JP2009109988A5 - - Google Patents
Download PDFInfo
- Publication number
- JP2009109988A5 JP2009109988A5 JP2008233094A JP2008233094A JP2009109988A5 JP 2009109988 A5 JP2009109988 A5 JP 2009109988A5 JP 2008233094 A JP2008233094 A JP 2008233094A JP 2008233094 A JP2008233094 A JP 2008233094A JP 2009109988 A5 JP2009109988 A5 JP 2009109988A5
- Authority
- JP
- Japan
- Prior art keywords
- unit
- input
- output
- addroundkey
- calculation unit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 claims 40
Claims (16)
第1のAddRoundKey演算部と第2のAddRoundKey演算部とShiftRows演算部とSubBytes演算部とMixColumns演算部とデータ保持部を有し、
前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部と前記ShiftRows演算部と前記SubBytes演算部と前記MixColumns演算部と前記データ保持部を用いて、複数のクロックサイクルで暗号化処理を行い、
前記暗号化処理の1つのクロックサイクルでは、前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部を用い、
前記1つのクロックサイクルとは異なる、前記暗号化処理のクロックサイクルでは、前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部のうち、いずれか1つのAddRoundKey演算部を用いることを特徴とする暗号処理回路。 AES encryption processing circuit,
A first AddRoundKey operation unit, a second AddRoundKey operation unit, a ShiftRows operation unit, a SubBytes operation unit, a MixColumns operation unit, and a data holding unit;
Using the first AddRoundKey computing unit, the second AddRoundKey computing unit, the ShiftRows computing unit, the SubBytes computing unit, the MixColumns computing unit, and the data holding unit, encryption processing is performed in a plurality of clock cycles,
In one clock cycle of the encryption process, the first AddRoundKey calculation unit and the second AddRoundKey calculation unit are used,
In the clock cycle of the encryption process, which is different from the one clock cycle, any one of the first AddRoundKey arithmetic unit and the second AddRoundKey arithmetic unit is used. Cryptographic processing circuit.
前記暗号化処理の2クロックサイクル目からラウンド数Nr-1クロックサイクル目では、前記データ保持部の出力を前記第1のAddRoundKey演算部に入力し、前記第1のAddRoundKey演算部の出力を前記SubBytes演算部に入力し、前記SubBytes演算部の出力を前記ShiftRows演算部に入力し、前記ShiftRows演算部の出力を前記MixColumns演算部に入力し、前記MixColumns演算部の出力を前記データ保持部に入力し、
前記暗号化処理のラウンド数Nrクロックサイクル目では、前記データ保持部の出力を前記第1のAddRoundKey演算部に入力し、前記第1のAddRoundKey演算部の出力を前記SubBytes演算部に入力し、前記SubBytes演算部の出力を前記ShiftRows演算部に入力し、前記ShiftRows演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記データ保持部に入力することを特徴とする請求項1に記載の暗号処理回路。 In the first clock cycle of the encryption process, plaintext data is input to the first AddRoundKey operation unit, an output of the first AddRoundKey operation unit is input to the SubBytes operation unit, and an output of the SubBytes operation unit is output. Input to the ShiftRows operation unit, input the output of the ShiftRows operation unit to the MixColumns operation unit, input the output of the MixColumns operation unit to the data holding unit,
From the second clock cycle of the encryption process to the round number Nr-1 clock cycle, the output of the data holding unit is input to the first AddRoundKey calculation unit, and the output of the first AddRoundKey calculation unit is input to the SubBytes Input to the calculation unit, the output of the SubBytes calculation unit is input to the ShiftRows calculation unit, the output of the ShiftRows calculation unit is input to the MixColumns calculation unit, the output of the MixColumns calculation unit is input to the data holding unit ,
In the round number Nr clock cycle of the encryption process, the output of the data holding unit is input to the first AddRoundKey calculation unit, the output of the first AddRoundKey calculation unit is input to the SubBytes calculation unit, and The output of the SubBytes arithmetic unit is input to the ShiftRows arithmetic unit, the output of the ShiftRows arithmetic unit is input to the second AddRoundKey arithmetic unit, and the output of the second AddRoundKey arithmetic unit is input to the data holding unit The cryptographic processing circuit according to claim 1.
