CN109831293B - Decryption method and system based on Aes algorithm - Google Patents
Decryption method and system based on Aes algorithm Download PDFInfo
- Publication number
- CN109831293B CN109831293B CN201711183063.5A CN201711183063A CN109831293B CN 109831293 B CN109831293 B CN 109831293B CN 201711183063 A CN201711183063 A CN 201711183063A CN 109831293 B CN109831293 B CN 109831293B
- Authority
- CN
- China
- Prior art keywords
- authentication tag
- initial vector
- plaintext
- ciphertext
- authentication
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides a decryption method and a decryption system based on an Aes algorithm, wherein the method comprises the following steps: receiving the ciphertext to obtain a corresponding original authentication tag and a key index; adding a standby initial vector memory, calling an initial vector corresponding to the key index of the current ciphertext, updating the initial vector according to the Aes protocol rule, and storing the updated initial vector in the standby initial vector memory to form a corresponding standby initial vector; according to the same Aes protocol operation logic, respectively obtaining a first plaintext and a second plaintext corresponding to the current ciphertext according to the obtained parameters, and respectively obtaining a first authentication tag and a second authentication tag corresponding to the first plaintext and the second plaintext; and confirming an output decryption result according to the corresponding relation among the first authentication label, the second authentication label and the original authentication label. The invention can ensure that the back-to-back messages to be decrypted with the same key index can be correctly decrypted, reduces the discarding probability in the decryption process of the messages, and does not influence the bandwidth of a chip while ensuring the security of network messages.
Description
Technical Field
The invention relates to the field of network communication, in particular to a decryption method and a decryption system based on an Aes algorithm.
Background
Aes (advanced Encryption standard) advanced data Encryption standard is a symmetric block cipher algorithm published by the national institute of standards and technology in 2001 in FIPS PUB 197. An ethernet switching chip needs to perform encryption and decryption calculation on an input message according to an AEs algorithm in an 802.1AE protocol to ensure information security, the algorithm performs packet operation on information with 128 bits (16 bytes), when a ciphertext (ciphertext text) is decrypted by the AEs algorithm, corresponding data is taken from ivInfo (Initial Vector memory) at the time of a sop (Start of packet), namely when the message starts to be sent, and iv (Initial Vector) is calculated, and when eop (End of packet) is judged that the message ends, a correct icv (Integrity Check Value) is calculated and compared with an authentication tag carried by the message to determine whether the current message is decrypted correctly, and if the current message is decrypted correctly, the ivInfo table entry is updated.
In the logic implementation of the Aes algorithm, in view of the provisions of the Aes protocol, only 16 bytes of ciphertext can be calculated in each clock cycle, and in the case of a relatively large packet length, if the decryption of the next packet is completed after the decryption of one packet, this is not preferable today with higher and higher ethernet speed requirements. Generally, to ensure high bandwidth, a pipeline mode is adopted for implementation; when a pipeline operation is used, special situations occur, when two back-to-back messages with the same key index need to be decrypted, a first message obtains a corresponding initial vector according to the key index, and calculates to obtain a corresponding authentication tag at eop, if eop of the first packet does not yet arrive, a second packet already starts to enter the pipeline for decryption, at this time, the second packet needs to obtain its initial vector at sop, and the authentication tag calculation of the current first packet is not yet completed, so the initial vector obtained by the second packet is an old value, at this time, decryption of the second packet is in error, and the second packet coming back-to-back is discarded.
Disclosure of Invention
The invention aims to provide a decryption method and a decryption system based on an Aes algorithm.
In order to achieve one of the above objects, an Aes algorithm-based decryption method according to an embodiment of the present invention includes: receiving the ciphertext, and acquiring an original authentication tag carried by the ciphertext and a corresponding key index;
at the sop moment of the current ciphertext, correspondingly searching an initial vector memory by using the key index of the current ciphertext to obtain an initial vector corresponding to the current ciphertext;
copying the initial vector memory by a copying decryption engine to form a standby initial vector memory, calling an initial vector corresponding to the key index of the current ciphertext, updating the initial vector according to the Aes protocol rule, and storing the updated initial vector to the address of the standby initial vector memory corresponding to the key index so as to form a corresponding standby initial vector in the standby initial vector memory;
respectively calling an initial vector and a standby initial vector corresponding to the current ciphertext, obtaining a first plaintext corresponding to the current ciphertext according to the obtained key index and the initial vector and obtaining a second plaintext corresponding to the current ciphertext according to the obtained key index and the standby initial vector according to the same Aes protocol operation logic;
respectively obtaining a first authentication tag and a second authentication tag corresponding to the first plaintext and the second plaintext according to the obtained first plaintext and the obtained second plaintext;
and confirming an output decryption result according to the corresponding relation among the first authentication label, the second authentication label and the original authentication label.
