TWI274281B - Apparatus and method for performing transparent block cipher cryptographic functions - Google Patents

Abstract

The present invention provides an apparatus and method for performing cryptographic operations on a plurality of input data blocks within a processor. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction and execution logic. The cryptographic instruction is received by a computing device as part of an instruction flow executing on the computing device, wherein the cryptographic instruction prescribes one of the cryptographic operations. The execution logic is operatively coupled to the cryptographic instruction and executes the one of the cryptographic operations. The one of the cryptographic operations includes indicating whether the one of the cryptographic operations has been interrupted by an interrupting event.

Description

1274281 IX. Invention Description: [Reciprocal Reference of Related Applications] [0001] Ben Zhonghe advocates the following essays: the provisional case and the formal right of the formal request. It will be incorporated here as a reference application number. 60/506971 ±MMM 9/29/2003 Name_

MICROPROCESSOR APPARATUS AND METHOD FOR OPTIMIZING BLOCK CIPHER CRYPTOGRAPHIC functions Microprocessor device and method for optimizing block cipher password function

60/507001 9/29/2003 APPARATUS AND METHOD FOR PERFORMING OPERATING SYSTEM TRANSPARENT BLOCK CIPHER CRYPTOGRAPHIC FUNCTIONS Apparatus and method for performing the transmissive block cipher password function of the operating system 60/506978 9/29/2003 MICROPROCESSOR APPARATUS AND METHOD FOR EMPLOYING CONFIGURABLE BLOCK CIPHER CRYPTOGRAPHIC ALGORITHMS Microprocessor device and method using configurable block cipher cipher algorithm 60/507004 9/29/2003 APPARATUS AND METHOD FOR PROVIDING USER-GENERATED KEY SCHEDULE IN A MICROPROCESSOR CRYPTOGRAPHIC ENGINE 0608- A40742TWF1 5 νλ 1274281

Apparatus and method for generating a list of keys generated by a user in a microprocessor crypto engine 60/507002 9/29/2003 MICROPROCESSOR APPARATUS AND METHOD FOR PROVIDING CONFIGURABLE CRYPTOGRAPHIC BLOCK CIPHER ROUND RESULTS Generates a configurable cipher block cipher round RESULTS PROCESSOR APPARATUS AND METHOD 60/506991 9/29/2003 MICROPROCESSOR APPARATUS AND METHOD FOR ENABLING CONFIGURABLE DATA BLOCK SIZE IN A CRYPTOGRAPHIC ENGINE MICROPROCESSOR APPARATUS AND METHOD FOR PERFORMING CONFIGURABLE DATA BLOCK RANGE IN A CODE ENGINE 60/507003 9/29/2003 APPARATUS FOR ACCELERATING BLOCK CIPHER CRYPTOGRAPHIC FUNCTIONS IN A MICROPROCESSOR Device for accelerating the block cipher cipher function in the microprocessor 60/464394 4/18/2003 ADVANCED CRYPTOGRAPHY UNIT Enhanced cryptographic unit 60/ 506979 9/29/2003 MICROPROCESSOR APPARATUS AND METHOD FOR PROVIDING CONFIGURABLE 0608-A40742TWF1 6 1274281 p-year: body 靖 靖 靖 丨 I ... and one · one ^ one

CRYPTOGRAPHIC KEY SIZE Microprocessor device and method for generating a configurable cryptographic key size 60/507001 9/29/2003 APPARATUS AND METHOD FOR PERFORMING OPERATING SYSTEM TRANSPARENT CIPHER BLOCK CHAINING MODE CRYPTOGRAPHIC FUNCTIONS Execution of the penetration cipher zone of the operating system Device and method for blockchain mode password function 60/508679 10/3/2003 APPARATUS AND METHOD FOR PERFORMING OPERATING SYSTEM TRANSPARENT CIPHER FEEDBACK MODE CRYPTOGRAPHIC FUNCTIONS Device and method for performing the penetration cipher feedback mode password function of the operating system 60/508076 10/3/2003 APPARATUS AND METHOD FOR PERFORMING OPERATING SYSTEM TRANSPARENT OUTPUT FEEDBACK MODE CRYPTOGRAPHIC FUNCTIONS Device and method for performing the transmissive output feedback mode password function of the operating system 60/508604 10/3/2003 APPARATUS AND METHOD FOR GENERATING A CRYPTOGRAPHIC 0608-A40742TWF1 7 1274281 KEY SCHEDULE IN A MICROPROCESSOR Apparatus and method for generating a list of cryptographic keys in a microprocessor 10/729973 12/4/2003 APPARATUS AND METHOD FOR PERFORMING TRANSPARENT BLOCK CIPHER CRYPTOGRAPHIC FUNCTION Recombination and transparency block cipher coding method and device 10/730167 2003/12/5 MICROPROCESSOR APPARATUS AND METHOD FOR PERFORMING BLOCK CIPHER CRYPTOGRAPHIC FUNCTIONS Microprocessor device and method for executing block cipher compilation [0002] The continuation of the following U.S. Patent Application Serial No. 10/674,057, "MICROPROCESSOR APPARATUS AND METHOD FOR PERFORMING BLOCK CIPHER CRYTOGRAPHIC FUNCTIONS, It has a common assignee and a co-inventor, and its application was September 29, 2003. [0003] The present application is filed in the same application as the U.S. patent application (and the corresponding application number 曰 10 10 10/730167 93110904 10/27/2003 4/20/2004 MICROPROCESSOR APPARATUS AND METHOD FOR PERFORMING BLOCK CIPHER CRYPTOGRAPHIC FUNCTIONS Microprocessor block cipher coding method and device 0608-A40742TWF1 8 1274281 Description of the invention [Technical field of the invention] [0004] This (4) relates to the field of microelectronics, especially a microprocessor or a The device towel belongs to the method and device for compiling and recalculating the cipher code of the reorganized block. [Prior Art] The computer research secret of the pottery research period is _ is independent touch, _ run--a process: ^ and the input stomach is shouting In the early days, the electric job and the system were input by the dumping engineer when they were running at t. The output (4) produced after the execution of the fine program was usually in the form of black and white: printing, or by being a person. The tape and the hard disk ^ belong to the electric age system - part of the storage device. The output of this _ can be used by the Gu Cai# which is executed by a battery age or used as a domain or as a solid. - a detachable _ save In fact, it can be used by other softwares that are not pure in the computer. These early systems have been aware of the protection of sensitive cigarettes. Among them, the same data security measures, the password compilation application software is also opened ^==峨W35 axis Fine. Paste side of the body through the storage device on the storage device to encrypt or decrypt the action. [0_] Township nuclear 'langers only Wei _ scales more from the computer to share the potential. So 'network architecture, operating system , Data Transfer Association * =, except:; In addition to supporting data sharing, they provide additional functions:;, now use - (4) brain workbench to get another job A material = a road feeding The file on the server, through the Internet to get news and pots ί = ~, he is not _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ Or Ϊ ^ and other public places to pass through _ road to do the above _, has been learned - hanged. The transmission of the bribe Wei dynasty has also changed the _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ New 0608-A40742TWF1 9 1274281 Social mass spamming mail, hacking, identity, sub-location Credit card fraud _'_. ^ = Nakajima move ^ _ have had heart '(iv) New terror network

It _= bit _ new law, strict implementation of norms and teaching crowds and other actions. ^The front-end movements are still unable to successfully eliminate the wreckage of computer data. The jir agency, the military and the intelligence unit’s worry has become: one is checking the e-mail. The most worried about the people using online banking services. Code block Γ 0 This field will encrypt the data, and only provide a specific person solution: two games ^ J will be 疋 码 code compilation. In the protection of the data transmission between the computer and the computer (: called this article, - the shore is woven "two 1p rtext". The process of converting this article into ciphertext ^ 冉 捃" (enc_〇n, endphering or Ciphr_), and the secret program is called "decryption" (dec_〇n are all (10). Not 3=^ compile in this field. Several methods and protocols have been developed to use knowledge or to spend too much power. The data is sent to different users with the encrypted =2. In addition to the encrypted data, the user passes =: plus

Rivest-Shamir-Add^^^ ^-Public Key and a private key or decryption. According to some public __, then the tenderness of 0608-A40742TWF1 1274281, v / used to encrypt the data to the winner. There is a certain mathematical relationship between the public and private records of the _ side, and the recipient must use the private money to unravel the received information and restore the original information. Miscellaneous _ encryption method to solve a wide range of systems, but it handles encryption and decryption very slowly, even processing a small amount of data is very slow. There is also an _algorithm called symmetric key encryption algorithm (symmetric kiss alg〇rithmS), which not only has the confidentiality of the level-like algorithm, but also performs much faster. The reason this type of algorithm is called a symmetric key encryption algorithm is that it encrypts and decrypts with the same set of encrypted compilation keys. There are currently three main single-key cryptographic algorithms (data encryption standards) (IJa).