前記暗号化処理の2クロックサイクル目からラウンド数Nr-1クロックサイクル目では、前記データ保持部の出力を前記SubBytes演算部に入力し、前記SubBytes演算部の出力を前記ShiftRows演算部に入力し、前記ShiftRows演算部の出力を前記MixColumns演算部に入力し、前記MixColumns演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記データ保持部に入力し、
前記暗号化処理のラウンド数Nrクロックサイクル目では、前記データ保持部の出力を前記SubBytes演算部に入力し、前記SubBytes演算部の出力を前記ShiftRows演算部に入力し、前記ShiftRows演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記データ保持部に入力することを特徴とする請求項1に記載の暗号処理回路。 In the first clock cycle of the encryption process, plaintext data is input to the first AddRoundKey operation unit, an output of the first AddRoundKey operation unit is input to the SubBytes operation unit, and an output of the SubBytes operation unit is output. Input to the ShiftRows operation unit, input of the ShiftRows operation unit to the MixColumns operation unit, input of the MixColumns operation unit to the second AddRoundKey operation unit, output of the second AddRoundKey operation unit To the data holding unit,
From the second clock cycle to the round number Nr-1 clock cycle of the encryption process, the output of the data holding unit is input to the SubBytes arithmetic unit, and the output of the SubBytes arithmetic unit is input to the ShiftRows arithmetic unit, The output of the ShiftRows calculator is input to the MixColumns calculator, the output of the MixColumns calculator is input to the second AddRoundKey calculator, and the output of the second AddRoundKey calculator is input to the data holding unit. ,
In the round number Nr clock cycle of the encryption process, the output of the data holding unit is input to the SubBytes calculation unit, the output of the SubBytes calculation unit is input to the ShiftRows calculation unit, and the output of the ShiftRows calculation unit is output. 2. The cryptographic processing circuit according to claim 1, wherein the encryption processing circuit inputs to the second AddRoundKey calculation unit and inputs an output of the second AddRoundKey calculation unit to the data holding unit.
前記暗号化処理の2クロックサイクル目からラウンド数Nr-1クロックサイクル目では、前記データ保持部の出力を前記MixColumns演算部に入力し、前記MixColumns演算部の出力を前記第1のAddRoundKey演算部に入力し、前記第1のAddRoundKey演算部の出力を前記SubBytes演算部に入力し、前記SubBytes演算部の出力を前記ShiftRows演算部に入力し、前記ShiftRows演算部の出力を前記データ保持部に入力し、
前記暗号化処理のラウンド数Nrクロックサイクル目では、前記データ保持部の出力を前記MixColumns演算部に入力し、前記MixColumns演算部の出力を前記第1のAddRoundKey演算部に入力し、前記第1のAddRoundKey演算部の出力を前記SubBytes演算部に入力し、前記SubBytes演算部の出力を前記ShiftRows演算部に入力し、前記ShiftRows演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記データ保持部に入力することを特徴とする請求項1に記載の暗号処理回路。 In the first clock cycle of the encryption process, plaintext data is input to the first AddRoundKey operation unit, an output of the first AddRoundKey operation unit is input to the SubBytes operation unit, and an output of the SubBytes operation unit is output. Input to the ShiftRows calculation unit, input the output of the ShiftRows calculation unit to the data holding unit,
From the second clock cycle of the encryption process to the round number Nr-1 clock cycle, the output of the data holding unit is input to the MixColumns calculation unit, and the output of the MixColumns calculation unit is input to the first AddRoundKey calculation unit Input, the output of the first AddRoundKey operation unit is input to the SubBytes operation unit, the output of the SubBytes operation unit is input to the ShiftRows operation unit, the output of the ShiftRows operation unit is input to the data holding unit ,
In the round number Nr clock cycle of the encryption process, the output of the data holding unit is input to the MixColumns arithmetic unit, the output of the MixColumns arithmetic unit is input to the first AddRoundKey arithmetic unit, and the first The output of the AddRoundKey calculation unit is input to the SubBytes calculation unit, the output of the SubBytes calculation unit is input to the ShiftRows calculation unit, the output of the ShiftRows calculation unit is input to the second AddRoundKey calculation unit, and the second The cryptographic processing circuit according to claim 1, wherein an output of the AddRoundKey arithmetic unit is input to the data holding unit.
前記暗号化処理の開始からのクロックサイクルをカウントし、前記暗号化処理を行うための制御信号を生成する制御部を有することを特徴とする請求項1乃至4の何れか1項に記載の暗号処理回路。 A key expansion unit for generating a RoundKey from a CipherKey, and supplying the generated RoundKey to the first AddRoundKey calculation unit and the second AddRoundKey calculation unit;
5. The encryption according to claim 1, further comprising a control unit that counts clock cycles from the start of the encryption process and generates a control signal for performing the encryption process. 6. Processing circuit.