As a further improvement of one embodiment of the present invention, "call an initial vector corresponding to a current ciphertext, update the initial vector according to the Aes protocol rule, and store the initial vector in the spare initial vector memory, so as to form a corresponding spare initial vector in the spare initial vector memory; the method specifically comprises the following steps:
judging whether a preset operation condition is met, if so, interchanging high and low bits of initial variables of preset storage positions in an initial vector memory according to an Aes protocol rule, or accumulating the initial variables of the preset storage positions to form a standby initial vector to be stored in the standby initial vector memory;
if not, the bit of the initial variable of the preset storage position in the initial vector memory is reset to zero to form a spare initial vector to be stored in the spare initial vector memory.
As a further improvement of the embodiment of the present invention, "confirming the output decryption result according to the correspondence relationship between the first authentication tag, the second authentication tag, and the original authentication tag" specifically includes:
if the first authentication tag is different from the second authentication tag and one of the first authentication tag and the second authentication tag is the same as the original authentication tag, acquiring a plaintext corresponding to the authentication tag which is the same as the original authentication tag and outputting the plaintext;
the authentication tag is a first authentication tag or a second authentication tag;
the plaintext is the first plaintext or the second plaintext.
As a further improvement of the embodiment of the present invention, "confirming the output decryption result according to the correspondence relationship between the first authentication tag, the second authentication tag, and the original authentication tag" specifically includes:
if the first authentication tag, the second authentication tag and the original authentication tag are the same, acquiring a plaintext corresponding to any authentication tag and outputting the plaintext;
the authentication tag is a first authentication tag or a second authentication tag;
the plaintext is the first plaintext or the second plaintext.
As a further improvement of the embodiment of the present invention, "confirming the output decryption result according to the correspondence relationship between the first authentication tag, the second authentication tag, and the original authentication tag" specifically includes:
and if any one of the first authentication tag and the second authentication tag is different from the original authentication tag, judging that the ciphertext sent by the preceding-stage module is wrong and cannot be decrypted correctly, and discarding the current ciphertext.
In order to achieve the above object, according to another embodiment of the present invention, a decryption system based on an Aes algorithm includes: the acquisition module is used for receiving the ciphertext and acquiring an original authentication tag carried by the ciphertext and a corresponding key index;
the analysis module is used for respectively calling an initial vector and a standby initial vector corresponding to the current ciphertext, copying the initial vector memory through the copy decryption engine to form a standby initial vector memory, calling the initial vector corresponding to the key index of the current ciphertext, updating the initial vector according to the Aes protocol rule, and storing the updated initial vector to the address of the key index corresponding to the standby initial vector memory so as to form the corresponding standby initial vector in the standby initial vector memory;
the decryption module is used for respectively acquiring an initial vector and a standby initial vector corresponding to the current ciphertext according to the key index carried by the current ciphertext at the time eop of the current ciphertext;
according to the same Aes protocol operation logic, obtaining a first plaintext corresponding to the current ciphertext according to the obtained key index and the initial vector, and obtaining a second plaintext corresponding to the current ciphertext according to the obtained key index and the standby initial vector;
respectively obtaining a first authentication tag and a second authentication tag corresponding to the first plaintext and the second plaintext according to the obtained first plaintext and the obtained second plaintext;
and the output module is used for confirming the output decryption result according to the corresponding relation among the first authentication label, the second authentication label and the original authentication label.
As a further improvement of an embodiment of the present invention, the parsing module is specifically configured to: judging whether a preset operation condition is met, if so, interchanging high and low bits of initial variables of preset storage positions in an initial vector memory according to an Aes protocol rule, or accumulating the initial variables of the preset storage positions to form a standby initial vector to be stored in the standby initial vector memory;
if not, the bit of the initial variable of the preset storage position in the initial vector memory is reset to zero to form a spare initial vector to be stored in the spare initial vector memory.
As a further improvement of an embodiment of the present invention, the output module is specifically configured to: if the first authentication tag is different from the second authentication tag and one of the first authentication tag and the second authentication tag is the same as the original authentication tag, acquiring a plaintext corresponding to the authentication tag which is the same as the original authentication tag and outputting the plaintext;
the authentication tag is a first authentication tag or a second authentication tag;
the plaintext is the first plaintext or the second plaintext.