Encryption Standard, DES), three-dimensional data encryption standard (Triple's visit, Standard-Triple-DES) and Advanced Encryption Standard (Advanced EnawiQn standanj, AES) are the strength of these 'different methods', now related to the US government The unit uses these two algorithms to keep confidential information. It is believed that in the near future, one or more of these will also become the standard used in commercial and private transactions. According to these symmetric key encryption algorithms, both the text and the ciphertext are cut into blocks of a certain size for encryption and decryption. For example, the Advanced Encryption Standard (AES) encrypts 128-bit blocks and uses 128, 192, and 256-bit encrypted compiled keys. [〇〇1〇] All symmetric key encryption algorithms (symmetric key alg〇rithms) will be the same for the secondary operations (sul>operation). According to the more commonly used symmetric barrier algorithm, an initial call code, _ will be expanded to a plurality of keys (that is, key scheduie), each key will be used in When the password is compiled, one of the secondary operations (r〇und) in the encryption program of the article will be encrypted. The result of the 1st round operation becomes the illput text of the second round. The second round operation is performed using the second key in the key program table, and then the second result is generated. This article becomes a ciphertext after a certain number of rounds. In the Advanced Encryption Standard (AES) algorithm, the operations in the secondary operations in each round can be referred to as sub-bits in the relevant literature. 0608-A40742TWF1 11 1274281 曰修. mmm —ιι«ι·| »_1 w~ » m *<nnr 11 »_♦·«μμ, £»··μ~u««<»» w, 押-WNhe^i (SubByte, or S-box), shifting ( ShiftRows), Mix(MixColums), and back alloy key (1*_(1)^) are added (eight (1 (1 to _(1{^). The step of decoding for a ciphertext is actually and the encryption is very Similarly, the ciphertext is treated as an input value, and the inverse decoding and inverse operations are performed at each round. The output value of the last round is this article. [0011] Data Encryption Standard (DES) and Triple Data Encryption The secondary operations of the standard (Tripie_DES) application are not the same in small details, but they are basically similar to the High Order Encryption Standard (AES) algorithm because they convert the fragment of this article into a ciphertext of a segment in a similar manner. [0 012] All symmetric key encryption algorithms encrypt the pattern of multiple consecutive fragment data. These include the edit block chain mode. (cipher bl〇ck chaining mode 'CBC) 'electronic book code (electronic C0 (ie book, ECB), cipher feedback mode (CFB) and output feedback mode (output feedback m〇de, OFB) Some modes require a different initialization vector (initiaHzati〇n vect〇r) to perform the secondary operation, and some will add the first set of encrypted ciphertext to the second set of the encrypted operation. The operation steps of a cryptographic compilation algorithm and the current symmetric key addition algorithm are beyond the scope of the application of the present invention. The detailed implementation specification of the data encryption standard DES and the three-dimensional data encryption standard Triple_ DES is discussed. Readers can refer to the Federal 西 丨 丨 25 25 25 Fe Fe Fe Fe

Information Processing Standards Publication 46_3 (FIPS_46_3), AES detailed discussion in Federal Information Processing Standards Publication 197 (FIPS-197) on November 26, 2001. The above publications are compiled by the Nati〇nal Institute of Standanis and Technology (NIST) and are hereby incorporated by reference. In addition to these publications, NIST's c〇mputer

Unit teaching, white papers, toolkits and related articles are also available on the Security Resource Center (CSRC) website at http://csrc.nist.gov/. [〇〇13] Readers who are familiar with this aspect of the technology should understand that there are many softwares on the computer system. 0608-A40742TWF1 12 1274281 can be used to perform cryptographic compilation (ie encryption and decryption). In fact, some operating systems (such as Microsoft Windows XP, Linux) provide direct encryption/decryption services through cryptographic graphic program cryptographic application program interfaces and other similar interfaces. The inventors of the present have discovered that there are many drawbacks in many aspects of the current knowledge of compiling passwords. Readers are now looking at Figure 1, which shows these shortcomings, which are discussed below. [0014] Figure 1 is a block diagram of the current computer password compiling application. Figure 1 (8) shows that the first computer 101 is connected to the local area network 1〇5, and the second computer 102 is connected to the local area network 1〇5. The network file storage device 106, the first router 1〇7 or other forms of interface, such as the network, connected to the wide area network 11 (wide from the network 'WAN), and a wireless network router 1〇8, for example, a wireless router that conforms to the ffiEE 8〇2 ιι specification. Also connected in the wide area network 110 is a second router 111 for providing an interface with the third computer 103. w _5] As mentioned above, the current system is more and more frequent when it is necessary to keep computer data confidential. For example, under the control of the operating system, the user of the first computer 101 can perform various tasks in a timely manner, and each resident (4) needs a password compiling job. The user of the first computer 101 needs to execute the application 112 to encrypt/decrypt (the transgender is operated by the operating system) to store a file in the network slot. The storage device 1G6 4 when the file is closed, the user may also The action of the encrypted user-desktop 102 user will also require the functions of the applications u and ^. Encrypted (4) f-message may be instantaneous (eg ^ instant (eg electronic meal). In addition, the maker may be on the third computer 10; == WAN 110 is accessing personal finance: #输如信 or It is other important information. The first = the thunder brain lm less Shagui financial and easy 4) end computer H) 3, 1 flute can represent a home office or know the details of the first computer 101 users are not In the office, you can make 0608-A40742TWF1 13 乂1274281,· . - - _ use the wide area network no to access the shared resources on the local area network 1051, ι〇2, ι〇6, ι〇7, 108 and 109 internal information. The behavior described above requires the call application to close the encryption and decryption actions. In addition, the wireless network 109 6 is widely distributed in the public places such as the kiss: hall, airport, school, etc., so the user of the laptop computer must send the wireless encryption or decontamination to the toucher. 109 passed to no _ road 丨 n material also transferred to χ encryption / decryption. [0016] Those skilled in the art will appreciate that when a computer requires 2 code compilation actions, the application 112 will be called and then encrypted or decrypted. Therefore, in the future, the computer 1G1_1()4 may have to carry out hundreds of secrets at the same time. [0017] The inventors have discovered that at the same time, the method of calling one or more plus or = decrypting the application 112 has the following disadvantages, for example, if a door can be used to handle these functions, hard Body processing is faster than using software. For each application, when m needs to be encrypted and decrypted, 'the work that the computer 1〇1 is performing' must be paused first to pass the code. _ _ _ _ such as this article, 敎, mode and Jin Wei 1 operating system, then: The post-computer operating system then passes the data to the application to complete the password compilation. Since the application 112 needs to perform a compilation when compiling a piece of data. Sub-operations' Therefore, the number of instructions that the computer has to execute is so large that the speed of processing the entire system is significantly reduced. Those skilled in the art can understand why the transmission of Microsoft's environmental towel is four times that of the undelivered mail. [〇=8] 〃人电脑工作彡, _ 赖 also affects the secret genius. 2. The application software mostly does not have a complete key generation or encryption/decryption function, so the ritual operation system, first or 疋 plug-in software 2lug -ins〇ftware) to complete these jobs. However, the operating system resources must be issued to the operating system to interrupt the instruction (inter_ or by the implementation of the software to the job requirements. 0608-A40742TWF1 1274281 year repair (you [0019] the inventor also found the computer Money 1gmq period microprocessor processing floating-point arithmetic unit has not been established; 5 f mode and earlier = speed is also very slow. With the evolution of floating-point arithmetic technology, ==, the central processor's auxiliary processor. In the == ::r^ 里.. Auxiliary processing 15 can be used to verify the computer system password compilation: =! and the power consumption, not only the stability of the entire system is reduced, capital;: ..., The auxiliary processor and the microprocessor do not exist on the same chip 'so the connection between them may be eavesdropped. [〇〇_ ^ t is 夂'. This hardware should be used only for the job. - The instruction can be compiled by the silk code. The inventor believes that this hardware can reduce the need to intervene in the computer operating system. Ideally, the invention can provide the priority of the application software to execute the cryptographic command, in addition to the need to be more common with the current city. Microprocessor architecture Rong, _ can support older ageing and software, but also to prevent eavesdropping. This hardware should support different _compilation algorithms, and can authenticate and test cryptographic compilation algorithms on hardware. The invention needs to be able to switch its own mode of operation 'for example, allowing the user to choose to provide his own key or to choose to issue a key by hardware and support switching between different sizes of data fragments and key sizes. Finally, the encryption used by this hardware. / Decryption mode should be able to be reversed, such as ele_nic c〇de book'ECB' cipheΓblockchainingmode (CBC), cipher feedback mode (CFB) or output feedback (output) Feedback mode, OFB) Do password compilation. 0608-A40742TWF1 15 •%, 1274281 .... A '....Λ,·,·2~. ,············, rV . [.1] [Summary] [0021] This invention solves the problems faced by the prior art, and provides an excellent micro-processing built-in 9-yard technology. Yes - the password is compiled in the microprocessor The I-input contains a cryptographic compile instruction and an execution logic. The cryptographic compile command is received by a meter device as part of a flow of instructions for execution on the computing device, wherein the cipher compile command _ is specified Performing some of the cryptographic operations. The execution logic is operatively connected to the cryptographic compile instruction to execute the cryptographic code specified by the cryptographic compile instruction. The cryptographically compiled package __ specifies the password. Whether the editing is interrupted or not. β τ [0022] The present invention is a microprocessor device for processing cryptographic sequences, which includes a cryptographic unit located within the device, and a bit within a temporary register. The crypto soap 70 responds to the _ cipher compilation instruction in the instruction flow received by the device to execute the cryptographic instruction command to find the cryptographic calculation. In the temporary suppression, the silk is still on the light. The bit rib shows that the execution of the specified cryptographic compilation operation has been performed by the present invention, and the method of performing cryptographic compilation in the microprocessor includes a response-coded compilation instruction. Executing the cryptographic compilation refers to one of the cryptographic operations; and whether an interrupt event has occurred during this execution. [Embodiment] [_] Only the above, only Linfa _ New Zealand rewards, Lin =:: Gaiyi this hair - _ equal change _, all - b this I Φ ζ ί, a performance and machine = The more the ^ and the method money line password compile operation. This invention reduces the wealth. In addition to the shape, this made a sense of its turn, the domain is completed, and the old structure 0608-A40742TWF1 16