第1のAddRoundKey演算部と第2のAddRoundKey演算部とInvShiftRows演算部とInvSubBytes演算部とInvMixColumns演算部とデータ保持部を有し、
前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部と前記InvShiftRows演算部と前記InvSubBytes演算部と前記InvMixColumns演算部と前記データ保持部を用いて、複数のクロックサイクルで復号処理を行い、
前記復号処理の1つのクロックサイクルでは、前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部を用い、
前記1つのクロックサイクルとは異なる、前記復号処理のクロックサイクルでは、前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部のうち、いずれか一方のAddRoundKey演算部を用いることを特徴とする暗号処理回路。 AES encryption processing circuit,
A first AddRoundKey operation unit, a second AddRoundKey operation unit, an InvShiftRows operation unit, an InvSubBytes operation unit, an InvMixColumns operation unit, and a data holding unit;
Using the first AddRoundKey computing unit, the second AddRoundKey computing unit, the InvShiftRows computing unit, the InvSubBytes computing unit, the InvMixColumns computing unit, and the data holding unit, a decoding process is performed in a plurality of clock cycles,
In one clock cycle of the decoding process, the first AddRoundKey calculation unit and the second AddRoundKey calculation unit are used.
An encryption using one of the first AddRoundKey operation unit and the second AddRoundKey operation unit in the clock cycle of the decryption process different from the one clock cycle. Processing circuit.
前記復号処理の2クロックサイクル目からラウンド数Nr-1クロックサイクル目では、前記データ保持部の出力を前記InvMixColumns演算部に入力し、前記InvMixColumns演算部の出力を前記InvShiftRows演算部に入力し、前記InvShiftRows演算部の出力を前記InvSubBytes演算部に入力し、前記InvSubBytes演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記データ保持部に入力し、
前記復号処理のラウンド数Nrクロックサイクル目では、前記データ保持部の出力を前記InvMixColumns演算部に入力し、前記InvMixColumns演算部の出力を前記InvShiftRows演算部に入力し、前記InvShiftRows演算部の出力を前記InvSubBytes演算部に入力し、前記InvSubBytes演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記データ保持部に入力することを特徴とする請求項6に記載の暗号処理回路。 In the first clock cycle of the decryption process, ciphertext data is input to the first AddRoundKey operation unit, the output of the first AddRoundKey operation unit is input to the InvShiftRows operation unit, and the output of the InvShiftRows operation unit is output. Input to the InvSubBytes calculation unit, input the output of the InvSubBytes calculation unit to the second AddRoundKey calculation unit, input the output of the second AddRoundKey calculation unit to the data holding unit,
In the round number Nr-1 clock cycle from the second clock cycle of the decoding process, the output of the data holding unit is input to the InvMixColumns arithmetic unit, the output of the InvMixColumns arithmetic unit is input to the InvShiftRows arithmetic unit, The output of the InvShiftRows calculation unit is input to the InvSubBytes calculation unit, the output of the InvSubBytes calculation unit is input to the second AddRoundKey calculation unit, the output of the second AddRoundKey calculation unit is input to the data holding unit,
In the round number Nr clock cycle of the decoding process, the output of the data holding unit is input to the InvMixColumns calculation unit, the output of the InvMixColumns calculation unit is input to the InvShiftRows calculation unit, and the output of the InvShiftRows calculation unit is The input to the InvSubBytes calculation unit, the output of the InvSubBytes calculation unit to the second AddRoundKey calculation unit, and the output of the second AddRoundKey calculation unit to the data holding unit. The cryptographic processing circuit described in 1.
前記復号処理の2クロックサイクル目からラウンド数Nr-1クロックサイクル目では、前記データ保持部の出力を前記第1のAddRoundKey演算部に入力し、前記第1のAddRoundKey演算部の出力を前記InvMixColumns演算部に入力し、前記InvMixColumns演算部の出力を前記InvShiftRows演算部に入力し、前記InvShiftRows演算部の出力を前記InvSubBytes演算部に入力し、前記InvSubBytes演算部の出力を前記データ保持部に入力し、
前記復号処理のラウンド数Nrクロックサイクル目では、前記データ保持部の出力を前記第1のAddRoundKey演算部に入力し、前記第1のAddRoundKey演算部の出力を前記InvMixColumns演算部に入力し、前記InvMixColumns演算部の出力を前記InvShiftRows演算部に入力し、前記InvShiftRows演算部の出力を前記InvSubBytes演算部に入力し、前記InvSubBytes演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記データ保持部に入力することを特徴とする請求項6に記載の暗号処理回路。 In the first clock cycle of the decryption process, the ciphertext data is input to the first AddRoundKey operation unit, the output of the first AddRoundKey operation unit is input to the InvShiftRows operation unit, and the output of the InvShiftRows operation unit Is input to the InvSubBytes calculation unit, the output of the InvSubBytes calculation unit is input to the data holding unit,
From the second clock cycle of the decoding process to the round number Nr-1 clock cycle, the output of the data holding unit is input to the first AddRoundKey calculation unit, and the output of the first AddRoundKey calculation unit is input to the InvMixColumns calculation The output of the InvMixColumns operation unit is input to the InvShiftRows operation unit, the output of the InvShiftRows operation unit is input to the InvSubBytes operation unit, the output of the InvSubBytes operation unit is input to the data holding unit,
At the round number Nr clock cycle of the decoding process, the output of the data holding unit is input to the first AddRoundKey calculation unit, the output of the first AddRoundKey calculation unit is input to the InvMixColumns calculation unit, and the InvMixColumns The output of the calculation unit is input to the InvShiftRows calculation unit, the output of the InvShiftRows calculation unit is input to the InvSubBytes calculation unit, the output of the InvSubBytes calculation unit is input to the second AddRoundKey calculation unit, and the second The cryptographic processing circuit according to claim 6, wherein an output of the AddRoundKey calculation unit is input to the data holding unit.
