[go: up one dir, main page]

CN114510450B - Accelerated calculation method, device and array unit operator system for encryption algorithm - Google Patents

Accelerated calculation method, device and array unit operator system for encryption algorithm Download PDF

Info

Publication number
CN114510450B
CN114510450B CN202110575856.1A CN202110575856A CN114510450B CN 114510450 B CN114510450 B CN 114510450B CN 202110575856 A CN202110575856 A CN 202110575856A CN 114510450 B CN114510450 B CN 114510450B
Authority
CN
China
Prior art keywords
operator
calculation
encryption
encryption algorithm
operators
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202110575856.1A
Other languages
Chinese (zh)
Other versions
CN114510450A (en
Inventor
朱敏
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Wuxi Muchuang Integrated Circuit Design Co ltd
Original Assignee
Wuxi Muchuang Integrated Circuit Design Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Wuxi Muchuang Integrated Circuit Design Co ltd filed Critical Wuxi Muchuang Integrated Circuit Design Co ltd
Priority to CN202110575856.1A priority Critical patent/CN114510450B/en
Publication of CN114510450A publication Critical patent/CN114510450A/en
Application granted granted Critical
Publication of CN114510450B publication Critical patent/CN114510450B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/76Architectures of general purpose stored program computers
    • G06F15/78Architectures of general purpose stored program computers comprising a single central processing unit
    • G06F15/7867Architectures of general purpose stored program computers comprising a single central processing unit with reconfigurable architecture
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/38Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation
    • G06F7/48Methods or arrangements for performing computations using exclusively denominational number representation, e.g. using binary, ternary, decimal representation using non-contact-making devices, e.g. tube, solid state device; using unspecified devices
    • G06F7/57Arithmetic logic units [ALU], i.e. arrangements or devices for performing two or more of the operations covered by groups G06F7/483 – G06F7/556 or for performing logical operations
    • G06F7/575Basic arithmetic logic units, i.e. devices selectable to perform either addition, subtraction or one of several logical operations, using, at least partially, the same circuitry
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
    • G06F7/723Modular exponentiation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/60Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers
    • G06F7/72Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic
    • G06F7/728Methods or arrangements for performing computations using a digital non-denominational number representation, i.e. number representation without radix; Computing devices using combinations of denominational and non-denominational quantity representations, e.g. using difunction pulse trains, STEELE computers, phase computers using residue arithmetic using Montgomery reduction

Landscapes

  • Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Theoretical Computer Science (AREA)
  • Mathematical Analysis (AREA)
  • Pure & Applied Mathematics (AREA)
  • Mathematical Optimization (AREA)
  • Computational Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Computer Hardware Design (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides an acceleration computing method, an acceleration computing device and an array unit subsystem of an encryption algorithm, which relate to the technical field of encryption, and are applied to a reconfigurable computing array; the reconfigurable computing array includes a plurality of operators; the method comprises the following steps: determining an operator calculation period according to a preset processing time sequence; presetting a processing time sequence for determining a calculation process of an operator; determining an array unit based on the number of input bytes of the encryption algorithm; in the operator calculation period, operator dynamic calculation is performed based on the array unit so as to perform acceleration calculation on the encryption algorithm. The invention can improve the calculation speed of the encryption algorithm, balance the calculation power consumption and improve the anti-attack capability during encryption calculation.