V 1274281 Convergence, m, from testability. [0041] Referring now to Figure 2, Figure 2 depicts the current block diagram 200. The inner graph of the block diagram 200 is compiled from the system memory, and the side processor is responsible for the related data. Application Notes _ Application-related instructions and accesses are controlled by the software in the system memory and the data access mechanism is usually m _ Γ where she is stored in the system memory when it is acted upon (for example - An e-mail-type in the binding needs to do the decoding and compiling, New Zealand _ grain), 'Shunzhi micro-processing 哔. People; ^ β into a series of instructions to complete the cipher code to execute the financial sub-program, some are connected to this | - this community may be the operating system 2 〇 2 services. The slice '^ and the figure are both enclosed in the application memory area 203. The application ===203 = also contains a software class that generates the key. This Jin Yu produces the software to hang, shell and receive the key, and also expands the key into the key program table 2〇5. If you use the = port = type, the encryption software 2〇6 will read the initialization vector 2〇8. The encryption software performs the internal encryption operation, and finally outputs the ciphertext 211. The process of decryption is roughly the same as = ' ^ need to interpret - segment ciphertext, decryption software 2 () 7 is called. Decryption software tear execution = fixed 曰 v to obtain the desire 2H, key program table 2 〇 5 and password compilation parameters 2 〇 9. The details of the password compilation are provided by the 2G9 % of the horses and the squats. If the decryption mode used is needed = the secret software 207 will read the initialization vector 2〇8 and execute the instructions there to complete the ciphertext decoding operation, and output 210. [0042] The actions of adding, decrypting, and generating keys should be done with fewer instructions. Out of the specifications published by FIPS, there are several different virtual codes to estimate the number of instructions that need to be executed to complete a 2 Ma, flat " The number of instructions required to process the compiled password is now as high as ±100 or more. In addition, from the point of view of the application software (file management, newsletter, electric body) in the execution of 0608-A40742TWF1 17 1274281 95. 2. 22 sub-mail, remote file access, credit card transaction software, perform this This density is time-consuming. Even the second two:::睪 is neither the main use of the software itself, but also the ten erroneous illusion that the pulse body complements the efficiency. If the work item of the encryption software is miscellaneous, the task system L t calls and Manage the encryption software, decrypt the software software. It must be broken, exceptions, etc. In addition, the power code compilation in each of the same temples in the electric service system will need to be in the application memory area 203. Some space is arranged inside to generate the software 204, the encryption software 2〇6 and the decryption software 2G7, and the number of cryptographic compilation work required for the future microprocessor 2〇1 will only increase or decrease. [0043] Inventor There is a defect in the current computer system to handle password compilation, the need to have a built-in micro-processing n, and the need to improve the speed of the password compilation processing device. This unit through a single-code compiler command The compiler is started. With regard to this invention, we will make a more in-depth explanation with reference to Figures 3 to 12. [0044] Now, please refer to FIG. 3, which is a block diagram 300 of a microprocessor cryptographic operation device in accordance with the principles of the present invention. Diagram 300 shows microprocessor 301 coupled to system delta memory 321 via memory bus 319. Microprocessor 301 includes translation logic 3.1. Translation logic 303 receives instructions from instruction register 302. Password translation logic The composition of 303 can be a logic, circuit, device, test instruction code (that is, micro-instruction or native instruction) or a combination of logic, circuit, device, micro-instruction code or other components that can achieve the same function, and convert the instruction into a comparison. The elements of the microinstruction code. The elements constituting the cryptographic compiling logic 303 can be shared with elements such as lines and microinstruction codes that perform other functions in the microprocessor 301. According to the scope of the application, the microinstruction code refers to a plurality of microinstructions. Microinstructions (also known as native instructions) refer to instructions that are executable at the cryptographic unit level. For example, a reduced instruction set arithmetic processor directly executes microinstructions, while an enhanced instruction set arithmetic processor, such as χ86 compatible The processor first translates the instructions into microinstructions and then executes them by one or more internal units. Translation logic 303 and instructions仵The column 304 is coupled. The instruction queue 304 has a plurality of microinstructions 305, 306, which are arranged by the microinstruction 304 0608-A40742TWF1 18 1274281 m 2 2; (^ temporary pure & logic (5). The scratchpad stage logic contains the temporary cage case chat. The micro-finger^ command system moves to the temporary storage logical area. The temporary storage logic contains a temporary archive 307, and the temporary archive has multiple side temporary storage 308-313. The data will be carried before the encoding and compiling operation. Each register points to the data in the 321 section of the Qing dynasty: the data required for the translation of the cryptographic operation. The logic 314 is lightly connected. The loading logic U takes the reading, the data 313 woman, and the cryptographic compilation operation is required from the cache memory data 313. Data cache memory through memory bus 319 and memory secrets and execution received = 曰 7 binding logic 328 can be a logic, circuit, device, micro-instruction code (for micro-instructions or native age) or - Logic, circuit, device, micro-instruction code or other combination of the same function Atg parts can be used to complement the operation of the fine instruction. The decrementing logic elements can be shared with other functions within the microprocessor view. The execution logic micro contains _ cipher compilation units (10). The cryptographic compilation unit (10) receives the information required for the cryptographic compilation operation from the manned logic 314. The microinstruction instructs the cryptographic compiling unit 316 to cryptographically encode a plurality of input text segments and input a plurality of output text segments 327. The cryptographic compilation unit 316 can be a logical 'circuit, device' micro-instruction code (that is, micro-instruction or native instruction) or a logic port circuit, device, micro-instruction code or other combination of components that can achieve the same function, processing Poor code compilation. The components constituting the cipher-editing logic period may be a circuit, a micro-instruction code, and the like that are in the form of a microprocessor. - In the embodiment, the cipher compilation unit (10) fish execution logic 328 executes parallel executions such as floating point units and integer units (not shown). An embodiment of a "unit" may be a logic, a circuit, a device, a microinstruction code (ie, a microinstruction or a native instruction) or a logic, circuit, device, microinstruction code, or the like that can achieve the same effect. Combination of. The elements constituting this unit may be shared with elements such as lines, microinstructions, and the like that perform other functions in the microprocessor 3.1. In one embodiment, the integer unit may be composed of two logics, circuits, devices, hard codes (ie, missing), logic, circuits, devices, microinstructions, or other combinations of components that can be noisy. , execute an integer instruction. - The structure of a floating point unit can be a logic, circuit, device, microinstruction code (that is, ^ 0608-A40742TWF1 19 1274281 ί instruction or native instruction) or - logic, circuit, device, micro instruction mother or other can reach The same effect of 70 pieces of combination, the implementation of floating point instructions. The component constituting the integer instruction in the integer unit may be a line or a micro-share of the component that processes the floating-point operation instruction in the foreign point operation unit. - Compatible with Na's construction, cryptographic compilation unit 316 and ; ^ integer unit, - x86 floating point unit, one χ 86 眶 unit and one Μ unit in parallel operation. Embodiments of compatible structures can support most of the software written for the processor in accordance with the scope of the present invention. The method of judging whether the software is correctly executed is to check whether the correct result is obtained after executing the software. An embodiment compatible with x86 is to treat the cryptographic compilation unit as a subunit in the full execution unit. The cryptographic compilation unit 316 and the storage logic 317 _ and provide an output complex number should be a text segment 327. The storage logic is again cached with the data _ 315. The data cache memory 315 sends the output text data 327 to the memory 321 for storage. Store logic 317 and write back logic 318 minus. After the cryptographic compilation operation is completed, the logic 318 is updated to update the contents of the temporary register 308-313 in the register. In one embodiment, the microinstruction cooperates with a clock signal (not shown) to flow to each of the logical stages 302, 303, 304, 307, 317, 316-318 described above such that the operation can perform multiple operations simultaneously as in a production line operation. [0045] In the system memory 321, an application may issue a cryptographic operation instruction 322 to the microprocessor 301 if it is required to perform a cryptographic operation, hereinafter referred to as the XCRYpT instruction. In the enhanced instruction set operation embodiment, the XCRYPT instruction 322 includes a microinstruction that indicates a cryptographic compilation operation. In the reduced instruction set operation embodiment, the XCRYpT instruction 322 includes a microinstruction that indicates a cryptographic compilation operation. In one embodiment, the XCRYpT instruction 322 uses an existing instruction set to be extra or to use an instruction opcode. In an 86-compatible embodiment, the XCRYpT instruction 322 疋 a 4-bit instruction includes a χ86 prefix (ie, 〇xF3), which is a used 2-bit arithmetic code in an instruction set (ie, 〇 x〇FA7), and a one-bit block decryption mode. In one embodiment, the XCRYPT instruction 322 can directly write the XCRYPT instruction 322 directly to the instruction flow of the microprocessor 3〇1 or from the operating system 32 in accordance with the level at which the application software is allowed to execute. Because only the software or operating system only needs the next instruction 322 to complete the password compilation, the secret 0608-A40742TWF1 20 (monthly repair (吏) positive class 1 127428 weight compiled job details are more transparent to the health system. The series of fine-grained patterns is made by the object:: The application software orders execution (4) When the command kisses, = is passed from the memory 321 to the extraction logic _. Of course, the soft = still-type character micro--3G1 first memory 321 327 password compile control fIZ I code compile control key 324 or key program table micro, the initial vector tears the chest 3 327 Φ the processed input text coffee and output text 327 will be copied to the corresponding temporary ^ ^ The action of initializing the register wins 312 is to use all the data in the temporary registers 308-312 when executing the _70 command to execute the XCRYPT322. The scratchpad 'a file is responsible for recording the input text. The fragment also needs to be encrypted/unloaded, and the translation logic 303 takes the order from the extraction logic 3〇2 and translates it into the corresponding micro-finger π ' and the non-micro-processing H 301 to complete the cryptographic operation. Microinstruction 3〇5_3 〇6 towel's first fresh code cryptographic compilation unit 316 will be the data The logic load is loaded, and then the specified number of ciphers are compiled. The output of the result of the execution is stored in the text area 327 of the storage logic 317 in the record 321 through the data cache 315. The second plurality of The instruction (not (4) is not the other execution unit in the microprocessor 301 (not shown). The non-architected register usually contains a temporary knot, and the count ϋ update input and output indicator register 31 312. The initial vector temporarily stores the updated data of the thief. The embodiment - the temporary storage n write - 313 is the architecture register. [〇〇 47] - In the embodiment, the cryptographic compilation unit 316 is divided into a plurality of stages, allowing continuous The input text segment 326 is pipelined. [0048] The components shown in Figure 3 are necessary to explain the present invention. The logic within many of today's microprocessors 301 is not shown in Figure 300. Those skilled in the art will It has been found that the logic contained in many of the microprocessors 301 has been simplified in Figure 3 for clarity of illustration. This is for convenience of description. For example, the load logic 314 can include an address generation step, followed by a The cache memory interface stage is followed by a cache memory alignment stage. However, it is important that the present invention performs cryptographic compilation on a plurality of input text segments 326, and the operating system only needs 0608-A40742TWF1 21 1274281 ^ 1"° ° This (four) start password to compile the details of the action is completely transparent, and with the microprocessor 3〇1 inside Wang Yuming ^ XCRYPT ^ 322 ° 316 [〇 _ now please refer to _, this:: and now more old (4) Compatible with the operation. The marriage contains - dump 4G1, _ 403, - block decryption mode block stealing _ & code heterogeneous block command structure compatible - f example, field 4G1- The 4G4 content and instruction concept extends to the control word set indicator stored in the scratchpad leg, the cryptographic key indicator stored in the temporary register EBX, and stored in the temporary memory buffer. The indicator of the initialization vector (if required by the predetermined password mode). [0050] When the τ ’ 'heart ^ command set structure has taken the addition - health choice (10). This column is used to indicate that the processor is turned on or _- some computing functions. For example, the function of directly performing the bit position or the 20-bit το operation and the function of directly processing or accessing a specific piece. The content of the repeat preamble 402 represents the number of times the cryptographic compilation action needs to be repeated. Repeating the pre-position 402 also implicitly indicates the conforming microprocessor, using the contents of the plurality of architectural registers as the indicator, shouting the system containing the code and the parameters of the mosquito code calculation Recall the body in the inspection. As mentioned by the Society, in the case of a compatible solid blue towel, the value of the repeating pre-position 402 is 0xF3. And according to the architecture agreement, the form of the ML compiler instruction is very similar to that of the string command (such as RFP.MOVS). For example, when executed by the χ86 compatible microprocessor of the present invention, the repeated preamble field implicitly involves the variable block count stored in the architectural register sink X, stored in the temporary storage. ^ The source address indicator (pointing to the input data of the cryptographic operation), and the money-oriented indicator of the temporary ϋ EDI towel (pointing to the output data area in the memory). In the compatible real complement, the present invention further forwards the _ repeated string [0051] the arithmetic code block 403 refers to the microprocessor to perform the cryptographic operation of the control character indication 'this control element is actually In memory, a control word indicator points to the position of the control word in the memory. The value of the opcode will be set to a value that is rarely used in an existing instruction set. Such as 0608-A40742TWF1 22 1274281 V / ί This is also the old operating system and application software can also be