前記復号処理の2クロックサイクル目からラウンド数Nr-1クロックサイクル目では、前記データ保持部の出力を前記InvShiftRows演算部に入力し、前記InvShiftRows演算部の出力を前記InvSubBytes演算部に入力し、前記InvSubBytes演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記InvMixColumns演算部に入力し、前記InvMixColumns演算部の出力を前記データ保持部に入力し、
前記復号処理のラウンド数Nrクロックサイクル目では、前記データ保持部の出力を前記InvShiftRows演算部に入力し、前記InvShiftRows演算部の出力を前記InvSubBytes演算部に入力し、前記InvSubBytes演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記データ保持部に入力することを特徴とする請求項6に記載の暗号処理回路。 In the first clock cycle of the decryption process, the ciphertext data is input to the first AddRoundKey operation unit, the output of the first AddRoundKey operation unit is input to the InvShiftRows operation unit, and the output of the InvShiftRows operation unit Is input to the InvSubBytes calculator, the output of the InvSubBytes calculator is input to the second AddRoundKey calculator, the output of the second AddRoundKey calculator is input to the InvMixColumns calculator, and the InvMixColumns calculator Input the output to the data holding unit,
In the round number Nr-1 clock cycle from the second clock cycle of the decoding process, the output of the data holding unit is input to the InvShiftRows calculation unit, the output of the InvShiftRows calculation unit is input to the InvSubBytes calculation unit, The output of the InvSubBytes calculation unit is input to the second AddRoundKey calculation unit, the output of the second AddRoundKey calculation unit is input to the InvMixColumns calculation unit, and the output of the InvMixColumns calculation unit is input to the data holding unit.
In the round number Nr clock cycle of the decoding process, the output of the data holding unit is input to the InvShiftRows calculation unit, the output of the InvShiftRows calculation unit is input to the InvSubBytes calculation unit, and the output of the InvSubBytes calculation unit is The cryptographic processing circuit according to claim 6, wherein the encryption processing circuit inputs to a second AddRoundKey calculation unit and inputs an output of the second AddRoundKey calculation unit to the data holding unit.
前記復号処理の開始からのクロックサイクルをカウントし、前記復号処理を行うための制御信号を生成する制御部を有することを特徴とする請求項6乃至9の何れか1項に記載の暗号処理回路。 A key expansion unit for generating a RoundKey from a CipherKey and supplying the RoundKey to the first AddRoundKey calculation unit and the second AddRoundKey calculation unit;
The cryptographic processing circuit according to claim 6, further comprising a control unit that counts clock cycles from the start of the decryption process and generates a control signal for performing the decryption process. .
第1のAddRoundKey演算部と第2のAddRoundKey演算部と第3のAddRoundKey演算部と第1のShiftRows演算部と第2のShiftRows演算部と第1のSubBytes演算部と第2のSubBytes演算部と第1のMixColumns演算部と第2のMixColumns演算部とデータ保持部を有し、
前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部と前記第3のAddRoundKey演算部と前記第1のShiftRows演算部と前記第2のShiftRows演算部と前記第1のSubBytes演算部と前記第2のSubBytes演算部と前記第1のMixColumns演算部と前記第2のMixColumns演算部と前記データ保持部を用いて、複数のクロックサイクルで暗号化処理を行い、
前記暗号化処理の1つのクロックサイクルでは、前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部と第3のAddRoundKey演算部を用い、
前記1つのクロックサイクルとは異なる、前記暗号化処理のクロックサイクルでは、前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部と前記第3のAddRoundKey演算部のうち、いずれか2つのAddRoundKey演算部を用いることを特徴とする暗号処理回路。 AES encryption processing circuit,
The first AddRoundKey computing unit, the second AddRoundKey computing unit, the third AddRoundKey computing unit, the first ShiftRows computing unit, the second ShiftRows computing unit, the first SubBytes computing unit, the second SubBytes computing unit, and the first 1 MixColumns operation unit, 2nd MixColumns operation unit and data holding unit,
The first AddRoundKey computing unit, the second AddRoundKey computing unit, the third AddRoundKey computing unit, the first ShiftRows computing unit, the second ShiftRows computing unit, the first SubBytes computing unit, and the first 2 SubBytes computing unit, the first MixColumns computing unit, the second MixColumns computing unit, and the data holding unit to perform encryption processing in a plurality of clock cycles,
In one clock cycle of the encryption process, the first AddRoundKey arithmetic unit, the second AddRoundKey arithmetic unit, and the third AddRoundKey arithmetic unit are used.
In the clock cycle of the encryption process, which is different from the one clock cycle, any two AddRoundKey operations are selected from the first AddRoundKey operation unit, the second AddRoundKey operation unit, and the third AddRoundKey operation unit. A cryptographic processing circuit characterized by using a unit.
前記暗号化処理の2クロックサイクル目からラウンド数Nr/2 - 1クロックサイクル目では、前記データ保持部の出力を前記第1のAddRoundKey演算部に入力し、前記第1のAddRoundKey演算部の出力を前記第1のSubBytes演算部に入力し、前記第1のSubBytes演算部の出力を前記第1のShiftRows演算部に入力し、前記第1のShiftRows演算部の出力を前記第1のMixColumns演算部に入力し、前記第1のMixColumns演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記第2のSubBytes演算部に入力し、前記第2のSubBytes演算部の出力を前記第2のShiftRows演算部に入力し、前記第2のShiftRows演算部の出力を前記第2のMixColumns演算部に入力し、前記第2のMixColumns演算部の出力を前記データ保持部に入力し、
前記暗号化処理のラウンド数Nr/2クロックサイクル目では、前記データ保持部の出力を前記第1のAddRoundKey演算部に入力し、前記第1のAddRoundKey演算部の出力を前記第1のSubBytes演算部に入力し、前記第1のSubBytes演算部の出力を前記第1のShiftRows演算部に入力し、前記第1のShiftRows演算部の出力を前記第1のMixColumns演算部に入力し、前記第1のMixColumns演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記第2のSubBytes演算部に入力し、前記第2のSubBytes演算部の出力を前記第2のShiftRows演算部に入力し、前記第2のShiftRows演算部の出力を前記第3のAddRoundKey演算部に入力し、前記第3のAddRoundKey演算部の出力を前記データ保持部に入力することを特徴とする暗号処理回路。 In the first clock cycle of the encryption process, plaintext data is input to the first AddRoundKey operation unit, an output of the first AddRoundKey operation unit is input to the first SubBytes operation unit, and the first The output of the SubBytes arithmetic unit is input to the first ShiftRows arithmetic unit, the output of the first ShiftRows arithmetic unit is input to the first MixColumns arithmetic unit, and the output of the first MixColumns arithmetic unit is Input to the second AddRoundKey calculation unit, input of the second AddRoundKey calculation unit to the second SubBytes calculation unit, input of the output of the second SubBytes calculation unit to the second ShiftRows calculation unit Then, the output of the second ShiftRows calculator is input to the second MixColumns calculator, the output of the second MixColumns calculator is input to the data holding unit,
In the round number Nr / 2-1 clock cycle from the second clock cycle of the encryption process, the output of the data holding unit is input to the first AddRoundKey arithmetic unit, and the output of the first AddRoundKey arithmetic unit is Input to the first SubBytes operation unit, input the output of the first SubBytes operation unit to the first ShiftRows operation unit, output of the first ShiftRows operation unit to the first MixColumns operation unit Input, the output of the first MixColumns calculator is input to the second AddRoundKey calculator, the output of the second AddRoundKey calculator is input to the second SubBytes calculator, and the second SubBytes The output of the arithmetic unit is input to the second ShiftRows arithmetic unit, the output of the second ShiftRows arithmetic unit is input to the second MixColumns arithmetic unit, and the output of the second MixColumns arithmetic unit is held in the data Enter
In the round number Nr / 2 clock cycle of the encryption process, the output of the data holding unit is input to the first AddRoundKey calculation unit, and the output of the first AddRoundKey calculation unit is input to the first SubBytes calculation unit And the output of the first SubBytes calculator is input to the first ShiftRows calculator, the output of the first ShiftRows calculator is input to the first MixColumns calculator, and the first The output of the MixColumns calculator is input to the second AddRoundKey calculator, the output of the second AddRoundKey calculator is input to the second SubBytes calculator, and the output of the second SubBytes calculator is the second Input to the second ShiftRows arithmetic unit, the output of the second ShiftRows arithmetic unit is input to the third AddRoundKey arithmetic unit, and the output of the third AddRoundKey arithmetic unit is input to the data holding unit A cryptographic processing circuit.
前記暗号化処理の開始からのクロックサイクルをカウントし、前記暗号化処理を行うための制御信号を生成する制御部を有することを特徴とする請求項11又は請求項12に記載の暗号処理回路。 A key expansion unit for generating a RoundKey from the CipherKey, and supplying the generated RoundKey to the first AddRoundKey calculation unit, the second AddRoundKey calculation unit, and the third AddRoundKey calculation unit;
The cryptographic processing circuit according to claim 11, further comprising a control unit that counts clock cycles from the start of the encryption processing and generates a control signal for performing the encryption processing.
第1のAddRoundKey演算部と第2のAddRoundKey演算部と第3のAddRoundKey演算部と第1のInvShiftRows演算部と第2のInvShiftRows演算部と第1のInvSubBytes演算部と第2のInvSubBytes演算部と第1のInvMixColumns演算部と第2のInvMixColumns演算部とデータ保持部を有し、
前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部と前記第3のAddRoundKey演算部と前記第1のInvShiftRows演算部と前記第2のInvShiftRows演算部と前記第1のInvSubBytes演算部と前記第2のInvSubBytes演算部と前記第1のInvMixColumns演算部と前記第2のInvMixColumns演算部と前記データ保持部を用いて、複数のクロックサイクルで復号処理を行い、
前記復号処理の1つのクロックサイクルでは、前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部と第3のAddRoundKey演算部を用い、
前記1つのクロックサイクルとは異なる、前記復号処理のクロックサイクルでは、前記第1のAddRoundKey演算部と前記第2のAddRoundKey演算部と第3のAddRoundKey演算部のうち、いずれか2つのAddRoundKey演算部を用いることを特徴とする暗号処理回路。 AES encryption processing circuit,
The first AddRoundKey computing unit, the second AddRoundKey computing unit, the third AddRoundKey computing unit, the first InvShiftRows computing unit, the second InvShiftRows computing unit, the first InvSubBytes computing unit, the second InvSubBytes computing unit, and the first 1 InvMixColumns operation unit, 2nd InvMixColumns operation unit and data holding unit,
The first AddRoundKey computing unit, the second AddRoundKey computing unit, the third AddRoundKey computing unit, the first InvShiftRows computing unit, the second InvShiftRows computing unit, the first InvSubBytes computing unit, and the first 2 InvSubBytes operation unit, the first InvMixColumns operation unit, the second InvMixColumns operation unit and the data holding unit, performing a decoding process in a plurality of clock cycles,
In one clock cycle of the decoding process, the first AddRoundKey arithmetic unit, the second AddRoundKey arithmetic unit, and the third AddRoundKey arithmetic unit are used.
In the clock cycle of the decoding process, which is different from the one clock cycle, any two AddRoundKey arithmetic units are selected from the first AddRoundKey arithmetic unit, the second AddRoundKey arithmetic unit, and the third AddRoundKey arithmetic unit. A cryptographic processing circuit characterized by being used.
前記復号処理の2クロックサイクル目からラウンド数Nr/2 - 1クロックサイクル目では、前記データ保持部の出力を前記第1のAddRoundKey演算部に入力し、前記第1のAddRoundKey演算部の出力を前記第1の前記InvSubBytes演算部に入力し、前記第1の前記InvSubBytes演算部の出力を前記第1のInvShiftRows演算部に入力し、前記第1のInvShiftRows演算部の出力を前記第1のInvMixColumns演算部に入力し、前記第1のInvMixColumns演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記第2のInvSubBytes演算部に入力し、前記第2のInvSubBytes演算部の出力を前記第2のInvShiftRows演算部に入力し、前記第2のInvShiftRows演算部の出力を前記第2のInvMixColumns演算部に入力し、前記第2のInvMixColumns演算部の出力を前記データ保持部に入力し、
前記復号処理のラウンド数Nr/2クロックサイクル目では、前記データ保持部の出力を前記第1のAddRoundKey演算部に入力し、前記第1のAddRoundKey演算部の出力を前記第1のInvSubBytes演算部に入力し、前記第1のInvSubBytes演算部の出力を前記第1のInvShiftRows演算部に入力し、前記第1のInvShiftRows演算部の出力を前記第1のInvMixColumns演算部に入力し、前記第1のInvMixColumns演算部の出力を前記第2のAddRoundKey演算部に入力し、前記第2のAddRoundKey演算部の出力を前記第2のInvSubBytes演算部に入力し、前記第2のInvSubBytes演算部の出力を前記第2のInvShiftRows演算部に入力し、前記第2のInvShiftRows演算部の出力を前記第3のAddRoundKey演算部に入力し、前記第3のAddRoundKey演算部の出力を前記データ保持部に入力することを特徴とする暗号処理回路。 In the first clock cycle of the decryption process, the ciphertext data is input to the first AddRoundKey operation unit, the output of the first AddRoundKey operation unit is input to the first InvSubBytes operation unit, and the first The output of the InvSubBytes calculator is input to the first InvShiftRows calculator, the output of the first InvShiftRows calculator is input to the first InvMixColumns calculator, and the output of the first InvMixColumns calculator is Input to the second AddRoundKey calculation unit, input of the second AddRoundKey calculation unit to the second InvSubBytes calculation unit, input of the output of the second InvSubBytes calculation unit to the second InvShiftRows calculation unit Then, the output of the second InvShiftRows calculator is input to the second InvMixColumns calculator, the output of the second InvMixColumns calculator is input to the data holding unit,
In the round number Nr / 2-1 clock cycle from the second clock cycle of the decoding process, the output of the data holding unit is input to the first AddRoundKey arithmetic unit, and the output of the first AddRoundKey arithmetic unit is Input to the first InvSubBytes arithmetic unit, input the output of the first InvSubBytes arithmetic unit to the first InvShiftRows arithmetic unit, and output the first InvShiftRows arithmetic unit to the first InvMixColumns arithmetic unit , The output of the first InvMixColumns calculator is input to the second AddRoundKey calculator, the output of the second AddRoundKey calculator is input to the second InvSubBytes calculator, and the second The output of the InvSubBytes calculator is input to the second InvShiftRows calculator, the output of the second InvShiftRows calculator is input to the second InvMixColumns calculator, and the output of the second InvMixColumns calculator is the data. Enter in the holding part,
In the round number Nr / 2 clock cycles of the decoding process, the output of the data holding unit is input to the first AddRoundKey calculation unit, and the output of the first AddRoundKey calculation unit is input to the first InvSubBytes calculation unit. Input, the output of the first InvSubBytes operation unit is input to the first InvShiftRows operation unit, the output of the first InvShiftRows operation unit is input to the first InvMixColumns operation unit, the first InvMixColumns The output of the calculation unit is input to the second AddRoundKey calculation unit, the output of the second AddRoundKey calculation unit is input to the second InvSubBytes calculation unit, and the output of the second InvSubBytes calculation unit is input to the second The output of the second InvShiftRows calculator is input to the third AddRoundKey calculator, and the output of the third AddRoundKey calculator is input to the data holding unit. Cryptographic processing circuit.
前記復号処理の開始からのクロックサイクルをカウントし、前記復号処理を行うための制御信号を生成する制御部を有することを特徴とする請求項14又は請求項15に記載の暗号処理回路。 A key expansion unit for generating a RoundKey from the CipherKey, and supplying the generated RoundKey to the first AddRoundKey calculation unit, the second AddRoundKey calculation unit, and the third AddRoundKey calculation unit;
16. The encryption processing circuit according to claim 14, further comprising a control unit that counts clock cycles from the start of the decryption process and generates a control signal for performing the decryption process.
Priority Applications (5)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2008233094A JP5197258B2 (en) | 2007-10-10 | 2008-09-11 | Cryptographic processing circuit |
US12/236,905 US9191197B2 (en) | 2007-10-10 | 2008-09-24 | AES encryption/decryption circuit |
EP08017194.5A EP2048810B1 (en) | 2007-10-10 | 2008-09-30 | AES encryption/decryption circuit |
CN2008101698782A CN101409616B (en) | 2007-10-10 | 2008-10-10 | AES encryption/decryption circuit |
KR1020080099876A KR101047265B1 (en) | 2007-10-10 | 2008-10-10 | AES encryption / decryption circuit |
Applications Claiming Priority (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
JP2007264967 | 2007-10-10 | ||
JP2007264967 | 2007-10-10 | ||
JP2008233094A JP5197258B2 (en) | 2007-10-10 | 2008-09-11 | Cryptographic processing circuit |
Publications (3)
Publication Number | Publication Date |
---|---|
JP2009109988A JP2009109988A (en) | 2009-05-21 |
JP2009109988A5 true JP2009109988A5 (en) | 2011-10-20 |
JP5197258B2 JP5197258B2 (en) | 2013-05-15 |
Family
ID=40572426
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
JP2008233094A Active JP5197258B2 (en) | 2007-10-10 | 2008-09-11 | Cryptographic processing circuit |
Country Status (2)
Country | Link |
---|---|
JP (1) | JP5197258B2 (en) |
CN (1) | CN101409616B (en) |
Families Citing this family (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101969376B (en) * | 2010-09-23 | 2012-06-27 | 北京航空航天大学 | Self-adaptive encryption system and method with semantic security |
CN102185692B (en) * | 2011-04-25 | 2012-07-04 | 北京航空航天大学 | Multimode reconfigurable encryption method based on advanced encryption standard (AES) encryption algorithm |
FR2985624B1 (en) * | 2012-01-11 | 2014-11-21 | Inside Secure | ENCRYPTION METHOD PROTECTED AGAINST AUXILIARY CHANNEL ATTACKS |
CN102801519A (en) * | 2012-07-10 | 2012-11-28 | 记忆科技(深圳)有限公司 | Method and device for implementing AES (Advanced Encryption Standard) enciphering and deciphering |
CN108989018B (en) * | 2018-06-11 | 2021-05-04 | 安徽工程大学 | AES encryption unit, AES encryption circuit and encryption method |
Family Cites Families (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
JP3851115B2 (en) * | 2001-06-28 | 2006-11-29 | 富士通株式会社 | Cryptographic circuit |
WO2003101020A1 (en) * | 2002-05-23 | 2003-12-04 | Atmel Corporation | Advanced encryption standard (aes) hardware cryptographic engine |
GB0214620D0 (en) * | 2002-06-25 | 2002-08-07 | Koninkl Philips Electronics Nv | Round key generation for AES rijndael block cipher |
KR100800468B1 (en) * | 2004-01-29 | 2008-02-01 | 삼성전자주식회사 | Hardware cryptographic engine and method improving power consumption and operation speed |
JP2008040244A (en) * | 2006-08-08 | 2008-02-21 | Mitsubishi Electric Corp | Aes encryption circuit |
CN1921382B (en) * | 2006-09-06 | 2010-05-12 | 华为技术有限公司 | Encrypting-decrypting method based on AES algorithm and encrypting-decrypting device |
JP2008203306A (en) * | 2007-02-16 | 2008-09-04 | Konica Minolta Business Technologies Inc | Encryption processor |
-
2008
- 2008-09-11 JP JP2008233094A patent/JP5197258B2/en active Active
- 2008-10-10 CN CN2008101698782A patent/CN101409616B/en active Active
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11546135B2 (en) | Key sequence generation for cryptographic operations | |
US8724804B2 (en) | Encryption processing apparatus | |
JP5711681B2 (en) | Cryptographic processing device | |
JP2014041382A5 (en) | ||
US9565018B2 (en) | Protecting cryptographic operations using conjugacy class functions | |
RU2008125109A (en) | MULTI-CHANNEL HIGH-SPEED ENCRYPTION AND DECryption | |
US20120307997A1 (en) | Encryption device | |
JP2009109988A5 (en) | ||
JP2010164792A (en) | Cryptographic processing device | |
JP5197258B2 (en) | Cryptographic processing circuit | |
Deshpande et al. | AES encryption engines of many core processor arrays on FPGA by using parallel, pipeline and sequential technique | |
Kaur et al. | FPGA implementation of efficient hardware for the advanced encryption standard | |
JP5182295B2 (en) | Encryption apparatus and encryption processing method | |
JP2014240921A (en) | Encryption device, encryption processing method and encryption processing program | |
JP2008151829A (en) | Encryption operation apparatus | |
Hongsongkiat et al. | AES implementation for RFID Tags: The hardware and software approaches | |
Sasongko et al. | Architecture for the secret-key BC3 cryptography algorithm | |
JP6401804B2 (en) | ENCRYPTION DEVICE, MEMORY DEVICE, HOST DEVICE, AND MEMORY SYSTEM | |
KR102348802B1 (en) | AES encryption and decryption circuit | |
Pyrgas et al. | An 8-bit compact architecture of lesamnta-LW Hash function for constrained devices | |
Wu et al. | Attacking the IV Setup of Stream Cipher LEX | |
JP2008040244A (en) | Aes encryption circuit | |
JP5020115B2 (en) | Encryption device and decryption device | |
KR20180021473A (en) | Encryption device | |
JP6292107B2 (en) | Cryptographic processing apparatus, cryptographic processing method, and program |