WO2022143536A1 - 基于APSoC的国密计算方法、系统、设备及介质 - Google Patents
基于APSoC的国密计算方法、系统、设备及介质 Download PDFInfo
- Publication number
- WO2022143536A1 WO2022143536A1 PCT/CN2021/141692 CN2021141692W WO2022143536A1 WO 2022143536 A1 WO2022143536 A1 WO 2022143536A1 CN 2021141692 W CN2021141692 W CN 2021141692W WO 2022143536 A1 WO2022143536 A1 WO 2022143536A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- calculation
- data
- calculated
- bits
- calculation result
- Prior art date
Links
- 238000004364 calculation method Methods 0.000 title claims abstract description 386
- 230000005540 biological transmission Effects 0.000 claims abstract description 38
- 238000012545 processing Methods 0.000 claims description 52
- 238000000034 method Methods 0.000 claims description 24
- 230000006835 compression Effects 0.000 claims description 17
- 238000007906 compression Methods 0.000 claims description 17
- 230000008569 process Effects 0.000 claims description 16
- 230000010354 integration Effects 0.000 abstract description 9
- 230000008901 benefit Effects 0.000 abstract description 6
- 238000005516 engineering process Methods 0.000 abstract description 5
- 238000005538 encapsulation Methods 0.000 abstract description 2
- 238000012795 verification Methods 0.000 description 7
- 238000010586 diagram Methods 0.000 description 6
- 238000004458 analytical method Methods 0.000 description 4
- 230000006870 function Effects 0.000 description 2
- 230000002093 peripheral effect Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 230000001360 synchronised effect Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 230000003993 interaction Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/72—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
Definitions
- the present application relates to the field of information technology, and in particular, to an APSoC-based computing method, system, device and medium for state secrets.
- the inventor found that the existing implementation has at least the following problems: although the second implementation has the advantage of fast calculation speed compared with the first implementation, the second implementation can only As a cipher card, if the peripherals of the processor perform state secret calculations, the core processor needs to be driven.
- the cipher card and the core processor together form a complete system, which occupies a large volume, is not conducive to integration, and is not suitable for embedded use of equipment.
- Embodiments of the present application provide an APSoC-based computing method, system and medium for state secrets to solve the problem that the prior art cannot take into account the calculation speed and volume when performing state secret calculations, which is unfavorable for integration and the use of embedded devices.
- An APSoC-based national secret computing method comprising:
- the calculation result is encapsulated according to the data transmission format, and the encapsulated calculation result is output to the ARM core.
- performing calculation processing on the data to be calculated according to the operation code and its corresponding protocol specification, and obtaining a calculation result includes:
- the data to be calculated is divided into several calculation links;
- the last saved calculation result is read from the memory as the calculation result of the data to be calculated, and the state machine is updated to an idle state.
- performing the calculation steps according to the division order, and saving the calculation results of the calculation steps into the memory includes:
- the state machine For each computation link, the state machine is updated to be in computation at the start of execution
- the calculation result returned by the preset calculation unit is obtained, the calculation result corresponding to the calculation link is stored in the memory, and the state machine is updated to the calculation completion state;
- bits 0-1 represent the preset header information
- bits 2-4 represent the operation code
- bit 5 represents the information type
- bits 2-4 represent the information type.
- Bits 6-7 represent reserved bits
- bits 8-39 represent the data length
- bits after 40 represent the data to be calculated.
- the protocol specification includes at least one of the SM2 protocol specification, the SM3 protocol specification, and the SM4 protocol specification.
- the preset operation unit includes a group operation unit and a modulo operation unit;
- the group operation unit is used for performing group operation processing based on elliptic curve
- the modulo operation unit is used for performing modulo operation processing
- the preset arithmetic unit includes a message expansion unit and an iterative compression unit;
- the message expansion unit is configured to perform the calculation processing related to message expansion in the SM3 protocol
- the iterative compression unit is configured to perform the calculation processing related to iterative compression in the SM3 protocol.
- the preset operation unit includes a key expansion unit and a round operation unit;
- the key expansion unit is used to perform the calculation processing of the key expansion in the SM4 protocol
- the round operation unit is used to perform special processing in each round of calculation of the SM4 protocol.
- a national secret computing device based on APSoC comprising:
- the interface module is used to obtain the bit stream sent by the ARM core
- a parsing module configured to parse the bit stream according to a preset data transmission format to obtain data to be calculated and an operation code
- a protocol calculation module configured to perform calculation processing on the data to be calculated according to the operation code and its corresponding protocol specification to obtain a calculation result
- the parsing module is further configured to encapsulate the calculation result according to the data transmission format
- the interface module is further configured to output the encapsulated calculation result to the ARM core.
- a computer-readable storage medium storing computer-readable instructions, characterized in that, when the computer-readable instructions are executed by a processor, the above APSoC-based national secret computing method is implemented.
- a computer device comprising a memory, a processor, and computer-readable instructions stored in the memory and executable on the processor, the processor executing the computer-readable instructions to implement the above-described based APSoC's national secret calculation method.
- This application uses APSoC to perform national secret calculation, obtains the information to be calculated sent by the ARM core; parses the information to be calculated according to the preset data transmission format, and obtains the data to be calculated and the operation code; according to the operation code and its operation code
- the corresponding protocol specification performs calculation processing on the data to be calculated to obtain a calculation result; finally, the calculation result is encapsulated according to the data transmission format, and the encapsulated calculation result is output; it not only improves the calculation speed of state secrets, but also can
- Using the ARM core inside APSoC as the core processor to drive the national secret calculation has the advantages of high integration and small size, suitable for embedded devices, and effectively solves the problem that the existing technology cannot calculate the speed and volume of the national secret calculation. Take into account the problems that are not conducive to the use of integrated and embedded devices.
- FIG. 1 is a schematic diagram of an APSoC provided by an embodiment of the present application.
- FIG. 2 is a schematic diagram of an APSoC-based national secret computing system provided by an embodiment of the present application
- FIG. 3 is a flowchart of an APSoC-based national secret computing method provided by an embodiment of the present application.
- step S103 is a flowchart of step S103 in the APSoC-based national secret calculation method provided by an embodiment of the present application;
- step S302 in the APSoC-based national secret calculation method provided by an embodiment of the present application
- FIG. 6 is a schematic diagram of a computer device provided by an embodiment of the present application.
- the embodiment of the present application adopts APSoC to perform state secret calculation, and obtains the information to be calculated sent by the ARM core; Analyze the information to be calculated according to the preset data transmission format to obtain the data to be calculated and an operation code; perform calculation processing on the data to be calculated according to the operation code and its corresponding protocol specification to obtain a calculation result; finally The calculation result is encapsulated according to the data transmission format, and the encapsulated calculation result is output; it not only improves the calculation speed of the national secret, but also can use the ARM core inside APSoC as the core processor to drive the calculation of the national secret, with a high degree of integration
- the advantages of high height and small size are suitable for embedded devices.
- the APSoC-based national secret calculation method provided in this embodiment will be described in detail below.
- FIG. 1 is a schematic diagram of a system-level all-programmable system-on-chip (All Programmable System-on-Chip, APSoC for short) provided by an embodiment of the present application.
- the APSoC includes an ARM core 1 and a national secret computing system 2 .
- the ARM core 1 is used to drive the state secret computing system 2 .
- the state secret computing system 2 is used to perform state secret calculation.
- FIG. 2 is a schematic diagram of an APSoC-based national secret computing system according to an embodiment of the present application.
- the APSoC-based national secret computing system includes an interface module 10 , a parsing module 20 , a protocol computing module 30 and a memory 40 .
- the interface module 10 is preferably a bus (Advanced eXtensible Interface, AXI) interface, and the AXI interface refers to a bus protocol proposed by ARM, which is an on-chip bus for high performance, high bandwidth and low delay. .
- the ARM core 1 and the state secret computing system 2 interact through the AXI interface to transmit data. Specifically, when the ARM core 1 drives the state secret calculation, the AXI interface is used to obtain the bit stream sent by the ARM core 1; when the calculation of the state secret calculation system 2 ends, the AXI interface is used to send the data to the The ARM core 1 outputs the encapsulated calculation result.
- AXI Advanced eXtensible Interface
- the first end of the parsing module 20 is connected to the AXI interface, and the second end is connected to the protocol calculation module 30 .
- the parsing module 20 is configured to receive the bit stream sent by the AXI interface, and parse the bit stream according to a preset data transmission format to obtain the data to be calculated and the operation code.
- the bit stream is the original data code, and through parsing, the original data code can be decoded into parsed data that can be used by the protocol calculation module 30, that is, the core operation code of the data to be calculated.
- bits 0-1 represent the preset header information
- bits 2-4 represent the operation code
- bits 5 represent the information type
- bits 6-4 represent the information type.
- Table 1 is an example of the data transmission format provided by this application.
- the preset header information is fixed at 11.
- the opcode is used to specify the type of national secret calculation.
- the type of national secret calculation includes but is not limited to SM3 hash calculation, SM2 encryption calculation, SM2 decryption calculation, SM2 signature calculation, SM2 signature verification calculation, SM4 encryption calculation Calculation, SM4 decryption calculation, the corresponding opcodes are 100, 010, 110, 001, 101, 011, 111, and a reserved bit 000 is also included.
- the information type is used to specify the data transmission direction.
- the data transmission direction includes ARM sending and ARM receiving, and the corresponding information types are 0 and 1 respectively. Reserved bits are represented by 00.
- the data length is used to specify the data length, which follows the Least Significant Bit (LSB) rule for storing the least significant byte at the low address.
- the 40th and subsequent bits are used to store the data to be calculated corresponding to this national secret calculation.
- the protocol calculation module 30 is configured to perform calculation processing on the data to be calculated according to the operation code obtained by the analysis module 20 and its corresponding protocol specification to obtain a calculation result.
- the protocol specification includes at least one of the SM2 protocol specification, the SM3 protocol specification, and the SM4 protocol specification.
- the protocol calculation module 30 includes at least one of the SM2 protocol calculation module 31 , the SM3 protocol calculation module 32 , and the SM4 protocol calculation module 33 .
- the analysis module 20 After the analysis module 20 obtains the operation code, it triggers the corresponding SM2 protocol calculation module 31 or the SM3 protocol calculation module 32 or the SM4 protocol calculation module 33 according to the operation code, and the SM2 protocol calculation module 31 or the SM3 protocol calculation module 33. 32 or the SM4 protocol calculation module 33 performs calculation processing on the data to be calculated according to specific protocol specifications.
- the SM2 protocol calculation module 31 further includes an SM2 protocol control unit 311 , a first scheduling unit 312 , at least one group operation unit 313 and at least one modulo operation unit 314 .
- the SM2 protocol control unit 311 is configured to divide the data to be calculated into several calculation links according to the operation code and its corresponding protocol specification, and execute the calculation links; the intermediate results obtained by each calculation link are temporarily stored in the in the memory 40.
- the SM2 protocol control unit 311 sends the operation code and the data to be calculated corresponding to the calculation link to the first scheduling unit 312, and at the same time updates the state machine to calculate in;
- the first scheduling unit 312 is used to schedule a preset operation unit to perform calculation processing on the data to be calculated corresponding to the calculation link and the calculation result of the previous calculation link, and when the preset operation unit is obtained, it returns When the calculation result is obtained, the calculation result is returned to the SM2 protocol control unit 311 .
- the group operation unit 313 is used for performing the group operation processing based on the elliptic curve
- the modulo operation unit 314 is used for performing the modulo operation processing.
- the SM2 protocol control unit 311 further saves the calculation result corresponding to the calculation link in the memory 40, and updates the state machine to the calculation completion state, and the group operation unit 313 and the modulo operation unit 314 are immediately converted to an idle state .
- the SM2 protocol control unit 311 continues to instruct the execution of the next calculation link. After all calculation links are performed, the SM2 protocol control unit 311 reads the last saved calculation result from the memory 40, sends it to the parsing module 20 as the calculation result of the data to be calculated, and sends the calculated result to the analysis module 20.
- the state machine is updated to the idle state.
- the parsing module 20 is further configured to encapsulate the calculation result according to the data transmission format; the AXI interface is further configured to output the encapsulated calculation result to the ARM core 1 . So far, the state secret calculation process for the data to be calculated is completed, and the protocol calculation module 30 is released.
- the SM3 protocol calculation module 32 further includes an SM3 protocol control unit 321 , a second scheduling unit 322 , at least one message expansion unit 323 and at least one iterative compression unit 324 .
- the SM3 protocol control unit 321 is configured to divide the data to be calculated into several calculation links according to the operation code and its corresponding protocol specification, and execute the calculation links; the intermediate results obtained by each calculation link are temporarily stored in the in the memory 40.
- the SM3 protocol control unit 321 sends the operation code and the data to be calculated corresponding to the calculation link to the second scheduling unit 322, and at the same time updates the state machine to calculate
- the second scheduling unit 322 is used to schedule the preset operation unit to perform calculation processing on the to-be-calculated data corresponding to the calculation link and the calculation result of the previous calculation link.
- the calculation result is returned to the SM3 protocol control unit 321 .
- the message expansion unit 323 is configured to perform the calculation processing related to message expansion in the SM3 protocol
- the iterative compression unit 323 is configured to perform the calculation processing related to iterative compression in the SM3 protocol.
- the SM3 protocol control unit 321 further saves the calculation result corresponding to the calculation link in the memory 40, and updates the state machine to the calculation completion state.
- the message expansion unit 323 and the iterative compression unit 323 are immediately converted into idle state.
- the SM3 protocol control unit 321 continues to instruct the execution of the next calculation link. After all calculation links are executed, the SM3 protocol control unit 321 reads the last saved calculation result from the memory 40, sends it to the parser 20 as the calculation result of the data to be calculated, and sends the calculated result to the parser 20.
- the state machine is updated to the idle state.
- the parsing unit 20 is further configured to encapsulate the calculation result according to the data transmission format; the AXI interface is further configured to output the encapsulated calculation result to the ARM core 1 . So far, the state secret calculation process for the data to be calculated is completed, and the protocol calculation module 30 is released.
- the SM4 protocol calculation module 33 further includes an SM4 protocol control unit 331 , a third scheduling unit 332 , at least one key expansion unit 333 and at least one round operation unit 334 .
- the SM4 protocol control unit 331 is used to divide the data to be calculated into several calculation links according to the operation code and its corresponding protocol specification, and execute the calculation links; the intermediate results obtained by each calculation link are temporarily stored in the in the memory 40.
- the SM4 protocol control unit 331 sends the operation code and the data to be calculated corresponding to the calculation link to the third scheduling unit 332, and at the same time updates the state machine to calculate
- the third scheduling unit 332 is used to schedule the preset operation unit to perform calculation processing on the data to be calculated corresponding to the calculation link and the calculation result of the previous calculation link.
- the calculation result is returned to the SM4 protocol control unit 331 .
- the key expansion unit 333 is used to perform the calculation processing of the key expansion in the SM4 protocol
- the round operation unit 334 is used to perform special processing in each round of calculation of the SM4 protocol.
- the SM4 protocol control unit 331 further saves the calculation result corresponding to the calculation link in the memory 40, and updates the state machine to the calculation completion state, and the key expansion unit 333 and the round operation unit 334 are immediately converted. is idle.
- the SM4 protocol control unit 331 continues to instruct the execution of the next calculation link. After all calculation links are executed, the SM4 protocol control unit 331 reads the last saved calculation result from the memory 40, sends it to the parsing module 20 as the calculation result of the data to be calculated, and sends the calculated result to the analysis module 20.
- the state machine is updated to the idle state.
- the parsing module 20 is further configured to encapsulate the calculation result according to the data transmission format; the AXI interface is further configured to output the encapsulated calculation result to the ARM core 1 . So far, the state secret calculation process for the data to be calculated is completed, and the protocol calculation module 30 is released.
- the embodiment of the present application uses APSoC to realize the calculation of state secrets, which not only improves the calculation speed of state secrets, but also can use the ARM core inside APSoC as a core processor to drive the calculation of state secrets, which has the advantages of high integration, small size, and power consumption. Low cost and good portability, it is suitable for embedded devices, especially the highly integrated use of embedded devices in the Internet of Things scenario, effectively solving the problem that the existing technology cannot take into account the calculation speed and volume when performing national secret calculations. Facilitate the use of integrated and embedded devices.
- the embodiment of the present application forms a functional operation unit of each minimum unit by dividing the computing resources, such as a group operation unit and a modulo operation unit, a message expansion unit and an iterative compression unit, a key expansion unit, and a round operation unit. , it is convenient to schedule computing resources in a pipeline manner, and reuse these functional computing units, so that computing resources can be maximized in unit time.
- the computing resources such as a group operation unit and a modulo operation unit, a message expansion unit and an iterative compression unit, a key expansion unit, and a round operation unit.
- Fig. 3 is the realization flow of the APSoC-based national secret calculation method provided by the embodiment of this application.
- the APSoC-based national secret computing method is applied to the national secret computing system in APSoC as shown in FIG. 2 .
- the method includes:
- step S101 the bit stream sent by the ARM core is acquired.
- the application program in the ARM core 1 sends the bit stream to be calculated to the state secret computing system through the AXI interface.
- the national secret computing system 2 obtains the bit stream to be calculated through the AXI interface.
- step S102 the bit stream is parsed according to a preset data transmission format to obtain data to be calculated and an operation code.
- the state secret computing system 2 parses the bit stream to be calculated through the parsing module 20, obtains the data core operation code to be calculated therein, and triggers the corresponding protocol calculation module 30 according to the operation code.
- the preset data transmission format please refer to the above Table 1 for details, and details are not repeated here.
- the order of reception is indicated by going forward, then the first received 2 hexadecimal digits "17" are converted into binary digits as "00010111", of which "11" on the 0-1st bit represents the beginning information, The "101" on the 2-4th bit represents the opcode, the corresponding table 1 is the SM2 signature verification calculation, the "0" on the 5th bit means ARM sends, and the "00" on the 6-7th bit means reserved bit. Then the received 8 hexadecimal digits "00000500" are the data length, indicating 1280 bits, and then 1280 bits are parsed as the data to be calculated.
- step S103 a calculation process is performed on the data to be calculated according to the operation code and its corresponding protocol specification to obtain a calculation result.
- the state secret computing system 2 performs computing processing on the data to be computed through the protocol computing module 30 according to specific protocol specifications.
- the protocol calculation module 30 includes a variety of computing unit resources, and the protocol computing module 30 completes the calculation of state secrets by scheduling the computing units.
- the step S103 further includes:
- step S301 the data to be calculated is divided into several calculation links according to the operation code and its corresponding protocol specification.
- the embodiment of the present application divides the calculation link according to the protocol specification.
- three calculation links will be divided through step S301, namely: the first calculation link, execute "1+ 2"; in the second calculation link, execute "the calculation result of the previous calculation link + 3"; in the third calculation link, judge "whether the calculation result of the previous calculation link is equal to 6".
- the above is only an example of dividing and calculating steps provided in this application, and does not constitute a limitation to this application, and the SM2 signature verification calculation steps in practical applications are not limited to this.
- step S302 the calculation steps are executed according to the division sequence, and the calculation results of the calculation steps are stored in a memory.
- each calculation step is executed according to the sequence of division of the calculation steps, and the calculation result of each calculation step is stored in the storage 40 as an intermediate result.
- the calculation result of each calculation link will have an impact on the next calculation link, which is one of the calculation parameters of the next calculation link.
- the step S302 further includes:
- step S501 for each calculation link, the state machine is updated to be in calculation at the beginning of execution.
- the embodiment of the present application triggers the calculation link by sending the operation code and the to-be-calculated data corresponding to the calculation link to the scheduling unit, and controls the state machine to update, and the update status information is in calculation to indicate the protocol calculation Module 30 is running.
- step S502 a preset computing unit is scheduled to perform computing processing on the data to be computed corresponding to the computing stage and the calculation result of the previous computing stage.
- the protocol calculation module 30 includes but is not limited to any combination of the SM2 protocol calculation module 31 , the SM3 protocol calculation module 32 , and the SM4 protocol calculation module 33 .
- the SM2 protocol calculation module 31 internally includes a first scheduling unit 312, at least one group operation unit 313 and a modulo operation unit 314.
- the group operation unit 313 Used to perform group operation processing based on elliptic curves, the modulo operation unit 314 is used to perform modulo operation processing.
- the first scheduling unit 312 schedules the idle group operation unit 313 or the modulo operation unit 314 is scheduled. Calculation processing is performed on the calculation result of a calculation link.
- the SM3 protocol calculation module 32 internally includes a second scheduling unit 322 , at least one message expansion unit 323 and an iterative compression unit 324 .
- the message expansion unit 323 is configured to perform calculation processing related to message expansion in the SM3 protocol
- the iterative compression unit 324 is configured to perform calculation processing related to iterative compression in the SM3 protocol.
- the second scheduling unit 322 schedules an idle message expansion unit 323 or an iterative compression unit 324 each time it schedules, and uses the scheduled message expansion unit 323 or iterative compression unit 324 to perform a calculation on the data to be calculated and the above data corresponding to the calculation link. Calculation processing is performed on the calculation result of a calculation link.
- the SM4 protocol calculation module 33 internally includes a third scheduling unit 332 , at least one key expansion unit 333 and a round operation unit 334 .
- the key expansion unit 333 is used to perform the calculation processing of the key expansion in the SM4 protocol
- the round operation unit 334 is used to perform special processing in each round of calculation of the SM4 protocol.
- the first scheduling unit 332 schedules, the idle key expansion unit 333 or the round operation unit 334 is scheduled, and the data to be calculated corresponding to the calculation link is processed by the scheduled key expansion unit 333 or the round operation unit 334. and the calculation result of the previous calculation link to perform calculation processing.
- step S503 when the operation result returned by the preset operation unit is obtained, the calculation result corresponding to the calculation link is stored in the memory, and the state machine is updated to the calculation completion state.
- step S103 further includes:
- step S303 after all calculation links are performed, the last saved calculation result is read from the memory as the calculation result of the data to be calculated, and the state machine is updated to an idle state.
- the embodiment of the present application reads the last saved calculation result from the memory 40 and outputs it as the calculation result of the data to be calculated, and at the same time updates the state machine to an idle state to indicate that the protocol calculation module 30 is idle and can be called.
- step S501 the calculation result saved in the memory 40 after the execution of the first calculation link is 3; the calculation result saved in the memory 40 after the execution of the second calculation link is 6; After the calculation link is executed, the calculation result stored in the memory 40 is 1.
- 1 means "yes", and 0 means "no”.
- step S303 the last saved calculation result 1 is read as the calculation result of the data to be calculated.
- step S104 the calculation result is encapsulated according to the data transmission format, and the encapsulated calculation result is output to the ARM core.
- the state secret computing system 2 encapsulates the calculation result through the parsing module 20 according to the data transmission format, and then sends the encapsulated calculation result to the ARM core 1 through the AXI interface.
- the calculation result is encapsulated according to the preset data transmission format, and the encapsulated calculation result can be obtained as: 00010000000000000000000000100110111, and then Before, the "11" on the 0-1st bit represents the beginning information, the "101" on the 2-4th bit represents the operation code, the corresponding table 1 is the SM2 signature verification calculation, and the "1" on the 5th bit “Indicates ARM reception, and "00" on bits 6-7 indicates reserved bits.
- the 8th to 39th bits after that "0000000000000000000000000001" are the data length, which is 1 bit, and the 40th bit after that stores the calculation result "1".
- the encapsulated calculation result in binary can also be converted into hexadecimal "10000000137" for easy viewing.
- the embodiment of the present application uses APSoC to realize the calculation of state secrets, which not only improves the calculation speed of state secrets, but also can use the ARM core inside APSoC as a core processor to drive the calculation of state secrets, which has the advantages of high integration, small size, and power consumption. Low cost and good portability, it is suitable for embedded devices, especially the highly integrated use of embedded devices in the Internet of Things scenario, effectively solving the problem that the existing technology cannot take into account the calculation speed and volume when performing national secret calculations. Facilitate the use of integrated and embedded devices.
- the embodiment of the present application forms a functional operation unit of each minimum unit by dividing the computing resources, such as a group operation unit and a modulo operation unit, a message expansion unit and an iterative compression unit, a key expansion unit and a round operation unit, It is convenient to schedule computing resources in a pipeline manner, and multiplex these functional computing units, so that computing resources can be maximized in unit time.
- the computing resources such as a group operation unit and a modulo operation unit, a message expansion unit and an iterative compression unit, a key expansion unit and a round operation unit
- Embodiments of the present application further provide a computer-readable storage medium, where computer-readable instructions are stored in the computer-readable storage medium, and when the computer-readable instructions are executed by a processor, the above-mentioned APSoC-based national secret is implemented calculation method.
- Nonvolatile memory may include read only memory (ROM), programmable ROM (PROM), electrically programmable ROM (EPROM), electrically erasable programmable ROM (EEPROM), or flash memory.
- Volatile memory may include random access memory (RAM) or external cache memory.
- RAM is available in various forms such as static RAM (SRAM), dynamic RAM (DRAM), synchronous DRAM (SDRAM), double data rate SDRAM (DDRSDRAM), enhanced SDRAM (ESDRAM), synchronous chain Road (Synchlink) DRAM (SLDRAM), memory bus (Rambus) direct RAM (RDRAM), direct memory bus dynamic RAM (DRDRAM), and memory bus dynamic RAM (RDRAM) and so on.
- SRAM static RAM
- DRAM dynamic RAM
- SDRAM synchronous DRAM
- DDRSDRAM double data rate SDRAM
- ESDRAM enhanced SDRAM
- SLDRAM synchronous chain Road (Synchlink) DRAM
- SLDRAM synchronous chain Road (Synchlink) DRAM
- Rambus direct RAM
- DRAM direct memory bus dynamic RAM
- RDRAM memory bus dynamic RAM
- FIG. 6 is a block diagram of the basic structure of a computer device according to this embodiment.
- the computer device 4 includes a memory 41, a processor 42, and a network interface 43 that communicate with each other through a system bus. It should be pointed out that the figure only shows the computer device 4 having the components connected to the memory 41, the processor 42, and the network interface 43, but it should be understood that it is not required to implement all the components shown, and alternative implementations of more More or fewer components.
- the computer device here is a device that can automatically perform numerical calculation and/or information processing according to pre-set or stored instructions, and its hardware includes but is not limited to microprocessors, special-purpose Integrated circuit (Application Specific Integrated Circuit, ASIC), Programmable Gate Array (Field-Programmable Gate Array, FPGA), Digital Signal Processor (Digital Signal Processor, DSP), embedded devices, etc.
- ASIC Application Specific Integrated Circuit
- ASIC Application Specific Integrated Circuit
- FPGA Field-Programmable Gate Array
- DSP Digital Signal Processor
- embedded devices etc.
- the computer equipment may be a desktop computer, a notebook computer, a palmtop computer, a cloud server and other computing equipment.
- the computer device can perform human-computer interaction with the user through a keyboard, a mouse, a remote control, a touch pad or a voice control device.
- the memory 41 includes at least one type of readable storage medium, which may be non-volatile or volatile, including flash memory, hard disk, multimedia card, card-type storage (for example, SD or D interface display memory, etc.), random access memory (RAM), static random access memory (SRAM), read only memory (ROM), electrically erasable programmable read only memory (EEPROM), programmable read only memory (PROM) , magnetic memory, magnetic disk, optical disk, etc.
- the memory 41 may be an internal storage unit of the computer device 4 , such as a hard disk or a memory of the computer device 4 .
- the memory 41 may also be an external storage device of the computer device 4 , such as a plug-in hard disk, a smart memory card (Smart Media Card, SMC), a secure digital (Secure Digital, SD) card, flash card (Flash Card), etc.