Description

Method and device for accelerating calculation of encryption algorithm and array unit subsystem
Technical Field
The present invention relates to the field of encryption technologies, and in particular, to an acceleration computing method and apparatus for an encryption algorithm, and an array unit subsystem.
Background
With the development of informatization and networking, the security of information is getting more and more attention. A complete, advanced information system does not take into account the application of information security technology.
The RSA cryptosystem is a public cryptosystem, can be used for encryption/decryption and signature/verification, is widely applied to various fields of society, such as smart cards, bank password cards and the like, and improves the security quality by issuing public key certificates, issuing certificates, managing certificates and the like for public keys of users. The modular multiplication operation is a very important step in the RSA algorithm, and the Montgomery algorithm is adopted by a common modular multiplication implementation method, however, with the development of side channel attack, the algorithm has high power consumption and is easy to suffer from simple power consumption attack, differential power consumption attack, fault attack and the like.
But with the development of side channel attacks, such as time analysis attacks, power consumption analysis attacks, electromagnetic radiation analysis attacks, fault injection analysis attacks, etc. The encryption algorithm key information is cracked through analysis of the side channel information of the encryption algorithm, including the running time, the power consumption, the electromagnetic radiation, the error result and the like of the encryption algorithm. Such as a simple power attack, by sampling the power consumption of the component while the cryptographic component is running to obtain a power consumption trace curve, and then guessing by curve analysis what operations the cryptographic module is doing during a particular time period, as well as the parameters involved in those operations.
The modular multiplication operation is a very important step in the RSA algorithm, and the common modular multiplication implementation method adopts the Montgomery algorithm, has high power consumption and is easy to suffer from simple power consumption attack, differential power consumption attack, fault attack and the like.
Disclosure of Invention
The invention aims to provide an acceleration computing method, an acceleration computing device and an array unit subsystem of an encryption algorithm, which can improve the computing speed of the encryption algorithm, balance the computing power consumption and improve the anti-attack capability during encryption computing.
In a first aspect, the present invention provides an acceleration computing method of an encryption algorithm, the method being applied to a reconfigurable computing array; the reconfigurable computing array includes a plurality of operators; the method comprises the following steps: determining an operator calculation period according to a preset processing time sequence; presetting a processing time sequence for determining a calculation process of an operator; determining an array unit based on the number of input bytes of the encryption algorithm; in the operator calculation period, operator dynamic calculation is performed based on the array unit so as to perform acceleration calculation on the encryption algorithm.
In an alternative embodiment, the step of determining the operator calculation period according to the preset processing sequence includes: determining a computing period according to the number of operators of the reconfigurable computing array; wherein, the calculation period corresponds to the number of operators; the number of operators performing the calculations in each calculation cycle is different.
In an alternative embodiment, in each calculation cycle of the calculation in turn, the number of operators performing the calculation of the encryption algorithm is increased according to a preset increment; the preset increment is at least one operator increment.
In an alternative embodiment, the method further comprises: the switching timing of byte processing is determined based on the number of input bytes of the encryption algorithm and the array unit.
In an optional embodiment, when the number of array units calculated in the operator calculation period is one, the step of performing operator dynamic calculation based on the array units in the operator calculation period includes: and in the calculation period, after the current operator receives the enabling signal, executing an encryption algorithm based on the input encryption initial value to obtain the operator encryption value.
In an alternative embodiment, when the number of array units in the operator calculation period is at least two, the encryption intermediate value obtained by calculation of the last operator is used as the encryption initial value of the current operator; the step of performing operator dynamic calculation based on the array unit in the operator calculation period comprises the following steps: determining an input enabling signal of a current operator based on an enabling signal output by a previous operator; and calculating an encryption intermediate value of the current operator based on the input enabling signal and the encryption initial value until all operators are completely calculated.
In a second aspect, the present invention provides an acceleration computing device for an encryption algorithm, the device being applied to a reconfigurable computing array; the reconfigurable computing array includes a plurality of operators; the device comprises:
the calculation period determining module is used for determining an operator calculation period according to a preset processing time sequence; presetting a processing time sequence for determining a calculation process of an operator; an array unit determining module for determining an array unit based on the number of input bytes of the encryption algorithm; and the acceleration calculation module is used for carrying out operator dynamic calculation based on the array unit in the operator calculation period so as to carry out acceleration calculation on the encryption algorithm.
In a third aspect, the present invention provides an array unit subsystem, the array unit subsystem comprising a plurality of array unit operator structures connected in sequence; wherein the array element operator structure is used to execute the method for accelerating computation of the encryption algorithm in any of the foregoing embodiments.