used. For example, a compatible = system can set this value to QxQFA7. The block splicing block indicates which-key operation needs to be executed. Please see Figure 5. [0052] FIG. 5 is an example of a block password block value and a microprocessor operation action comparison table. If the value in the block password field is at any time, the microprocessor will complete the password compiling operation with the e-book code (10). When the value of the block is set, the microprocessor will edit the block chain (CBC) mode. ΟχΕΟ indicates that the microprocessor should use the code feedback (CFB) mode, and the 〇χΕ8 table does not use the output feedback _) mode. The various modes described above are described in detail in the FIps literature. [0053] Please see Figure 6. What is shown in Figure 6 is an inventive embodiment of a cryptographic compilation unit 617 in a χ86 compatible microprocessor. There is an extraction logic 601 in the microprocessor 6A. The extraction logic 6〇1 fetches instructions from the memory (not shown). Translation logic 6〇2 consists of a logic, circuit, microcode (micro-instruction, micr〇instructi〇ns or native instruction) device or other micro-instruction code that can convert instructions into control. Pieces. The translation elements within translation logic 602 can be shared with other functional elements within microprocessor 600. As shown, the translation logic 602 includes a mutually coupled translator 6〇3, microcoded read-only memory 604, and segment indicator logic 640. Interrupt logic 626 is coupled to translation logic 602 via bus 628. The interrupt request signal 627 from the soft/hardware is processed by the interrupt logic 626. The interrupt logic 626 relays the instruction translation logic 602 interrupt. As shown in Figure 6, the instruction translation logic is coupled to the following series of phases. Including register stage 6〇5, address stage 606, load stage 607, execution stage 608, storage stage 618, and write back stage 619. An execution logic 632 is included in the execution phase 608 depicted in FIG. Execution logic 632 has multiple execution units for simultaneous operations, units 610, 612, 614, 616, and 617. The integer unit 610 is responsible for executing the integer microinstructions in the microinstruction queue 609, the floating point unit 612 is responsible for executing the floating point microinstructions in the microinstruction array 611, and the MMX unit 614 is responsible for executing the MMX microinstructions in the instruction array 613, SSE Unit 616 is responsible for executing the SSE microinstructions within microinstruction queue 615. SSE unit 616 and password compile list 0608-A40742TWF1 23 !274281 v (bit 6Π interface. There is a load bus bar 62〇 between the two units, an idle signal 62i and a storage bus 622. The cryptographic unit 617 and the unit of view The same instruction is queued 615. The other embodiment is to set the cipher compilation unit 617 to a unit such as unit (10), (10) and the same completely independent unit. The integer unit _ and the full efugs register are _ The EFLAGS register contains a 元 元 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 。 30 bits. In addition, the integer unit 61〇 will read the data in the temporary (4) 8 to analyze the state of the E-bit 629. The value in the E-bit indicates whether the Mississippi compilation unit 6i 7 is present in the microprocessor. The integer unit (10) also reads a D bit 631. This bit is located in the feature control temporary storage n(10), and the peak is turned on and off the cryptographic compilation unit 617. Figure 3 Microprocessor of the microprocessor embodiment 3G _ In order to clearly express the invention ship, only the figure The structure of some microprocessors is shown, and other parts are put together or have been omitted. It is well known that this technique can be used to dissect the interface of the component (not shown). The unit of the interface (not shown) and other microprocessors such as the clock generator and the decentralized logic are omitted. [0054] The operation process wipes the extraction logic with the clock domain (not shown) and the slave memory (not shown). To the translation logic 6〇2. Translation logic, the instructions are transferred to the corresponding micro-instructions and then combined with the clock signal to the microprocessor _ _, 618 and 619 units. Each instruction corresponds to a series of micro-instructions Instructing the microprocessor to perform the sub-action to complete the instruction. For example, an address generation instruction executed by the bit (four) segment_ contains the two (four) memory H (paste) specified from the scratchpad stage. The peak has two operands, and then two operands are added to the entire fresh bit (10). The results produced by all execution units 610, 612, 614, 616 and 617 are stored in the memory by the storage logic 618. Logic 602 will determine the type of instruction, The use of the translator _ directly generates a coherent microinstruction, or the translation logic 602 will extract a coherent microinstruction from the microinstruction code read only memory 604. Or the translation logic 602 will generate a P knife. The rest is proposed from the micro-instruction code read-only memory. The micro-instruction is executed in the order of the clock speed 0608-A40742TWF1 24 1274281, V ί = in the microprocessor_, and the stages of (10) and (10). When moving to the execution phase, execution logic 632 sends the microinstruction to the execution unit ^, 612 ' > 614 '616' and 617 to execute the result of the operation and then enters the storage phase (10). In one embodiment, the microinstruction includes instructions that indicate the range, whether or not it can be performed concurrently with other operations. ^, ^ (10) Just after the translation logic 602 receives the predicate instruction, it generates the corresponding instruction, and directs the microprocessor 600 β other logic 6〇5—_, (10), 619 to execute the cryptographic compilation operation finger =. The first few micro-instructions will be directly assigned to the password compiling list (4): 17: The soap level is 6Π from the manned bus. Or the man-in-the-segment input data, start the password compilation round of Hao 7F times. It is also possible to pass the segment output stream to the storage logic 618 through the health stream 5 622 and then store it in the memory. Next, the second group of multiples is sent to the execution unit, M2, 614 and 616 to perform other necessary sub-operations. For example, the measurement bit 629 sets the D bit 631, sets the value of the X bit 625 to display the password, and the flat thickness operation is being executed. 'Set the value of the X bit 625 to display the cryptographic operation is being executed. . Update the contents of the scratchpad (such as the count register, input the text indicator register, output the text pointer register) the work in the temporary phase 605, handle the interrupt request 627 sent by the interrupted Lai, and so on. In order to implement the most efficient cryptographic compilation related instructions, the order of the microinstructions is specifically arranged to interleave the integer unit microinstructions into the cryptographic composing microinstructions, and integer arithmetic and cryptographic compile operations are performed in parallel. The microinstruction contains the micro-deductions required to recover from the interrupt request 627. All indicators pointing to the cryptographic compilation parameters (cryP^〇graphiC paramefer) and data are located in the χ86 architecture register. When the interrupt request is received, the indicator will be stored. After the interrupt is completed, the data meter parameters will be restored. Therefore, when an interrupt occurs, program control will move to the corresponding interrupt service routine. If part of this transfer is controlled by the program, X bit 625 is cleared to indicate that the key data and control block data are no longer valid. After returning from the interrupt, the program control will immediately return to the XCRYPT instruction, and as part of its corresponding microinstruction, the specific microinstruction will test the state of the X bit 625 to determine the key data and control block data. Whether it is valid. 0608-A40742TWF1 25 1274281 95. 2, 22 = When this happens, the calculation of the input data of the specific block being processed is repeated. If the status of the X-bit 70 625 indicates that the key data and the control block data are no longer valid, the data of the input data of the special (10) block that is being processed will be reloaded from the memory and Control word group. In general, the age of Ρ τ according to this (4) always involves the initial test of x 625, which turns off the validity of the linguistic data and control block data in cryptographic compilation unit 617. If the key is fine, the age key data and the control word data will be carried from the record. «, the record of people borrowing the Sakizaki chain temporarily suppresses _ 容 指 指 指 指 身 身 身 身 身 身 身 身 身 身 身 身 身 身 身 身 身 身 身 身The other way is to carry a person-in-a-box and do not pre-load the key and control the word data, but perform a predetermined password operation. [0056] If a new financial information or a new control agency is generated, the X-bit A 625 needs to be cleared before the money is extracted from the ρτ command. It is also considered that the same gilding data and control block data can be used to perform the MYPT age of Lai. After the _ emotion μ, the initial key and the control of the block data, there is no need to clear the X bit 625. For example, for optimization purposes related to memory bus speed, the user may decompose, for example, the encryption/decryption of just one input data block into five XCRYPT instructions' each of which processes each input data block. [0057] The block indicator logic_ may be confident that the corresponding microinstruction will be arranged to allow for the index register, and to update the two-sequence block cipher operation for a sequence of input text blocks before processing the interrupt 627 Intermediate results. The block indicator logic_ indicates the flow of inserting the microinstruction into the corresponding secret instruction, so that when the cryptographic operation of the input data of the first block is completed, the indicators of the input and output data blocks in the memoryϋ Will be modified to point to the next input and output data block. In addition, the block indicator logic 64 indicates the process of inserting the microinstruction into the corresponding microinstruction to modify the block counter to indicate that the cryptographic operation of the input data for the current block has been completed. Furthermore, in the event of using the block cipher mode, f performs cryptographic operations on the immediately following block data, and needs to use the data resulting from the cryptographic operation on the data of the current block, and then the block indicator logic 640 It also instructs the process of inserting a microinstruction into the corresponding microinstruction to maintain or generate 0608-A40742TWF1 26 1274281⁄4 ο, %% /, retaining the memory specified by the initialization vector due to the cryptographic operation of the data of the current block. In the region, after the return from the interrupt event, the cryptographic operation on the immediately following block data can be continued. [0058] Please refer to Figure 7. Figure 7 is an example of a microinstruction structure. This microinstruction 7(9) is used to instruct the microprocessor as seen in Figure 6 to perform the cryptographic compilation operation. The microinstruction 7A contains a microcoded block 701, a data register block 702 and a register block 703. The microcode field 7〇1 provides the microprocessor 6 to execute those subroutine programs, and the sugar required for each stage. In this case, the specific value is the designated age for the use of the decoding unit. The first value (XL_) indicates (4) from the position pointed to by the data register block 7()2 in the memory. This miscellaneous should be placed in the cryptographic unit by the manned lion. This proposed material (such as password compilation key data, control word, input text data, initialization vector) is provided to the cryptographic unit. The second micro-opcode padding plus value (XSTOR) indicates that the result of the cryptographic unit operation should be stored in the location pointed to by the data temporary state block 702 in the memory. For the cryptographic compilation unit of the multi-level structure, the contents of the scratchpad block 7(10) indicate that the plurality of output data segments should be stored in the memory. The output data fragment is placed in the data field 704 for reading by the storage logic. Next, referring to Figure 8 and Figure 9, we will further explore the execution flow of XLOAD and XSTOR in the cryptographic compilation unit. Back to _(10)59] Please refer to FIG. 8. Table 8GG is as described above, and the microprocessor translates the Μργτ command to get the group as an instruction. The first group of micro-instructions in the set of micro-instructions: the unit directly executes, and then the second group of multiple micro-instructions are executed by - or the other: the bits are executed in parallel. The actions of the second group of multiple micro-instructions include updating the meter, the memory, the structure temporary storage H, testing and setting the bit state of the mechanical specific register, etc. Key data, password compilation parameters, and input 4 to t ^ and direct the password compilation unit to generate the key program table (or load the gold 2 sequence table proposed by the memory), load or encrypt or decrypt the input text. Save the output text data. An X:: indicates the cipher compilation unit manned control word data, the manned password compilation key or key finger 0608-A40742TWF1 27 Load initialization vector data, manned input text data, and instructions to start cryptographic operation. When the micro-instruction micro-XLGAD, the value _Q in the register field alone indicates the password compiling list; the control word carries the control word "scratchpad. Follow this instruction in the pipeline, which will encounter - a scratchpad memory control word indicator. This indicator points to the position of the control word in (4). Loading logic from the fast-paced fiber to mention it! This control tour, put the side of the human resources. Supplementary, temporary register The blocking value OblOO refers to the input text data of the 7〇4 towel loaded in the data field without the password compilation unit. Then perform the password compilation operation. Like the control character, the input data is presented through an indicator in the existing structure register. [0060] In the embodiment, the register field G_ can be regarded as a two-stage cryptographic unit. Continuous input text (4) can be trained. The first ship d micro-instruction puts the first input text into IN-1, and the second XL0AD micro-instruction puts the second input text into IN-0 'second 乂_) micro-finger ♦ will also start the password The compilation unit performs a password compilation operation. [0061] If the cryptographic compilation operation uses a user-generated key schedule, the number of XL0AD microinstructions corresponds to the number of transcripts in the user-generated key schedule. The user-generated key schedule will be sent to the cryptographic compilation unit, which will load the key used for the round from the key schedule according to the status of the weight compilation. [0062] All other values in the XLOAD microinstruction register field 703 are reserved values. [0063] Please refer to Figure 9. The table in Figure 9 shows the comparison table of the XST〇R micro-instruction register field 7〇3. The XST0RE instruction instructs the password, the compilation unit to store the processed output text segment (encrypted or decrypted) to the location within the memory indicated by location block 702. According to the present invention, the translation logic first generates an XL0AD microinstruction to load an input text, and then issues xST〇r to store the corresponding output text generated by the input text. The value of the register field 7〇3 〇w〇〇 indicates that the password compilation unit provides the internal temporary register ο^ρ^-Ο, and the output text segment in the ΟυΤ^ is supplied to the storage logic for storage. The content of OUT-0 is the correspondence of the input text segment in IN-0. Similarly, the internal temporary register output_; [, whose content is IN-丨 corresponds to the input data in the temporary location OblOl. After loading the key and control word data, XLOAD. IN-1, multiple input text segments can be 0608-A40742TWF1 28 1274281 ^ /

