CN115037485B - Method, device and equipment for realizing lightweight authentication encryption algorithm - Google Patents
Method, device and equipment for realizing lightweight authentication encryption algorithm Download PDFInfo
- Publication number
- CN115037485B CN115037485B CN202210968570.4A CN202210968570A CN115037485B CN 115037485 B CN115037485 B CN 115037485B CN 202210968570 A CN202210968570 A CN 202210968570A CN 115037485 B CN115037485 B CN 115037485B
- Authority
- CN
- China
- Prior art keywords
- box
- encryption algorithm
- expression
- normal form
- lightweight
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/12—Details relating to cryptographic hardware or logic circuitry
- H04L2209/122—Hardware reduction or efficient architectures
Abstract
The invention relates to the field of information security, and provides a method, a device and equipment for realizing a lightweight authentication encryption algorithm. The implementation method of the lightweight authentication encryption algorithm comprises an S box displacement layer and a linear displacement layer, and the method comprises the following steps: acquiring an S box lookup table in the S box displacement layer and/or an exclusive or operation in the linear displacement layer; converting the obtained S box lookup table and/or XOR operation into a disjunctive normal form; and mapping the logic operation in the disjunctive normal form into a corresponding logic device to obtain a corresponding logic circuit. The implementation mode provided by the invention can improve the execution efficiency of the lightweight authentication encryption algorithm and is easy to realize by a special integrated circuit.
Description
Technical Field
The invention relates to the field of information security, in particular to a method for realizing a lightweight authentication and encryption algorithm, a device for realizing the lightweight authentication and encryption algorithm, equipment for realizing the lightweight authentication and encryption algorithm and a computer readable storage medium.
Background
The lightweight authentication encryption algorithm is combined with an authentication function and an encryption function, and comprises an S box displacement layer and a linear displacement layer. In the partial operation in the S-box displacement layer and the linear displacement layer, when hardware is adopted for implementation, more electronic elements are needed, and higher requirements are provided for the circuit area and the operating power. And in the hardware implementation process, the workload required for the selection and the arrangement of the hardware in the design process is large.
Disclosure of Invention
The embodiment of the invention aims to provide a method, a device and equipment for realizing a lightweight authentication encryption algorithm, a hardware realization scheme for optimizing the encryption authentication algorithm is designed, a traditional scheme for realizing an S box by a lookup table is abandoned, and a linear replacement layer is realized by a method based on an optimized logic gate. The implementation mode provided by the invention can save components, reduce the area and improve the efficiency, is easy to describe by verilog HDL (hardware description language), and provides a high-speed and effective means for realizing an application-specific integrated circuit.
In order to achieve the above object, a first aspect of the present invention provides a method for implementing a lightweight authenticated encryption algorithm, where the lightweight authenticated encryption algorithm includes an S-box replacement layer and a linear replacement layer, and the method includes: acquiring an S box lookup table in the S box displacement layer and/or an exclusive or operation in the linear displacement layer; converting the obtained S box lookup table and/or exclusive or operation into a disjunctive normal form; and mapping the logic operation in the disjunctive normal form into a corresponding logic device to obtain a corresponding logic circuit.
Preferably, the S-box lookup table in the S-box replacement layer is converted into a form of disjunctive normal form, including: constructing an expression between an input value and an output value of an S-box lookup table, wherein the expression comprises a Boolean operator, the input value and the output value; optimizing the same item in the expression to obtain the expression without the same item as a disjunctive normal form.
Preferably, the expression in the expression between the input value and the output value for constructing the S-box lookup table is a conjunctive normal form.
Preferably, the xor operation in the linear replacement layer is converted into a form of disjunctive normal form, including: acquiring an expression between an input value and an output value of a linear displacement layer expressed by adopting cyclic shift and XOR operation; and converting the exclusive-or operation in the expression into a disjunctive normal form.
Preferably, the S-box replacement layer and the linear replacement layer exist at the following stages of the lightweight authenticated encryption algorithm: initialization stage, related data processing stage, plaintext processing stage and authentication data generation stage; the initialization stage comprises the steps of initializing state data in a register by adopting a secret key and a random number; the related data processing stage comprises the step of updating the state data by adopting related data; the plaintext processing stage comprises the steps of injecting plaintext to be encrypted into updated state data to obtain corresponding ciphertext; the stage of generating authentication data comprises generating an authentication label for identity authentication.