In a fourth aspect, the invention provides an electronic device comprising a processor and a memory storing machine executable instructions executable by the processor to implement the method of accelerating computation of an encryption algorithm of any of the preceding embodiments.
In a fifth aspect, the present invention provides a machine-readable storage medium storing machine-executable instructions that, when invoked and executed by a processor, cause the processor to implement the method of accelerating computation of an encryption algorithm of any of the preceding embodiments.
The method, the device and the array unit subsystem for accelerating the encryption algorithm are applied to a reconfigurable computing array, wherein the reconfigurable computing array comprises a plurality of operators, an operator computing period is firstly determined according to a preset processing time sequence (a computing process for determining the operators), then an array unit is determined based on the input byte number of the encryption algorithm, and then operator dynamic computation is carried out based on the array unit in the operator computing period so as to accelerate the encryption algorithm. According to the method, the operator calculation period is determined through the preset processing time sequence, the array unit is determined through the input byte number of the encryption algorithm, and then operator dynamic calculation is performed based on the array unit in the determined operator calculation period, so that the generation of peak power consumption during large digital-analog multiplication can be avoided, and the anti-attack capability is improved. Therefore, the embodiment of the invention can improve the calculation speed of the encryption algorithm, balance the calculation power consumption and improve the anti-attack capability during encryption calculation.
Drawings
In order to more clearly illustrate the embodiments of the present invention or the technical solutions in the prior art, the drawings that are needed in the description of the embodiments or the prior art will be briefly described, and it is obvious that the drawings in the description below are some embodiments of the present invention, and other drawings can be obtained according to the drawings without inventive effort for a person skilled in the art.
Fig. 1 is a flow chart of an acceleration calculation method of an encryption algorithm according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a calculation timing according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of a switching timing sequence according to an embodiment of the present invention;
FIG. 4 is a schematic diagram of an acceleration computing device for an encryption algorithm according to an embodiment of the present invention;
FIG. 5 is a schematic diagram of an operator structure of an array unit according to an embodiment of the present invention;
fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present invention.
Detailed Description
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present invention more apparent, the technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are some embodiments of the present invention, but not all embodiments of the present invention. The components of the embodiments of the present invention generally described and illustrated in the figures herein may be arranged and designed in a wide variety of different configurations.
Thus, the following detailed description of the embodiments of the invention, as presented in the figures, is not intended to limit the scope of the invention, as claimed, but is merely representative of selected embodiments of the invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention.
It should be noted that: like reference numerals and letters denote like items in the following figures, and thus once an item is defined in one figure, no further definition or explanation thereof is necessary in the following figures.
Some embodiments of the present invention are described in detail below with reference to the accompanying drawings. The following embodiments and features of the embodiments may be combined with each other without conflict.
For easy understanding, first, an acceleration computing method of an encryption algorithm provided by the embodiment of the present invention is described in detail, where the method is applied to a reconfigurable computing array, and the reconfigurable computing array includes a plurality of operators, where the plurality of operators are arranged according to a preset arrangement sequence, and the preset arrangement sequence may be set based on a requirement according to a design of a circuit board, such as a requirement of saving space, saving wiring, and the like; the setting may also be performed according to actual demands, such as the size of the actual calculation amount, the required calculation efficiency, and the like, which are not particularly limited herein.
Referring to fig. 1, a flowchart of an acceleration computing method of an encryption algorithm is shown, and the method mainly includes the following steps S102 to S106:
Step S102, determining an operator calculation period according to a preset processing time sequence.
Since the encryption algorithm is calculated by using a plurality of operators in the reconfigurable computing array in this embodiment, the preset processing time sequence is used to determine the computing process of the operators, that is, the processing time sequence of the plurality of operators when executing the encryption algorithm is determined by the preset processing time sequence. In order to avoid peak power consumption when an encryption algorithm is executed, and the encryption algorithm is not easy to crack, the operator power consumption is stable and is not easy to crack when the calculation is ensured by determining an operator calculation period and calculating a plurality of operators (including effective calculation and ineffective calculation) in each operator calculation period.
Step S104, determining an array unit based on the input byte number of the encryption algorithm.
In one embodiment, the encryption algorithm may be a Montgomery modular reduction algorithm. The present embodiment employs a montgomery modular reduction algorithm based on modulo 2 8, with inputs to the encryption algorithm being X and Y, respectively, where,X, Y < N, N is an odd number; the output of the algorithm is X Y ρ -1 mod N. The minimum time required for a single operator to complete the calculation of Y, N corresponding to each X byte is Y_LEN/32 cycles, and in order to ensure the operator utilization rate, the number of array units adopted in the embodiment is smaller than Y_LEN/32.