As a further improvement of an embodiment of the present invention, the output module is specifically configured to: if the first authentication tag, the second authentication tag and the original authentication tag are the same, acquiring a plaintext corresponding to any authentication tag and outputting the plaintext;
the authentication tag is a first authentication tag or a second authentication tag;
the plaintext is the first plaintext or the second plaintext.
As a further improvement of an embodiment of the present invention, the output module is specifically configured to: and if any one of the first authentication tag and the second authentication tag is different from the original authentication tag, judging that the ciphertext sent by the preceding-stage module is wrong and cannot be decrypted correctly, and discarding the current ciphertext.
Compared with the prior art, the invention has the beneficial effects that: the decryption method and the decryption system based on the Aes algorithm are based on the Aes algorithm protocol, and the standby initial vector memory is added, so that the back-to-back messages to be decrypted with the same key indexes can be correctly decrypted, the discarding probability in the decryption process of the messages is reduced, and the chip bandwidth is not influenced while the security of the network messages is ensured.
Drawings
FIG. 1 is a flow chart of a decryption method based on the Aes algorithm according to an embodiment of the present invention;
fig. 2A and 2B are schematic structural diagrams of a specific example of applying the decryption method based on the Aes algorithm according to the present invention;
fig. 3 is a block diagram of a decryption system based on the Aes algorithm according to an embodiment of the present invention.
Detailed Description
The present invention will be described in detail below with reference to specific embodiments shown in the drawings. These embodiments are not intended to limit the present invention, and structural, methodological, or functional changes made by those skilled in the art according to these embodiments are included in the scope of the present invention.
As shown in fig. 1, in an embodiment of the present invention, a decryption method based on an Aes algorithm includes:
and S1, receiving the ciphertext, and acquiring the original authentication tag carried by the ciphertext and the corresponding key index.
After the message is sent, each ciphertext in the message is sequentially obtained, and each message is respectively analyzed to obtain an original authentication tag and a corresponding key index which are correspondingly carried by each ciphertext.
S2, at the sop moment of the current ciphertext, correspondingly searching an initial vector memory by the key index of the current ciphertext to obtain an initial vector corresponding to the current ciphertext;
copying the initial vector memory by a copying decryption engine to form a standby initial vector memory, calling the initial vector corresponding to the key index of the current ciphertext, updating the initial vector according to the Aes protocol rule, and storing the updated initial vector to the address of the key index corresponding to the standby initial vector memory so as to form the corresponding standby initial vector in the standby initial vector memory.
The initial vector memory, whose english is abbreviated as ivInfo, is used to store the initial vector needed in the ciphertext decryption process, whose english is abbreviated as iv, and is usually updated once after each ciphertext decryption is completed, so as to facilitate the next ciphertext to be called. In a preferred embodiment of the present invention, a spare initial vector memory is added, and the spare initial vector memory performs data updating when the current ciphertext is decrypted, so as to ensure correct decryption of the ciphertext, which will be described in detail below.
In the embodiment of the invention, the standby initial vector required to be stored in the standby memory is obtained according to the initial vector in the initial vector memory by judging the operation condition.
Specifically, whether preset operation conditions are met is judged, if yes, high and low bits of initial variables of preset storage positions in an initial vector memory are exchanged according to an Aes protocol rule, or the initial variables of the preset storage positions are accumulated to form a standby initial vector to be stored in the standby initial vector memory; if not, the bit of the initial variable of the preset storage position in the initial vector memory is reset to zero to form a spare initial vector to be stored in the spare initial vector memory.
In the invention, after the decryption of the current ciphertext is finished, the original initial variable register is updated according to the operation condition preset by the system, and the initial variable register is updated in advance to the moment when the transmission of the current ciphertext starts, namely, the initial variable register is updated in a mode of adding a standby initial vector register, so that the correct decryption of the ciphertext is ensured.
S3, respectively calling an initial vector and a standby initial vector corresponding to the current ciphertext, obtaining a first plaintext corresponding to the current ciphertext according to the obtained key index and the initial vector and obtaining a second plaintext corresponding to the current ciphertext according to the obtained key index and the standby initial vector according to the same Aes protocol operation logic;
respectively obtaining a first authentication tag and a second authentication tag corresponding to the first plaintext and the second plaintext according to the obtained first plaintext and the obtained second plaintext; in the implementation process of the invention, the current same ciphertext is decrypted simultaneously through two processes.
Specifically, as shown in fig. 2A, the two processes are respectively represented by process 1 and process 2.
For the process 1, the ciphertext is decrypted according to the existing flow; specifically, after the key index corresponding to the current ciphertext is obtained, the key storage can be searched according to the key index to obtain the key corresponding to the current ciphertext and send the key to the decryption processing unit 1; meanwhile, an initial vector memory is searched through a key index corresponding to the current ciphertext to obtain an initial vector corresponding to the current ciphertext, and the initial vector is sent to the decryption processing part 1; after the decryption processing part 1 receives the key and the initial vector corresponding to the current ciphertext, decrypting the current ciphertext according to the Aes protocol operation rule to obtain a plaintext corresponding to the current ciphertext, and representing the plaintext obtained through the process 1 by a first plaintext in order to distinguish the process 2; further, at time eop, process 1 parses a corresponding authentication tag from the obtained first plaintext corresponding to the current ciphertext, and the authentication tag obtained by process 1 is represented by the first authentication tag for distinguishing process 2.
For the process 2, the ciphertext is decrypted according to the existing flow; it differs from the process in that the initial vector of calls is different. Specifically, after the key index corresponding to the current ciphertext is obtained, the key storage can be searched according to the key index to obtain the key corresponding to the current ciphertext and send the key to the decryption processing unit 2; meanwhile, a standby initial vector memory is searched through a key index corresponding to the current ciphertext to obtain a standby initial vector corresponding to the current ciphertext, and the standby initial vector is sent to the decryption processing part 2; after the decryption processing part 2 receives the key corresponding to the current ciphertext and the standby initial vector, decrypting the current ciphertext according to the Aes protocol operation rule to obtain a plaintext corresponding to the current ciphertext, and representing the plaintext obtained through the process 2 by using a second plaintext in order to distinguish the process 1; further, at time eop, process 2 parses a corresponding authentication tag from the obtained second plaintext corresponding to the current ciphertext, and the authentication tag obtained by process 2 is represented by the second authentication tag for distinguishing process 1.
It should be noted that, for process 1 and process 2, corresponding to the same ciphertext, the obtained keys are the same; therefore, in the processing process, the key corresponding to the current ciphertext can be obtained by inquiring the key storage once, so that the two processes can use the key simultaneously. The decryption processing part 1 and the decryption processing part 2 decrypt the ciphertext by adopting the identical Aes protocol operation logic, so that the correct processing result is output after the ciphertext is correctly decrypted.
Further, the method further comprises: s4, confirming the output decryption result according to the corresponding relation of the first authentication label, the second authentication label and the original authentication label.
In a specific embodiment of the present invention, if a first authentication tag is different from a second authentication tag, and one of the first authentication tag and the second authentication tag is the same as the original authentication tag, a plaintext corresponding to the authentication tag that is the same as the original authentication tag is obtained and output; the authentication tag is a first authentication tag or a second authentication tag; the plaintext is the first plaintext or the second plaintext.
If the first authentication tag, the second authentication tag and the original authentication tag are the same, acquiring a plaintext corresponding to any authentication tag and outputting the plaintext; the authentication tag is a first authentication tag or a second authentication tag; the plaintext is the first plaintext or the second plaintext. In this case, it is described that the decryption is error-free, the calculation logic of the spare initial vector does not function, and it is not necessary to perform a logic operation on the initial vector to obtain the spare initial vector.
If any one of the first authentication tag and the second authentication tag is different from the original authentication tag, judging that the ciphertext sent by the preceding-stage module is wrong and cannot be decrypted correctly, and discarding the current ciphertext; in this state, if the first authentication tag is the same as the second authentication tag, it indicates that the ciphertext sent by the preceding-stage module is incorrect and cannot be decrypted correctly; and if the first authentication tag is different from the second authentication tag, indicating that both the process 1 and the process 2 have errors.
Referring to fig. 2B, the plaintext information that is finally output is determined or the ciphertext is discarded by comparing the first authentication tag, the second authentication tag, and the original authentication tag, which is not described herein again.
Referring to fig. 3, in an embodiment of the present invention, a decryption system based on the Aes algorithm includes: the system comprises an acquisition module 100, a parsing module 200, a decryption module 300 and an output module 400.
The obtaining module 100 is configured to receive the ciphertext, and obtain an original authentication tag and a corresponding key index that are carried by the ciphertext. After the message starts to be sent, the obtaining module 100 obtains each ciphertext in the message in sequence, and analyzes each message respectively to obtain an original authentication tag and a corresponding key index carried by each ciphertext correspondingly.
The parsing module 200 is configured to, at the sop time of the current ciphertext, correspondingly search the initial vector memory by using the key index of the current ciphertext to obtain an initial vector corresponding to the current ciphertext; copying the initial vector memory by a copying decryption engine to form a standby initial vector memory, calling the initial vector corresponding to the key index of the current ciphertext, updating the initial vector according to the Aes protocol rule, and storing the updated initial vector to the address of the key index corresponding to the standby initial vector memory so as to form the corresponding standby initial vector in the standby initial vector memory.
The initial vector memory, whose english is abbreviated as ivInfo, is used to store the initial vector needed in the ciphertext decryption process, whose english is abbreviated as iv, and is usually updated once after each ciphertext decryption is completed, so as to facilitate the next ciphertext to be called. In a preferred embodiment of the present invention, a spare initial vector memory is added, and the spare initial vector memory performs data updating when the current ciphertext is decrypted, so as to ensure correct decryption of the ciphertext, which will be described in detail below.
In the embodiment of the present invention, the parsing module 200 obtains the spare initial vector to be stored in the spare memory according to the initial vector in the initial vector memory by determining the operation condition.
Specifically, the analysis module 200 judges whether a preset operation condition is met, and if so, interchanges high and low bits of initial variables of preset storage positions in an initial vector memory according to the Aes protocol rule, or accumulates the initial variables of the preset storage positions to form a standby initial vector to be stored in the standby initial vector memory; if not, the bit of the initial variable of the preset storage position in the initial vector memory is reset to zero to form a spare initial vector to be stored in the spare initial vector memory.
In the invention, after the decryption of the current ciphertext is finished, the original initial variable register is updated according to the operation condition preset by the system, and the initial variable register is updated in advance to the moment when the transmission of the current ciphertext starts, namely, the initial variable register is updated in a mode of adding a standby initial vector register, so that the correct decryption of the ciphertext is ensured.
The decryption module 300 is configured to respectively invoke an initial vector and a standby initial vector corresponding to a current ciphertext, and respectively obtain a corresponding first authentication tag and a corresponding second authentication tag according to the same Aes protocol operation logic; and according to the same Aes protocol operation logic, respectively obtaining a first plaintext corresponding to the first authentication tag and a second plaintext corresponding to the second authentication tag from the current ciphertext.
In the implementation process of the invention, the current same ciphertext is decrypted simultaneously through two processes.
Specifically, as shown in fig. 2A, the two processes are respectively represented by process 1 and process 2.
For process 1, the decryption module 300 decrypts the ciphertext according to the existing flow; specifically, after the key index corresponding to the current ciphertext is obtained, the key storage can be searched according to the key index to obtain the key corresponding to the current ciphertext and send the key to the decryption processing unit 1; meanwhile, an initial vector memory is searched through a key index corresponding to the current ciphertext to obtain an initial vector corresponding to the current ciphertext, and the initial vector is sent to the decryption processing part 1; after the decryption processing part 1 receives the key and the initial vector corresponding to the current ciphertext, decrypting the current ciphertext according to the Aes protocol operation rule to obtain a plaintext corresponding to the current ciphertext, and representing the plaintext obtained through the process 1 by a first plaintext in order to distinguish the process 2; further, at time eop, process 1 parses out a corresponding authentication tag corresponding to the current ciphertext, and to distinguish process 2, the authentication tag obtained by process 1 is represented by the first authentication tag.
For the process 2, the decryption module 300 decrypts the ciphertext according to the existing flow; it differs from the process in that the initial vector of calls is different. Specifically, after the key index corresponding to the current ciphertext is obtained, the key storage can be searched according to the key index to obtain the key corresponding to the current ciphertext and send the key to the decryption processing unit 2; meanwhile, a standby initial vector memory is searched through a key index corresponding to the current ciphertext to obtain a standby initial vector corresponding to the current ciphertext, and the standby initial vector is sent to the decryption processing part 2; after the decryption processing part 2 receives the key corresponding to the current ciphertext and the standby initial vector, decrypting the current ciphertext according to the Aes protocol operation rule to obtain a plaintext corresponding to the current ciphertext, and representing the plaintext obtained through the process 2 by using a second plaintext in order to distinguish the process 1; further, at time eop, process 2 parses out a corresponding authentication tag corresponding to the current ciphertext, and to distinguish process 1, the authentication tag obtained by process 2 is represented by a second authentication tag.
It should be noted that, for process 1 and process 2, corresponding to the same ciphertext, the obtained keys are the same; therefore, in the processing process, the key corresponding to the current ciphertext can be obtained by inquiring the key storage once, so that the two processes can use the key simultaneously. The decryption processing part 1 and the decryption processing part 2 decrypt the ciphertext by adopting the identical Aes protocol operation logic, so that the correct processing result is output after the ciphertext is correctly decrypted.
The output module 400 is configured to confirm the output decryption result according to the corresponding relationship between the first authentication tag, the second authentication tag, and the original authentication tag.
In a specific embodiment of the present invention, if a first authentication tag is different from a second authentication tag, and one of the first authentication tag and the second authentication tag is the same as the original authentication tag, a plaintext corresponding to the authentication tag that is the same as the original authentication tag is obtained and output; the authentication tag is a first authentication tag or a second authentication tag; the plaintext is the first plaintext or the second plaintext.
If the first authentication tag, the second authentication tag and the original authentication tag are the same, acquiring a plaintext corresponding to any authentication tag and outputting the plaintext; the authentication tag is a first authentication tag or a second authentication tag; the plaintext is the first plaintext or the second plaintext. In this case, it is described that the decryption is error-free, the calculation logic of the spare initial vector does not function, and it is not necessary to perform a logic operation on the initial vector to obtain the spare initial vector.
If any one of the first authentication tag and the second authentication tag is different from the original authentication tag, judging that the ciphertext sent by the preceding-stage module is wrong and cannot be decrypted correctly, and discarding the current ciphertext; in this state, if the first authentication tag is the same as the second authentication tag, it indicates that the ciphertext sent by the preceding-stage module is incorrect and cannot be decrypted correctly; and if the first authentication tag is different from the second authentication tag, indicating that both the process 1 and the process 2 have errors.
Referring to fig. 2B, the plaintext information that is finally output is determined or the ciphertext is discarded by comparing the first authentication tag, the second authentication tag, and the original authentication tag, which is not described herein again.
In summary, the decryption method and system based on the Aes algorithm of the present invention, based on the Aes algorithm protocol, can enable both the back-to-back messages to be decrypted with the same key index to be correctly decrypted by adding the standby initial vector memory, reduce the discarding probability in the decryption process of the messages, and not affect the chip bandwidth while ensuring the security of the network messages.
For convenience of description, the above devices are described as being divided into various modules by functions, and are described separately. Of course, the functionality of the various modules may be implemented in the same one or more software and/or hardware implementations of the invention.
The above-described embodiments of the apparatus are merely illustrative, and the modules described as separate parts may or may not be physically separate, and the parts displayed as modules may or may not be physical modules, may be located in one place, or may be distributed on a plurality of network modules. Some or all of the modules may be selected according to actual needs to achieve the purpose of the embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.
It should be understood that although the present description refers to embodiments, not every embodiment contains only a single technical solution, and such description is for clarity only, and those skilled in the art should make the description as a whole, and the technical solutions in the embodiments can also be combined appropriately to form other embodiments understood by those skilled in the art.
The above-listed detailed description is only a specific description of a possible embodiment of the present invention, and they are not intended to limit the scope of the present invention, and equivalent embodiments or modifications made without departing from the technical spirit of the present invention should be included in the scope of the present invention.
Claims (10)
1. A decryption method based on an Aes algorithm, characterized in that the method comprises:
receiving the ciphertext, and acquiring an original authentication tag carried by the ciphertext and a corresponding key index;
at the sop moment of the current ciphertext, correspondingly searching an initial vector memory by using the key index of the current ciphertext to obtain an initial vector corresponding to the current ciphertext;
copying the initial vector memory by a copying decryption engine to form a standby initial vector memory, calling an initial vector corresponding to the key index of the current ciphertext, updating the initial vector according to the Aes protocol rule, and storing the updated initial vector to the address of the standby initial vector memory corresponding to the key index so as to form a corresponding standby initial vector in the standby initial vector memory;
respectively calling an initial vector and a standby initial vector corresponding to the current ciphertext, obtaining a first plaintext corresponding to the current ciphertext according to the obtained key index and the initial vector and obtaining a second plaintext corresponding to the current ciphertext according to the obtained key index and the standby initial vector according to the same Aes protocol operation logic;
respectively obtaining a first authentication tag and a second authentication tag corresponding to the first plaintext and the second plaintext according to the obtained first plaintext and the obtained second plaintext;
and confirming an output decryption result according to the corresponding relation among the first authentication label, the second authentication label and the original authentication label.
2. The Aes algorithm-based decryption method according to claim 1, wherein the step of retrieving the initial vector corresponding to the current ciphertext, updating the initial vector according to the Aes protocol rule, and storing the updated initial vector in the spare initial vector memory to form a corresponding spare initial vector in the spare initial vector memory specifically comprises:
judging whether a preset operation condition is met, if so, interchanging high and low bits of initial variables of preset storage positions in an initial vector memory according to an Aes protocol rule, or accumulating the initial variables of the preset storage positions to form a standby initial vector to be stored in the standby initial vector memory;
if not, the bit of the initial variable of the preset storage position in the initial vector memory is reset to zero to form a spare initial vector to be stored in the spare initial vector memory.
3. The Aes algorithm-based decryption method according to claim 1, wherein confirming the output decryption result according to the correspondence between the first authentication tag, the second authentication tag, and the original authentication tag specifically includes:
if the first authentication tag is different from the second authentication tag and one of the first authentication tag and the second authentication tag is the same as the original authentication tag, acquiring a plaintext corresponding to the authentication tag which is the same as the original authentication tag and outputting the plaintext;
the authentication tag is a first authentication tag or a second authentication tag;
the plaintext is the first plaintext or the second plaintext.
4. The Aes algorithm-based decryption method according to claim 1, wherein confirming the output decryption result according to the correspondence between the first authentication tag, the second authentication tag, and the original authentication tag specifically includes:
if the first authentication tag, the second authentication tag and the original authentication tag are the same, acquiring a plaintext corresponding to any authentication tag and outputting the plaintext;
the authentication tag is a first authentication tag or a second authentication tag;
the plaintext is the first plaintext or the second plaintext.
5. The Aes algorithm-based decryption method according to claim 1, wherein confirming the output decryption result according to the correspondence between the first authentication tag, the second authentication tag, and the original authentication tag specifically includes:
and if any one of the first authentication tag and the second authentication tag is different from the original authentication tag, judging that the ciphertext sent by the preceding-stage module is wrong and cannot be decrypted correctly, and discarding the current ciphertext.
6. An Aes algorithm based decryption system, the system comprising:
the acquisition module is used for receiving the ciphertext and acquiring an original authentication tag carried by the ciphertext and a corresponding key index;
the analysis module is used for correspondingly searching the initial vector memory by the key index of the current ciphertext at the sop moment of the current ciphertext to acquire the initial vector corresponding to the current ciphertext;
copying the initial vector memory by a copying decryption engine to form a standby initial vector memory, calling an initial vector corresponding to the key index of the current ciphertext, updating the initial vector according to the Aes protocol rule, and storing the updated initial vector to the address of the standby initial vector memory corresponding to the key index so as to form a corresponding standby initial vector in the standby initial vector memory;
the decryption module is used for respectively calling an initial vector and a standby initial vector corresponding to the current ciphertext, obtaining a first plaintext corresponding to the current ciphertext according to the obtained key index and the initial vector and obtaining a second plaintext corresponding to the current ciphertext according to the obtained key index and the standby initial vector according to the same Aes protocol operation logic;
respectively obtaining a first authentication tag and a second authentication tag corresponding to the first plaintext and the second plaintext according to the obtained first plaintext and the obtained second plaintext;
and the output module is used for confirming the output decryption result according to the corresponding relation among the first authentication label, the second authentication label and the original authentication label.
7. The Aes algorithm-based decryption system of claim 6,
the analysis module is specifically configured to: judging whether a preset operation condition is met, if so, interchanging high and low bits of initial variables of preset storage positions in an initial vector memory according to an Aes protocol rule, or accumulating the initial variables of the preset storage positions to form a standby initial vector to be stored in the standby initial vector memory;
if not, the bit of the initial variable of the preset storage position in the initial vector memory is reset to zero to form a spare initial vector to be stored in the spare initial vector memory.
8. The Aes algorithm-based decryption system of claim 6,
the output module is specifically configured to: if the first authentication tag is different from the second authentication tag and one of the first authentication tag and the second authentication tag is the same as the original authentication tag, acquiring a plaintext corresponding to the authentication tag which is the same as the original authentication tag and outputting the plaintext;
the authentication tag is a first authentication tag or a second authentication tag;
the plaintext is the first plaintext or the second plaintext.
9. The Aes algorithm-based decryption system of claim 6,
the output module is specifically configured to: if the first authentication tag, the second authentication tag and the original authentication tag are the same, acquiring a plaintext corresponding to any authentication tag and outputting the plaintext;
the authentication tag is a first authentication tag or a second authentication tag;
the plaintext is the first plaintext or the second plaintext.
10. The Aes algorithm-based decryption system of claim 6,
the output module is specifically configured to: and if any one of the first authentication tag and the second authentication tag is different from the original authentication tag, judging that the ciphertext sent by the preceding-stage module is wrong and cannot be decrypted correctly, and discarding the current ciphertext.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711183063.5A CN109831293B (en) | 2017-11-23 | 2017-11-23 | Decryption method and system based on Aes algorithm |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711183063.5A CN109831293B (en) | 2017-11-23 | 2017-11-23 | Decryption method and system based on Aes algorithm |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN109831293A CN109831293A (en) | 2019-05-31 |
| CN109831293B true CN109831293B (en) | 2022-04-15 |
Family
ID=66859379
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711183063.5A Active CN109831293B (en) | 2017-11-23 | 2017-11-23 | Decryption method and system based on Aes algorithm |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109831293B (en) |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| GB2443244A (en) * | 2006-10-05 | 2008-04-30 | Hewlett Packard Development Co | Authenticated Encryption Method and Apparatus |
| CN101827107A (en) * | 2010-05-11 | 2010-09-08 | 南京大学 | IEEE802.1AE protocol-based GCM high-speed encryption and decryption equipment |
| US9208335B2 (en) * | 2013-09-17 | 2015-12-08 | Auburn University | Space-time separated and jointly evolving relationship-based network access and data protection system |
| CN105227298B (en) * | 2015-09-30 | 2018-02-16 | 大连理工大学 | Intelligent substation message safe transmission implementation method based on modified GCM |
-
2017
- 2017-11-23 CN CN201711183063.5A patent/CN109831293B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN109831293A (en) | 2019-05-31 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP2863613A1 (en) | Method using mobile terminal to implement cloud searching | |
| CN110336661B (en) | AES-GCM data processing method, device, electronic equipment and storage medium | |
| CN113507483B (en) | Instant messaging method, device, server and storage medium | |
| CN112600838B (en) | CAN bus data encryption method and device, storage medium and electronic equipment | |
| WO2021244489A1 (en) | Method and apparatus for transmitting encryption control overhead in optical transport network | |
| CN106357393A (en) | Safe data transmission method and device | |
| CN108270739A (en) | A kind of method and device of managing encrypted information | |
| CN102932141A (en) | Order-preserving method and system for encrypting and decrypting messages by multiple encryption and decryption chips in parallel | |
| CN112948867A (en) | Method and device for generating and decrypting encrypted message and electronic equipment | |
| CN113434474A (en) | Flow auditing method, equipment and storage medium based on federal learning | |
| CN113949561B (en) | Inter-station secure communication method, device and medium of secure controller | |
| CN111901126B (en) | Method for avoiding time consumption of decryption and signature verification module based on V2X protocol stack network layer | |
| CN109831293B (en) | Decryption method and system based on Aes algorithm | |
| CN112667586B (en) | Method, system, equipment and medium for synchronizing data based on stream processing | |
| CN111431706B (en) | Method, system and equipment for improving SM4 algorithm speed by using FPGA logic | |
| CN113489589A (en) | Data encryption and decryption method and device and electronic equipment | |
| US10021074B2 (en) | Encrypting method and decrypting method of security short message and receiving apparatus for receiving security short message | |
| CN113055535A (en) | Method and system for generating 5G end-to-end call ticket | |
| CN111262837A (en) | Data encryption method, data decryption method, system, equipment and medium | |
| CN108777601B (en) | A clock synchronization method, device and network equipment | |
| CN109150510B (en) | Method and equipment for obtaining symmetric key | |
| CN114513312B (en) | Data transmission method and device and electronic equipment | |
| CN118018329B (en) | Data communication method and device, transmitting end equipment and receiving end equipment | |
| CN117499040B (en) | Video stream encrypting and decrypting device, method, equipment and medium | |
| CN116383803B (en) | Data processing method, device, computer equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| CB02 | Change of applicant information | ||
| CB02 | Change of applicant information |
Address after: 215000 unit 13 / 16, 4th floor, building B, No.5 Xinghan street, Suzhou Industrial Park, Jiangsu Province Applicant after: Suzhou Shengke Communication Co.,Ltd. Address before: Xinghan Street Industrial Park of Suzhou city in Jiangsu province 215021 B No. 5 Building 4 floor 13/16 unit Applicant before: CENTEC NETWORKS (SU ZHOU) Co.,Ltd. |
|
| GR01 | Patent grant | ||
| GR01 | Patent grant |