κ J , pipelined _ person password, _ unit. Leg D· IM micro age (then Α])· is also indicating password compilation #_无_编赖算), XSTGUUTPUT-1, Χδ··ουτ-0, red 〇AD. IN-1' XLOAD. IN—0 (Starting to work on the next input text segment) and so on. [0064] Looking at Figure 10, Figure 10 is an example of the format of a control character face. In the control character, L S is the cryptographic compilation parameter used for the decoding code compilation operation. The control character 1 side is programmed into the memory by the user. The indicator pointing to the control character is located in a structure before the cryptographic operation. Therefore, in the set of micro-instructions corresponding to the XCRYPT instruction, the l_micro-instruction instructs the micro-processing item to take the architectural register containing the indicator, and converts the indicator into a physical address, and takes control from the memory (cache memory). ^诵,^Enter the control word register inside the password compilation unit.

The control word 1000 contains a reserved _) blocking surface, a KSIZE for the size of the key, 2002, - encryption/decryption E/D field 3, an intermediate result IRSLT, and a _ gold painting KGEN blocks 1005, and an algorithm blocks 1〇〇6 and a round counts 1007. [0065] All values of reserved block 1001 are retained. Value table for KSIZE field 1002: The size of the key used for encryption or decryption. In one embodiment, the KSIZE field indicates whether the gold input is 128 bits, 192 bits or 256 bits. The E/D field 1003 indicates that the cryptographically compiled arithmetic encryption or decryption operation. The job _ bit secret indicates that the gold 鍮 in the memory is the keystroke produced by the user or a single one - gold 鍮. If the (four) towel is a single-key, the micro-instruction will compile the password, and the password-compilation algorithm will be opened according to the contents of the ALG field. - In the embodiment, the ALG blocking leg specifies the AES algorithm, so so far our discussion has been directed to the Triple- and AES algorithms. Other applications differ from the embodiment of the post-code editing/贞 algorithm such as Rijndaei cipher, Twofish Ciper, and the like. The peak of the RCNT block just 7 indicates the number of rounds that the cipher is compiled for each text segment. Although the specification of the cryptographic compilation algorithm described above refers to cryptographic compilation that does not perform a fixed number of rounds of different input text segments, the coffee bar block 1007 allows the programmer to set the value of RCNT Xie Li 1〇〇7 to be used. The algorithm is 0608-A40742TWF1 29 1274281' a 丨 change. - In the embodiment, the programmer specifies that each paragraph of text should be compiled for 15 rounds of password. Finally, the IRSLT block 1004 indicates whether the number of rounds of encryption/decryption of the input text refers to the algorithm indicated by the RCNT field and the ALG block brain or the algorithm indicated in the ALG block, RCNT field 1007 The number of calculations produced is only an intermediate result, not the final result. Those skilled in the art will appreciate that many cryptographic compilation algorithms repeat the same sub-operations and do different operations during the final-round. So the IRSLT Interceptor provides an intermediate result and allows the programmer to confirm this intermediate result before proceeding to the next step. For example, if the final result is to add value to the intermediate result, you can first encrypt the text - round, then sample - a text segment for two rounds of password compilation, then another three rounds, and so on. This succinct password is compiled back to the slogan: the function and intermediate result function users can evaluate the performance of cryptographic compilation, solve the problem, and also a tool to study the structure and number of rounds. [〇〇66] Please see the block diagram of the ten cipher compilation units. The meta contains a microprogram code temporary storage H 11G3. The microcode register receives the microinstruction through the microinstruction bus 1114. (such as XLOAD and XSTOR # micro-instruction) cryptographic unit 11〇〇 also contains a control character register 1104, an i_t-〇 register, a register 1106, a key-〇 register ·, and - the register should be. The load bus 1111 loads the data into the memory 1104-1108 in accordance with the XLOAD microinstruction in the contents of the microinstruction register 11〇3. The cryptographic unit also contains a block decryption logic 11〇1 with all the scratchpads and the key random access memory. The block decryption logic provides - stop signal 1113 and - block result to Qutput - 〇 register 丨 (10) and . Chatting the register 1110 ° output register 1109-1110 will send the internal content to the microprocessor through the storage bus 1111. - In the embodiment, the microinstruction register pair is 32 bits large, while the other registers 1104-1110 are 128 bits large. [0067] In the operation, the cryptographic compile microinstruction is sequentially sent to the microinstruction register ιι〇3, and in addition, the control word register 1104 and the input register 1105 to 11〇6 or one of the gold The temporary register 0608-A40742TWF1 30 1274281 1107-1108 its towel - will also be followed - from the micro-instruction

^ XL0AD (four) (four) _ 峨 her 曰 曰 也 is also loaded. If you want to load an X brain micro-instruction will arrange _ 11G7 to store this gold =::::=, then the bit, then the X Lion will arrange KEY - 〇 11 〇 7 and just _ ^ key ^ small Please enter the age-face Mm to store this key. If you load ί, the next _ will arrange _ 1107. The key in each program table will be sequentially arranged in the gold record random read memory ιι〇2, and used in the password compilation round. Next, enter the text data (if you don't need to initialize it to be loaded into the illusion! Ν-1 temporarily flipped. The micro-instruction in the leg D will instruct the chest register to load the input data and according to the control word register The content of the brain, applied to the temporary register or in the _ input temporary storage H Cong-biliary _ initialization vector _ on the temporary persimmon within the information of the mechanical code compilation work. (such as Miscellaneous Steel Na (10) _ brain Jingling designation After the chest temporarily 1005. After the block decryption logic follows the content of the control word to start the password compilation. If you need to expand the single-password compilation, the job block decryption logic will generate the key program table = every - key And store them in the random read memory m2. Regardless of the block decryption logic is to drum the county or the gold miscellaneous table has been woven implicitly, the password decryption of the first-round _ key - The age is in the block job logic 11 () 1 (four) cache memory 'a-like block-block's password solution can be carried out, no county from the gold surplus random take memory 1102. - But the block When the decryption logic starts, the password will be compiled into the block or more than one input text. The operation, successively extracts the key to be used from the key random memory. The cryptographic unit listens to the specified cipher text of the specified input fragment text. The XL〇ad and xST〇R micro-instructions are issued. Input text for encryption or decryption. When executing XSTOR micro-instruction, 'If the output data (〇UT-〇 or 〇υτ-丨) is not ready yet, the block decryption logic will stop δ one more stop. Once the generation is complete and has been stored in the corresponding scratchpad 1109-1110, the contents of the scratchpad will be transferred to the storage bus 1112. 0608-A40742TWF1 31 I2742|\ W*Um_>e<pfa3MaiWm-» >**-*._,,** Thanks',*This "·,:·_> - j 鸾 鸾" shoulder · i [〇〇 68] 图 look at Figure 12. Figure 12 is an AES calculus Block diagram of the block decryption logic 1200. The block decryption logic includes a round calculation engine (r〇und_this) 122〇, each round of the different engine controller 121〇. The round calculation engine 122〇 passes through the bus 1211 - 1214 and bus bar 1216-1218 are coupled to the round calculation engine controller 121. The round calculation engine The controller can access the micro-instruction register, KEY-1 temporarily stores n-lan to read the key data, and the micro-instruction and password compile the operation parameters. The contents of the register 12〇5—12〇6 are supplied to the round calculation. The engine 1220 then passes the corresponding calculation script 122 to the output registers I207 - 1208. The output registers 1207-1208 are exhausted from the round calculation engine controller 1210 through the bus bars 1216-1217. The round calculation engine controller can read the L result of each cryptographic round and then supply the round calculation engine 122, so that the round calculation engine 122 can perform the next round of cryptographic operations through the bus NEXTIN1218. The cryptographic key is presented from the key random read memory (not shown) through the bus 1215. The ENC/DEC 1211 signal indicates that the round different engine performs encryption (S-Box) or decryption (reverse s-Box). The RNDCON bus 1212 instructs the round calculation engine to perform the first AES round or the intermediate AES round or the last-round AES. When GENKEY#旒1214 is set, it represents that the round calculation engine 122 needs to expand the key obtained from the bus 1213 into a key program table. The key pool 丨2丨3 is also used to provide the key, which provides the key needed for the parent to the round calculation engine 1220. The round calculation engine 122 is coupled to the first register REG_〇 1224, and includes a first X0R logical key 122. The first register 1222 is coupled to the s-Box logic 1223. S-Box logic 1223 is coupled to shift logic 1224 (Shift R〇w 1〇gic). Shift logic 1224 with the second scratchpad age 1 1225 secret. The second register REG-1 1225 is coupled to the Mix Column logic 1226. The aliasing logic is coupled to the third register REG_2 1227. The first golden record logic 1221, the S-Box logic 1223, the shift logic 1224, and the hash logic 1226 are used as the execution name phase subroutine operations. The mashup logic 1226 is used to perform AESX0R operations on the data added during the intermediate cryptographic rounds, using the return alloys provided by the keystream 1213. The first key logic 1221, s_B〇x logic 1223, 0608-A40742TWF1 32 Ϊ274281.... ^ -"•-Μ , column logic = 1224 and the mixed logic state are also used when the ENC/DNC status indicates decryption. To carry out the corresponding counter aes, know that the skilled person can understand the block decryption mode in which the towel-level round bribe will be opened. The data will be returned to the round calculation in the temporary storage state 1202. Engine 1220. If you need to smuggle and .REG-0 1222 and RE (M 1225 between the first stage and RE (M (2) Chong Qin Li late block into the human secret' output (four) is the corresponding output of the temporary storage of 1207-1208. Executing the xST0R micro-instruction will be temporarily sent to the storage bus (not shown). The temporary surface will be included in the temporary stealing [0071] Referring to Figure 13, the flow chart shown is used to maintain the interrupt event period: code parameters The state of the method according to the present invention _ method. The flow of the instruction is based on the Wei S silk clock according to the present invention (four)

Instructions are not necessary, such as New York. Weaving face _ line touch money = belly PT _ In the judgment of the circle, it will be estimated to determine whether an interrupt event (for example, maskable interrupt, unmaskable interrupt, page fault, work switching, etc.) is occurring, but needs This process of changing the instruction into a process of an instruction ("interrupt handler") to handle the interrupt event, and if so, the process continues with the block. If not, the process loop on the judgment block executed by the instruction will continue until the break event occurs. At block 1306, because the interrupt event has occurred, the interrupt logic in accordance with the present invention will indicate the clearing of the X-bit of the flag temporary store before the program control transitions to the corresponding interrupt handler. Clearing the X bit ensures that if the block cipher write operation is still in progress after returning from the handler, it will display the occurrence of one or more interrupt events and is indicated by the contents of the input indicator register. The input data of this block, before the block cipher operation, 重新J must reload the control word (four) material and key m. m ’ process will _ carry out the box. 0608-A40742TWF1 33 1274281 Port: / [0074] At block 1308, all architectural registers containing the indicators and counters corresponding to the performance of the block cipher operations in accordance with the present invention are stored in memory. Those skilled in the art will appreciate that the storage of the architectural temporary storage || is performed in the target data computing device before the control of the transaction processing program. The present invention therefore utilizes this view of the current data architecture to provide transparency in the execution of ubiquitous events. After the temporary storage, the flow then proceeds to block 1310. [0075] In block _, the program flow is transferred to the towel handler. Flow then continues to block 1312. [0076] At block 1312, the method will be completed. Those skilled in the art will understand that after returning from the interrupt handler, the method of Pin 3 will start again from block 13()2. [0077] Looking at pin four, the provided flow splicing shows that the method according to the present invention performs a specific cryptographic operation on a plurality of input data blocks. [0078] The process will start from the beginning of the 14th, and its towel, Naben will start the day. The execution of XCRYPT age will be executed first, or due to the execution of the interrupt of the interrupt event, so it can be executed immediately after the highest priority execution, so that after the interrupt handler has been executed, the program control will be transferred back to the XCRYPT instruction. . Then the process will continue with the box. At block 1404, the block data in the memory indicated by the contents of the input pointer register in accordance with the present invention will be loaded from the memory and the predetermined cryptographic operation will begin. = The specific input indicator used for temporary storage H is determined by the specified specific cryptographic operation (eg, encryption or decryption) and by the specified block cipher mode (eg, ECB, CBC, CFB, or 〇fb) . For example, if the specified encryption operation uses the (4) mode, the input indicator register used to load the data is a register that indicates the initialization vector in the memory. If the specified decryption operation uses the threat mode, the input indicator register of the f-bearing data is a temporary register indicating the ciphertext of the next block in the memory. Then, the process will continue to judge the block Hog. β [〇刚] At decision block 1406, an estimate is made to determine if the χ bit in the flag register is 疋. If the X bit is set, it indicates that it is currently loaded in the password list 0608-A40742TWF1 34 Ι27428Ϊ 2 according to the present invention (the control block and the key list in the element are valid. If the X bit has been cleared, then Indicates that the control block and key list currently loaded in the crypto unit are invalid. As mentioned above with reference to Figure 13, 'when the interrupt event occurs, the X bit is cleared. In addition, as mentioned When a new control block or key list needs to be loaded, or both, an instruction to clear the X bit is executed before issuing the order. 乂-86 compatible implementation of bit 30 using the x86EFLAGS register In an example, the X bit can be cleared by the PUSHFD instruction immediately following the p〇pFD instruction. However, those skilled in the art will appreciate that in other embodiments, other instructions must be used to clear the X bit. If the X bit has been set, then the flow will continue to block 1412. If the X bit has been cleared, then the flow will continue to block 1408. [0081] At block 1408, because the cleared X bit indicates that an interrupt event has occurred , or already · load new control block and / or gold Data, so the control word is loaded from the memory. In one embodiment, 'loading the control block prevents the cryptographic unit from performing the predetermined cryptographic operations mentioned above in conjunction with block 14 。 4. In this exemplary embodiment The start cryptographic operation in block 1404 can be optimized by assuming multiple block cipher operations using the currently loaded control block and key data. Thus, the check X bits in decision block 1406 Prior to the state, the input data for the current block is loaded and the cryptographic operation begins. The flow then proceeds to block 141. [0082] At block 1410, the key data (ie, the cryptographic key or the full key) The program table will be loaded from the memory. In addition, the input block mentioned in block 1404 will be loaded again, and the cryptographic operation will start based on the newly loaded control block and key schedule. Flow then proceeds to block 1412. [0083] At block 1412, an output block corresponding to the loaded input block is generated. Then, the flow continues to block 1414. [0084] At block 1414, If required by the block cipher mode and the predetermined cryptographic operation, the input data for the next block is generated. For example, in an embodiment configured for OFB encryption, in order to generate input data for the next block' The currently generated ciphertext block needs to be mutually exclusive with the plaintext of the current block. Performing this operation will generate input data for the next block operation (ie, 0608-A40742TWF1 35 127428 f 7 for the first Enter the "equivalent initialization vector" for all blocks following the block. The steps described in this block are to be confident that the state of execution of the XCRYPT instruction will be interrupted at any time. For example, in an embodiment, at XCRYPT Pagination errors can occur at any time during the execution of the instruction. Therefore, when the predetermined cryptographic operation on the current input data block has been completed, an equivalent initialization vector (if required by the block cipher mode) for processing the next data block needs to be set. When required by the particular block cipher mode used, the equivalent initialization vector is stored to the memory of the location indicated by the contents of the initialization vector indicator register. The process then proceeds to block 1418. [0085] At block 1416, the resulting output block is stored in memory. The flow then proceeds to block 1418. [0086] At block 1418, the contents of the input and output block indicator registers are instead directed to the next input and output data block. In addition, the contents of the block count register will be changed to display the completion of the cryptographic operation on the current input data block. In the embodiment discussed in connection with Figure 14, the block count register is reduced. However, those skilled in the art will appreciate that other embodiments will consider the manipulation and testing of the block count register, as well as the pipelined execution of the input text block. The process then proceeds to decision block 1420. [0087] At decision block 1420, an estimate is made to determine if the input data block is still performing an operation. In the characteristics of this embodiment, for the purpose of explanation, the block counter is estimated to determine whether it is equal to 〇. If no blocks are still in operation, then the flow continues to block 1424. If there are blocks still performing the operation, the flow continues to block 1422. [0088] At block 1422, the input data for the next block is loaded, as indicated by the contents of the input indicator register. The flow then proceeds to block 1412. [0089] At block U24, this method will be completed. [0090] Those skilled in the art will appreciate that the steps discussed in conjunction with blocks 1412, 1414, 1416, and 1418 need not be sequentially generated, but may be generated in no order or in parallel. [0091] Although the invention has been disclosed above in the preferred embodiments. For example, the current embodiment of the present invention is 0608-A40742TWF1 36 Ι27428 ί: ' (Based on the full architecture as the benchmark, because χ8 构 is a more familiar architecture, it is more convenient to describe it in full architecture. The invention can also be applied to other Architecturally, such as p__pc, MIPS ' or other instruction set architecture is completely different on the system. [0092] The present invention can be used for computer edge cryptography operations other than micro (4). The heart π mode used by this month can be Easily converted for use on computer processing systems other than microprocessors. The invention may be included in a peripheral chipset of a microprocessor, such as Northbridge, Southbridge, or as a microprocessor Connected, a password-compiled microprocessor that specializes in handling password compilation. When the microprocessor sees the action related to the password compilation, it gives the password to the password. The invention can be applied to the embedded (4) device, the jade industry control, the signal processing array processor, and other processing ribs for processing data. The present invention can be implemented as one, including only the necessary originals required to implement the cryptographic operation, and becomes the operational cost II in the ship cost and low power consumption. For example, the communication system assists in processing encryption/decryption processors. Seeking to be clear, other processing components are generally referred to as microprocessors. In addition, the present invention has been considered in the block of 128-bit size so far, but other blocks of different sizes can also be applied. Just adjust the size of the input data, output data, key and control character register. [0094] Although the current application range of the present invention belongs to the widely used combustion, THple-and AES algorithm, but less well-known block cipher mode, such as MRS oil, Ri cipher, Twofish cipher, Bl〇 Wfish Cipher, Se卬ant Cipher and RC6 are also possible applications of the present invention. [0095] While the present discussion extends the cryptographic compilation functionality of the present invention with block cipher compilation algorithms and their algorithm related techniques, it is noted herein that the present invention can be fully applied to other cryptographic compilation algorithms. As long as it is capable of performing a cryptographic compilation operation, encryption or decryption, and the microprocessor contains a cryptographic function that is specifically used after receiving the cryptographic compile command. [0096] In addition, 'for the round calculation engine discussed above, the invention The statement states that the round calculation 0608-A40742TWF1 37 1274281 The stage of processing the input segment in the round is not limited to the two-stage calculation engine described above, and the official phase may be two or more. [0097] Finally, although the current discussion of the present invention is currently limited to a single cryptographic unit processing paste _ Wei Feng _, New Zealand County _ contains the township parallel ciphers ^ and - micro processing financial other materials Silk knot. Among them, multiple ciphers are compiled with different block algorithms. For example, the first unit is responsible for processing high _ times different - early processing data encryption standard algorithm, and so on. [0098] And the above-mentioned description of the present invention is the specific embodiment of the creation and the technical element used by the Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Γ Within, combined with Chen Ming. BRIEF DESCRIPTION OF THE DRAWINGS [0024] Other objects and features of the present invention will become more apparent in the light of the following description. FIG. 1 is a block diagram depicting a conventional cryptographic compilation application. [0026] Figure 2 is a block diagram of a bribe compiling cryptographic algorithm. [0027] FIG. 3 is a block diagram of a microprocessor device for processing cryptographic operations in accordance with the present invention.

[0028] FIG. 4 is a block diagram of a set of independent secret translation instructions in accordance with the present invention. [0029] FIG. 5 is a comparison table of block deblocking according to the present invention. [〇〇3咖六 is a block diagram of the compiling unit according to this method·6 compatible microprocessing. [0031] FIG. 7 is an exemplary diagram of a field included in a cryptographic compile instruction according to the present invention. This instruction refers to a sub-operation related to cryptographic compilation by the microprocessor in FIG. [〇〇33] Figure 9疋 According to this (4) XSTQR micro-guide towel temporary storage (10) bit value and operation action 0608-A40742TWF1 38

1274281 Comparison Table The format of the XSTOR microinstruction is shown in Figure 7. Figure 10 is an illustration of a control character format in accordance with the present invention. The control character indicates the cryptographic compilation parameters of the grammar compilation operation. [0035] FIG. 2 is a block diagram of a cryptographic unit in accordance with the present invention. [0036] FIG. 12 is a block diagram of AES block decryption logic in accordance with the present invention. Figure 13 is a flow chart of the present invention, which describes a method of cryptographic parameter status; and a period for maintaining an interrupt event. [0038] Figure 14 is a flow of the present invention, which is described in When there are one or more middlewares, a method of performing a _specific cipher encoding operation is performed on the complex input pivot block. [Main component symbol description] #100 computer password compilation application block diagram 104 notebook computer 106 storage device 108 wireless router 110 wide area network 101, 102, 103 computer workstation 105 regional network 107 first router 109 wireless network 111 second Router 112 encryption/decryption software 200 computer system execution password compilation block diagram 201 microprocessor 203 application memory area 205 key program table 207 decryption software 209 password compilation parameter 211 ciphertext 202 operating system 204 software generation 206 encryption Software 208 initialization vector 210 herein 0608-A40742TWF1 39 1274281 / 300 microprocessor cryptographic operation device block diagram 301 microprocessor 302, 322 XCRYPT instruction 303 translation logic 304 micro-instruction queue 305, 306 micro-instruction 307 register file 308 309, 310, 311, 312, 313 register 314 load logic 315 data cache memory 316 cryptographic unit 317 storage logic 318 write back logic 319 memory bus 320 operating system 321 system memory 323 control character 325 initialization Vector 324 Initialization Key/Key Program Table 327 Output Text 326 Input Text 4 00 password compilation instruction block diagram 401 selective pre-field 402 repeat pre-field 404 block decryption mode field 403 operation code field 500 block password field value and microprocessor operation action table 600 password compilation unit Inventive embodiment 601 extraction logic 602 translation logic 603 translator 604 micro-instruction code read-only memory 605 includes register stage 606 address stage 607 load stage 608 execution stage 0608-A40742TWF1 40 12742

609, 611, 613, 615 micro-instruction queue 610 integer unit 612 floating point unit 614 MMX unit 616 SSE unit 617 cryptographic compilation unit 618 storage phase 619 write back phase 620 loading bus 621 idle signal 622 storage bus 624 EFLAGS temporary 624 X bit 626 interrupt logic 627 microinstruction 628 MSR register 629 E bit 630 FCR register 631 D bit 632 execution logic 633 bus 700 700 microinstruction structure example 701 micro code field 702 data Register field 7〇3 register field 703 800 XLOAD value comparison table 900 XSTOR value comparison table 1001 control character format 1001 RSVD field 1002 key size KSIZE field 1003 encryption/decryption E/D field 1004 intermediate result IRSLT field 1005 key generation KGEN field 1006 algorithm ALG field 1007 round number count RCNT field 1100 password compilation unit block diagram 1101 block decryption logic 1102 key random access memory 1103 micro program code temporary Memory 1104 control character register 0608-A40742TWF1 41 he 1274281 1105 input-0 register 1106 i叩ut-1 register 1107 key-0 register 1108 key-1 register 1109 output-0 Save 1110 ouput-l register 1111 load bus 1112 storage bus 1113 stop signal 1114 micro-command bus 1200 AES algorithm block decryption logic block diagram 1202 CW register 1201 micro-instruction register 1203 KEY-0 temporarily Memory 1205 IN-0 register 1204 KEY-1 register 1206 IN-1 register

1208 OUT-1 1207 OUT—0 1210 round calculation engine controller 1212 RNDCON bus 1214 key generation signal 1218 NEXTIN bus 1221 first X0R logic key 1223 S-Box logic 1225 register REG-1 1227 temporary REG-2 1211 encryption/decryption sink signal 1213 key bus 1215, 1216, 1217 bus 1220 round calculation engine 1222 register REG-0 1224 shift logic 1226 mixed logic

0608-A40742TWF1 42

Claims (1)

2' 127428I X. Patent Application Range: I. The apparatus for performing cryptographic compilation operations, comprising: an instruction commissary 'computing device to receive 'compile' with a comma, where the cryptographic instruction indicates micro The processor performs the process of de-emphasizing the logic of the operation, and the operation is tied to the commander of the lining, _ such as the code of the code... h of the 9-code compilation operation, the towel code compilation operation includes: Whether the compilation operation has been interrupted by an interrupt event. 2. The device of claim 1, wherein the cryptographic operation further comprises: an cryptographic operation ‘the snippet of the plurality of essays. 3. The apparatus of claim 1, wherein the cryptographic compilation operation further comprises: a decryption operation, converting the plurality of ciphertext segments into corresponding plurality of text segments. 4. The device of claim 2, wherein the cryptographic compilation is performed with a high-order encryption fresh (10) wire. f. 5. The device of claim 1, wherein the cryptographic compile command specifies a block cipher mode, and the block cipher mode is used to complete the cryptographic operation. The device of claim 5, wherein the block cipher mode comprises an electronic code book (ECB) mode. 7. The device of claim 5, wherein the block cipher mode Including the cipher block chaining mode (CBC) mode. The device of claim 5, wherein the block cipher mode comprises a cipher feedback mode (CFB) mode. The device of claim 5, wherein the block cipher mode comprises an output feedback mode (0FB) mode. 10. The device of claim 1, wherein the cryptographic compile command Instructing to perform the cryptographic operation on a plurality of text segments. 0608-A40742TWF1 43 1274281 U. The device of claim 10, further comprising: a bit ' _ The row logic is interrupted by an interrupt event. The blame is used to indicate whether the cryptographic operation has been included in a flag 12 as in the device register described in item n of the patent application. EFLAGS 7 is the device described in claim i, wherein the interrupt event comprises a program control transfer to a program flow for configuring a U service event, and the towel pair is currently executed by the input data block. The cryptographic compilation operation is interrupted. 15. The apparatus of claim 14, wherein the cryptographic compilation operation is performed immediately upon the current input data block after the program control returns the cryptographic compilation instruction. For example, the device described in claim 1 further includes: μ block indicator logic, which is operatively connected to the execution logic and configured to indicate that the computing device is in the right-current input ship Block, when the password is compiled, the input and the ridge material in the memory are arranged as a sub-recorder and a material block. 17. The device as claimed in claim 1 , including The block indicator logic is operatively connected to the execution logic and configured to instruct the computing device to modify the contents of the block count temporary storage H to be __ the current input data block, Completing the cryptographic compilation operation. 18. The apparatus of claim 1, wherein the apparatus includes: a block indicator logic, an operation system _ to the execution logic, configured to indicate the computing device, to maintain, Or generate and hold the _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ _ The apparatus of claim 3, wherein the interrupt event includes - an exception, - a page fault, and - a work switch. The apparatus described in the first aspect of the invention, wherein the cryptographic compile instruction is an apparatus according to claim 21 of the patent application, and the temporary storage device includes: A temporary storage H, wherein the first indicator points to the first memory location memory location is the location of the first text segment of the plurality of input text segments. - The device of claim 21, wherein the register comprises: a side! wherein the second indicator points to the second coffee position, and the second eight = · 5 is stored in the body The position of a plurality of output text segments, these output texts κ segment 疋 input text suppression segment mixed with the touch of the ride. The device of claim 21, wherein the register comprises: a second register, wherein the total number of input text segments is recited. 25. The device of claim 21, wherein the registers comprise: ^ a fourth temporary storage II, wherein the content of the fourth temporary storage includes a third indicator, pointing to the: heart position § The location of the mnemonic is the location of the cryptographic key in memory. 26. The device of claim 25, wherein the password comprises a cryptographic key. The device of claim 25, wherein the password includes a cryptographic key schedule. The device described in claim 21, wherein the registers include: a memory memory, wherein the fifth register includes a fourth indicator, pointing to the fourth α This § recall position is the position of the initialization vector in the memory. The apparatus of claim 21, wherein the register includes: 0608-A40742TWF1 45 曰 曰 . : 1 1 1 1 1 1 1 1 1 1 1 , , , , , , , , , , Including: the cryptographic compilation unit is configured to receive the first group of multiple micro-instructions, to encode a plurality of round-robin texts into a plurality of rounds of cipher compilation instructions, to generate a plurality of wall-out text segments, and to compile a plurality of passwords. The ridge code compiles the unit towel control character shop. ', 31·—A device for performing cryptographic operations, comprising: a password cryptographic unit, located in a device, configured to receive a cryptographic compile instruction within the instruction flow, and (4) a bribe code instruction should be executed a specific cryptographic operation performed by the micro-service; and a 兀, located in a temporary register, operatively coupled to the cryptographic compilation unit, configured to display whether the cryptographic operation has been The interrupt event was interrupted. 32. The device of claim 31, wherein the interrupt event comprises an interrupt, an exception, a page fault, and a work switch. 33. The device of claim 31, wherein the register comprises an EFLAGS register in a 86-compatible microprocessor, and wherein the bit includes a bit in the EFLAGS register Yuan 30. 34. The device of claim 31, wherein the interrupt event comprises program control transfer to a program flow configured to process the interrupt event, and wherein the password is executed for a current input data block The operation will be interrupted. 35. The dressing described in claim 34 of the patent application scope, wherein after the program control returns the password compiling instruction, the password compiling operation is immediately executed on the current input data block. 36. The device of claim 31, further comprising: block indicator logic coupled to the execution logic, configured to indicate the computing device, in a current input data block, When the password compile operation is completed, the memory in the memory is 0608-A40742TWF1 46 1274281 - V public VI ί ψ Γ: V .;.- (, '-.:- , 』,,....'' J· '.~.y:. ι t--^·'-'. .- ..- ~-....................'· .'+. – The indicator of the input and output data blocks is modified to point to the next input and output data block. 37. The device described in claim 31, including: Block indicator ϋ Logic 'Operational turn The execution logic is configured to instruct the computing device to modify the content of the block count register to indicate that the cipher compilation operation has been completed for a current input data block. 38. The device further includes: a block indicator, logic, operationally wired to the execution sugar, configured to indicate that the computing device 'maintains, or generates and maintains a cause The data of the block is executed, and the data of the cryptographic operation is executed, so that after the return from the interrupt event, the cipher compilation operation is continued for the data of the next block. 39. As described in claim 31 The device, wherein the password compiling instruction is an instruction format. 4. A method for performing a cryptographic operation in a device, the method comprising: responding to an action of a receiving-cryptographic compiling instruction, and executing the cryptographic compiling instruction One of the cryptographic operations; and during the execution of the cryptographic operation, whether an interrupt event has occurred. 41. The method of claim 40, wherein the act of displaying whether the interrupt event has occurred is included in During the execution of the cryptographic compilation operation, it is indicated whether any of the following has occurred: an interrupt, an exception, a page fault, and a work switch. 42. The method of claim 41, wherein the sensation Whether the action of the interruption event has occurred includes modifying the __ temporary storage of the device--the position of the bit. The method of claim 41, the act of simplifying whether the interrupt event has occurred includes modifying the state of the -86-compatible microprocessor _ _ efugs element. 44 44. The method of claim 41 In addition, the program controls the transfer of the hemp to handle the event of the break, and makes the pair 0608-A40742TWF1 47 The operation of the cipher-compilation crypto-compilation operation of the current input data block specified by the cipher-compilation instruction is interrupted by 1274281. 45. The method of claim 44, further comprising: after the program control returns the cryptographic compile instruction immediately following the transfer, the cipher compile instruction is specified for the current input data block immediately. The method of compiling the cryptographic operation 46. The method of claim 40, further comprising: instructing the device to input the memory in the pair-current input data block and completing the cryptographic operation. The indicator of the person and the output of the dragon block is intended to be used as a descendant and an output data block. 47. The method of claim 40, further comprising: instructing the device to modify the contents of the block count register to indicate that the current data block has been input to complete the cryptographic operation. 48. The method of claim 40, further comprising: indicating that the device 'holds' or generates and retains data resulting from the current block, performing the cryptographic compilation operation so that After returning from the towel break event, the execution of the cipher compilation operation will continue for the data of the next block. 49. The method of claim 40, wherein the act of receiving the cryptographic compilation instruction comprises: specifying the cryptographic compilation instruction in accordance with an x86 instruction format. 50. The method of claim 40, wherein the act of receiving the cryptographic instructing comprises: specifying an cryptographic operation as the ciphering, wherein the cryptographic operation comprises encrypting the snippet of the snippet , becomes a ciphertext fragment of plural. 51. The method of claim 40, wherein the act of receiving the cryptographic compile command comprises: 0608-A40742TWF1 48 1274281 wherein the decrypting operation comprises assigning a decryption operation to the complex number as the cryptographic operation, The ciphertext is decrypted and becomes a plural piece of the paper. The execution of the cipher compilation instruction 52. The cryptographic compilation operation specified by the method described in the fourth paragraph of the Shenqing patent scope includes: performing the cryptographic compilation operation according to the high-order encryption standard (10) algorithm. 53. The method of claim 40, wherein the act of receiving the cryptographic compile command comprises: specifying, within the cryptographic compile instruction, a block cipher mode that is contiguous with a password, _ operation. 54. The method of claim 53, wherein the block cipher mode comprises an electronic code book (ECB) mode. 55. The method of claim 53, wherein the block cipher mode comprises a cipher block chaining mode (CBC) mode. 56. The method of claim 53, wherein the block cipher mode comprises a cipher feedback mode (CFB) mode. 57. The method of claim 53, wherein the block cipher mode comprises an output feedback mode (0FB) mode. 0608-A40742TWF1 49 1274281 VII. Designated representative map: (1) The representative representative of the case is the picture (Fig. 3). (2) A brief description of the component symbols of the representative diagram: 300 microprocessor cryptographic compilation operation device block diagram 301 microprocessor 302, 322 XCRYPT instruction 303 translation logic 304 micro-instruction queue 305, 306 micro-instruction 307 register file 308 309, 310, 311, 312, 313 register 314 load logic 315 data cache memory 317 storage logic 319 memory bus 321 system memory 325 initialization vector 326 input text 316 cryptography unit 318 write back logic 320 operating system 323 control character 324 initialization key / key program table 327 output text eight, in this case, if there is a chemical formula, please reveal the chemical formula that best shows the characteristics of the invention: slightly 0608-A40742TWF1 4