Step S106, in the operator calculation period, operator dynamic calculation is performed based on the array unit so as to perform acceleration calculation on the encryption algorithm.
In one embodiment, the operator computation period may be generally plural, and the number of array elements of different operator computation periods may be different. For ease of understanding, the description will be given such as taking the number of array units as 8 as an example: the first operator calculation period may adopt a first operator for calculation, the second period adopts the first operator and the second operator for calculation in turn (wherein, the calculation result output of the first operator is the calculation input of the second operator), and the third period adopts the first, the second and the third operators for calculation in turn (the calculation mode is the same as that of the second period) … … until the eighth period adopts eight operators for calculation in turn. After the execution of the 8 operator computing periods is completed, all the 8 cell arrays (i.e., operators) perform computation, i.e., operator dynamic computation.
According to the method for accelerating calculation of the encryption algorithm, provided by the embodiment of the invention, the operator calculation period is determined through the preset processing time sequence, the array unit is determined through the input byte number of the encryption algorithm, and then the operator dynamic calculation is performed based on the array unit in the determined operator calculation period, so that the generation of peak power consumption during the multiplication of a large number of modes can be avoided, and the anti-attack capability is improved. Therefore, the embodiment of the invention can improve the calculation speed of the encryption algorithm, balance the calculation power consumption and improve the anti-attack capability during encryption calculation.
The encryption algorithm adopted in this embodiment is a Montgomery algorithm, and when in implementation, a Montgomery modular reduction algorithm based on modulo 2 8 can be selected, and compared with a conventionally used Montgomery modular reduction algorithm based on modulo 2, the performance of the Montgomery modular reduction algorithm can be improved by 8 times. For ease of understanding, the algorithm is first described with the following algorithm improvement expression:
Input: X, Y < N, N is an odd number
And (3) outputting: x Y ρ -1 mod N
First, X can be split into k and executed by the following steps:
1.r[0]=0;n=N[7:0];
2. Calculate n_inv= - (n -1%28)
3.for i=0to k-1do
a)t=r[i]%28
b)u=(t*n_inv+xi*Y0*n_inv)%28
c)r[i+1]=(r[i]+xi*Y+u*N)/28
4.if r[k]>N,r[k]-N,else return r[k]
Further, we split Y and N into calculations in 32bit units, and in this embodiment, it is preferable to use 32bit basic units, so that better area efficiency and good timing can be obtained, that is, the calculation of u and r is completed in1 cycle with higher frequency, where u and r are intermediate variables of encryption calculation.
Y can be split into s yj unit splices, namely:
Y=y0+y1*232+y2*232*232+…
=y0+y1*232*1+y2*232*2+…ys*232*s
N=n0+n1*232+n2*232*232+…
=n0+n1*232*1+n2*232*2+…ns*232*s
thus, the above calculation can be expanded as follows:
1.r[0][0]=0;n=N[7:0];
2. Calculate n_inv= - (n -1%28)
3.for i=0to m-1do
a)for j=0to s-1do
i.t=r[i][0]%28
ii.u=(t*n_inv+xi*Y0*n_inv)%28
iii.v[i+1][j+1]=(r[i][j]+u*nj+1+xi*yj+1+w[i][j])
iv.w[i+1][j+1]=v[i+1][j+1]/232
v.r[i+1][j+1]=(v[i+1][j+1]+c[i][j+1])/28
vi.c[i+1][j+1]=v[i+1][j+1]/28
4.if r[m]>N,r[m]-N,else return r[m]
To accelerate the computation in the above expression, the present embodiment implements the above expression in the form of an operator array (i.e., a reconfigurable computing array) that includes a plurality of operators, according to the method, i rows are expanded spatially by different operators, j columns are expanded temporally by different clock cycles, and therefore a plurality of operators are used for parallel calculation at the same time, and the purpose of acceleration is achieved. The timing design is shown in fig. 2, in one embodiment, the computing period may be determined according to the number of operators of the reconfigurable computing array, where the computing period corresponds to the number of operators, and the number of operators performing computation in each computing period is different. For example, the number of operators performing the calculation of the encryption algorithm may be increased by a preset increment in each calculation cycle in which the calculation is performed in turn, wherein the preset increment is at least one operator increment. For ease of understanding, an example is provided in connection with the timing diagram shown in fig. 2:
cycle 0: all operators are idle;
Cycle 1: the 1 st operator PE1 receives the enabling signal and x input data (the 1 st byte of x) and starts computing work to compute the u value;
Cycle 2: the 1 st operator PE1 receives the input data of y and n (1 st word), calculates to obtain a result r [1] [1], registers the calculated carry w [1] [1] by using a register (as the input carry calculated by the 2 nd word of y and n), sends byte 0 of r [1] [1] and the calculated carry into the next operator PE2, and outputs an enable signal PE1_EN_O; the 2 nd operator receives the enabling signal output by the 1 st operator, starts working, receives x input data (the 2 nd byte of x) and calculates a u value;
Cycle 3: the 1 st operator PE1 receives the input data of y and n (2 nd word), calculates to obtain a result r [1] [2], registers the calculated carry w [1] [2] by using a register (as the input carry calculated by the 3 rd word of y and n), sends byte0 of r [1] [2] and the calculated carry into the next operator PE2, and outputs an enable signal PE1_EN_O; the 2 nd operator PE2 receives the input data of y and n (1 st word), calculates to obtain a result r 2 < 1 >, registers the calculated carry w 2 < 1 > by using a register (as the input carry calculated by the 2 nd word of y and n), sends byte0 of r 2 < 1 > and the calculated carry into the next operator PE3, and outputs an enable signal PE2_EN_O; the 3 rd operator receives the enabling signal output by the 2 nd operator, starts working, receives x input data (the 3 rd byte of x) and calculates a u value;
and the like, until all operators are calculated, namely, operator dynamic calculation is completed.