Preferably, the lightweight authentication encryption algorithm adopts a plurality of register storage states; the plurality of registers are updated two rounds per cycle.
Preferably, one of the plurality of registers is updated according to a specific round constant.
Preferably, the logic circuit formed by the logic device is integrated in a chip.
In a second aspect of the present invention, there is also provided an apparatus for implementing a lightweight authentication encryption algorithm, where the lightweight authentication encryption algorithm includes an S-box displacement layer and a linear displacement layer, and the apparatus includes: the target acquisition module is used for acquiring an S box lookup table in the S box replacement layer and/or XOR operation in the linear replacement layer; the disjunctive normal form module is used for converting the obtained S box lookup table and/or the exclusive OR operation into a disjunctive normal form; the device mapping module is used for mapping the logic operation in the disjunctive normal form into a corresponding logic device to obtain a corresponding logic circuit; and the algorithm implementation module is used for executing the lightweight authentication encryption algorithm by adopting the logic circuit.
Preferably, the converting the S-box lookup table in the S-box displacement layer into a form of disjunctive normal form includes: constructing an expression between an input value and an output value of an S-box lookup table, wherein the expression comprises a Boolean operator, the input value and the output value; optimizing the same item in the expression to obtain the expression without the same item as a disjunctive normal form.
Preferably, the expression in the expression between the input value and the output value for constructing the S-box lookup table is a conjunctive normal form.
Preferably, the xor operation in the linear displacement layer is converted into a form of disjunctive normal form, including: acquiring an expression between an input value and an output value of a linear displacement layer expressed by adopting cyclic shift and XOR operation; and converting the exclusive-or operation in the expression into a disjunctive normal form.
Preferably, the S-box replacement layer and the linear replacement layer exist at the following stages of the lightweight authenticated encryption algorithm: the method comprises an initialization stage, a related data processing stage, a plaintext processing stage and an authentication data generating stage.
Preferably, the lightweight authentication encryption algorithm adopts a plurality of registers to store states; the plurality of registers are updated for two rounds per cycle.
Preferably, one of the plurality of registers is updated according to a specific round constant.
Preferably, a logic circuit formed by the logic device is integrated in a chip.
In a third aspect of the present invention, there is also provided an apparatus for implementing a lightweight authenticated encryption algorithm, including a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the foregoing method for implementing a lightweight authenticated encryption algorithm when executing the computer program.
In a fourth aspect of the present invention, there is also provided a computer-readable storage medium, which stores instructions that, when executed on a computer, cause the computer to execute the steps of the aforementioned method for implementing a lightweight authenticated encryption algorithm.
A fifth aspect of the invention provides a computer program product comprising a computer program which, when executed by a processor, implements the method of implementing a lightweight authenticated encryption algorithm as described above.
The technical scheme at least has the following beneficial effects:
the S box displacement layer and the linear displacement layer in the lightweight authentication encryption algorithm are optimized by adopting a disjunctive normal form, so that the number of logic gates in hardware implementation is reduced, and the effects of improving the high throughput rate of a circuit chip and reducing logic delay are achieved; and then save circuit components and parts, also improved efficiency when reducing circuit area.
Additional features and advantages of embodiments of the present invention will be described in the detailed description which follows.
Drawings
The accompanying drawings, which are included to provide a further understanding of the embodiments of the invention and are incorporated in and constitute a part of this specification, illustrate embodiments of the invention and together with the description serve to explain the embodiments of the invention without limiting the embodiments of the invention. In the drawings:
fig. 1 schematically shows an implementation diagram of an implementation method of a lightweight authenticated encryption algorithm according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of the ASCON algorithm according to an embodiment of the present invention;
FIG. 3 schematically illustrates an ASIC implementation of an S-box displacement layer according to an embodiment of the present invention;
fig. 4 schematically shows a structural diagram of an implementation apparatus for a lightweight authenticated encryption algorithm according to an embodiment of the present invention.