- the memory 41 may also include both the internal storage unit of the computer device 4 and its external storage device.
- the memory 41 is generally used to store the operating system and various application software installed on the computer device 4, such as computer-readable instructions for storing a blockchain index.
- the memory 41 can also be used to temporarily store various types of data that have been output or will be output.
- the processor 42 may be a central processing unit (Central Processing Unit) in some embodiments. Processing Unit, CPU), controller, microcontroller, microprocessor, or other data processing chip. This processor 42 is typically used to control the overall operation of the computer device 4 . In this embodiment, the processor 42 is configured to run the computer-readable instructions stored in the memory 41 to process data, for example, run the stored computer-readable instructions of the blockchain index.
- CPU Central Processing Unit
- controller microcontroller
- microprocessor microprocessor
- This processor 42 is typically used to control the overall operation of the computer device 4 .
- the processor 42 is configured to run the computer-readable instructions stored in the memory 41 to process data, for example, run the stored computer-readable instructions of the blockchain index.
- the network interface 43 may include a wireless network interface or a wired network interface, and the network interface 43 is generally used to establish a communication connection between the computer device 4 and other electronic devices.
- the present application also provides another implementation manner, which is to provide a computer-readable storage medium, where an interface display program is stored in the computer-readable storage medium, and the interface display program can be executed by at least one processor, so that all The at least one processor executes the steps of the method for storing the blockchain index as described above.
- the method of the above embodiment can be implemented by means of software plus a necessary general hardware platform, and of course can also be implemented by hardware, but in many cases the former is better implementation.
- the technical solution of the present application can be embodied in the form of a software product in essence or the part that contributes to the prior art, and the computer software product is stored in a storage medium (such as ROM/RAM, magnetic disk, CD-ROM), including several instructions to make a terminal device (which may be a mobile phone, a computer, a server, an air conditioner, or a network device, etc.) execute the methods described in the various embodiments of this application.
- a storage medium such as ROM/RAM, magnetic disk, CD-ROM
Landscapes
- Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Mathematical Physics (AREA)
- Computer Security & Cryptography (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Mobile Radio Communication Systems (AREA)
- Storage Device Security (AREA)
Abstract
本申请公开了一种基于APSoC的国密计算方法,包括:获取ARM核发送的待计算信息;按照预设的数据传输格式对所述待计算信息进行解析,得到待计算数据和操作码;根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果;最后按照所述数据传输格式对所述计算结果进行封装,输出封装后的计算结果;既提高了国密计算速度,又可使用APSoC内部的ARM核充当核心处理器来驱动国密计算,具有集成度高、体积小的优势,适合嵌入式设备使用,有效地解决了现有技术在进行国密计算时计算速度和体积不能兼顾、不利于集成和嵌入式设备使用的问题。
Description
本申请要求于2020年12月31日提交中国专利局、申请号为202011637285.1,发明名称为“基于APSoC的国密计算方法、系统及介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。
本申请涉及信息技术领域,尤其涉及一种基于APSoC的国密计算方法、系统、设备及介质。
现有技术在进行国密计算时,主要有两种实现方式。第一种是通过在操作系统中使用软件实现。此方案受到硬件资源限制,计算效率低;
CPU
执行密码计算时会占用
CPU
资源导致
CPU
无法执行其他工作。第二种是通过现场可编程逻辑门阵列
FPGA
中的片上可变成系统
SoPC
实现。此方案利用
FPGA
实现国密计算软核,并通过高速串行计算机扩展总线标准(
peripheral component interconnect express
,
PCIE
)接口对外实现数据交互。
在实现本申请的过程中,发明人发现现有实现方式至少存在如下问题:尽管相比于第一种实现方式,第二种实现方式具备计算速度快的优势,然而第二种实现方式仅能作为密码卡,若充当处理器的外设执行国密计算时,需要核心处理器进行驱动,密码卡和核心处理器共同构成一个完整的系统,其占用体积大,不利于集成,不适合嵌入式设备的使用。
本申请实施例提供了一种基于APSoC的国密计算方法、系统及介质,以解决现有技术在进行国密计算时计算速度和体积不能兼顾、不利于集成和嵌入式设备使用的问题。
一种基于APSoC的国密计算方法,包括:
获取ARM核发送的比特流;
按照预设的数据传输格式对所述比特流进行解析,得到待计算数据和操作码;
根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果;
按照所述数据传输格式对所述计算结果进行封装,向所述ARM核输出封装后的计算结果。
可选地,所述根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果包括:
按照所述操作码及其对应的协议规范将所述待计算数据划分为若干个计算环节;
按照划分顺序执行所述计算环节,将所述计算环节的计算结果保存至存储器中;
在执行完所有的计算环节后,从所述存储器中读取最后保存的计算结果,作为所述待计算数据的计算结果,并将状态机更新为空闲状态。
可选地,所述按照划分顺序执行所述计算环节,将所述计算环节的计算结果保存至存储器中包括:
对于每一个计算环节,在执行开始时将所述状态机更新为计算中;
调度预设的运算单元对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理;
当获取到所述预设的运算单元返回的运算结果时,将所述计算环节对应的计算结果保存至所述存储器中,并将状态机更新为计算完成状态;
继续执行下一个计算环节。
可选地,在所述数据传输格式中,按照接收的先后顺序,第0-1比特位表示预设的开头信息,第2-4比特位表示操作码,第5比特位表示信息类型,第6-7比特位表示保留位,第8-39比特位表示数据长度,第40及其之后的比特位表示待计算数据。
可选地,所述协议规范包括SM2协议规范、SM3协议规范、SM4协议规范中的至少一种。
可选地,所述当所述协议规范为SM2协议规范时,所述预设的运算单元包括群运算单元和模运算单元;
其中,所述群运算单元用于执行基于椭圆曲线的群运算处理,所述模运算单元用于执行取模运算处理。
可选地,所述当所述协议规范为SM3协议规范时,所述预设的运算单元包括消息扩展单元和迭代压缩单元;
其中,所述消息扩展单元用于执行SM3协议中关于消息扩展的计算处理,所述迭代压缩单元用于执行SM3协议中关于迭代压缩的计算处理。
可选地,所述当所述协议规范为SM4协议规范时,所述预设的运算单元包括密钥扩展单元和轮运算单元;
其中,所述密钥扩展单元用于执行SM4协议中关于密钥扩展的计算处理,所述轮运算单元用于执行SM4协议的各轮计算中的特殊处理。
一种基于APSoC的国密计算装置,包括:
接口模块,用于获取ARM核发送的比特流;
解析模块,用于按照预设的数据传输格式对所述比特流进行解析,得到待计算数据和操作码;
协议计算模块,用于根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果;
所述解析模块还用于按照所述数据传输格式对所述计算结果进行封装;
所述接口模块还用于向所述ARM核输出封装后的计算结果。
一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,其特征在于,所述计算机可读指令被处理器执行时实现如上所述的基于APSoC的国密计算方法。
一种计算机设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,所述处理器执行所述计算机可读指令时实现如上所述的基于APSoC的国密计算方法。
本申请采用APSoC进行国密计算,通过获取ARM核发送的待计算信息;按照预设的数据传输格式对所述待计算信息进行解析,得到待计算数据和操作码;根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果;最后按照所述数据传输格式对所述计算结果进行封装,输出封装后的计算结果;既提高了国密计算速度,又可使用APSoC内部的ARM核充当核心处理器来驱动国密计算,具有集成度高、体积小的优势,适合嵌入式设备使用,有效地解决了现有技术在进行国密计算时计算速度和体积不能兼顾、不利于集成和嵌入式设备使用的问题。
为了更清楚地说明本申请实施例的技术方案,下面将对本申请实施例的描述中所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动性的前提下,还可以根据这些附图获得其他的附图。
图1是本申请一实施例提供的APSoC示意图;
图2是本申请一实施例提供的基于APSoC的国密计算系统的示意图;
图3是本申请一实施例提供的基于APSoC的国密计算方法的流程图;
图4是本申请一实施例提供的基于APSoC的国密计算方法中步骤S103的流程图;
图5是本申请一实施例提供的基于APSoC的国密计算方法中步骤S302的一流程图;
图6是本申请一实施例提供的计算机设备的示意图。
具体实施方式
下面将结合本申请实施例中的附图,对本申请实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本申请一部分实施例,而不是全部的实施例。基于本申请中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本申请保护的范围。
为解决现有技术在进行国密计算时计算速度和体积不能兼顾、不利于集成和嵌入式设备使用的问题,本申请实施例采用APSoC进行国密计算,通过获取ARM核发送的待计算信息;按照预设的数据传输格式对所述待计算信息进行解析,得到待计算数据和操作码;根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果;最后按照所述数据传输格式对所述计算结果进行封装,输出封装后的计算结果;既提高了国密计算速度,又可使用APSoC内部的ARM核充当核心处理器来驱动国密计算,具有集成度高、体积小的优势,适合嵌入式设备使用。以下将对本实施例提供的基于APSoC的国密计算方法进行详细的描述。
本申请实施例采用APSoC进行国密计算。图1为本申请实施例提供的系统级的全可编程片上系统(All Programmable System-on-Chip,简称APSoC)的示意图。如图1所示,所述APSoC包括ARM核1和国密计算系统2。所述ARM核1用于驱动所述国密计算系统2。所述国密计算系统2用于进行国密计算。
图2为本申请实施例提供的基于APSoC的国密计算系统示意图。所述基于APSoC的国密计算系统包括接口模块10、解析模块20、协议计算模块30以及存储器40。
其中,所述接口模块10优选为总线(Advanced eXtensible Interface,AXI)接口,AXI接口指的是一种由ARM公司提出的总线协议,是一种面向高性能、高带宽、低延迟的片内总线。所述ARM核1与国密计算系统2之间通过AXI接口交互,传输数据。具体地,在ARM核1驱动国密计算时,所述AXI接口用于获取ARM核1发送的比特流;在所述国密计算系统2的计算结束时,所述AXI接口用于向所述ARM核1输出封装后的计算结果。
所述解析模块20的第一端与所述AXI接口连接,第二端与所述协议计算模块30连接。所述解析模块20用于接收所述AXI接口发送过来的比特流,按照预设的数据传输格式对所述比特流进行解析,得到待计算数据和操作码。所述比特流为原始数据编码,通过解析,可将所述原始数据编码解码成可被所述协议计算模块30使用的解析数据,即待计算数据核操作码。其中,在所述数据传输格式中,按照接收的先后顺序,第0-1比特位表示预设的开头信息,第2-4比特位表示操作码,第5比特位表示信息类型,第6-7比特位表示保留位,第8-39比特位表示数据长度,第40及其之后的比特位表示待计算数据。可选地,表1为本申请提供的数据传输格式的一个示例。在表1中,预设的开头信息固定为11。操作码用于指定示国密计算的类型,在本示例中,国密计算的类型包括但不限于 SM3哈希计算、SM2加密计算、SM2解密计算、SM2签名计算、SM2验签计算、SM4加密计算、SM4解密计算,分别对应的操作码为100、010、110、001、101、011、111,还包括一个保留位000。信息类型用于指定数据传输方向,在本示例中,所述数据传输方向包括ARM发送和ARM接收,分别对应的信息类型为0、1。保留位用00表示。数据长度用于指定数据长度,遵循低地址存放最低有效字节(Least Significant Bit,简称LSB)规则。第40及其之后的比特位用于存放本次国密计算对应的待计算数据。
表1
所述协议计算模块30用于根据所述解析模块20得到的操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果。可选地,作为本申请的一个优选示例,所述协议规范包括SM2协议规范、SM3协议规范、SM4协议规范中的至少一种。相应地,所述协议计算模块30包括SM2协议计算模块31、SM3协议计算模块32、SM4协议计算模块33中的至少一种。所述解析模块20在得到操作码之后,根据所述操作码触发相应的SM2协议计算模块31或者SM3协议计算模块32或者SM4协议计算模块33,由所述SM2协议计算模块31或者SM3协议计算模块32或者SM4协议计算模块33根据具体的协议规范对所述待计算数据执行计算处理。
可选地,所述SM2协议计算模块31,还包括SM2协议控制单元311、第一调度单元312、至少一个群运算单元313和至少一个模运算单元314。所述SM2协议控制单元311用于按照所述操作码及其对应的协议规范将所述待计算数据划分为若干个计算环节,执行所述计算环节;每一计算环节得到的中间结果临时存放在所述存储器40中。具体地,在一个计算环节中,所述SM2协议控制单元311将所述操作码及所述计算环节对应的待计算数据发送至所述第一调度单元312,同时将所述状态机更新为计算中;所述第一调度单元312用于调度预设的运算单元对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理,当获取到所述预设的运算单元返回的运算结果时,将所述计算结果返回至所述SM2协议控制单元311。其中,所述群运算单元313用于执行基于椭圆曲线的群运算处理,所述模运算单元314用于执行取模运算处理。所述SM2协议控制单元311进一步将所述计算环节对应的计算结果保存至存储器40中,并将状态机更新为计算完成状态,所述群运算单元313和模运算单元314即刻被转化为空闲状态。所述SM2协议控制单元311继续指导执行下一个计算环节。在执行完所有的计算环节后,所述SM2协议控制单元311从所述存储器40中读取最后保存的计算结果,作为所述待计算数据的计算结果发送至所述解析模块20,并将所述状态机更新为空闲状态。所述解析模块20还用于按照所述数据传输格式对所述计算结果进行封装;所述AXI接口还用于向所述ARM核1输出封装后的计算结果。至此完成对所述待计算数据的国密计算过程,释放所述协议计算模块30。
同理,所述SM3协议计算模块32,还包括SM3协议控制单元321、第二调度单元322、至少一个消息扩展单元323和至少一个迭代压缩单元324。所述SM3协议控制单元321用于按照所述操作码及其对应的协议规范将所述待计算数据划分为若干个计算环节,执行所述计算环节;每一计算环节得到的中间结果临时存放在所述存储器40中。具体地,在一个计算环节中,所述SM3协议控制单元321将所述操作码及所述计算环节对应的待计算数据发送至所述第二调度单元322,同时将所述状态机更新为计算中;所述第二调度单元322用于调度预设的运算单元对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理,当获取到所述预设运算单元返回的运算结果时,将所述计算结果返回至所述SM3协议控制单元321。其中,所述消息扩展单元323用于执行SM3协议中关于消息扩展的计算处理,所述迭代压缩单元323用于执行SM3协议中关于迭代压缩的计算处理。所述SM3协议控制单元321进一步将所述计算环节对应的计算结果保存至存储器40中,并将状态机更新为计算完成状态,所述消息扩展单元323和所述迭代压缩单元323即刻被转化为空闲状态。所述SM3协议控制单元321继续指导执行下一个计算环节。在执行完所有的计算环节后,所述SM3协议控制单元321从所述存储器40中读取最后保存的计算结果,作为所述待计算数据的计算结果发送至所述解析器20,并将所述状态机更新为空闲状态。所述解析单元20还用于按照所述数据传输格式对所述计算结果进行封装;所述AXI接口还用于向所述ARM核1输出封装后的计算结果。至此完成对所述待计算数据的国密计算过程,释放所述协议计算模块30。
同理,所述SM4协议计算模块33,还包括SM4协议控制单元331、第三调度单元332、至少一个密钥扩展单元333和至少一个轮运算单元334。所述SM4协议控制单元331用于按照所述操作码及其对应的协议规范将所述待计算数据划分为若干个计算环节,执行所述计算环节;每一计算环节得到的中间结果临时存放在所述存储器40中。具体地,在一个计算环节中,所述SM4协议控制单元331将所述操作码及所述计算环节对应的待计算数据发送至所述第三调度单元332,同时将所述状态机更新为计算中;所述第三调度单元332用于调度预设的运算单元对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理,当获取到所述预设运算单元返回的运算结果时,将所述计算结果返回至所述SM4协议控制单元331。其中,所述密钥扩展单元333用于执行SM4协议中关于密钥扩展的计算处理,所述轮运算单元334用于执行SM4协议的各轮计算中的特殊处理。所述SM4协议控制单元331进一步将所述计算环节对应的计算结果保存至存储器40中,并将状态机更新为计算完成状态,所述密钥扩展单元333和所述轮运算单元334即刻被转化为空闲状态。所述SM4协议控制单元331继续指导执行下一个计算环节。在执行完所有的计算环节后,所述SM4协议控制单元331从所述存储器40中读取最后保存的计算结果,作为所述待计算数据的计算结果发送至所述解析模块20,并将所述状态机更新为空闲状态。所述解析模块20还用于按照所述数据传输格式对所述计算结果进行封装;所述AXI接口还用于向所述ARM核1输出封装后的计算结果。至此完成对所述待计算数据的国密计算过程,释放所述协议计算模块30。
本申请实施例通过采用APSoC实现国密计算,既提高了国密计算速度,又可使用APSoC内部的ARM核充当核心处理器来驱动国密计算,具有集成度高、体积小的优势、功耗低、移植性好的特点,适合嵌入式设备使用,尤其是物联网场景下与嵌入式设备的高度融合使用,有效地解决了现有技术在进行国密计算时计算速度和体积不能兼顾、不利于集成和嵌入式设备使用的问题。进一步地,本申请实施例通过将计算资源进行划分,形成一个各最小单元的功能运算单元,比如群运算单元和模运算单元、消息扩展单元和迭代压缩单元、密钥扩展单元和至轮运算单元,便于通过流水线方式调度计算资源,对这些功能运算单元进行复用,使计算资源可在单位时间内被最大化利用。
图3为本申请实施例提供的基于APSoC的国密计算方法的实现流程。所述基于APSoC的国密计算方法应用于如图2所示的APSoC中的国密计算系统。如图3所示,所述方法包括:
在步骤S101中,获取ARM核发送的比特流。
在这里,ARM核1中的应用程序通过所述AXI接口向所述国密计算系统发送待计算的比特流。所述国密计算系统2通过所述AXI接口获取所述待计算的比特流。
在步骤S102中,按照预设的数据传输格式对所述比特流进行解析,得到待计算数据和操作码。
所述国密计算系统2通过所述解析模块20对所述待计算的比特流进行解析,得到其中的待计算数据核操作码,并根据所述操作码触发对应的协议计算模块30。所述预设的数据传输格式具体请参见上述表1,此处不再赘述。
为了便于理解,以下给出解析的过程示例。假设ARM核1向国密计算系统2通过AXI接口发送以下十六进制的待计算信息:
0f18e9c4341e8f8eaa16289276814cefc3d5739aea1803c226771ff7e5eee7ae1edbdc8c1b3e488224f56f538e88957febc429fb6b47a53fe8bd3c0de5023d6833a22e6fd4282c1232f3a2a856906bcdf71f526b56a04da2b8b03a35be567f2c3927961b4ba8039f321d32edfcedb7a6aef6792537cc6fd88d2e23eb266f1df55d7aa95d28b60c8948819beb70822bfc4d44dc271f31737bbb21e9814e57ae300000050017
这里以后往前表示接收先后顺序,那么最开始接收到的2个十六进制位“17”转换为二进制位为“00010111”,其中第0-1比特位上的“11”表示开头信息,第2-4比特位上的“101”表示操作码,对应表1是SM2验签计算,第5比特位上的“0”表示ARM发送,第6-7比特位上的“00”表示保留位。然后再接收到的8个十六进制位“00000500”为数据长度,表示1280比特位,之后再往后解析1280比特位作为待计算数据。
在步骤S103中,根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果。
所述国密计算系统2通过所述协议计算模块30根据具体的协议规范对所述待计算数据执行计算处理。在这里,所述协议计算模块30内包括多种运算单元资源,所述协议计算模块30通过调度所述运算单元来完成国密计算。可选地,如图4所示,所述步骤S103还包括:
在步骤S301中,按照所述操作码及其对应的协议规范将所述待计算数据划分为若干个计算环节。
在这里,本申请实施例根据协议规范划分计算环节。示例性地,假设前文示例是对“1+2+3”与“6”进行SM2验签计算,通过步骤S301则会划分出三个计算环节,分别为:第一计算环节,执行“1+2”;第二计算环节,执行“上一计算环节的计算结果+3”;第三计算环节,判断“上一计算环节的计算结果与6是否相等”。应当理解,以上仅为本申请提供的一个划分计算环节的示例,并不构成对本申请的限制,实际应用中的SM2验签计算步骤并不局限于此。
在步骤S302中,按照划分顺序执行所述计算环节,将所述计算环节的计算结果保存至存储器中。
在这里,本申请实施例按照计算环节的划分先后顺序,执行每一计算环节,并将每次计算环节的计算结果作为中间结果保存至存储40中。在本申请实施例中每一计算环节的计算结果均会对下一计算环节产生影响,作为下一计算环节的计算参数之一。可选地,如图5所示,所述步骤S302还包括:
在步骤S501中,对于每一个计算环节,在执行开始时将所述状态机更新为计算中。
具体地,本申请实施例通过将所述操作码及所述计算环节对应的待计算数据发送至调度单元来触发计算环节,并控制状态机进行更新,更新状态信息为计算中,以表示协议计算模块30正在运行。
在步骤S502中,调度预设的运算单元对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理。
可选地,所述协议计算模块30包括但不限于SM2协议计算模块31、SM3协议计算模块32、SM4协议计算模块33中的任意组合。其中,当所述协议计算模块30为SM2协议计算模块31时,所述SM2协议计算模块31内部包括第一调度单元312、至少一个群运算单元313和模运算单元314,所述群运算单元313用于执行基于椭圆曲线的群运算处理,所述模运算单元314用于执行取模运算处理。所述第一调度单元312每次调度时,调度空闲的群运算单元313或模运算单元314,通过所调度的群运算单元313或模运算单元314对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理。
当所述协议计算模块30为SM3协议计算模块32时,所述SM3协议计算模块32内部包括第二调度单元322、至少一个消息扩展单元323和迭代压缩单元324。所述消息扩展单元323用于执行SM3协议中关于消息扩展的计算处理,所述迭代压缩单元324用于执行SM3协议中关于迭代压缩的计算处理。所述第二调度单元322每次调度时,调度空闲的消息扩展单元323或迭代压缩单元324,通过所调度的消息扩展单元323或迭代压缩单元324对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理。
当所述协议计算模块30为SM4协议计算模块33时,所述SM4协议计算模块33内部包括第三调度单元332、至少一个密钥扩展单元333和轮运算单元334。所述密钥扩展单元333用于执行SM4协议中关于密钥扩展的计算处理,所述轮运算单元334用于执行SM4协议的各轮计算中的特殊处理。所述第上调度单元332每次调度时,调度空闲的密钥扩展单元333或轮运算单元334,通过所调度的密钥扩展单元333或轮运算单元334对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理。
在步骤S503中,当获取到所述预设的运算单元返回的运算结果时,将所述计算环节对应的计算结果保存至所述存储器中,并将状态机更新为计算完成状态。
在这里,每个计算环节得到的计算结果作为中间结果,缓存至所述存储器40中,同时将状态机更新为计算完成状态,以表示协议计算模块30在等待运行。继续返回至步骤S501执行下一个计算环节。直至完成对所述计算环节的计算处理。此时,所述步骤S103还包括:
在步骤S303中,在执行完所有的计算环节后,从所述存储器中读取最后保存的计算结果,作为所述待计算数据的计算结果,并将状态机更新为空闲状态。
在这里,本申请实施例从存储器40中读取最后保存的计算结果作为待计算数据的计算结果进行输出,同时将状态机更新为空闲状态,以表示协议计算模块30空闲、可被调用。
承接前文示例,通过上述步骤S501至步骤S503,可以得到,第一计算环节执行完后存储器40中保存的计算结果为3;第二计算环节执行完后存储器40保存的计算结果为6;第三计算环节执行完后存储器40保存的计算结果为1,这里用1表示“是”,0表示“否”。在通过步骤S303读取最后保存的计算结果1,作为所述待计算数据的计算结果。应当理解,以上仅为本申请提供的一个执行计算环节的示例,并不构成对本申请的限制,实际应用中的SM2验签计算步骤并不局限于此。
在步骤S104中,按照所述数据传输格式对所述计算结果进行封装,向所述ARM核输出封装后的计算结果。
最后所述国密计算系统2通过所述解析模块20按照所述数据传输格式对所述计算结果进行封装,然后通过所述AXI接口将封装后的计算结果发送至所述ARM核1。
示例性地,承接前文示例,若待计算数据的SM2验签结果为1时,按照预设的数据传输格式对所述计算结果进行封装,可以得到封装后的计算结果为:00010000000000000000000000000000000100110111,从后往前,其中第0-1比特位上的“11”表示开头信息,第2-4比特位上的“101”表示操作码,对应表1是SM2验签计算,第5比特位上的“1”表示ARM接收,第6-7比特位上的“00”表示保留位。之后的第8-39比特位“00000000000000000000000000000001”为数据长度,为1比特位,往后第40比特位存储计算结果“1”。从而完成对所述计算结果的封装。通常还可以将所述二进制的封装后的计算结果转换位十六进制“10000000137”,以便于查看。
本申请实施例通过采用APSoC实现国密计算,既提高了国密计算速度,又可使用APSoC内部的ARM核充当核心处理器来驱动国密计算,具有集成度高、体积小的优势、功耗低、移植性好的特点,适合嵌入式设备使用,尤其是物联网场景下与嵌入式设备的高度融合使用,有效地解决了现有技术在进行国密计算时计算速度和体积不能兼顾、不利于集成和嵌入式设备使用的问题。进一步地,本申请实施例通过将计算资源进行划分,形成一个各最小单元的功能运算单元,比如群运算单元和模运算单元、消息扩展单元和迭代压缩单元、密钥扩展单元和轮运算单元,便于通过流水线方式调度计算资源,对这些功能运算单元进行复用,使计算资源可在单位时间内被最大化利用。
应理解,上述实施例中各步骤的序号的大小并不意味着执行顺序的先后,各过程的执行顺序应以其功能和内在逻辑确定,而不应对本申请实施例的实施过程构成任何限定。
本申请实施例还提供了一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,所述计算机可读指令被处理器执行时实现如上所述的基于APSoC的国密计算方法。
本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,是可以通过计算机可读指令来指令相关的硬件来完成,所述的计算机可读指令可存储于一非易失性计算机可读取存储介质中,该计算机可读指令在执行时,可包括如上述各方法的实施例的流程。其中,本申请所提供的各实施例中所使用的对存储器、存储、数据库或其它介质的任何引用,均可包括非易失性和/或易失性存储器。非易失性存储器可包括只读存储器(ROM)、可编程ROM(PROM)、电可编程ROM(EPROM)、电可擦除可编程ROM(EEPROM)或闪存。易失性存储器可包括随机存取存储器(RAM)或者外部高速缓冲存储器。作为说明而非局限,RAM以多种形式可得,诸如静态RAM(SRAM)、动态RAM(DRAM)、同步DRAM(SDRAM)、双数据率SDRAM(DDRSDRAM)、增强型SDRAM(ESDRAM)、同步链路(Synchlink) DRAM(SLDRAM)、存储器总线(Rambus)直接RAM(RDRAM)、直接存储器总线动态RAM(DRDRAM)、以及存储器总线动态RAM(RDRAM)等。、
为解决上述技术问题,本申请实施例还提供计算机设备。具体请参阅图6,图6为本实施例计算机设备基本结构框图。
所述计算机设备4包括通过系统总线相互通信连接存储器41、处理器42、网络接口43。需要指出的是,图中仅示出了具有组件连接存储器41、处理器42、网络接口43的计算机设备4,但是应理解的是,并不要求实施所有示出的组件,可以替代的实施更多或者更少的组件。其中,本技术领域技术人员可以理解,这里的计算机设备是一种能够按照事先设定或存储的指令,自动进行数值计算和/或信息处理的设备,其硬件包括但不限于微处理器、专用集成电路(Application Specific Integrated Circuit,ASIC)、可编程门阵列(Field-Programmable Gate Array,FPGA)、数字处理器 (Digital Signal Processor,DSP)、嵌入式设备等。
所述计算机设备可以是桌上型计算机、笔记本、掌上电脑及云端服务器等计算设备。所述计算机设备可以与用户通过键盘、鼠标、遥控器、触摸板或声控设备等方式进行人机交互。
所述存储器41至少包括一种类型的可读存储介质,所述可读存储介质可以是非易失性,也可以是易失性,包括闪存、硬盘、多媒体卡、卡型存储器(例如,SD或D界面显示存储器等)、随机访问存储器(RAM)、静态随机访问存储器(SRAM)、只读存储器(ROM)、电可擦除可编程只读存储器(EEPROM)、可编程只读存储器(PROM)、磁性存储器、磁盘、光盘等。在一些实施例中,所述存储器41可以是所述计算机设备4的内部存储单元,例如该计算机设备4的硬盘或内存。在另一些实施例中,所述存储器41也可以是所述计算机设备4的外部存储设备,例如该计算机设备4上配备的插接式硬盘,智能存储卡(Smart Media Card, SMC),安全数字(Secure
Digital, SD)卡,闪存卡(Flash Card)等。当然,所述存储器41还可以既包括所述计算机设备4的内部存储单元也包括其外部存储设备。本实施例中,所述存储器41通常用于存储安装于所述计算机设备4的操作系统和各类应用软件,例如区块链索引的存储的计算机可读指令等。此外,所述存储器41还可以用于暂时地存储已经输出或者将要输出的各类数据。
所述处理器42在一些实施例中可以是中央处理器(Central
Processing Unit,CPU)、控制器、微控制器、微处理器、或其他数据处理芯片。该处理器42通常用于控制所述计算机设备4的总体操作。本实施例中,所述处理器42用于运行所述存储器41中存储的计算机可读指令处理数据,例如运行区块链索引的存储的计算机可读指令。
所述网络接口43可包括无线网络接口或有线网络接口,该网络接口43通常用于在所述计算机设备4与其他电子设备之间建立通信连接。
本申请还提供了另一种实施方式,即提供一种计算机可读存储介质,所述计算机可读存储介质存储有界面显示程序,所述界面显示程序可被至少一个处理器执行,以使所述至少一个处理器执行如上述的区块链索引的存储方法的步骤。
通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到上述实施例方法可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件,但很多情况下前者是更佳的实施方式。基于这样的理解,本申请的技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质(如ROM/RAM、磁碟、光盘)中,包括若干指令用以使得一台终端设备(可以是手机,计算机,服务器,空调器,或者网络设备等)执行本申请各个实施例所述的方法。
所属领域的技术人员可以清楚地了解到,为了描述的方便和简洁,仅以上述各功能单元、模块的划分进行举例说明,实际应用中,可以根据需要而将上述功能分配由不同的功能单元、模块完成,即将所述装置的内部结构划分成不同的功能单元或模块,以完成以上描述的全部或者部分功能。
以上所述实施例仅用以说明本申请的技术方案,而非对其限制;尽管参照前述实施例对本申请进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本申请各实施例技术方案的精神和范围,均应包含在本申请的保护范围之内。
Claims (20)
- 一种基于APSoC的国密计算方法,其特征在于,包括:获取ARM核发送的比特流;按照预设的数据传输格式对所述比特流进行解析,得到待计算数据和操作码;根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果;按照所述数据传输格式对所述计算结果进行封装,向所述ARM核输出封装后的计算结果。
- 如权利要求1所述的基于APSoC的国密计算方法,其特征在于,所述根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果包括:按照所述操作码及其对应的协议规范将所述待计算数据划分为若干个计算环节;按照划分顺序执行所述计算环节,将所述计算环节的计算结果保存至存储器中;在执行完所有的计算环节后,从所述存储器中读取最后保存的计算结果,作为所述待计算数据的计算结果,并将状态机更新为空闲状态。
- 如权利要求2所述的基于APSoC的国密计算方法,其特征在于,所述按照划分顺序执行所述计算环节,将所述计算环节的计算结果保存至存储器中包括:对于每一个计算环节,在执行开始时将所述状态机更新为计算中;调度预设的运算单元对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理;当获取到所述预设的运算单元返回的运算结果时,将所述计算环节对应的计算结果保存至所述存储器中,并将状态机更新为计算完成状态;继续执行下一个计算环节。
- 如权利要求1所述的基于APSoC的国密计算方法,其特征在于,在所述数据传输格式中,按照接收的先后顺序,第0-1比特位表示预设的开头信息,第2-4比特位表示操作码,第5比特位表示信息类型,第6-7比特位表示保留位,第8-39比特位表示数据长度,第40及其之后的比特位表示待计算数据。
- 如权利要求2所述的基于APSoC的国密计算方法,其特征在于,在所述数据传输格式中,按照接收的先后顺序,第0-1比特位表示预设的开头信息,第2-4比特位表示操作码,第5比特位表示信息类型,第6-7比特位表示保留位,第8-39比特位表示数据长度,第40及其之后的比特位表示待计算数据。
- 如权利要求3所述的基于APSoC的国密计算方法,其特征在于,在所述数据传输格式中,按照接收的先后顺序,第0-1比特位表示预设的开头信息,第2-4比特位表示操作码,第5比特位表示信息类型,第6-7比特位表示保留位,第8-39比特位表示数据长度,第40及其之后的比特位表示待计算数据。
- 如权利要求4所述的基于APSoC的国密计算方法,其特征在于,所述协议规范包括SM2协议规范、SM3协议规范、SM4协议规范中的至少一种。
- 如权利要求7所述的基于APSoC的国密计算方法,其特征在于,所述当所述协议规范为SM2协议规范时,所述预设的运算单元包括群运算单元和模运算单元;其中,所述群运算单元用于执行基于椭圆曲线的群运算处理,所述模运算单元用于执行取模运算处理。
- 如权利要求7所述的基于APSoC的国密计算方法,其特征在于,所述当所述协议规范为SM3协议规范时,所述预设的运算单元包括消息扩展单元和迭代压缩单元;其中,所述消息扩展单元用于执行SM3协议中关于消息扩展的计算处理,所述迭代压缩单元用于执行SM3协议中关于迭代压缩的计算处理。
- 如权利要求7所述的基于APSoC的国密计算方法,其特征在于,所述当所述协议规范为SM4协议规范时,所述预设的运算单元包括密钥扩展单元和轮运算单元;其中,所述密钥扩展单元用于执行SM4协议中关于密钥扩展的计算处理,所述轮运算单元用于执行SM4协议的各轮计算中的特殊处理。
- 一种基于基于APSoC的国密计算系统,其特征在于,所述系统包括:接口模块,用于获取ARM核发送的比特流;解析模块,用于按照预设的数据传输格式对所述比特流进行解析,得到待计算数据和操作码;协议计算模块,用于根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果;所述解析模块还用于按照所述数据传输格式对所述计算结果进行封装;所述接口模块还用于向所述ARM核输出封装后的计算结果。
- 一种计算机可读存储介质,所述计算机可读存储介质存储有计算机可读指令,其特征在于,所述计算机可读指令被处理器执行时实现如下基于APSoC的国密计算方法:获取ARM核发送的比特流;按照预设的数据传输格式对所述比特流进行解析,得到待计算数据和操作码;根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果;按照所述数据传输格式对所述计算结果进行封装,向所述ARM核输出封装后的计算结果。
- 如权利要求12所述的计算机可读存储介质,其特征在于,所述根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果包括:按照所述操作码及其对应的协议规范将所述待计算数据划分为若干个计算环节;按照划分顺序执行所述计算环节,将所述计算环节的计算结果保存至存储器中;在执行完所有的计算环节后,从所述存储器中读取最后保存的计算结果,作为所述待计算数据的计算结果,并将状态机更新为空闲状态。
- 如权利要求13所述的计算机可读存储介质,其特征在于,所述按照划分顺序执行所述计算环节,将所述计算环节的计算结果保存至存储器中包括:对于每一个计算环节,在执行开始时将所述状态机更新为计算中;调度预设的运算单元对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理;当获取到所述预设的运算单元返回的运算结果时,将所述计算环节对应的计算结果保存至所述存储器中,并将状态机更新为计算完成状态;继续执行下一个计算环节。
- 如权利要求12所述的计算机可读存储介质,其特征在于,在所述数据传输格式中,按照接收的先后顺序,第0-1比特位表示预设的开头信息,第2-4比特位表示操作码,第5比特位表示信息类型,第6-7比特位表示保留位,第8-39比特位表示数据长度,第40及其之后的比特位表示待计算数据。
- 一种计算机设备,包括存储器、处理器以及存储在所述存储器中并可在所述处理器上运行的计算机可读指令,其特征在于,所述处理器执行所述计算机可读指令时实现如下基于APSoC的国密计算方法:获取ARM核发送的比特流;按照预设的数据传输格式对所述比特流进行解析,得到待计算数据和操作码;根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果;按照所述数据传输格式对所述计算结果进行封装,向所述ARM核输出封装后的计算结果。
- 如权利要求16所述的计算机设备,其特征在于,所述根据所述操作码及其对应的协议规范对所述待计算数据执行计算处理,得到计算结果包括:按照所述操作码及其对应的协议规范将所述待计算数据划分为若干个计算环节;按照划分顺序执行所述计算环节,将所述计算环节的计算结果保存至存储器中;在执行完所有的计算环节后,从所述存储器中读取最后保存的计算结果,作为所述待计算数据的计算结果,并将状态机更新为空闲状态。
- 如权利要求17所述的计算机设备,其特征在于,所述按照划分顺序执行所述计算环节,将所述计算环节的计算结果保存至存储器中包括:对于每一个计算环节,在执行开始时将所述状态机更新为计算中;调度预设的运算单元对所述计算环节对应的待计算数据和上一计算环节的计算结果执行计算处理;当获取到所述预设的运算单元返回的运算结果时,将所述计算环节对应的计算结果保存至所述存储器中,并将状态机更新为计算完成状态;继续执行下一个计算环节。
- 如权利要求16所述的计算机设备,其特征在于,在所述数据传输格式中,按照接收的先后顺序,第0-1比特位表示预设的开头信息,第2-4比特位表示操作码,第5比特位表示信息类型,第6-7比特位表示保留位,第8-39比特位表示数据长度,第40及其之后的比特位表示待计算数据。
- 如权利要求16所述的计算机设备,其特征在于,在所述数据传输格式中,按照接收的先后顺序,第0-1比特位表示预设的开头信息,第2-4比特位表示操作码,第5比特位表示信息类型,第6-7比特位表示保留位,第8-39比特位表示数据长度,第40及其之后的比特位表示待计算数据。
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202011637285.1 | 2020-12-31 | ||
CN202011637285.1A CN112818415A (zh) | 2020-12-31 | 2020-12-31 | 基于APSoC的国密计算方法、系统及介质 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2022143536A1 true WO2022143536A1 (zh) | 2022-07-07 |
Family
ID=75857196
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CN2021/141692 WO2022143536A1 (zh) | 2020-12-31 | 2021-12-27 | 基于APSoC的国密计算方法、系统、设备及介质 |
Country Status (2)
Country | Link |
---|---|
CN (1) | CN112818415A (zh) |
WO (1) | WO2022143536A1 (zh) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115209358A (zh) * | 2022-07-15 | 2022-10-18 | 深圳市道通智能航空技术股份有限公司 | 自动相关监视广播信息的发送方法、装置和存储介质 |
CN115242530A (zh) * | 2022-07-27 | 2022-10-25 | 常州星宇车灯股份有限公司 | 基于国密算法的车载安全通信系统、方法及汽车 |
CN116506106A (zh) * | 2023-03-13 | 2023-07-28 | 苏州宏存芯捷科技有限公司 | 一种基于fpga的可配置密钥sm4加解密系统 |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112818415A (zh) * | 2020-12-31 | 2021-05-18 | 杭州趣链科技有限公司 | 基于APSoC的国密计算方法、系统及介质 |
CN114629622B (zh) * | 2022-02-22 | 2023-03-24 | 广东省绿算技术有限公司 | 基于fpga的国密算法加速运算控制方法及装置 |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102737270A (zh) * | 2011-04-15 | 2012-10-17 | 航天信息股份有限公司 | 一种基于国产算法的银行智能卡芯片安全协处理器 |
CN105099711A (zh) * | 2015-08-28 | 2015-11-25 | 北京三未信安科技发展有限公司 | 一种基于zynq的小型密码机及数据加密方法 |
CN106228088A (zh) * | 2016-08-11 | 2016-12-14 | 浪潮电子信息产业股份有限公司 | 一种基于国产bmc芯片的sm4算法ip核的设计方法 |
US20160380772A1 (en) * | 2015-06-26 | 2016-12-29 | Intel Corporation | Keyed-hash message authentication code processors, methods, systems, and instructions |
CN109818745A (zh) * | 2017-11-21 | 2019-05-28 | 佛山芯珠微电子有限公司 | 物联网信息安全芯片 |
CN112818415A (zh) * | 2020-12-31 | 2021-05-18 | 杭州趣链科技有限公司 | 基于APSoC的国密计算方法、系统及介质 |
-
2020
- 2020-12-31 CN CN202011637285.1A patent/CN112818415A/zh active Pending
-
2021
- 2021-12-27 WO PCT/CN2021/141692 patent/WO2022143536A1/zh active Application Filing
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN102737270A (zh) * | 2011-04-15 | 2012-10-17 | 航天信息股份有限公司 | 一种基于国产算法的银行智能卡芯片安全协处理器 |
US20160380772A1 (en) * | 2015-06-26 | 2016-12-29 | Intel Corporation | Keyed-hash message authentication code processors, methods, systems, and instructions |
CN105099711A (zh) * | 2015-08-28 | 2015-11-25 | 北京三未信安科技发展有限公司 | 一种基于zynq的小型密码机及数据加密方法 |
CN106228088A (zh) * | 2016-08-11 | 2016-12-14 | 浪潮电子信息产业股份有限公司 | 一种基于国产bmc芯片的sm4算法ip核的设计方法 |
CN109818745A (zh) * | 2017-11-21 | 2019-05-28 | 佛山芯珠微电子有限公司 | 物联网信息安全芯片 |
CN112818415A (zh) * | 2020-12-31 | 2021-05-18 | 杭州趣链科技有限公司 | 基于APSoC的国密计算方法、系统及介质 |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN115209358A (zh) * | 2022-07-15 | 2022-10-18 | 深圳市道通智能航空技术股份有限公司 | 自动相关监视广播信息的发送方法、装置和存储介质 |
CN115209358B (zh) * | 2022-07-15 | 2024-04-09 | 深圳市道通智能航空技术股份有限公司 | 自动相关监视广播信息的发送方法、装置和存储介质 |
CN115242530A (zh) * | 2022-07-27 | 2022-10-25 | 常州星宇车灯股份有限公司 | 基于国密算法的车载安全通信系统、方法及汽车 |
CN115242530B (zh) * | 2022-07-27 | 2023-10-13 | 常州星宇车灯股份有限公司 | 基于国密算法的车载安全通信系统、方法及汽车 |
CN116506106A (zh) * | 2023-03-13 | 2023-07-28 | 苏州宏存芯捷科技有限公司 | 一种基于fpga的可配置密钥sm4加解密系统 |
CN116506106B (zh) * | 2023-03-13 | 2023-11-03 | 苏州宏存芯捷科技有限公司 | 一种基于fpga的可配置密钥sm4加解密系统 |
Also Published As
Publication number | Publication date |
---|---|
CN112818415A (zh) | 2021-05-18 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
WO2022143536A1 (zh) | 基于APSoC的国密计算方法、系统、设备及介质 | |
US10324873B2 (en) | Hardware accelerated communications over a chip-to-chip interface | |
US8001278B2 (en) | Network packet payload compression | |
JP6046140B2 (ja) | デバイス通信チャネルパケットのためのデータ変更 | |
WO2019129167A1 (zh) | 一种处理数据报文的方法和网卡 | |
WO2021244194A1 (zh) | 寄存器的读写方法、芯片、子系统、寄存器组及终端 | |
CN109447225B (zh) | 一种高速安全加密Micro SD卡 | |
WO2023159957A1 (zh) | 一种基于fpga的全栈网卡任务处理方法及系统 | |
CN113468090B (zh) | 一种PCIe通信方法、装置、电子设备及可读存储介质 | |
CN114385534B (zh) | 一种数据处理的方法及装置 | |
CN112698909A (zh) | 用于经由虚拟总线编码传送遥测信息的系统、装置和方法 | |
CN111277988A (zh) | 一种提高微信小程序蓝牙传输速度的方法 | |
CN106294225A (zh) | 一种数据读取方法、对端设备及控制器 | |
CN108664444B (zh) | 基于fpga上微处理器的可重构无线mac层结构 | |
WO2014134947A1 (zh) | 控制信息的收发装置和方法 | |
US20240128982A1 (en) | Hardware acceleration of data reduction operations | |
TW201905710A (zh) | 具近資料端處理引擎的晶片組 | |
JP2003050788A (ja) | 高レベル・データ・リンク・コントローラから多数個のディジタル信号プロセッサ・コアに信号を分配するための装置と方法 | |
TW201436533A (zh) | 資料流傳輸系統及方法 | |
CN107846709B (zh) | 一种基于LoRa的无线通信装置及无线通信方法 | |
WO2022095179A1 (zh) | 数据处理系统、方法、电子设备及存储介质 | |
CN113422792B (zh) | 数据传输方法、装置、电子设备及计算机存储介质 | |
WO2022001317A1 (zh) | 芯片仿真方法、装置、设备、系统及存储介质 | |
CN112035866B (zh) | 一种数据加密方法、装置、设备和计算机可读存储介质 | |
CN116136790A (zh) | 任务处理方法和装置 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
121 | Ep: the epo has been informed by wipo that ep was designated in this application |
Ref document number: 21914272 Country of ref document: EP Kind code of ref document: A1 |
|
NENP | Non-entry into the national phase |
Ref country code: DE |
|
122 | Ep: pct application non-entry in european phase |
Ref document number: 21914272 Country of ref document: EP Kind code of ref document: A1 |