In the above calculation, the switching timing of byte processing may be determined based on the number of input bytes and the number of array units of the encryption algorithm, such as the switching timing of byte processing performed by the first operator PE 1-xin_i (the first byte of X) after the first cycle1 processing, and so on, the second operator PE 2-xin_i (the second byte of X) after the second cycle processing, and so on, to obtain multiple operators.
In order to reduce the number of calculation units and the logic area of a chip, each item of i in the expression is not required to be unfolded and calculated by different operators, and the number of array unit operators can be smaller than the maximum length/8 of X bytes. The minimum time required for a single operator to complete the calculation of Y, N corresponding to each X byte is Y_LEN/32 cycles, and in order to ensure the operator utilization rate, the number of array units is smaller than Y_LEN/32.
For ease of understanding, taking the number of array units k as an example, the calculated byte switching timing of X is shown in fig. 3:
cycle 0: all operators are idle;
cycle 1: the operator 1 receives an operator enabling signal and an x input 1 st byte and starts working;
cycle 2: the operator 2 receives the operator enabling signal and the x input byte 2 and starts working;
……
The (s+1) th cycle: operator 1 completes word calculation of all Y and N;
s+2th cycle: operator 1 is idle; operator 2 completes word calculation of all Y and N;
s+3rd cycle: the operator 1 receives an operator enabling signal and an x input k+1th byte and starts working; operator 2 is idle;
s+4th cycle: and the operator 2 receives the operator enabling signal and the x input k+2th byte, and starts to work until all operators perform time sequence switching.
Further, the output enable signal PE1_yin/nin_i is processed in the following cycles of cycle2, cycle3, cycle4 … …, and the output enable signal PE1_en_o of the first operator PE1_xin_i is the same as the input enable signal PE2_en_i of the second operator PE2_xin_i, i.e. the output enable signal PE1_en_o of the first operator PE1_xin_i is the input enable signal of the second operator PE2_xin_i, and so on until all operators.
In a specific implementation, when the number of array units calculated in the operator calculation period is one, that is, when the operator is in the first period, after receiving the enabling signal, the current operator (that is, the first operator) executes an encryption algorithm based on the input encryption initial value to obtain an operator encryption value, wherein the operator encryption value is calculated from the u value obtained by calculation.
When the number of array units in the calculation in the operator calculation period is at least two, namely the second period and the subsequent operator calculation periods, the encryption intermediate value obtained by the previous operator calculation is used as the encryption initial value of the current operator, in each operator calculation period, the input enabling signal of the current operator is determined based on the enabling signal output by the previous operator, and the encryption intermediate value of the current operator is calculated based on the input enabling signal and the encryption initial value until all operators are completely calculated.
For the above method for accelerating the computing of the encryption algorithm, the present invention also provides an accelerating computing device of the encryption algorithm, as shown in fig. 4, the device is applied to a reconfigurable computing array, the reconfigurable computing array includes a plurality of operators, the device mainly includes the following parts:
a calculation period determining module 402, configured to determine an operator calculation period according to a preset processing timing; presetting a processing time sequence for determining a calculation process of an operator;
an array unit determining module 404, configured to determine an array unit based on the number of input bytes of the encryption algorithm;
And the acceleration calculation module 406 is configured to perform operator dynamic calculation based on the array unit in the operator calculation period, so as to perform acceleration calculation on the encryption algorithm.
According to the accelerating computing device of the encryption algorithm, which is provided by the embodiment of the invention, the computing period of the operator is determined through the preset processing time sequence, the array unit is determined through the input byte number of the encryption algorithm, and then the operator is dynamically computed based on the array unit in the determined computing period of the operator, so that the generation of peak power consumption during the multiplication of a large number of modes can be avoided, and the anti-attack capability is improved. Therefore, the embodiment of the invention can improve the calculation speed of the encryption algorithm, balance the calculation power consumption and improve the anti-attack capability during encryption calculation.
In one embodiment, the computing period determining module 402 is further configured to determine a computing period according to the number of operators of the reconfigurable computing array; wherein, the calculation period corresponds to the number of operators; the number of operators performing the calculations in each calculation cycle is different.
In one embodiment, in each calculation cycle of sequentially performing calculation, the number of operators performing calculation of the encryption algorithm is increased according to a preset increment; the preset increment is at least one operator increment.
In one embodiment, the apparatus further comprises: and the time sequence switching module is used for determining the switching time sequence of byte processing based on the input byte number of the encryption algorithm and the array unit.
In one embodiment, when the number of array units calculated in the operator calculation period is one, the acceleration module 406 is further configured to execute an encryption algorithm based on the input encryption initial value after the current operator receives the enable signal in the calculation period, to obtain an operator encrypted value.
In one embodiment, when the number of array units in the operator calculation period is at least two, the encryption intermediate value obtained by the calculation of the last operator is used as the encryption initial value of the current operator; the acceleration module 406 is further configured to determine an input enable signal of the current operator based on an enable signal output by the previous operator; and calculating the encryption intermediate value of the current operator based on the input enabling signal and the encryption initial value until all operators are completely calculated.
The device provided by the embodiment of the present invention has the same implementation principle and technical effects as those of the foregoing method embodiment, and for the sake of brevity, reference may be made to the corresponding content in the foregoing method embodiment where the device embodiment is not mentioned.
Further, the present invention provides an array unit subsystem, where the array unit subsystem includes a plurality of array unit operator structures sequentially connected, and the array unit operator structures are shown in fig. 5, and the array unit operator structures are used to execute the method for accelerating calculation of the encryption algorithm in any one of the foregoing embodiments.
The embodiment of the invention provides electronic equipment, which comprises a processor and a storage device; the storage means has stored thereon a computer program which, when executed by the processor, performs the method of any of the embodiments described above.
Fig. 6 is a schematic structural diagram of an electronic device according to an embodiment of the present invention, where the electronic device 100 includes: a processor 60, a memory 61, a bus 62 and a communication interface 63, the processor 60, the communication interface 63 and the memory 61 being connected by the bus 62; the processor 60 is arranged to execute executable modules, such as computer programs, stored in the memory 61.
The memory 61 may include a high-speed random access memory (RAM, randomAccessMemory), and may further include a non-volatile memory (non-volatile memory), such as at least one disk memory. The communication connection between the system network element and at least one other network element is achieved via at least one communication interface 63 (which may be wired or wireless), and may use the internet, a wide area network, a local network, a metropolitan area network, etc.
Bus 62 may be an ISA bus, a PCI bus, an EISA bus, or the like. The buses may be classified as address buses, data buses, control buses, etc. For ease of illustration, only one bi-directional arrow is shown in FIG. 6, but not only one bus or type of bus.
The memory 61 is configured to store a program, and the processor 60 executes the program after receiving an execution instruction, and the method executed by the apparatus for flow defining disclosed in any of the foregoing embodiments of the present invention may be applied to the processor 60 or implemented by the processor 60.
The processor 60 may be an integrated circuit chip having signal processing capabilities. In implementation, the steps of the above method may be performed by integrated logic circuitry in hardware or instructions in software in the processor 60. The processor 60 may be a general-purpose processor, including a central processing unit (Central Processing Unit, CPU), a network processor (Network Processor, NP), etc.; but may also be a digital signal processor (DIGITAL SIGNAL Processing, DSP), application SPECIFIC INTEGRATED Circuit (ASIC), off-the-shelf Programmable gate array (Field-Programmable GATE ARRAY, FPGA) or other Programmable logic device, discrete gate or transistor logic device, discrete hardware components. The disclosed methods, steps, and logic blocks in the embodiments of the present invention may be implemented or performed. A general purpose processor may be a microprocessor or the processor may be any conventional processor or the like. The steps of the method disclosed in connection with the embodiments of the present invention may be embodied directly in the execution of a hardware decoding processor, or in the execution of a combination of hardware and software modules in a decoding processor. The software modules may be located in a random access memory, flash memory, read only memory, programmable read only memory, or electrically erasable programmable memory, registers, etc. as well known in the art. The storage medium is located in a memory 61 and the processor 60 reads the information in the memory 61 and in combination with its hardware performs the steps of the method described above.
The method, the device and the computer program product of the array unit subsystem for accelerating the encryption algorithm provided by the embodiment of the invention comprise a computer readable storage medium storing nonvolatile program codes executable by a processor, and the computer readable storage medium stores a computer program which is executed by the processor to execute the method described in the method embodiment, and specific implementation can be seen in the method embodiment and is not repeated herein.
It will be clear to those skilled in the art that, for convenience and brevity of description, the specific working process of the system described above may refer to the corresponding process in the foregoing embodiment, which is not described in detail herein.
The computer program product of the readable storage medium provided by the embodiment of the present invention includes a computer readable storage medium storing a program code, where the program code includes instructions for executing the method described in the foregoing method embodiment, and specific implementation may refer to the method embodiment and will not be described herein.
The functions, if implemented in the form of software functional units and sold or used as a stand-alone product, may be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention may be embodied essentially or in a part contributing to the prior art or in a part of the technical solution, in the form of a software product stored in a storage medium, comprising several instructions for causing a computer device (which may be a personal computer, a server, a network device, etc.) to perform all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a usb disk, a removable hard disk, a Read-Only Memory (ROM), a random access Memory (RAM, random Access Memory), a magnetic disk, or an optical disk, or other various media capable of storing program codes.
Finally, it should be noted that: the above embodiments are only for illustrating the technical solution of the present invention, and not for limiting the same; although the invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical scheme described in the foregoing embodiments can be modified or some or all of the technical features thereof can be replaced by equivalents; such modifications and substitutions do not depart from the spirit of the invention.