Detailed Description
The following detailed description of embodiments of the invention refers to the accompanying drawings. It should be understood that the detailed description and specific examples, while indicating embodiments of the invention, are given by way of illustration and explanation only, not limitation.
Fig. 1 schematically shows an implementation diagram of an implementation method of a lightweight authenticated encryption algorithm according to an embodiment of the present invention. As shown in fig. 1, a method for implementing a lightweight authentication encryption algorithm provided in this embodiment includes: an S-box displacement layer and a linear displacement layer, the method comprising:
and S01, acquiring an S box lookup table in the S box replacement layer and/or an exclusive OR operation in the linear replacement layer. In cryptography, an S-box (subscription-box) is the basic structure of a symmetric key algorithm to perform permutation computations. The S box is used in the block cipher algorithm and is a unique nonlinear structure, and the quality of the indexes of the S box directly determines the quality of the cipher algorithm. Also, the linear permutation layer has an important influence on the performance of the cryptographic algorithm. The optimization goal of this embodiment is the S-box displacement layer and/or the linear displacement layer, which therefore needs to be obtained.
S02, converting the obtained S box lookup table and/or XOR operation into a disjunctive normal form; the function of the S-box is a simple "substitute" operation. For example, the S-box permutation layer of the ASCON algorithm is a permutation table with 5-bit input and output, but the present conversion method is not favorable for the functional implementation of the logic device. Therefore, in the present embodiment, the S-box lookup table is converted into a disjunctive normal form, which is a disjunctive form composed of a finite number of simple conjunctive forms. The disjunctive normal form is an expression that links boolean variables using boolean operators. Where the boolean operator contains only and nor gates, such as (a) + (a & c ') + (b & c), where "+" denotes an or gate, "&" denotes an and gate, and "'" denotes an not gate. Therefore, the calculation step of the S-box lookup table is formed by basic logic operation, and the S-box lookup table is conveniently realized on a logic circuit according to the corresponding relation between the basic logic operation and the logic gate circuit.
Based on the same technical concept, the exclusive or operation in the linear displacement layer is converted into a disjunctive normal form, so as to achieve the same technical effects as the above. The two targets in the above disjunctive normal form transformation include an S-box displacement layer and a linear displacement layer, and one of them may be selected for implementation, or both of them may be implemented.
And S03, mapping the logic operation in the disjunctive normal form into a corresponding logic device to obtain a corresponding logic circuit. And mapping the logic operation in the disjunctive normal form into a corresponding logic device. Through the conversion of the previous step, the complex logic in the lightweight authentication encryption algorithm is converted into the combination of the logic operation, and the AND, OR, NOT, XOR and the like in the logic operation are more conveniently mapped into corresponding logic devices. And connecting the logic devices obtained by mapping to obtain a corresponding logic circuit. In the hardware implementation of the lightweight authentication encryption algorithm, the hardware implementation has the advantage of high processing speed, and the implementation mode can facilitate the design of a logic circuit.
Through the implementation mode, the S box displacement layer and the linear displacement layer of the ASCON algorithm can be optimized by adopting the minimum logic gate number, and the realization efficiency of the logic circuit is improved.
In some embodiments of the present invention, converting the S-box lookup table in the S-box displacement layer into a form of disjunctive normal form comprises: constructing an expression between input values and output values of the S-box lookup table, the expression comprising a Boolean operator, the input values, and the output values.
For ease of describing the S-box look-up table, the boolean variables a, B, C, D, E are used to represent the 5-bit input to the S-box and the boolean variables F0, F1, F2, F3, F4 are used to represent the 5-bit output of the S-box. The expression of the S-box is as follows, preferably a conjunctive normal form.
F0 = A' B' C' D E' + A' B' C' D E + A' B' C D' E' + A' B' C D' E + A' B C' D' E' + A' B C' D E + A' B C D' E' + A' B C D E;
F1 = A' B' C' D' E + A' B' C' D E' + A' B' C D' E' + A' B' C D E' + A' B C' D' E' + A' B C' D E' + A' B C D' E' + A' B C D E;
F2 = A' B' C' D' E' + A' B' C' D E' + A' B' C' D E + A' B' C D' E + A' B C' D' E + A' B C D' E' + A' B C D E' + A' B C D E;
F3 = A' B' C' D' E + A' B' C' D E' + A' B' C D' E' + A' B' C D E + A' B C' D' E' + A' B C' D E + A' B C D' E + A' B C D E';
F4 = A' B' C' D' E + A' B' C' D E' + A' B' C D' E + A' B' C D E' + A' B C' D' E' + A' B C' D' E + A' B C D' E' + A' B C D' E;
The disjunctive normal forms of each bit output have the same item, the same item in the expression is optimized to obtain the expression without the same item, and the expression is used as the disjunctive normal form corresponding to the S-box lookup table, so that the effect of reducing the gate number is achieved. The resulting disjunctive normal form is as follows:
x1=X17&E';X9=A'&B;
x2=X16&D';X10=D&E;
x3=X7&D;X11=D&E';
x4=X7&X12;X12=D'&E;
x5=X9&C&D;X13=X9&C;
x6=X9&C'&D';x14=X9&X10;
X7=X8&C';x15=X3&E';
X8=A'&B';x16=X8&C;
x17=X9&D';
F0 = x1 +x2 +x3+X14;
F1 = x1 +A'&C'&X11 +X16&E' +x4 +x5&E;
F2 = X7&E' +X15 +x6&E+x2&E +x3+x5;
F3 = X6&E' +x2&E' +x15 + x5&E' +x4 +X3&X12 +X14&C'+X16&X10;
F4 = X8&X11 +X17+ A'&X12;
through the steps, the conversion between the S box displacement layer and the disjunctive normal form can be realized, and the disjunctive normal form obtained through the conversion can better correspond to the logic device.
In some embodiments of the present invention, converting the xor operation in the linear permutation layer into a form of disjunctive normal form comprises: acquiring an expression between an input value and an output value of a linear displacement layer expressed by adopting cyclic shift and XOR operation; the linear displacement layer adopts cyclic shift and XOR operation, and both adopt the form of x ^ (x > > > n) ^ (x > > > n 1). The 5 64-bit linear permutation layers are as follows:
wherein: a0, B1, C2, D3, E4 represent 5 64-bit inputs, respectively, and F0, F1, F2, F3, F4 represent 5 64-bit outputs, respectively.
Converting the exclusive-or operation in the expression into a disjunctive normal form, which comprises the following steps: the exclusive-or operation is optimized into a disjunctive normal form to reduce circuit delay and circuit area. The results after conversion were as follows:
F0=A0 (A0>>>10)' (A0>>>28)' +A0' (A0>>>10) (A0>>>28)' + A0' (A0>>>10)' c + A0 (A0>>>10) (A0>>>28);
F1=B1 (B1>>>61)' (B1>>>28)' + B1' (B1>>>61) (B1>>>28)' + B1' (B1>>>61)' (B1>>>28) + B1 (B1>>>61) (B1>>>28);
F2=C1 (C1>>>1)' (C1>>>6)' + C1' (C1>>>1) (C1>>>6)' + C1' (C1>>>1)' (C1>>>6) + C1 (C1>>>1) (C1>>>6);
F3=D10 (D10>>>10)' (D10>>>17)' + D10' (D10>>>10) (D10>>>17)' + D10' (D10>>>10)' (D10>>>17) + D10 (D10>>>10) (D10>>>17);
F4=E7 (E7>>>7)' (E7>>>41)' + E7' (E7>>>7) (E7>>>41)' + E7' (E7>>>7)' (E7>>>41) + E7 (E7>>>7) (E7>>>41);
the following description is given by taking a lightweight authenticated encryption algorithm as an ASCON algorithm, and implementing the method in the present application is as follows:
fig. 2 is a schematic diagram illustrating the structure of an ASCON algorithm according to an embodiment of the present invention, and as shown in fig. 2, the authenticated encryption process of the ASCON algorithm is divided into the following 4 stages: initialization phase, related data processing phase, plaintext processing phase and authentication data generation phase. The initialization stage comprises the steps of initializing state data in a register by adopting a secret key and a random number; the related data processing stage comprises the steps of updating the state data by adopting related data; the plaintext processing stage comprises the steps of injecting plaintext to be encrypted into the updated state data to obtain a corresponding ciphertext; the stage of generating authentication data comprises generating an authentication label for identity authentication. Each stage is composed of a basic round function p, which contains an exclusive-or round constant, and the aforementioned three parts of the S-box displacement layer and the linear displacement layer. In the embodiment, a scheme for realizing 2 rounds of round functions in each period is designed based on optimization of the S box and the linear layer, so that the authentication and encryption efficiency of the ASCON algorithm is improved.
The S-box permutation layer of the ASCON algorithm is a 5-bit input/output permutation table used. The invention converts the S-box lookup table into an disjunctive normal form, then optimizes the same clauses, and finally obtains the S-box expression with the least gate number. And the linear displacement layer of the ASCON algorithm realizes the diffusion function of the state bits of 320 bits through different cyclic shifts and exclusive OR operations. In this step, the exclusive or of the linear permutation is converted into a disjunctive normal form.
Through the implementation mode, the technical effect of convenient hardware implementation, particularly ASIC implementation, can be achieved.
In some embodiments of the invention, the lightweight authenticated encryption algorithm employs a plurality of register storage states; the plurality of registers are updated for two rounds per cycle. For example, 5 64-bit registers are provided to store 320-bit states of the ASCON algorithm. The update frequency of the 5 registers is the same, but the update mode may be different, for example: the 64-bit registers S1H and S2 are initialized with a 128-bit key, and the 64-bit registers S3 and S4 are initialized with a 128-bit random number.
In some embodiments of the invention, one of the plurality of registers is updated according to a particular round constant. For example, register S0 may be updated in the following manner: initialization is performed with a key length of 128 bits, a packet length of 64 bits, a round constant of 12, and a round constant of 6.
In some embodiments of the present invention, the logic circuit formed by the logic device is integrated in a chip. The above method is preferably implemented using an Application Specific Integrated Circuit (ASIC). An ASIC (Application Specific Integrated Circuit) refers to an Integrated Circuit designed and manufactured according to the requirements of a Specific user and the requirements of a Specific electronic system. ASIC design with Complex Programmable Logic Devices (CPLDs) and Field Programmable Gate Arrays (FPGAs) is one of the most popular ways. Fig. 3 schematically shows an ASIC implementation of the S-box displacement layer according to an embodiment of the present invention. As shown in fig. 3, a logic circuit composed of various logic gates is shown, and the logic circuit includes a plurality of input terminals and output terminals, wherein the logic gates are obtained by corresponding to the logic operations in the disjunctive normal form. It is easy to describe by verilog HDL language, and is a high-speed and effective ASIC implementation method.
Based on the same invention concept, the invention also provides a device for realizing the lightweight authentication encryption algorithm. Fig. 4 schematically shows a structural diagram of an implementation apparatus for a lightweight authenticated encryption algorithm according to an embodiment of the present invention, as shown in fig. 4. The lightweight authentication encryption algorithm comprises an S-box displacement layer and a linear displacement layer, and the device comprises: the target acquisition module is used for acquiring an S box lookup table in the S box replacement layer and/or XOR operation in the linear replacement layer; the disjunctive normal form module is used for converting the obtained S box lookup table and/or the exclusive or operation into a disjunctive normal form; the device mapping module is used for mapping the logic operation in the disjunctive normal form into a corresponding logic device to obtain a corresponding logic circuit; and the algorithm realization module is used for realizing an S box lookup table and/or exclusive OR operation in the lightweight authentication encryption algorithm by adopting the logic circuit.
In some alternative embodiments, converting the S-box lookup table in the S-box displacement layer into a form of disjunctive normal form includes: constructing an expression between an input value and an output value of an S-box lookup table, wherein the expression comprises a Boolean operator, the input value and the output value; optimizing the same item in the expression to obtain the expression without the same item as a disjunctive normal form.
In some optional embodiments, the expression in the expressions between the input values and the output values of the building S-box lookup table is a conjunctive normal form.
In some alternative embodiments, converting the xor operation in the linear permutation layer into a form of disjunctive normal form includes: acquiring an expression between an input value and an output value of a linear displacement layer expressed by adopting cyclic shift and XOR operation; and converting the exclusive-or operation in the expression into a disjunctive normal form.
In some optional embodiments, the lightweight authenticated encryption algorithm employs a plurality of register storage states; the plurality of registers are updated for two rounds per cycle.
In some alternative embodiments, the S-box permutation layer and the linear permutation layer exist at the following stages of the lightweight authenticated encryption algorithm: initialization stage, related data processing stage, plaintext processing stage and authentication data generation stage; the initialization stage comprises the steps of initializing state data in a register by adopting a secret key and a random number; the related data processing stage comprises the step of updating the state data by adopting related data; the plaintext processing stage comprises the steps of injecting plaintext to be encrypted into updated state data to obtain corresponding ciphertext; the stage of generating authentication data comprises generating an authentication label for identity authentication.
In some alternative embodiments, one of the plurality of registers is updated according to a particular round constant.
In some alternative embodiments, the logic circuit formed by the logic device is integrated in a chip.
For specific limitations of each functional module in the implementation apparatus for the lightweight authentication encryption algorithm, reference may be made to the above limitations on the implementation method for the lightweight authentication encryption algorithm, which is not described herein again. The various modules in the above-described apparatus may be implemented in whole or in part by software, hardware, and combinations thereof. The modules can be embedded in a hardware form or independent from a processor in the computer device, and can also be stored in a memory in the computer device in a software form, so that the processor can call and execute operations corresponding to the modules.
In some embodiments provided by the present invention, an apparatus for implementing a lightweight authenticated encryption algorithm is further provided, and includes a memory, a processor, and a computer program stored in the memory and executable on the processor, where the processor implements the steps of the foregoing method for implementing a lightweight authenticated encryption algorithm when executing the computer program. The processor herein has functions of numerical calculation and logical operation, and has at least a central processing unit CPU having data processing capability, a random access memory RAM, a read only memory ROM, various I/O ports, an interrupt system, and the like. The processor comprises a kernel, and the kernel calls the corresponding program unit from the memory. One or more than one kernel can be set, and the method is realized by adjusting kernel parameters. The memory may include volatile memory in a computer readable medium, random Access Memory (RAM) and/or nonvolatile memory such as Read Only Memory (ROM) or flash memory (flash RAM), and the memory includes at least one memory chip.
In an embodiment of the present invention, there is also provided a computer-readable storage medium having stored therein instructions which, when executed on a computer, cause the processor to be configured to execute the implementation method of the lightweight authenticated encryption algorithm described above.
In one embodiment, a computer program product is provided, which includes a computer program, and when being executed by a processor, the computer program implements the method for implementing the lightweight authenticated encryption algorithm.
As will be appreciated by one skilled in the art, embodiments of the present application may be provided as a method, system, or computer program product. Accordingly, the present application may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present application may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and so forth) having computer-usable program code embodied therein.
The present application is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). The memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), static Random Access Memory (SRAM), dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), read Only Memory (ROM), electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), digital Versatile Disks (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium, which can be used to store information that can be accessed by a computing device. As defined herein, a computer readable medium does not include a transitory computer readable medium such as a modulated data signal and a carrier wave.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrases "comprising a," "8230," "8230," or "comprising" does not exclude the presence of additional identical elements in the process, method, article, or apparatus comprising the element.
The above are merely examples of the present application and are not intended to limit the present application. Various modifications and changes may occur to those skilled in the art to which the present application pertains. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (12)
1. A method for realizing a lightweight authentication encryption algorithm, wherein the lightweight authentication encryption algorithm comprises an S-box displacement layer and a linear displacement layer, and the method comprises the following steps:
acquiring an S box lookup table in the S box displacement layer and/or an exclusive or operation in the linear displacement layer;
converting the obtained S box lookup table and/or XOR operation into a disjunctive normal form;
wherein, the S box lookup table who will acquire turns into the form of disjunctor normal form, includes: constructing an expression between an input value and an output value of an S-box lookup table, wherein the expression comprises a Boolean operator, the input value and the output value; optimizing the same item in the expression to obtain an expression without the same item, and taking the expression as a disjunctive normal form;
converting the obtained exclusive or operation into a disjunctive normal form, comprising: acquiring an expression between an input value and an output value of a linear displacement layer expressed by adopting cyclic shift and XOR operation; converting the exclusive or operation in the expression into a disjunctive normal form;
and mapping the logic operation in the disjunctive normal form into a corresponding logic device to obtain a corresponding logic circuit.
2. The method of claim 1, wherein the lightweight authenticated encryption algorithm employs a plurality of register storage states;
the plurality of registers are updated for two rounds per cycle.
3. The method of claim 1, wherein the S-box permutation layer and linear permutation layer exist at the following stages of the lightweight authenticated encryption algorithm: initialization stage, related data processing stage, plaintext processing stage and authentication data generation stage;
the initialization stage comprises the steps of initializing state data in a register by adopting a secret key and a random number;
the related data processing stage comprises the steps of updating the state data by adopting related data;
the plaintext processing stage comprises the steps of injecting plaintext to be encrypted into updated state data to obtain corresponding ciphertext;
the stage of generating authentication data comprises generating an authentication label for identity authentication.
4. The method of claim 2, wherein one of the plurality of registers is updated according to a particular round constant.
5. The method of claim 1, wherein the logic circuit formed by the logic device is integrated in a chip.
6. An implementation apparatus for a lightweight authenticated encryption algorithm, where the lightweight authenticated encryption algorithm includes an S-box displacement layer and a linear displacement layer, the apparatus comprising:
the target acquisition module is used for acquiring an S box lookup table in the S box replacement layer and/or XOR operation in the linear replacement layer;
the disjunctive normal form module is used for converting the obtained S box lookup table and/or the exclusive OR operation into a disjunctive normal form; wherein, the S box lookup table who will acquire turns into the form of disjunctor normal form, includes: constructing an expression between an input value and an output value of an S-box lookup table, wherein the expression comprises a Boolean operator, the input value and the output value; optimizing the same item in the expression to obtain an expression without the same item as a disjunctive normal form;
converting the obtained exclusive or operation into a disjunctive normal form, comprising: acquiring an expression between an input value and an output value of a linear displacement layer expressed by adopting cyclic shift and XOR operation; converting the exclusive or operation in the expression into a disjunctive normal form; and
and the device mapping module is used for mapping the logical operation in the disjunctive normal form into a corresponding logical device to obtain a corresponding logical circuit.
7. The apparatus of claim 6, wherein the lightweight authenticated encryption algorithm employs a plurality of registers to store state;
the plurality of registers are updated two rounds per cycle.
8. The apparatus of claim 6, wherein the S-box permutation layer and linear permutation layer exist at the following stages of the lightweight authenticated encryption algorithm: initialization stage, related data processing stage, plaintext processing stage and authentication data generation stage;
the initialization stage comprises initializing the state data in the register by adopting a secret key and a random number;
the related data processing stage comprises the step of updating the state data by adopting related data;
the plaintext processing stage comprises the steps of injecting plaintext to be encrypted into updated state data to obtain corresponding ciphertext;
the stage of generating authentication data comprises generating an authentication label for identity authentication.
9. The apparatus of claim 7, wherein one of the plurality of registers is updated according to a particular round constant.
10. The apparatus of claim 6, wherein the logic circuit formed by the logic device is integrated in a chip.
11. An implementation device of a lightweight authenticated encryption algorithm, comprising a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor implements the steps of the implementation method of the lightweight authenticated encryption algorithm according to any one of claims 1 to 5 when executing the computer program.
12. A computer-readable storage medium having stored therein instructions which, when run on a computer, cause the computer to perform the steps of a method of implementing a lightweight authenticated encryption algorithm according to any one of claims 1 to 5.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210968570.4A CN115037485B (en) | 2022-08-12 | 2022-08-12 | Method, device and equipment for realizing lightweight authentication encryption algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202210968570.4A CN115037485B (en) | 2022-08-12 | 2022-08-12 | Method, device and equipment for realizing lightweight authentication encryption algorithm |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN115037485A CN115037485A (en) | 2022-09-09 |
| CN115037485B true CN115037485B (en) | 2022-11-08 |
Family
ID=83130160
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202210968570.4A Active CN115037485B (en) | 2022-08-12 | 2022-08-12 | Method, device and equipment for realizing lightweight authentication encryption algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN115037485B (en) |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105426349A (en) * | 2015-11-03 | 2016-03-23 | 北京锐安科技有限公司 | Transmission exchange method and device of logic expression |
| CN112398639A (en) * | 2020-11-04 | 2021-02-23 | 山东大学 | Device and method for realizing Fountain lightweight encryption algorithm and application |
| CN112613080A (en) * | 2020-12-16 | 2021-04-06 | 哈尔滨理工大学 | Reconfigurable array unit and array for lightweight block cipher algorithm |
Family Cites Families (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20150222421A1 (en) * | 2014-02-03 | 2015-08-06 | Qualcomm Incorporated | Countermeasures against side-channel attacks on cryptographic algorithms |
| CN112636899B (en) * | 2020-09-21 | 2022-03-18 | 中国电子科技集团公司第三十研究所 | Lightweight S box design method |
-
2022
- 2022-08-12 CN CN202210968570.4A patent/CN115037485B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105426349A (en) * | 2015-11-03 | 2016-03-23 | 北京锐安科技有限公司 | Transmission exchange method and device of logic expression |
| CN112398639A (en) * | 2020-11-04 | 2021-02-23 | 山东大学 | Device and method for realizing Fountain lightweight encryption algorithm and application |
| CN112613080A (en) * | 2020-12-16 | 2021-04-06 | 哈尔滨理工大学 | Reconfigurable array unit and array for lightweight block cipher algorithm |
Non-Patent Citations (1)
| Title |
|---|
| 基于轻量级分组密码算法的SoC安全存储器设计;刘伟等;《电子科技》;20220607;第36卷(第9期);全文 * |
Also Published As
| Publication number | Publication date |
|---|---|
| CN115037485A (en) | 2022-09-09 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11121856B2 (en) | Unified AES-SMS4—Camellia symmetric key block cipher acceleration | |
| US20160269175A1 (en) | Cryptographic cipher with finite subfield lookup tables for use in masked operations | |
| EP3758275B1 (en) | Post quantum public key signature operation for reconfigurable circuit devices | |
| US10205589B2 (en) | Encryption processing device and encryption processing method | |
| CN112398639B (en) | Device and method for realizing Fountain lightweight encryption algorithm and application | |
| CN112200713B (en) | Business data processing method, device and equipment in federal learning | |
| Shahbazi et al. | Design and implementation of an ASIP-based cryptography processor for AES, IDEA, and MD5 | |
| CN104219045A (en) | RC4 (Rivest cipher 4) stream cipher generator | |
| CN115037485B (en) | Method, device and equipment for realizing lightweight authentication encryption algorithm | |
| CN112564890A (en) | Method and device for accelerating SM4 algorithm, processor and electronic equipment | |
| CN114826560B (en) | Lightweight block cipher CREF implementation method and system | |
| CN103873229A (en) | Rapid protection method for resisting timing and cache side channel attack under KLEIN encryption AVR environment | |
| WO2016059870A1 (en) | Cipher processing apparatus, cipher processing method, and program | |
| CN114371828A (en) | Polynomial multiplier and processor with same | |
| CN114124359A (en) | Method and device for preserving format encrypted data, electronic equipment and storage medium | |
| CN114615069A (en) | Quartet lightweight encryption algorithm implementation device and method | |
| CN107437990A (en) | Encryption method, decryption method, encryption device and decryption device | |
| CN110071927B (en) | Information encryption method, system and related components | |
| CN116366248B (en) | Kyber implementation method and system based on compact instruction set expansion | |
| JP2002287635A (en) | High-speed arithmetic circuit of sha arithmetic operation | |
| CN104683096B (en) | Dynamic S-box transform method and system | |
| KR102282363B1 (en) | Bit-serial hight operation apparatus and its method, computer-readable recording medium and computer program having program language for the same | |
| Polani et al. | Low power and area efficient AES implementation using ROM based key expansion and rotational shift | |
| US11902415B2 (en) | Secure computing device, secure computing method, and program | |
| Van Luc et al. | Fast Binary Field Mutiplication on ARMv7 Embedded Processors |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |