, or that it is necessary to enter a news headline for sensitive information during the above-mentioned period of exemption from unauthorized disclosure. The current topics of interest are on the table, such as _ take, reverse engineering, online fraud and the emergence of various means, and because this means to invade the privacy of individuals, new laws, strict terms and public measures are not In the past, this is only a topic of concern to political and spy people. Now it is e-mail or account transaction. _ Problem. Computer network practitioners need to bet on the business father. Some technologies and devices receive the understanding that when so-called passwords are used to protect information, they are transmitted in a sensitive message (known (plaintext) to the incomprehensible). The transmission of plaintext to ciphertext 12 1250450 is called "encryption", "nciphering", or "ciphering", and ciphertext, The transfer process to the moon is called "decryption", "deciphering", or "inverse ciphering". In the password category, several steps and rules are established to allow use. No high level of knowledge or effort is required to perform the cryptographic operations, and these users are allowed to transmit or otherwise provide their messages to other users on a monthly basis. Following the encrypted message, the sender generally provides the recipient with one that cannot be made. In addition, the "password key" of the encrypted message is removed, so the recipient cannot remove or otherwise increase the access of the unencrypted original message. A technique will use & some steps or rules to be password protected, mathematical operations and A specially designed application form encrypts or decrypts highly sensitive messages. Some algorithms are used to encrypt or decrypt data. The first type of algorithm mentioned (such as the Public Cash (PubHc key) cryptographic algorithm; the ΜΑ algorithm) uses two male code keys (a public key and a private key) to Data encryption or decryption. Refers to some public gold _ translating the different method 'a public key used to encrypt the data transmitted to the recipient. The user public key and the private key have a mathematical calculus relationship, the recipient must Using its private key to decrypt the transmitted data to recover the data. Although such cryptographic algorithms are widely used today, the speed of the shoulder-and-shoulder method after encryption and decoding is still too slow, even if only a small amount of data is encrypted and decrypted. The second type of algorithms, such as the symmetric key alg〇rithmS, provide a fair amount of data security and are faster. These variants are called symmetric gold-transfer algorithms because they use passwords to record and decrypt messages. There are three common knowledge of the main password gold wheel calculus 13 > 1250450 method: data encryption standard (DES) algorithm, triple data encryption standard (Triple DES) algorithm, and advanced encryption standard (advanced encryption standard, AES) ) Algorithm. Because these narrative strengths protect South sensitivity data, they are now used by the US government and its agencies. However, it is expected that at least one of these technologies will become a commercial or private delivery standard in the future. According to these symmetric key algorithms, plaintext and ciphertext are separated by a special size to encrypt or decrypt. For example, the advanced encryption standard complete cryptographic algorithm in the 128-bit size interval uses 128, 192, and 256-bit cryptographic keys. · Other symmetric key algorithms allow for advanced encryption criteria for the 1 92 and 256-bit data sets. Referring to block cipher operations, a 1,024-bit plaintext message is encrypted as eight 192 bytes. All symmetric key algorithms use a sub-operation of the same form to encrypt a plaintext block. And refer to the symmetric key algorithm that is more commonly used, an initial cryptographic gold extension that extends multiple gold inputs (such as a "key directory"), each such as a sub-operating code "round" in the plaintext block. Completed in the middle. For example, the first key of the key directory is used to complete the first password round of the last operation of the II plaintext block, wherein the second key is used to generate the second result using the second key of the key directory. A specific number of sub-unit rounds is completed to produce a final result of the ciphertext itself. Sub-operations in each round of the Advanced Encryption Standard algorithm also have terms such as sub-bit (or S-box), ShiftRows, MixColum, and AddRoundKey. During each round, a ciphertext block is decrypted. In addition to completing the ciphertext input conversion cipher and conversion sub-operations (such as blending and shifting), the final result of each round is a plaintext block. 14 1250450 Data plus standard and triple data plus only 丨T knife in the knowledge>Bei method uses different specifications of the nose nose 'but the child transport tube ntb J. ^ , Bulian "" Similar to the standard algorithm, the factor transfer is similar to the case where the plaintext block is converted into a poorly-formed block. 〃 夕 夕 夕 ' ' ' ' ' 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝 贝These modes include electronic code book (ECB) mode, cipher block chaining (CBC) mode, ciphertext feedback (__feedback, CFB) mode, and output feedback (_put - This heart, 〇 FB) mode. During the completion of the dice operation, some modes utilize an additional initialization vector and some use the ciphertext output completed in the first plaintext block to encrypt the first location, such as an additional input to the encrypted second location completed in the second plaintext block. For more technical details, see Federal Information Processing Standards Publication 46-3 (FIPS-46-3), October 25, 1999, which discusses data encryption standards, triple data encryption standards, and Fan 97. On November 26, 2, 1 year, it explained in detail the advanced encryption standard. The aforementioned standard rules are promulgated and claimed by the National Institute of Standards and Technology (NIST). In addition, individual directives, white papers, kits and countermeasures can be referred to the National Institute of Standards and Technology's Computer Security Response Center ( CSRC) at http://csrc.nist.gov/ ° Those who are familiar with the technology can understand that a variety of applications can be executed on computer systems that perform cryptographic operations (passwords and decryptions), in fact some jobs Systems such as Microsoft 8, Windows XP®, and Linux provide direct password and decryption services in a password-related original form. However, the inventor of this case has observed that the current computer password related technology is still on some 15 1250450 levels, and the first block diagram 100 is not connected, and the second one is the first routing network and one percent. The interface is also a wireless network router 1 1 1 workstation connected as in the previous severe electrical operating system control, and each needs to perform a decryption application synchronization of the operating system for the station 1 0 1 uplink file storage station 102 Messages can be found in the work materials (such as the letter out of the company 101, 102 is insufficient) readers can refer to Figure 1 to understand the shortcomings. The ya is discussed in the following text. It is a block to illustrate the current computer password application technology. Figure. Fang Weiyi - computer workstation 1 ο 1 and a regional network 1-5 phase electrical workstation 102, a network file storage device 100, & 107 or other and wide area network (WAN) 1 10 The network router 1〇8 is connected to the area network 105 as in the IEEE standard 8〇211. A laptop computer 1〇4 interfaces with the wireless router 1〇8 via 109, and a second road is connected to the wide area network 11 Another Point to provide a interface with a third computer. In the middle of the mention, today's users are working positively during the work. For example, in the current multitasking system, users of workstation 101 can simultaneously All the work items need to be cryptographically operated. When the workstation 1 〇1 is in use or is in the file, the second enable 112 or the non-stop station 103 enters with the card number, and the 106 operation is stored to the 'user, 5 Among them, the person who calls the network file through the wide-ranging financial system can use the second to enable the encrypted network, that is, the electronic domain network transaction, etc., 108 11 2 (regardless of the implementation of the file) The device-encrypted message user also needs to provide the mail (in the form of 11) and other forms of network 1 0 5, 1 0 9 work program), and transmits it to 106 to be executed as instant. In addition or provide sensitive sharing stations 101

Adding funds 16 1250450 The third computer workstation 103 can represent a home computer or a remote computer 1〇3. Each of the foregoing actions requires an example that conforms to the execution of the encryption/decryption operation 112. In addition, the wireless network (10) is now normally provided in coffee shops, airports 'schools, and other public places, so the notebook computer 1 〇 4 users - one encryption and decryption, whether it is his/her message transmission / receiving other users Immediately needed, and all messages are encrypted or decrypted via the wireless network 1-9 to the utility router 108. ‘The prior art can understand that ## of the above activities need to perform cryptographic operations on workstations 1-1-10, and accordingly there is a need to perform an immediate encryption' decryption operation 112. Therefore, it is further possible for the electric moon I 101-104 to perform hundreds of cryptographic operations simultaneously. In any case, there are some implementations of performing at least one or more immediate addition/decryption operations on the computer system 1〇ι_ι〇4, and completing the cryptographic operation to limit the case. For example, the completion of a function by a software program is relatively hard. The completion of the same function is slow. Each encryption/decryption operation / 12 takes a while, and the current program is being executed on the computer 10: It can be suspended during this time, and the password operation (such as the Moon Wenshan-style key, etc.) The parameters must be exemplified by the operating system to add / / to the name of the red 112. And because the cryptographic operation must be 匕3 4 inch, and do not expect a few sub-operations, the encryption/decryption operation η 2 is executed to include multiple computer extension instructions, so all system operation speeds are unfavorable. Anyone who knows the technology can check *, sending a small encrypted e-mail in Microsoft 8 Outlook will be 5 times more than sending an unencrypted packet e-mail. In addition, the current password-related technology is delayed due to the operating system; most applications do not provide integrated key generation or addition, components ((3) mp〇nents), they execute the operating system 17 1250450 components or embedded applications according to other implementations should have been mentioned by the inventors to be very similar to micro-processing; early floating-point slow, through the software for the implementation of floating-point technology, floating point coexistence Executor, but if the password coprocessor appears in the form of I, the bus (such as USB) processor can make the password processor increase the overall reliability of the system design system, because of the data, therefore, The existence of the related hardware of the case, the microprocessor performs a cryptographic operation via a separate device. In addition, the password is better and the private password is better. At the same time, the device and program of the phase code operation of the secret system and the program are assisted by a variety of cryptographic algorithms to accomplish these tasks, and the operating system is adapted to the needs and interruptions of the application. The degree before the dedicated floating point unit. Furthermore, the end of the analytic operation of the floating-point mathematics is done in software, so the cryptographic operation is quite slow and unacceptably slow. One step development 'floating point instructions' are based on floating-point coprocessors. Floating point operations are much faster than software, which adds to the cost of the system. Similarly, in the form of today's cards or external devices; when using external crypto coprocessors via parallel ports or other interfaces

M; 丨曲兴一主处理器接接. Of course, the total calculation is much faster than the pure software executive, and the password is used together! The cost is required, and additional power is required and lowered. In addition, the implementation of the coprocessor with the password cannot be forced to be the same as the main microprocessor. The chip knows that today's microprocessors need to have a special secret stone to make - need: the application with cryptographic operation can ^ The native unit weight command circuit indicates micro-small and the password command circuit provides at least one password command to also have priority in the application type to use the straw hardware to conform to the common architecture of today's microprocessors: hardware And the relevant password instructions are to be provided in the same way as the previous bamboo. The main thing is to provide an execution secret that effectively defends against unauthorized sniffing and supports special cryptographic algorithms implemented in it.

18 1250450 Verification and testing, allowing user-provided keys and self-generated keys to support multiple block sizes and key lengths, providing programmable block encryption/decryption modes, such as electronic password book mode, Ciphertext block string, ciphertext feedback mode, output feedback mode, etc., and can effectively execute a plurality of data block sizes and multiple bit size passwords for a large amount of data when using the above programmable block encryption/decryption mode. Key. SUMMARY OF THE INVENTION The present invention has been made to solve the above-mentioned and other problems and disadvantages in the prior art, and provides a superior technique for performing cryptographic operations in a microprocessor. In a preferred embodiment of the present invention, there is provided an apparatus for performing a cryptographic operation, the apparatus comprising a cryptographic instruction circuit and an execution logic circuit, the cryptographic instruction circuit providing a cryptographic instruction, and the cryptographic instruction is received by a computing device, and It is part of the instruction stream executed by the computing device. The cipher command specifies one of a plurality of cryptographic operations and specifies one of a plurality of cryptographic key sizes. In operation, the execution logic circuit engages the password command circuit and performs the specified cryptographic operation. When performing a specified cryptographic operation, the execution logic has a cryptographic key size controller, and the controller uses the specified password size. Another preferred embodiment of the present invention is an apparatus for performing cryptographic operations, the apparatus having a cryptographic unit and a key size control logic circuit, wherein the cryptographic unit is located in a device and receives a password in an instruction stream One of a plurality of cryptographic operations is performed after the instruction, wherein the cryptographic instruction in the instruction stream specifies the specified cryptographic operation. In addition, the password command also reserves a size to be used when performing the specified cryptographic operation. In operation, the key size control logic is coupled to the crypto unit and causes the device to use the predetermined key size when performing the specified cryptographic operation. 19 1250450 A preferred embodiment of the present invention is a method of performing a cryptographic operation in a device. The method includes receiving a cryptographic command that specifies that one of a plurality of cryptographic operations is used during execution. The password size is 'this method also includes the period during which the specified cryptographic key is executed using the specified cryptographic key size. [Embodiment] The following description is specific to one of the present invention for making it easy for those skilled in the art to apply the present principles to the above-mentioned techniques and novel features in the aforementioned techniques for secret and decryption and Limits from Figure 3 to Figure 15 on the current common mechanism of computer systems. 动 Λ \ \ \ \ \ 请 请 请 请 请 请 请 请 微处理器 微处理器 微处理器 微处理器 微处理器 微处理器 微处理器 微处理器 微处理器 微处理器 微处理器It is intended that the present invention be practiced in various ways, and that the <RTIgt; </ RTI> <RTIgt; </ RTI> <RTIgt; </ RTI> <RTIgt; </ RTI> <RTIgt; Next, the description of the present invention will be made. The present invention proposes an apparatus and method for performing cryptographic operations, and different performances, and a programmable program that satisfies the above-mentioned limited operational capacity, algorithms, and modes. In a present block diagram, block 201, microprocessing, In addition to the information mentioned in the item, the data is added to the application of the image in the system. The device is used to extract the private circuit and the processing is related to an application. The data, in which the name is deducted, and the data is located in a system memory area i called application memory 203, and the application memory (appiicat-memory) 203 program control and action It is generally controlled by the operating system software (〇p(4)) 202 in the protected area of the system memory. The instruction circuit provides at least one instruction for indicating a cryptographic operation, and the instruction circuit includes logic circuitry, means or microcode (ie, microinstruction or native instruction (native instructi〇n)), or a logic circuit or The combination of microcodes, because the command circuit is not the focus of the present invention, will not be described in detail herein. As mentioned above, if the execution of the application (such as a private email or a file storage program) requires a sloppy operation, then the application must execute a considerable number of instructions from the microprocessor 2〇1. The cryptographic operations can be performed, wherein the instructions can be executable applications: sub-programs in the program itself, such as applications that can be connected to the executing application: an application, or a service that can be provided to the operating system 202. Regardless of the form of the order, those skilled in the art will be able to understand that the instructions are stored in the memory area of the fixed or allocated. For the purpose of explanation, the memory fields are displayed in the application memory M 203, and include a cryptographic key generation application 2〇4, wherein the cryptographic key generation application 2〇 4 Generally, a secret key is generated or received, and the key is expanded into a key schedule (key schedu e) 205, which is used for the codon operation. When a multi-block cryptographic operation is performed, a block encryption application 206 needs to be first motivated to perform fetching, 21 1250450 plaintext 210 blocks, key scheduling 2O5, such as mode at loss. Table location 荨 More detailed cryptographic parameters of the cryptographic operation 209 . The encryption application 206 also uses an initialization vector 208 for the specifications, work, and requirements. After executing the instructions therein, the knife edge application 206 generates a corresponding ciphertext 211 block and the block decryption application 2〇7 is also motivated to perform the block decryption operation, ie execution. The ciphertext block 211, the key schedule 205, and the crypt〇graphic paranieters such as the mode and the key table position are obtained. The decryption application 206 also uses a starting vector 2〇8 if required for the mode in the specification. After executing the instructions therein, the plaintext 210 block produced by the application 2〇7 is decrypted. It should be emphasized that the number of instructions that need to be executed is quite large when the cryptographic key is generated and the text block is added and resolved. The above FIPS regulations can form a considerable number of eves. The virtual code example of the estimated instruction is required. Therefore, those skilled in the art understand that a simple block cryptographic operation requires hundreds of private orders, and each of these instructions must be micro-processed. 201 is executed to perform the required cryptographic operations. Furthermore, for the main purpose of executing the application % (such as file management, instant messaging, son mail function, remote file acquisition and credit card transaction, etc.), a 'execution of instructions to complete the password operation is generally considered unnecessary. The function is that users who execute the application feel that the execution of the existing execution application is not efficient. 22 1250450 If the application used is 206, 207, then the application or external encryption/decryption application must comply with the triggering and control of the operating system 202, and the control may also cause the problem to worsen. . For the cryptographic operations performed in interrupts, exceptions, and classes, for each individual executing at the same time in a computer system, the singularity of the application 204, 206' 207 must be at the same time. The microprocessor 2〇i, the A is equipped with its space, and can be expected to increase, as already described above. &amp; child code operands will continue over time

The inventor of the present case has already mentioned the problems and limitations, and also knows the calculations of the cryptographic technology of the shameless system, and the execution of the program is not extended. 4 The password is executed in a microprocessor. A necessity is made for the necessity of the clothing and the method, and the microprocessor device and method for humming the mam, *", and the unit is used to perform the cryptographic operation N in the field, and the cryptographic unit is used by the grass. The mega unit is set in the microprocessor to perform the cryptographic operation. The following is the stylization of the enthalpy and the brown command, which is activated and explained. ^Ming will cooperate with the third to the fifteenth

"There is a taxi associated with a microprocessor device," and the present invention is used to execute a secret map. The microprocessor and the tail diagram 300 display 3()1 via a Me (memory bus) 319 light and empty. Reminiscent of the body bus line memory) 321 , which contains the use of, system first (system (instruction register) 3 〇〇 曰々 曰々 曰々 曰々 & & & &gt; Translation logic 3〇3 , <conversion logic 5^ soap replacement logic bud #路,电路,装置 or microcode (g 斗兔路303 contains logic or natural commands), or 23 1250450 circuit a combination of circuits, devices or microcodes, or other equivalent elements for converting instructions into related microinstruction sequences. The components used to perform the conversion operations in the conversion logic circuit 303 may be other circuits, microcodes, etc. Used to share other functions in the U processing of '301. For the scope of the present invention, 5, the term microcode is used to represent at least one microinstruction, and the microinstruction (also known as the native heart) hierarchy Is a unit executor. For example, microinstructions are direct A reduced instruction set c〇mputer (RISC) microprocessor is executed by a complex instruction set computer (complex instructi〇n set c〇mputer, CISC) microprocessor such as a 86 compatible microprocessor. In other words, the X86 instruction is converted into an associated microinstruction, and the associated microinstruction is directly executed by at least one unit of a complex instruction set computer microprocessor. In addition, the conversion logic circuit 3〇3 is coupled to a microinstruction column (micro) An instruction queue 304 has a plurality of micro instruction entries 305, 306, and the microinstruction is provided by the microinstruction column 304 to a register level logic circuit including a register fne 3〇7 The register group 3〇7 has a plurality of registers 308-313, and the contents of the registers 3〇8_313 are established after a specified password is transferred. The register 308_312 points to the memory. Corresponding positions 323-327 in 321 and so-called milk contain the data required to perform the specified cryptographic operation. The register level is coupled to the load logic circuit (1〇ad) 314, and the load logic circuit 314 is The interface is coupled to a data cache 315 for obtaining data required to perform the specified cryptographic operation. The data cache 315 is coupled to the memory 321 via the memory bus 319 to execute the logic circuit. (— Μ bye ) 24 1250450 328 is coupled to load logic circuit 314 and performs the operation of the given microinstruction specifying k, which includes logic, device or microcode (ie, microinstruction or native instruction), or is a logic circuit a combination of devices or microcodes, or other equivalent elements for performing the operations specified by the instructions, wherein the elements used to perform the operations in the logic circuit 328 can be other circuits and microcodes for use in microprocessing. The other functions of the 301 are shared by the 301. Execution logic circuit 328 includes a cryptography unit 316 that receives data from load logic circuit 314 that is required to perform the specified cryptographic operation. The microinstruction causes cryptographic unit 316 to enter a plurality of input text blocks (input). Text ) 326 performs the specified cryptographic operation to generate a corresponding plurality of output text blocks 327 . Cryptographic unit 316 includes logic circuitry, means or microcode (ie, microinstructions or native instructions), or a combination of logic circuitry, apparatus or microcode, or other equivalent component for performing cryptographic operations, where The elements that perform cryptographic operations in cryptographic unit 316 may be shared by other circuits and microcodes for performing other functions in microprocessor 301. In one embodiment, cryptographic unit 316 operates in parallel with other execution units (not shown) in execution logic circuit 328, which may be integer units, floating point units, and the like. A "unit" embodiment corresponding to the scope of the invention includes a combination of logic circuitry, means or microcode (i.e., microinstructions or native instructions), or other equivalent means for performing a specified function or action, where The elements that perform other functions or actions in a particular unit may be shared by other circuits and microcodes for performing other functions in the microprocessor 301. For example, an integer unit in an embodiment includes a combination of logic circuits, devices, or microcode (ie, 25!25〇450 microinstructions or native instructions), or other components for performing integer instructions, - equivalent components . A floating point unit comprises a combination of logic circuits, devices or micro-maze (ie micro-instructions or native instructions), or other equivalent elements for performing floating-point instructions, where the elements are used to execute integer instructions in integer units. The components may be shared by other circuits, microcodes, etc. for performing floating point instructions in the floating point unit. In an embodiment compatible with the x86 architecture, the cryptographic usage unit 316 and an x86 integer unit, an x86 floating point unit, an x86 Multimedia Extensions (MMX) unit, and A stream of SIMD Extensions (SSE) units operate in parallel. In the context of the present invention, an embodiment of an application that performs most of the design to be executed in an x86 microprocessor is compatible with the x86 architecture, and an application is properly executed. Get the desired result. In other χ86 compatible embodiments, the cryptographic unit operates in parallel with a subset of the aforementioned x86 execution units, wherein your code unit 316 is coupled to the storage logic circuit 317 and provides a corresponding plurality of output text blocks 327. In addition, the storage logic circuit 317 is also coupled to the self-data cache memory, and the cache memory 315 transfers the output text data 327 to the system memory 321 for storage. The memory C circuit 317 is coupled to the write back logic circuit 318, and the write back logic circuit updates the temporary f^3〇8, 313 in the register group 307 when the cryptographic operation of the heart is completed. In another embodiment, the microinstruction flows through each of the logic circuit classes 3〇2, 3〇3, 3〇4, 307 314, 316-318 in synchronization with the -clock signal (not yet). The arithmetic action {also performs in a manner similar to the action performed on a combined line by a large 26 1250450. The application of the operation &gt; ° is to make the command of the secret command 322 containing the password command operate as ~4 bits', and then the level of the bit that is not used for the mode can be programmed to be sent to the microprocessor processor. In the system memory 321 , the specified password program is executed to enable the microprocessor 3 to perform a password operation via a cryptographic instruction 322 to facilitate the 'single password command 322'. It is called a 322. In a complex instruction set computer embodiment, a password refers to a microinstruction that specifies a cryptographic operation. In one embodiment, 322 uses an idle or unused code in an existing instruction set architecture. In an x86-compatible embodiment, the cryptographic instruction 322 sets the instruction, which includes an x86 repeat preamble (R£p) (ie, 〇χΡ3) using a 2-bit χ86 opcode (eg, qx〇fa7), and then The block cipher set used during a specified cryptographic operation is described. In one embodiment, the password command 322 of the present invention is a system priority level provided by the application, and the program stream is directly controlled by an application program 301 or via the operating system 320 due to a program stream that can be composed of instructions. And sent to micro 301. Since the microprocessor 301 is only required to perform the specified password operation 322, the completion of the operation is fully known to 320. In actual operation, the operating system 320 motivates an application to be executed in the microprocessor 301, and a password command 322 in the instruction stream is sent from the memory 321 to the extraction logic circuit 3〇2 while the application is executing. However, before the execution of the password instruction 322, the instruction in the program stream causes the microprocessor 3〇1 to initialize the contents of the temporary registers 308-312, so that the contents of the temporary registers 308-312 point to the record 27 1250450. Crypt〇graphic control word 323 initial cryptographic scheduling (key schedu vector) 325 (if the position of the text 327 is initialized to the scratchpad 308-312 register 308- 312 and a packet are, and the external logic buffer plus encryption or decryption area logic circuit 302 obtains a sequence, so that the micro processing should be loaded into the load logic by a specified number of passwords in the micro instruction sequence to provide corresponding output data cache memory. The body 315 stores the processing architecture register in which the corresponding microinstruction causes the microprocessor 301 to complete the interrupt of the start vector index temporary processing after the non-architected scratch register 311-312 of the specified password count value, Its key) 324 or a golden remainder vector (initialization requires 322 before the input text 326 and the code input command 322 is actually referred to the temporary add-on register 313 and enters the text area 326 to be self-extracted by the logic circuit 303. A cryptographic operation corresponding to the microinstruction. In the pair 305-306, the data of the cipher list is executed, and the execution of the data block should be executed, and the path 317 is used to output a plurality of microinstructions in the text area 327 via the data (not shown). (not shown) performing other such as including temporary results and indications, encryption and decryption of input and output fingers 326 (if required) and unaccepted 'storage registers 308-313 are [e) 324, a start When needed, the arithmetic office 323-327. The reason for executing the secret is the password command. The block count function 313 counts the value as the number of blocks. Therefore, the password command is converted, and 301 is executed to execute the first set of the plurality of micro-trigger circuits 3丨4 to send the ladder to generate a pair of &amp; blocks to the storage logic stored in the sequence of the memory 321 The second group of operations required for other execution unit operations, the scratchpad (not updated, the update of the input text buffer 310, etc. In an embodiment, the architectural register 28 1250450 308-313 is defined In the embodiment, the cryptographic unit 316 is divided into complex steps to perform pipeline processing on the subsequent input text block 326. In the embodiment, the cryptographic unit 316 is divided into complex steps to perform pipeline processing on the subsequent input text block 326. The diagram 300 is used to illustrate the components required by the present invention, and the various logic circuits used in the processor 301 are omitted for clarity of illustration. However, those skilled in the art will appreciate that the processor 301 includes a plurality of class logic circuit components. Regardless of its particularity, and some of the class and logic circuit components have been used in this case to make the description more concise. For example, the load logic is electrically integrated to generate the class with an address. There may be a cache memory level, and then there may be a cache memory alignment class. It must be understood that the cryptographic actions for the plurality of input text blocks 326 are via a single instruction 322, a single The instructions 322 are known to the operating system 320, the execution of which is accomplished via a dedicated password, wherein the operation of the dedicated cryptographic unit 316 is performed in parallel with and in concert with the microprocessor's execution unit. Furthermore, the inventor's cryptographic unit 316 embodiment, Similar to the micro-floating point unit proposed several years ago, it is compatible with the operation of the associated password command 322 operating system 320 and the application program, which will be described below. Please refer to Figure 4, which is shown in the figure. It is a block diagram for explaining the embodiment of the basic unit password instruction 400. The password refers to an optional pre-allocation (optional prefix Held) set architecture level, so that it can be applied to the current micro-location and now in the box. The integration of one channel 314 can be interfaced, in particular, the operation of the complete operation is unit 316 301, which proposes a complete and more detailed invention in a different processor. 400 packets 401, then 29 * 1250450 is a one-to-one computing pull-type, blocking implementation in the structure, such as block and other code operations and one for the system password transfer 402 architecture x86 processor structure The temporary source is stored in the temporary data area. The repeated string word group refers to the repeater repeat prefix field 402, followed by the code block (opcode field) 403, and finally the block ciphertext bit. (block cipher mode Held) 404. The contents of an embodiment bit 401-404 are compatible with the χ86 instruction set architecture. In other examples, the contents of fields 401-404 are compatible with other instruction set architectures. In operation, the optional pre-block 4〇1 is used in many instruction sets to enable or disable certain processing capabilities of a main microprocessor, I6-bit or 32-bit operations and processing or use of specific Memory. The repeating pre-field 402 indicates that the password specified by the password command 40 is required for a plurality of input data (ie, plaintext or ciphertext), and the compatible microprocessor sets the contents of the plurality of architectural registers. The indicator of the position in the memory, the position in # refers to the password data and parameters required to complete the predetermined difference. As described above, the value of the repeated pre-block is 〇χρ3 in the embodiment compatible with 86; and the format of the code command in the form of the code is very similar to the REP. M0VS and the like. For example, when the same micro-location example of the χ86 of the present invention is used, the repeated pre-position is actually referenced to a block count variable stored in the storage port ° E〇C, and stored in the temporary storage. H ESI median = indicator (pointing to the input data corresponding to the cryptographic operation) and a destination address index in σ, pointing to the output in the memory ^ _ Χ 86 phase-to-center example, the invention will be more traditional Only the concept of I &amp; Difficult, the township test in the register EDX in the control of the display, a deposit in the scratchpad 指向 point - from the W Dan ~ code gold material and one deposit. The private standard (if required for the specified ciphertext mode 30 1250450). The maintenance code block 4〇3 specifies the micro-processing crying β in a control word έΒ ^ ^ _ ° ° 凡成进 - step for a memory ~ For the cryptographic operation specified by the group, the 苴 word group refers to &gt; AL ', and the τ control word group breaks the reference via the control 。. In the present invention, the existing code input value 403 is one. One of the unused or unused ones in the eucalyptus structure, one of which is used as a sauce, and for the purpose of maintaining the above-mentioned == Compatibility of the device. Use the value 〇 Zheng 8 7 to perform the predetermined cryptographic operation. (4) 1-bit 403 embodiment makes the bit 404 pre-* τ 'block ciphertext mode block 4 pre-scheduled during the given cryptographic operation I α π Supervise π to use the 4-inch fixed block ciphertext mode, the following will be explained in conjunction with Figure 5. The 衩 弟 5 5 图 为 弟 4 4 4 4 4 4 4 4 4 基本 基本 基本 基本 * 区 区 区 区 区 区 区 区 区The form of the block value sample constitutes the form of the mountain monument 蚩Μ 4 α where the value 〇 xC8 is scheduled to be electronic

The name code 完成 is used to complete the cryptographic operation. The value 〇XD T 疋 疋 疋 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄 雄^ The ultimate type of password operation &quot; is scheduled to complete the cryptographic operation in the output feedback mode. In addition, block ciphertext mode is blocked. All other values are preserved. The description of ^ can be found in the above FIPS file. Referring now to Figure 6, a block diagram of a cryptographic list (10) in a χ86 compatible method of the present invention is illustrated. Wherein, the microprocessor contains the extraction logic 1 (secret) 601, the extraction logic circuit 6〇ι self-memory: shows) the extraction instruction μ performs 'the (four) is coupled to the conversion logic circuit (an n (four) 〇 602. the conversion logic circuit 6〇 2 contains logic, device or microcode (ie microinstructions or too much, 7 or native instructions), or a combination of logic, sturdy or microcode, or for clothing, 匕The elements are converted to equivalent elements of the sequence of related microinstructions 31 1250450. The elements used to perform the conversion in conversion logic circuit 602 can be shared by other circuits and microcodes, etc., to perform other functions in microprocessor 600. The logic circuit 602 includes a key generation logic circuit 640 that is lumped to a translator 603 and a microcode read only memory (ROM) 604. Interrupt logic (interrupt logic) 626 is coupled to conversion logic circuit 602 via bus 628. A plurality of software and hardware interrupt signals 627 are processed by interrupt logic circuit 626, which may indicate that the current conversion logic circuit 628 is not yet accepted. The interrupted logic circuit 602 is coupled to the microprocessor 600 continuation class, including a register class 605, a bit class 606, a load class 607, an execution class 608, a storage class 618, and a write back class 619. Each includes logic circuitry for performing the specific functions associated with the execution of the instructions, where the instructions are those provided by the extraction logic 601 in conjunction with similar component numbers in the microprocessor of Figure 3. Figure 6 The illustrated x86 compatible implementation example 600 shows an execution logic 632 in execution class 608 that includes parallel execution units 610, 612, 614, 616, 617. An integer unit 610 receives execution from microinstruction queue 609. The integer instruction microinstruction 613 receives the execution multimedia extension set microinstruction. A stream extension set unit 616 receives the execution stream extension set microinstruction from the microinstruction column 615. In the illustrated x86 implementation example, the password Unit 617 is coupled to the string via a load bus 620, a stall signal 621, and a store bus 622. The extension unit 616 and the microinstruction column 615 of the stream extension unit are shared. The other is 32 1250450. In the same embodiment, the cryptographic unit 617 operates in a parallel-like manner, an integer register (EFLAGS) 624, where the element 625 is used to indicate that the cryptographic operation is such that the 'X bit 625 is a χ86 flag, and the integer unit 610 uses a specific register 628 to estimate the state of the E bit 6 to indicate the microprocessor 617. In addition, the integer unit 610 is also coupled to the units 610, 612, and 614. The unit 610 is coupled to a flag. The flag register 624 includes an X bit or not. In an embodiment, the 30th bit of the register 624. This device 4 temple special register (machine E bit 629 state, where there is a crypto unit in 600 using a feature control register

One D bit 631 in the middle to start or close the password list "...the microprocessor implementation command 301 in the D group, the microprocessor 600 in Fig. 6 has shown that the main components required for teaching the present invention, such The components are also described in the description of a compatible embodiment, and other components in the microprocessor have been integrated or omitted, so that the description of the drawings is relatively simple. Those skilled in the art know that ^ The interface needs to have other components, such as a data cache (not shown), bus interface unit (not shown), and timely generation and distribution of logic /

Circuit (not shown), etc. In actual operation, the instruction is extracted from the memory (not shown) by the extraction logic circuit 601, and the extraction operation is performed by synchronizing the clock signals sent to the conversion logic circuit 602. The conversion logic circuit 602 converts each instruction into a corresponding microinstruction sequence, which is sequentially synchronized to the clock signal and sent to the subsequent stages 6〇5_6〇8, 618, 619 of the microprocessor 600. Each micro-instruction in the sequence micro-instruction causes a sub-operation required to complete the calculation of 33 1250450 H to be executed... the overall operation is predetermined by the instruction, as produced by the address gorge 606: two...for a pair: &quot; The register stage...the temporary two: the sum of the two operands of the two integer unit parts, and the execution of the single-"page in the memory"_take one of the l I 617 ~:: early "1", 612, The result of the storage buffer circuit 618 is stored and searched. Use the shovel to drag according to the instruction in the forward conversion (10) 冋 conversion logic circuit 6〇2 Use 'change' 03 α to directly generate micro-finger 604 裎 # # # # 广 广 广 广 广 广 广 广 广 广 广 广 广 广The converter (10) is listed as a part, and from the microcode read only "Extracted from 604 = the remainder of the sequence, J: The Chinese community + ^ The remaining PW of the edge sequence is the day-to-day order 6〇5-608, 618, 619 ♦ In the case of the implementation of the order, the micro-instructions and their management elements &quot; ^ (from the temporary storage class 005 temporarily obtained in π, or in place The address class 606 in the logic circuit 608 from a data cache, the interest of seven w ~ body in the transfer) for the implementation of the two Α 632 to a designated execution unit ^ road, 614, 616 617 and I The method is to place the micro-instructions in a corresponding column 609, 611, 613, and 士t 615. Then, the execution units 6 〇 612, 614, 616, βλΊ, , ^ execute the micro-instructions, and Will be crusted, stored in class 618. In the ~ per 浐 plus & 禾 禾 η example, the micro-instructions contain

Whether or not &lt;blocks executed in parallel with other actions. When the cryptographic instruction is extracted, the U command associated with the logic circuit 602 is switched to make the micro-cry; the logic circuit in the continuation classes 605-608, 618, 619 in σσ 600 executes the structure of the specified cryptographic operation microinstruction. The portion is determined by a key generation field value in the word group 323 of the content block 308 in the control block register 308, and there will be a description of the following. For example, if the key generation field value specifies that a user-generated gold _ will be used in a predetermined a field operation, then the gold record generation:: circuit 640 will construct the relevant micro-instruction sequence to make the micro-processing cry 6 〇〇Self-array memory location 324 324 obtains the gold record schedule generated by the user, and loads the gold record schedule generated by the indentation into the golden record random access= of the cryptographic unit 617 (the following will be explained in more detail) ), and use the user-generated gold transfer schedule during the specified password. 2 Specific memory = 324 is the content of the contents of the gold balance register 3〇9. If the gold field value specifies that a key schedule will be generated with a provided cryptographic key, then the key generation logic 640 will construct the associated microinstruction for microprocessing! 600 obtains the provided password key from the memory location 324, and the access code of the person's password is made in the A 617. The body 2's the book is expanded into a gold (four) process, and is scheduled. The key operation of the cryptographic operation is 'the memory location is like ^ gold: the Japanese standard register 3°9 content tree. The size of the password record is added; 匕, the error is established in the control block - the size of the gold is the program. In the consistent application, the key size block is worth to use the (3)-bit password, the 192-bit password key, and the password key. - Therefore, - the first group of related microinstructions are sent directly to the MM's: 617 'and the cryptographic unit 617 « into the load bus 620: and: Go into an input data block and start executing A predetermined number of passwords are returned. Into the output data block, or provide - the formed wheel data area 35 1250450. Block on the storage bus 622 and the sub-actions of the first plurality of related micro 610, 612, 614, 616 For example, the E bit 631 and the X bit 625 are set to refer to the register in the register stage 605 (such as the processing of the interrupt 627 of the register and the round-out character index register, etc. The explicit unit arbitrarily sets the integer unit micro-instruction in the password unit and the password unit operation in the same micro-instruction, so that the unprocessed points are pointed to the password parameter and the data in the register, so that their state is obtained when returning Reply. When the status of a self-bit 625 is judged whether the result is YES, the operation is repeated on the material block. The related micro-finger and the result of the input of a sequence of text blocks are processed before the processing interrupt 627 Referring to FIG. 7, the micro-opcode field of the codon operation 701 stores the logic circuit 618 in the memory instruction and sends it to other execution units to perform other completions. The test of the password 629, the enable of the D bit, the cryptographic operation is in progress, the update of the count register, the input of the text indicator temporarily, and the interrupt logic circuit 626 indicate that the relevant microinstructions are arranged to achieve the most The best performance is in the sequence of the interpolation microinstruction, so that the integer operation is included in the correlation interrupt 627. Since all the indicators are set in the x86 architecture, they are stored in the interrupt, and when the interrupt is returned from the interrupt, the micro-instruction test is in progress. If the input command processed during the interruption is determined to be arranged, the indicator register is updated for a sequence block cipher operation. σ儿月 is used to make the position in the microprocessor example 700 of Figure 6. In the figure, the micro 7〇0 contains a micro-optical code clamp, a lean register field (data 36 1250450 wfieId) 702 * a register stall (703. micro-code stop 7〇s er Le Ding micro-processing p 60... The implementation of the sub-operation of the temple fork, and refers to the 忾 忾 忾 ^ 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白 白In one of the 拗+ 〇 心 令 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 为本 701 701 701 701 701 701 701 701 701 701 The contents of the scratchpad are obtained from the U address, and the account in the monthly block 702 is the value of the valley register, and the data is connected to the scratchpad. The temporary register is the data obtained by the above-mentioned register in the buffer block, the male and the code unit (such as the password gold object = the specified one, and the child material and the starting vector, etc.) are sent to the secret: input text 701 The first - "Miao + lost nose code block h value storage (χ earn)" specified by the Mimar unit produced... Although stored in a year-old poor wood structure temporary storage content Among them, the architectural scratchpad is stored in a multi-level cryptographic unit. ^ , In the example of the spirit, the 'storage field 703 夕 允 ^ 疋 数 轮 轮 资料 各 各 各 各 各 各 各 各 各 各 各 各 各 各 各 I I I I I I I I I I I I I I I I I I I I I , the round of the information provided by the crypto unit in Michuan 4, the appropriate way to move. The following pin is for the storage logic loading micro-instruction to perform the loading of the cryptographic unit of the present invention and the ninth figure of the present invention is a detailed description... The description will be carried out. Please refer to Figure 8, where - table _ Used to input the 7 format 700 loading micro finger Μ崭 呪 呪 Ming brother 7 picture ^ ^ ? 曰? The scratchpad is blocked 703. For example, the first $, +, and mechanical command sequences are described in a secret stone horse, and a singer 々 々 寸 产生 产生 产生 产生 产生 产生 产生 产生 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微 微a younger two sets of multiple microinstructions, where #一37-1250450 =: the microinstruction is performed by the cryptographic unit, ❿ the second set of multiple microfinger Z, and at least the parallel functional unit except the cryptographic unit in the u processor Executive: Asian semaphore update, temporary register, architectural register, machine crying

Special temporary storage is performed for the test and setting of the status bit. The first group: a number of instructions provide key data and passwords, and turn the data into the password early to generate the key schedule (or load the Jinyu row that has been obtained from the memory) to Load and encrypt (or decrypt) the input text and save the text. In addition, a load micro-instruction is sent to the password unit to load the control sub-group data, load a password key or key schedule, load the start vector data, load the input text data, and load the input text. Data and cause the crypto unit to begin a specified cryptographic operation. At this time, a register field 7〇3 value ObOlO loaded into the microinstruction causes the crypto unit to be loaded into a control block into its internal control block register. When the microinstruction is performed in the pipeline, the memory address of the control block storage can be obtained by temporarily storing the crying content using the architectural control block indicator in a register class. The memory logic circuit converts the address into a physical address of the memory access; the load logic circuit obtains the control block from the cache, and places the control block into the data block 7〇4, and the control word The group is then sent to the crypto unit. Similarly, the register field value OblOO causes the cryptographic unit to load the data block into the data block 704, and then begins the predetermined cryptographic operation. The access to the input data is via an indicator stored in a structured register, which is equivalent to the control block. The value 0M01 causes the input data in the data block 7〇4 to be loaded into the internal register to take _ι, which can be the input text data (in the pipeline operation) or the starting vector; the value 0ΜΗ) and the 0blll password The unit is loaded separately - the password or the low and high bits of a key in the user generated key schedule. In the present invention, a user is defined as performing a specific function or actor, which can be embodied

38 • 1250450 application, operating system, machine user generated key table is in the application example, the user generates the key table. In an embodiment, the register code unit is divided into two classes for making the line management. Therefore, after execution, the microinstruction is executed first to provide an (IN-1), followed by a second load of the word data to the input-0 (ΙΝ-0), cryptographic operation. If the cryptographic operation is performed according to the time, a majority of the user-specific loading micro-instructions are sent to each chronograph of the cryptographic unit. Load the scratchpad in the microinstruction. Referring to Figure 9, the table 700 loads the register of the microinstruction to the crypto unit to provide the _word block to the location specified by the storage logic 702. Therefore, the one-to-one specific output text block moves to the value of the corresponding input text area 703, OblOO, so that the cipher unit is raised or the like. In one embodiment, the formula is established. Established by an alternative person. When the intercept value is OblOO and OblOl, when the input character data block is added to the input poor block, a first input text data is sent to the round-1 micro-instruction to execute a second input. Let the instruction unit start executing the majority of the golden amount in the record of the gold record scheduled by the user, so that all other values of the unit loading key 703 are displayed by the guarantee 900. The format block is 7〇3. A load microinstruction is generated (password or decrypted) for storage in the address field of the memory. The conversion logic of the present invention first issues a load microinstruction followed by a load microinstruction. The register column is used for the output of the internal output - 0 to make the output of the Schmitt management out of the position 39 l25 〇 45 〇 (〇υ τ · 0) salary for the storage of the 3 descendants related output text block to Store logic in the middle.斗, &gt; 1 out of 0 valley and sent to the input - 〇 input text block to ask, the new ten inside the t 9 deposit field value reference to the internal output - 1 register of each It is related to the input text data sent to the order a '1. Therefore, a plurality of input and decryption fields are added to the key and the control block data can be added to the cryptographic unit &amp;, line management * into ^ 'error by loading · input -1, loading · Input _〇 (Loading • Wheeling • Everyone is out of the 7 W code unit and also starts the cryptographic operation), loading · Loading γ Loading · 〇υ τ · 〇, loading. Input -1, loading · input - This can be achieved by issuing the password micro-finger 7 in the order of 开始 (starting to follow the action of the next two eight + text blocks). Operation Now = read 1G diagram, which illustrates the control word group format (contro 1 word format) in the present invention - used to pre-program the password binary code π ππ control word group 1000 is programmed from a user to the memory , , the heart is sent to a compatible microprocessor in a compatible six-port state before the execution of the code. Therefore, a micro-instruction in the 雷 对应 对应 ” ” · · · · · · · · 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入 载入Convert the indicator into an actual memory® address, shoe ιν ώ α Λ Λ 兄 、 、 、 、 、 、 、 、 、 、 、 、 、 、 、 、 、 、 、 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得 取得Φ , , , 曰 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , Instruction)), bite is a combination of the brother's private road, device or microcode, because the command circuit is not the heavy field of the reference, L, Li, ^ will not be described in detail here. The control block ι〇〇〇40 1250450 contains a representative reservation (RSVD) field 1001, a data block size (DSIZE) field 1002, a key size (KSIZE) field 1003, an encryption/decoding (E/ D) Field 1004, an Intermediate Result (IRSLT) field 1005, a Key Generation (KGEN) Block 1006, an Algorithm (ALG) Block 1007, and a Round Count (RCNT) field 1008. All values of reserved block 1001 are reserved. Data Block Size Block 1002 The content of the input and output text blocks used for encryption and decryption execution. In one embodiment, the data block size field 1002 has a predetermined block size of 128 bits, 192 bits, or 256 bits. The size of the key size block 1003 is the size of the predetermined password and the cryptographic key used for decryption. In one embodiment, the gold size field, the size of the 1003 predetermined gold record is 128 bits, 192 bits or 256 bits. Encryption/decoding 100 bit 1004 specifies whether the cryptographic operation is used in an encryption or decryption operation. The key generation block 1006 indicates whether the gold record schedule generated by the user is stored in the memory, or whether a single password record is stored in the memory. If a single password is indeed present, the microinstruction and cryptographic key are sent to the cryptographic unit to cause the unit to expand the key into a cryptographic algorithm-derived key schedule, where the cryptographic algorithm is The contents of the algorithm field 1007 are defined. In one embodiment, the explicit value of the algorithm block 1007 is determined using the aforementioned data encryption standard algorithm, triple data encryption standard algorithm or advanced encryption standard algorithm. In other different embodiments, the algorithms used are Rijndael Cipher and Twofish Cipher algorithms. The content of the round count field 1008 is intended to be used by the algorithm for the number of password rounds used in each input text block; although the criteria used in the above algorithms are for each input 41. In the 15th input script, the password is not the best. It is an advantage to familiarize yourself with the results of the same sub-interval. The 1250450 text block using the password control method for the execution of the block execution map 00" uses the predetermined fixed calculus number, but the program uses the round count block 1008 to change the rounds specified by the standards. In one embodiment, the programmer has to set 0 to different rounds for each block. Finally, the content of the intermediate result block 1005 determines whether the block of words is executed in the round count block 1008 according to the password standard specified in the algorithm field 1007, or whether the decryption is based on the total number of rounds. The number of rounds in the block 1008 is determined, wherein the last round of the execution represents a transition result and the final result, which is the feature of the algorithm in the algorithm block 1007. The technician knows that many calculations are in progress. Phase operations are performed in each round, but are different in the last round. Therefore, if the middle field 1005 is programmed to provide a transition result rather than the final result point, as it allows the programmer to confirm the intermediate step of the algorithm, the progressive transition is used to confirm the performance of the algorithm. A text block is achieved by a password round, followed by two rounds of the same text area, and then three rounds. Referring now to Figure 11, the table 1100 is used to illustrate an example value of the key size block 1003 of the 10th word group 1000, wherein the value causes the computing device to perform a predetermined calculation with a 128-bit password size. The value "01" causes the computing device to perform a predetermined cryptographic operation with a 192-bit cryptographic key. The value "01" causes the computing device to perform a predetermined cryptographic operation with a 256-bit key size, and the remaining values are retained. Referring now to Figure 12, there is shown a block diagram of a cryptographic unit of the present invention. In the figure, the cryptographic unit 1200 includes a micro-opcoded register 1250450 1203 'which receives a cryptographic micro-instruction (ie, loads and stores micro-instructions) via a micro-instruction bus (1214) and has a control Control word register 1204, one input-0 temporary crying 1205, input_1 register 12〇6, one key-〇 register 12〇7 and one gold钤-1 temporary storage 1208. In accordance with a predetermined one of the contents of the microinstruction register 1203 loaded with the microinstruction Z, the data is sent to the scratchpad 1204- 1208 via a load bus 1211. In addition, the cryptographic unit 1200 also includes a block cipher logic 1201, and the logic circuit 1201 is coupled to the parent of the registers 1203-1208' and is also coupled to the cryptographic input random access memory. A cryptographic key RAM 1202. In addition, the block S and the text logic circuit 1201 provide a stall signal 1213 and also provide block results to an output-0 register 1209 and an output-1 register 1210. The output registers 1209-1210 send their internal contents to a subsequent stage of a compatible microprocessor via a storage bus 1212. In one embodiment, the size of the micro-opcoded register 1203 is 32 bits, the sizes of the registers 1204, 1207, and 1208 are 128 bits, and the sizes of the registers 1205 - 1206 and 1209 - 1210 are 256 bits. The password microinstruction is selectively and sequentially provided to the microinstruction register 1203, the input buffer 12〇5_12〇6, or the golden temporary register 1207-1208. One of them. In the embodiment shown in Figures 8 and 9, a control block is loaded into the control block register 1204 via a load microinstruction, and then the cryptographic key or key schedule is subsequently loaded. The microinstruction is loaded. If the loaded cryptographic key is 128 bits, then a microinstruction is loaded to specify the scratchpad gold _ 〇 12 〇 7 . If the cryptographic key loaded by 43 1250450 is greater than 128 bits, a load microinstruction specifies the scratchpad key-0 1207 and a load microinstruction specifies the scratchpad key -1 1208. If the loader is a user-generated key schedule, the subsequent load micro-instruction specifies the scratchpad key - 〇 1207. Each of the keys in the loaded key schedule is placed in the key random access memory 1202 in order for its relative key round execution. After that, the text data (if no starting vector is needed) is loaded into the input-1 register 1206. If the start vector is used, it is carried to the input_1 register 1206 via a load microinstruction. A microinstruction sent to the input-0 register 1205 causes the cryptographic unit to load the input literal into the input-0 register 1205 and begin to utilize the input-1 or the two input registers 1205-1206 (when input When the data is being processed by the pipeline, the start vector performs a password round on the input text data in the register input-0 1205, wherein the execution of the password round is based on the parameters provided by the contents of the control block register 1204. . Upon receipt of a load microinstruction specifying input -1205, block cipher logic circuit 1201 begins execution of a predetermined cryptographic operation of the control block contents. If a single cipher key needs to be expanded, the block ciphertext logic circuit 1201 generates each of the key schedules and stores it in the key random access memory 1202. Regardless of whether the block ciphertext logic circuit 1201 generates a key schedule or a key schedule is loaded from the memory, the key used in the first round is cached in the block ciphertext logic circuit 1201, so that The first block password round can be performed without using the key random access memory 1202. The block ciphertext logic circuit 1201 continues to perform a predetermined password operation on at least one of the input text blocks upon activation until the operation is completed. Next, the back alloy key required for the cryptographic algorithm used is extracted from the key random access memory 44 1250450 1202. The cryptographic unit 1200 operates on the block cipher that is specified for the specified input text block, and the subsequent input text block is cryptographically or decrypted by the execution of the subsequent load and store microinstructions. When a stored micro-instruction is executed, if the predetermined output data (ie, output-0 or round-trip 屮 has not been fully generated, the block ciphertext puzzle circuit 1201 issues a delay signal 1213. Once the output data has been generated and is Placed in a corresponding output register 12〇9-121〇, the contents of the register 1209-1210 are transferred to the storage bus 1212. Referring now to Figure 13, The block diagram of the block ciphertext logic circuit 13 of the advanced capitalization standard performs the cryptographic operation. The block ciphertext logic circuit 1300 includes a round engine (r〇und engine) 1320, and the round engine 1320 passes through the bus bar 1311. -1314 and bus bar 1316-1318 _ combined to a round engine controller (r〇und engine c〇ntr〇uer) 1310 ' and contains a gold size controller (key size controller) 1330, and uses a micro-instruction The scratchpad (micr〇instmcti〇nregister) l3〇i, the control word register 1302, the gold record-0 register 1303, and the key-1 register 1304 access the key data , microinstructions, and the parameters of the cryptographic operations performed The contents of the input registers 1305-1306 are sent to the round engine 1320, and the round engine 1320 provides corresponding output text to the round-out registers 1307-1308. The output registers 1307-1308 are also via the bus bars 1316-1317. Coupled to the round engine controller 1310 to cause the round engine controller to use the result of each subsequent password round, wherein the results are sent to the next password pass via the bus NEXTIN 1318. Key random access memory (not The cryptographic key in the display is accessed via the bus 1315; 45 1250450 The encryption/decryption signal 1311 causes the round engine to perform a password (such as S-Box) or decrypt (such as a reverse S-Box) using sub-operations; The content of the (RNDCON) bus 1312 causes the round engine 1320 to perform a first AES round, an intermediate advanced encryption standard round, or a final advanced encryption standard round. A key in the control block based on a predetermined cryptographic key used. For the content of the size block, the key size controller 1330 specifies the size of the password key via the key size bus 1319. If the key schedule is to be generated automatically, the round engine controller 13 10 issues a key generation signal 1314 to cause the round engine 1320 to generate a key schedule generated using the key provided via the bus 1313, wherein the size of the key is determined by the key size 1319, and the key bus 1313 is also used. The return engine 1320 is provided with a back alloy key for each corresponding execution. In one embodiment, the value of the key size bus 1319 indicates that the key size is 128 bits, 192 bits, or 256 bits. The round engine 1320 includes a first key exclusive (XOR) logic circuit 1321 that is coupled to a first scratchpad temporary store-0 1322. The first register 1322 is coupled to the S-box logic circuit 1323, the S-box logic circuit 1323 is coupled to a ShiflRow logic circuit 1324, and the shift logic circuit 1324 is coupled to a second register temporary storage - 1 1325 The second register 1325 is lying down to the Mix Column logic circuit 1326, and the hybrid logic circuit is coupled to a third register temporary storage - 2 1327. The first key logic circuit 1321, the S-box logic circuit 1323, the shift logic circuit 1324, and the hash logic circuit 1326 are configured to perform sub-operations of similar names on the input text data, and the sub-operations performed when the sub-operations are performed are determined by the above-mentioned advanced steps. Encryption standard FIPS standard. In addition, the column logic circuit 1326 is also configured to perform an advanced encryption standard mutual exclusion function on the input data during the desired intermediate back to 1250450, wherein the execution utilizes the back alloying force provided via the key bus 1313: The I-round logic circuit 1321, the S-box logic circuit 1323, the shift logic table 1324, and the hash logic circuit 1326 are also configured to perform the clear-circuit 2 anti-advanced encryption standard sub-operation during decryption, and the decryption action is via Plus = it starts on the status of the secret signal 1311. Those skilled in the art can solve the problem. The return data is sent back to the round engine according to the specific block cipher mode. The system is defined by the control block register 13〇2. The starting vector data (if two 320 is required) is sent to the round engine 132 via the bus NEXTIN 1318. In the embodiment shown in Figure 13, the round engine is divided into two classes.

One is located between the temporary storage _〇 1322 and the temporary storage _丨1325 _ P I self-respect and a second class between the temporary storage 4 1325 and the temporary storage - 2 1327. The intermediate round data is managed by the pipeline between the two classes' and the pipeline control system is synchronized with a clock signal (not shown). When the cryptographic operation of an input data block is completed, the relevant output data is placed in a corresponding output register 13〇7_13〇8. When a store microinstruction is executed, a designated output temporary crying 1307-1308 is sent to a storage bus (not shown). Referring now to Figure 14, there is shown a flow diagram illustrating one method of the present invention for maintaining the state of a cryptographic parameter when an interrupt occurs. The flow begins at block 1402, where an instruction stream is executed by a microprocessor, wherein the instruction stream does not need to include the cryptographic instructions described in this case. The flow then moves to decision block 1404. At decision block 1404, an interrupt event (such as a maskable interrupt 'non-maskable interrupt, page fault, work switch, etc.) is asserted 47 ! 2s 〇 4 50 I, at which point the instruction stream There needs to be a change to form an instruction stream ("interrupt = ruler") to handle the interrupt event. If the interruption is indeed in progress, the /; IL process proceeds to block 1406. If it is not 3, and if it is not right, then the process is judged on decision block 1404 and is determined until one of the animals is Dusen ^ a 峤 件 , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , At block 1404, since the famous ship 1 #斗, &gt;&amp; ^, , has an interrupt event before the transfer of the control to the corresponding foreigner, the interruption of the present invention The logical rabbit road clears the gentleman's position in a flag register, so as to ensure that if a block is closed when the interrupter returns, the in-progress, at least one event will be indicated and The control word ^ 4 Shishizizi, and the Bellow and the key data must be saved before the block cipher operation is continued... The input data block for which the cryptographic operation is directed is the input indicator and is not saved as the content. Refers to. At block 1408, inclusive of the present invention

He ^ ^ weight start, code and performance related indicators and counter architecture scratchpad. Anyone who is familiar with the technology can understand the current data computing device. ^, The storage of the eucalyptus structure is typically stored in the transmission control to the interrupt processing. Therefore, the present invention proposes the data architecture state. In order to make the interruption of the dispute, the implementation process has transparency in execution. After the scratchpad is stored, the user &quot;丨L advances to block 141〇 〇 At block 1410, the program stream is sent to the middle T processor. Flow then proceeds to block 1412. The method travels to block 1412 when the gentleman hangs. Those skilled in the art can understand that the method of Figure 14 is to interrupt processing. When there is a return, start again at block 14〇2. Referring now to Figure 15, there is shown a plurality of wheeled data areas that have occurred at least one interruption event by using the size of the user's predetermined password key from the condition of the present invention. The rogue #1 of the method of performing a cryptographic operation on the block is shown in Fig. 00. In order to make the description clearer, according to the block ciphertext mode, it is necessary to update the starting vector equivalents between the blocks (such as the output feedback mode and the ciphertext feedback mode), and the stored clear password. The computational flow (not granted), but these other block ciphertext modes are also covered by the present invention. The Wanzi stream (4) begins at block 1502, at which point a cryptic instruction of the invention causes the "find" to begin execution. The execution of the weight instruction can be _first execution, or: execution after -first execution, Because the interrupt event causes an interrupt, in which the interrupt event is executed, the interrupt of the thousand pairs causes the program control interrupt handler to execute and then transfer back to the weight command. Then, the flow bar proceeds to block 1504. When the block is at 1504, the input parameter register memory block data block of the input indicator is loaded from the memory, and the predetermined password is transferred: that is, in the predetermined embodiment, the reservation is executed. Password operation: The input size is: 2 "Liyuan" and the instruction needs to be executed to issue the Mimma:: dare to clear the X bit. In an embodiment where a *compatible and a 帛86 暂 register uses ^ yuan, the X bit 兀 can be cleared by executing a PHSDFD finger, and sub-receiving a POPFD command. The narrower ',,, ',, and white technology experts know that in other different embodiments, other instructions must be used to clear the bit. In the embodiment, the predetermined cryptographic operation is performed according to the advanced encryption standard: : At -, and then, the process proceeds $4' I to start. The caller proceeds to decision block 1506. At decision block 1506, a pick ^ &gt;

In the flag register, the X bit is turned on. B Whether the setting is 49 1250450 is determined. The IX bit is set by the ^ M ^ _ illusion sub-group and the value of the gold-plated schedule that is loaded into the weight-using unit of the present invention; if the 乂 bit is cleared, the control block is The gold record of the 14H = : of the schedule is slightly mentioned, the X bit is set by the right x position when an interrupt event occurs, and the flow proceeds to block 152; very y - , If the bit is divided by 4, the flow proceeds to block 1508. When Wang Wangdao sees at block 1508, a cleared event has indicated that an interrupt event has occurred or a new control word 4 fen/dou, am group, and/or gold record will be Manned, the big - control word group is carried out from the memory. In an embodiment, the loading of the control block causes the cryptographic unit not to perform a predetermined cryptographic operation, as described above in conjunction with the block. In the present embodiment, the beginning of the block reading is optimized for a plurality of 128-bit block cipher operations based on the electronic dense stone arches, the 隹", the mountain horse &amp; Assume that the current control block and Jin Yu tribute will be used, and the electronic cipher book mode using the 128-bit key 胄 128-bit input &amp; block is the most commonly used block ciphertext mode. The input cryptographic block is loaded, and the cryptographic operation that begins before the X-bit state in the check decision block b(9) is reset. (4) The flow proceeds to decision block 1514. In decision block %, block 15 〇 8 The KSIZE of the control block obtained is used to determine the size of the key to be used when the predetermined cryptographic operation is performed. If the key size is set to a 192-bit key, then the paw travels to Block 151〇; if the key size block value is predetermined to be a single key, then the flow proceeds to block 1516; if the key size block value 50 1250450 is predetermined to be a 256 bit in block 1512 control block key Fully loaded from the memory record is loaded, Block 1522. At block 1516, the size is predetermined to 128. The extended password keying process proceeds to block. At block 1518, the size of the gold is set. The execution of the cryptographic operation is performed in block 1520, and the cryptographic operation is performed. The block size at this time is the block. The block is generated at block 1524. When the block is in the block and the input is made, the block is entered into the file block. Then: the meta key, the flow proceeds to block 1518. The password key data is carried out from the memory. According to the state of the generated and gold record size, the key data is not (ie, a user generated key schedule), that is, the initial expansion is expanded into a key schedule. Then, when the flow advances, due to the bus key cryptographic key in the block ciphertext logic circuit, the required performer is the loader/loader, as described above with the matching block 1512. Then, 1522 When the 'block of the ciphertext logic circuit of the present invention is in the bus, so that its round engine uses a 256-bit cipher key. Then the flow proceeds to block 152 时. When the password is recorded as the above-mentioned compound Block 1512 is incremented/expanded. Next, the flow proceeds to block 1522. At this point, the input block indicated by block 1504 is again controlled by the newly loaded control block and key schedule. When the DSIZE block value in the block is determined to be encrypted, the second "...W out zone" input block is - not force... For 1:: corresponds to the ciphertext block. When decryption is repeated, the second block &apos; and the output block is - corresponding to the unpowered machine spear king proceeds to block 1528. 51 1250450 In the direction of the next size, the size of the block is discussed. The content of the device is discussed. The line execution is judged and the value is judged. The value is advanced to the square block 1532. The input data is also the constitutive phase. Rong Zhi has a wide share. That is, the architecture, and even if the device itself is in block 1528, the input and output block indicator registers are changed to the input and output data blocks' and are based on the data block values in the control block. In addition, the contents of the block counter register are changed. The cryptographic operation of the previous round entry data block is completed. In conjunction with the fifteenth embodiment, the block count is decremented by the register value. However, the skilled artisan is aware that other different embodiments may temporarily manipulate and test the block counters to also control the input text block. The flow then proceeds to decision block 1530. At block 1530, whether an input data block continues to be judged. In the embodiment described herein, the block counter is used to be equal to zero. If no block is executed, then block 1534; if a block is to be executed, the flow proceeds to block 1532, where a block is loaded under the contents of the input indicator register. In. Flow then proceeds to block 1524. The method ends when it proceeds to block 1534. The purpose, features, and advantages of the invention are described in detail above, but other embodiments encompass the scope of the invention. For example, the present invention and the χ86 continuation embodiment have been described in detail above, since the χ86 architecture is a general solution, so the discussion of it may be used to teach the scope of the other parts of the invention to be expanded to p〇werpC. Other instruction sets such as Mjps are also applicable to other new instruction set architectures. The cryptographic operation of the present invention can also be performed in a control device other than the micro-processing in a computing system. For example, in a computing system, a different 52 1250450 is performed on the name code of the integrated circuit of the microprocessor. These entities are also integrated in a sequence around a crystal, such as North Bridge and South may constitute a dedicated processor to perform cryptographic operations, at this time the second and the order - the main microprocessor is sent Into the processor, the invention can also be used for the intrusive controller, the industrial 栌 果 ί 工 为 七 七 七 七 七 七 七 七 七 七 七 七 七 七 七 七 七 七 , , , , , , The present invention also includes two: in the above-mentioned control elements necessary for performing cryptographic operations, the low-cost and low-power substitute mode for the implementation of the cryptographic operation is poor. For convenience of explanation, the inventor of the present invention will::: Different processing elements are collectively referred to as processors. X. Further, although the above invention is in the form of 128-bit blocks As a representative of σ brothers and moons For large y丨, Ί*Γ low yf is also used by Tian 4 -t size, only need to change the carrying of rain negative materials, output data, gold transmission and ^ permission to make fine qi qi soil, and 工 制 制The size of the scratchpad can be achieved. :: Although the characteristics of the data encryption standard and the triple data encryption standard have been detailed in this case, the inventor of the present invention specifically includes the general force and the corpse 4 The block ciphertext algorithm for pregnancy is not used. For example, MARS ciphertext, R]jndael 宓J Shanwen Twofish essay and B1〇wflsh ciphertext, Serpent ciphertext and RC6 ciphertext. After the description, the use of the unique block password device ^, A and the support method from the processing state of the tobacco must be known as 'the general micro block cryptographic operation can be motivated by a single, to be executed曰 In addition, although the present invention has been directed to the μ τ Ε block start code, the code 贝 法 method, and the execution block 53 1250450 cryptographic function related technology, and the other code of the real code of the present invention The form of use. It is not difficult for the reader to understand the execution of the instructions. Let a compatible fi 侍 単 単 子 子 子 u u u 在 在 在 u u u u u u 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含 包含In the case of the code list, the round engine described in the present case has to provide one or two input breeding blocks for pipeline processing. The inventor's volume of the case: u for the embodiment of more than three classes is also # § special description 1 J also exists. It is foreseeable that ancient

The hierarchical method of pipeline processing into the data block has evolved with the improvement of the segmentation technology of other classes in the multi-wheeler. After the implementation-consistency micro-disposal, the present invention has been described in detail to support a plurality of zone crypto units as single--, but the scope of the present invention is also included in the computational and compatible microprocessors. Other Guzan code single-line coupling '1 is set to execute a defined block password', will: drought yuan flat: and: - - unit set to perform advanced encryption standard performance: method. The second unit is set to perform the data encryption standard algorithm and the like. /, different law, ~

The present invention has been described in detail above with respect to the specific embodiments, and it is understood that the present invention may be changed or changed without departing from the spirit and scope of the invention. The spirit and scope of the invention will be defined as follows. Please refer to the following patents. The following is a brief description of the drawings. After reading the following description and the drawings, other objects and features of the present invention. And the advantages will be easier to understand, among which: the above and 54 1250450 Figure 1 is a block diagram illustrating the current password-related applications; Figure 2 is a block diagram illustrating the technique for performing cryptographic operations; Figure 3 is a representation of this A block diagram of a microprocessor device for performing cryptographic operations; FIG. 4 is a block diagram of an embodiment of a basic unit cipher command of the present invention; and FIG. 5 is a block diagram showing a block cipher mode block in a basic unit command in FIG. A table of bit value examples; Fig. 6 is a block diagram of a cryptographic unit in a microprocessor of the same type as x86; and Fig. 7 is a diagram showing a cryptographic correlation subroutine in the microprocessor of Fig. 6. instruction The block diagram in the example; Figure 8 is a table of the scratchpad block value of the load microinstruction in the format of Fig. 7; Fig. 9 is a temporary storage microinstruction in the format of Fig. 7. a table of register field values; FIG. 10 is an example of a control character format for a password-related parameter of a cryptographic operation of the present invention; and FIG. 11 is a table of a key size block value of the control character of FIG. Figure 12 is a block diagram showing an example of a cryptographic unit in the present invention, and Figure 13 is a block diagram showing an embodiment of a block cipher logic circuit for performing cryptographic operations of the advanced encryption standard of the present invention; 55 1250450 Figure 14 is a flow chart showing a method for storing the state of a password-related parameter during an interruption event of the present invention; and Figure 15 is a diagram for explaining a cryptographic operation performed on a plurality of input data blocks, And at least one interrupt event occurs when a user pre-determines the password key size. [Main component symbol description] 100 Block diagram 102 Second computer workstation 104 Workstation 107 First router 109 Wireless network 111 Second router 200 Block diagram 201 Microprocessor 203 Program memory 205 Gold balance scheduling 207 Decryption application 209 Password Parameter 211 ciphertext block 301 microprocessor 303 conversion logic circuit 305 microinstruction storage entry 307 register group 13 6 8 ο ο ο ο 0 2 24 6 8 0 0 2 4 6 ο ο οοιοοο ο 08 3密密第工网无广加脑置站电装作端存工远储脑C案电式档程用由路密路路解网/ 体软系业用用用钥金码The secret-type table-storage device is included in the temporary-use block, and the tag is added to the block diagram. The caption is used to add the finger-finger-finger control system to the finger-finger system; 〇9 key indicator register 310 Initially input to the index register 311 index register 312 output index register 56 1250450 313 block count register 315 memory 317 storage logic circuit 314 load logic circuit 316 password use unit 318 write back logic Key gold level •, oCSS key field road gold area electric front command code character series column refers to cipher text code code industry code start line selection calculation as dense line output mode can be transported table extraction logic circuit converter Register class load class microinstruction array microinstruction array microinstruction array 319 memory bus 320 321 memory 322 323 cryptographic control block 324 325 start vector 326 327 memory location 328 400 basic unit cryptographic instruction 401 402 Repeat Pre-Block 403 404 Block Ciphertext Mode Field 500 600 Microprocessor 601 602 Conversion Logic 603 604 Microcode Read Only Memory 605 606 Address Class 607 608 Executive Class 609 610 Parallel Execution Unit (Integer Single 611 yuan) 612 parallel execution unit 613 614 parallel execution unit 615 micro-command 伫歹 616 parallel execution unit 617 crypto unit 618 storage class 619 write back class 620 load bus 621 pause signal 57 1250450 622 storage bus 624 register 625 X bit 626 interrupt logic circuit 627 software and hardware interrupt signal 628 conversion logic circuit 629 E bit 630 631 D bit 632 640 Gold record generation logic circuit 700 701 Micro code code 702 703 Register position 704 1000 Control block format 1001 1002 Data block size block 1003 1004 Mishi horse / Decryption field 1005 1006 Gold output Bit 1007 1008 Round Count RCNT Shelf 1200 1201 Mi Shi Ma Jin Transmission Random Access Memory 1202 Body 1203 Micro Operation Shima Register 1204 1205 Input-0 Register 1206 1207 Jin Yu-0 Register 1208 1209 ¥ m out of the register 1210 1211 load bus 1212 1213 delay signal 1214 1300 block ciphertext logic 1301 1302 control block register 1303 1304 gold-1 register 1305 1306 m into the register 1307 1308 temporary 1310 1311 Bus 1312 1313 Bus 1314 Feature Control Register Execution Logic Circuit Format Data Scratchpad Arrangement Gatchment Retainment Intercept Gold Remaining Size Field Intermediate Result Field Algorithm Field Cryptographic Unit Key Random Save Memory

器器器器器器器排排器存存存存存存汇汇暂存存字-1 suspend order order 9 temporary system entry key deposit finger key into deposit control deposit gold storage Pico gold transfer temporary round engine controller bus 58 Γ250450 1315 bus 1317 bus 1319 bus 1321 key mutual exclusion logic 1323 S-box logic 1325 second register temporary storage - 1327 third register 1402 start 1406 clear bit 1410 interrupt processing 1502 start 1506 X bit has been set 1510 set 192 bit key for the round engine 1514 password key size? 1518 sets the 256-bit key to use the round engine 1522 to load the input block (again) and update 1526 to store the output block to the memory 1530. The block counter is 0. 1534 completes the busbar bus round engine first register temporarily Memory-〇-shift logic circuit mixed column logic power key size controller interrupt? The storage architectural scratchpad finishes loading the input block (scheduled) and starts loading the control block and resets the load/expansion key schedule load/expansion gold load schedule load/expansion key row The process generates an output block update block counter and refers to the _ tag loading input block and starts 59

Claims (1)

1250450 Included in the package: Calculate the code of the code of the code. #:行, please apply the stipulations of the order, the code is set to the secret, the *&quot;tt makes the finger in the code , the output is used to pick up the place, the way to install the electricity calculation order refers to a code for the secret key, etc. The code is fixed to the number of orders, the code refers to the code, the code refers to the code, the code refers to the code, the secret part of the One of the flow ones refers to the I, the size of the code, and the code of the package, and the circuit code of the electric code is called the code. The code is combined with the code, and the device is calculated as a custom-made accusation in the small, the road to the key to the power of the gold to set a logic to set the line to calculate the ^gc code. Refers to the small key to the gold key, the fixed value of the code is 1 is used by the first use of the inter-fan profit period, please apply for the same as 2. The package contains more blocks of civilized number of complexes Adding the calculation il 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密 密In the block area, the number of documents is the same as the number of copies, and the corresponding package is included. Please calculate the port number. The fixed number of the block of the dense block refers to the recovery of the number of the package, and the calculation of the shipment should be carried out. The production of the product should be the same as the settlement of the product. Please apply for a copy such as 4· Yuan Diwei 8 Fan 2 1 for the special only please Xiao Shen Da as 5 · Yuan Diyuan position 2 Fan 9 1 Li with special package please Xiao Shen Xiaoda as big 6. 6 5 2 Item Key Key Code is the key to the key code that is placed in it. The f4el-a code-fixed device is controlled by κ, the key jin is The -^1 ο 1ΦΙ The method of its 5/ΓΛ- 异5 The installation of the standard item of the item 1 plus 1 The first type of circumference of the Fan Jin Fan Liyi special department please apply Such as the 7.8. Key Jinyi's middle group word control - the reference to the code refers to the code. The dismissal is used by the small quilt. The syllabus is for the purpose of the stipulation. The dense part of the middle is placed. The storage item of the loader is temporarily 1 〇 60 1250450 one, the bit area is equal to one, the bit is contained in the mark body word, the mark body is the raw package, the memory is the package, the memory is the memory, and the memory is recorded. The second storage block of the second record is stored in the second zone, and the first one is temporarily replaced by the first word, and the package containing the pair of codes, such as the number, is used to store the package, and the package is stored. The address of the address in the area is stored in the space, and the internal position is determined by the word. The body uses the text, and the body uses the number finger to recall, the input device recalls, and the complex is stored and recorded. The first two digits of the temporary account, such as the first one, shall be the first entity, the second body, the first memory zone, the first memory zone, the first memory zone, the first memory zone, and the first One, the circumference, the second, the text of the instrument is taken. The standard of the instrument is the first to enter the profit. The first place is the first place. The first part of the code is for the first time. The reproduction is as good as one, the number of the secret packets is included in the material containing the standard, and the multi-packet refers to the three-point key of the device, and the third is stored by the gold. Bit. Waiting for the end, etc., including the end of the secret, the reference to the package, take the number and the medium-sized address is stored in the small size, and its internal position is used for its large size. The package insulator recalls that the material is stored in the deposit and the deposit is stored in the deposit. The temporary three-digit key code secret item three items four body gold item secret 10th district 10 first memory code 14 the first of the first to the memory of the first, refers to the circumference, refers to the circumference, refers to the three The key is used by the standard device. Special temporary secondary school temporary three fixed secret yuan, please ask three, please ask for a fourth letter, please apply for a settlement. Package one, the position of the secret one, the bit material contains the standard body containing the standard body package refers to the inclusion of the fixed package refers to the key device four records the package finger five records gold deposit fourth position is stored the fifth code The temporary body is temporarily replaced by a first secret, etc., including the end of the recall, etc., and the package is included in the package. The medium address has four pairs of medium-sized addresses, and its internal position is set. The inner position, the row, the body of the person, the body placement device recall, the volume effect device recalls the gold storage record, etc. The first five items of the first four items of the first four items of the first four items of the first record of the first record of the first record to the first place , refers to the four sets of the circumference, refers to the standard of the instrument, the standard of the instrument, the use of profit refers to a quantity or. Li Shou refers to the special temporary four-fixed vector calculations, the special five, one, five, the first, the first, the sixth, the application, the sixth, the application, the application, the starting code, the application, the same as the 61 1250450 group, the word is included in the package Control a group of words to take the word system to control the use of the middle, the location of its location, the calculation of the number of memory, the participation of the horse Ma Yanyan stone 'stone' five secrets of the certain calculations When the code is used to be used as a densely-packed address, it is determined by the line to be settled. The large-size key of the transport code column is used to be the key. The big key is the key. The 匕曰 包 包 包 包 输 输 输 输 对 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 个 , , , , , , , , , , , The person, the first area of the yuan, the special code area of the code block, please use a word, such as the code to be secretly controlled by the group of words, the one of which is controlled by the group. The word system controls the loss of a small number of large keys to the gold system: the control contains the small package and its key, the gold is placed in the package. The single code code is dense and the line is given to the seed 1 1. One of the final calculations is the code, the secret code and the like, the secret line is executed, and the middle order is set to one size. The inner stream single order code refers to the use of the secret one-to-one code, and the determined ilil code code is determined to be pre-executed by the order. It is also the case that the operator refers to the time-coded code of the password, which is the combination of the fixed-coupling and the calculation of the line f-£", and the set-up power is used to make and control the set; The key, the key element is installed. 20 small Di Dawei loses the van. Jin Liyuan This special position should be used to make the application of the second paragraph. In the case of Li Yuan, please refer to 2. 2 9: 1X, which contains a small key, which contains the package \ IJ / Key Key, which contains the package key, which is the item of the package. Li Yuan Special Position Please 6 5 Shen 2, such as 3. 2 Calculate 3⁄4 code. China and France are the key items of the standard binding and the 20th type of encirclement into the Fan Yili department. Please wait for 24. 37隹一ΊηΊ. The control of the small control of the big control is the key to the code. It should be set to one. Installed in one of the columns, the translation of the small 20 solution, the first section of the deposit, the set of funds, the set of the special road, please call the group to write a word such as 5. 2 code secret, the Chinese and French, the calculation of the shipment . Code item type secret 20 grid line order to hold the index in the standard 6 set 8 Lee X installed special one should follow the application system such as a 6.7. 2 2 set the order to include the calculation of the package f&amp; c· Code number of the number of pre-orders, the code refers to the code, the code refers to the code--••收接目,,;J〆^ 62 1250450 The key is the key code and the key; Between the regular execution, the person in charge of the execution is controlled by the word in the block with the block of the bit, and the test of the law refers to the code of 27 yards. One special in the application of a request such as 8.2 pre-packaged step by step to specify the ο, the step of the step of the small item big 28 yards the first secret key Fan Jinli the special order please Ming Shen as 9. 2 The pre-packaged step is specified in the middle. Its, ^7, the key code of the large key loading gold key 28 The first is the square yuan position profit 8 special 2 1 Please apply for the declaration. For example, the pre-packaged step is specified in the middle. Its, the key to the key of the gold key, the secret 28, the first for the yuan, the consumption of the bite 2 special 9 1 please apply for the package. The initial step is to use the code to make the secret. It refers to the small, the code of the key to the key of the big-handed key account, the number of the secrets, the performance of the standard, the standard, the standard, the secret, the position, the privilege, the privilege, the genre, the genus, the genus, the genus, the Step by step to pick up the middle. The order of the code is fixed. The pre-formation of the code is pre-existing.