Claims (6)

1. An acceleration computing method of an encryption algorithm, wherein the method is applied to a reconfigurable computing array; the reconfigurable computing array comprises a plurality of operators, wherein the operators are arranged according to a preset arrangement sequence, and the preset arrangement sequence comprises setting according to the design requirement of a circuit board or setting according to the actual requirement; the method comprises the following steps:
Determining an operator calculation period according to a preset processing time sequence; the preset processing time sequence is used for determining the calculation process of the operator;
Determining an array unit based on the number of input bytes of the encryption algorithm;
in the operator calculation period, operator dynamic calculation is carried out based on the array unit so as to accelerate calculation of an encryption algorithm;
the step of determining the operator calculation period according to the preset processing time sequence comprises the following steps:
Determining a computing period according to the number of operators of the reconfigurable computing array; wherein the calculation period corresponds to the number of operators; the number of operators for executing calculation in each calculation period is different;
in each calculation period of the calculation in sequence, the number of operators for executing the calculation of the encryption algorithm is increased according to a preset increment; the preset increment is at least one operator increment;
The encryption algorithm is a Montgomery modular reduction algorithm based on a module 2 8, the input of the encryption algorithm is X and Y respectively, and the algorithm improvement expression is as follows:
Input: x= ,Y=X, Y < N, N is an odd number;
And (3) outputting: x Y ρ -1 mod N;
When the number of the array units calculated in the operator calculation period is one, the step of performing operator dynamic calculation based on the array units in the operator calculation period comprises the following steps:
In the calculation period, after the current operator receives the enabling signal, an encryption algorithm is executed based on the input encryption initial value, and an operator encryption value is obtained;
When the number of array units in the operator calculation period is at least two, the encryption intermediate value obtained by the calculation of the last operator is used as the encryption initial value of the current operator; the step of performing operator dynamic calculation based on the array unit in the operator calculation period comprises the following steps:
Determining an input enabling signal of a current operator based on an enabling signal output by a previous operator;
and calculating an encryption intermediate value of the current operator based on the input enabling signal and the encryption initial value until all operators are completely calculated.
2. The method for acceleration calculation of an encryption algorithm according to claim 1, characterized in that the method further comprises:
a switching timing of byte processing is determined based on the number of input bytes of the encryption algorithm and the array unit.
3. An accelerated computing device for encryption algorithms, wherein the device is applied to a reconfigurable computing array; the reconfigurable computing array comprises a plurality of operators, wherein the operators are arranged according to a preset arrangement sequence, and the preset arrangement sequence comprises setting according to the design requirement of a circuit board or setting according to the actual requirement; the device comprises:
The calculation period determining module is used for determining an operator calculation period according to a preset processing time sequence; the preset processing time sequence is used for determining the calculation process of the operator;
an array unit determining module for determining an array unit based on the number of input bytes of the encryption algorithm;
the acceleration calculation module is used for carrying out operator dynamic calculation based on the array unit in the operator calculation period so as to carry out acceleration calculation on the encryption algorithm;
the computing period determining module is used for determining a computing period according to the number of operators of the reconfigurable computing array; wherein the calculation period corresponds to the number of operators; the number of operators for executing calculation in each calculation period is different;
in each calculation period of the calculation in sequence, the number of operators for executing the calculation of the encryption algorithm is increased according to a preset increment; the preset increment is at least one operator increment;
The encryption algorithm is a Montgomery modular reduction algorithm based on a module 2 8, the input of the encryption algorithm is X and Y respectively, and the algorithm improvement expression is as follows:
Input: x= ,Y=X, Y < N, N is an odd number;
And (3) outputting: x Y ρ -1 mod N;
the acceleration calculation module is configured to, when the number of array units calculated in the operator calculation period is one, accelerate the calculation module to:
In the calculation period, after the current operator receives the enabling signal, an encryption algorithm is executed based on the input encryption initial value, and an operator encryption value is obtained;
when the number of array units in the operator calculation period is at least two, the encryption intermediate value obtained by the calculation of the last operator is used as the encryption initial value of the current operator; the acceleration calculation module is used for:
Determining an input enabling signal of a current operator based on an enabling signal output by a previous operator;
and calculating an encryption intermediate value of the current operator based on the input enabling signal and the encryption initial value until all operators are completely calculated.
4. An array unit operator system is characterized by comprising a plurality of array unit operator structures which are sequentially connected; wherein the array element operator structure is used for executing the acceleration calculation method of the encryption algorithm of any one of claims 1 to 2.
5. An electronic device comprising a processor and a memory, the memory storing machine executable instructions executable by the processor, the processor executing the machine executable instructions to implement the method of accelerating computation of an encryption algorithm according to any one of claims 1 to 2.
6. A machine-readable storage medium storing machine-executable instructions which, when invoked and executed by a processor, cause the processor to implement the method of accelerating computation of an encryption algorithm according to any one of claims 1 to 2.
CN202110575856.1A 2021-05-25 2021-05-25 Accelerated calculation method, device and array unit operator system for encryption algorithm Active CN114510450B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202110575856.1A CN114510450B (en) 2021-05-25 2021-05-25 Accelerated calculation method, device and array unit operator system for encryption algorithm

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202110575856.1A CN114510450B (en) 2021-05-25 2021-05-25 Accelerated calculation method, device and array unit operator system for encryption algorithm

Publications (2)

Publication Number Publication Date
CN114510450A CN114510450A (en) 2022-05-17
CN114510450B true CN114510450B (en) 2024-11-26

Family

ID=81547995

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202110575856.1A Active CN114510450B (en) 2021-05-25 2021-05-25 Accelerated calculation method, device and array unit operator system for encryption algorithm

Country Status (1)

Country Link
CN (1) CN114510450B (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN116881090B (en) * 2023-09-06 2024-01-26 北京壁仞科技开发有限公司 Computing device and method for controlling energy consumption of computing core in computing device

Family Cites Families (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6922717B2 (en) * 2001-09-28 2005-07-26 Intel Corporation Method and apparatus for performing modular multiplication
US6625631B2 (en) * 2001-09-28 2003-09-23 Intel Corporation Component reduction in montgomery multiplier processing element
JP5097138B2 (en) * 2009-01-15 2012-12-12 シャープ株式会社 Arithmetic circuit and encryption circuit for Montgomery multiplication
CN106681690B (en) * 2015-11-07 2019-02-26 上海复旦微电子集团股份有限公司 Data processing method, modular multiplication method and device based on montgomery modulo multiplication
CN107423256B (en) * 2017-03-17 2019-03-01 清华大学 The sequential control method of reconfigurable processor and reconfigurable processor
CN110795748B (en) * 2019-10-24 2021-12-14 清华大学无锡应用技术研究院 Method, system and medium for implementing stream cipher algorithm based on reconfigurable computing array
CN111563262B (en) * 2020-04-15 2024-01-23 清华大学 Encryption method and system based on reversible deep neural network
CN112183765B (en) * 2020-10-30 2022-06-14 浙江大学 A multi-source and multi-modal data preprocessing method and system for shared learning

Also Published As

Publication number Publication date
CN114510450A (en) 2022-05-17

Similar Documents

Publication Publication Date Title
CN110351087B (en) Pipelined Montgomery modular multiplication operation method
CN114297571B (en) A polynomial multiplication hardware implementation system suitable for lattice cryptographic algorithms
US7991152B2 (en) Speeding up Galois Counter Mode (GCM) computations
Wang et al. FPGA implementation of a large-number multiplier for fully homomorphic encryption
CN111373694B (en) Zero-knowledge proof hardware accelerator and its method
WO2020146285A1 (en) Protection of cryptographic operations by intermediate randomization
CN114371829B (en) Data processing method in polynomial multiplier, polynomial multiplier and processor
CN112491543B (en) IC card decryption method based on improved Montgomery modular exponentiation circuit
CN104679474A (en) Multiplying unit on finite field GF (2 227) and modular multiplication algorithm
CN114238205B (en) A high-performance ECC coprocessor system resistant to power consumption attacks
Dong et al. EC-ECC: Accelerating elliptic curve cryptography for edge computing on embedded GPU TX2
Kumar et al. How to Break DES for BC 8,980
CN105871552A (en) Double-core parallel RSA password processing method and coprocessor
CN117155572A (en) A method to implement large integer multiplication in cryptographic technology in parallel based on GPU
CN114510450B (en) Accelerated calculation method, device and array unit operator system for encryption algorithm
Zhang et al. High-performance ECC scalar multiplication architecture based on comb method and low-latency window recoding algorithm
CN107508666A (en) It is a kind of based on RSA and SHA 512 low-cost digital sign SOPC design methods
CN109933304B (en) Rapid Montgomery modular multiplier operation optimization method suitable for national secret sm2p256v1 algorithm
Dong et al. sDPF-RSA: Utilizing floating-point computing power of GPUs for massive digital signature computations
CN109284085B (en) High-speed modular multiplication and modular exponentiation operation method and device based on FPGA
Tachibana et al. FPGA implementation of ECDSA for Blockchain
CN113630236A (en) SM3 data encryption method and related device
Wenger A lightweight ATmega-based application-specific instruction-set processor for elliptic curve cryptography
CN206332680U (en) Multivariate digital signature device
CN1696894B (en) Large number modular multiplication calculation multiplier

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant