CN109495242A - A kind of data ciphering method and data encryption equipment - Google Patents
A kind of data ciphering method and data encryption equipment Download PDFInfo
- Publication number
- CN109495242A CN109495242A CN201811386188.2A CN201811386188A CN109495242A CN 109495242 A CN109495242 A CN 109495242A CN 201811386188 A CN201811386188 A CN 201811386188A CN 109495242 A CN109495242 A CN 109495242A
- Authority
- CN
- China
- Prior art keywords
- data
- module
- mask
- key
- encryption
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The present invention provides a kind of data ciphering methods, comprising: plaintext exclusive or mask, then exclusive or key, row conversion process, byte alternate process, column mixed processing, key add processing, mask compensation deals, reset column processing, deconsolidation process and deconsolidation process again.The present invention is by the way of being spaced identical clock periodicity and inputting multiple be-encrypted datas, synchronization carries out different ciphering process to multiple be-encrypted datas, reduce the data encryption process medium time to be encrypted, to improve the enciphering rate of data, it randomly chooses data and carries out deconsolidation process and byte alternate process again, improve encryption intensity.The present invention also provides a kind of data encryption equipments for realizing the data ciphering method.
Description
Technical field
The present invention relates to data encryption technology field more particularly to a kind of data ciphering methods and data encryption equipment.
Background technique
In order to resist side-channel attack (Side ChannelAttack, SCA), mask technology, such as single order and high-order are covered
Code is a kind of general and effective method, however the existing scheme for resisting SCA is all the performance or area to sacrifice chip
For cost, in the mask scheme based on look-up table, cyclic shift S box mask scheme (Rotating S-Box Masking,
RSM) scheme has preferable safety and performance compared to other schemes, is the half-way house of a safety and performance, but
The limited equipment of have higher requirements for some pairs of safeties or area, RSM scheme are difficult to apply.And it is total based on S box
In mask scheme, by reducing the number of mask S box, the area of occupancy can be effectively reduced, but enciphering rate is
It reduces.
The Chinese invention patent application of Publication No. CN106506142A discloses a kind of AES one that can reduce complexity
Change encryption and decryption device implementation method, the digital units in encryption and decryption device which provides realize that one mouth is used using dual port RAM
In the output for receiving row conversion module, another mouth is for outputting data to data selector, the size of data buffer storage unit
For 32 bytes, it is divided into two regions A and B, each region is 16 bytes, when carrying out encryption and decryption operation, data buffer storage unit
Two regions use table tennis mode of operation, thus avoid front and back two-wheeled encryption or decryption oprerations data collision, in turn
The speed for being encrypted or being decrypted to data is improved, it can be seen that unidirectional ciphering process speed does not obtain significantly
It improves, enciphering rate is relatively low.
It is therefore desirable to propose a kind of method of raising enciphering rate to solve the above-mentioned problems in the prior art.
Summary of the invention
The purpose of the present invention is to provide a kind of data ciphering method, solve the problems, such as that enciphering rate is slow in the prior art.
To achieve the above object, the data ciphering method of the invention, comprising the following steps:
S1: receiving be-encrypted data, initial key values and mask value, after mask value described in the be-encrypted data exclusive or,
Initial key values described in exclusive or again, generate exclusive or mask data, this process time-consuming is t;
S2: carrying out row conversion process to the exclusive or mask data, generates row transformation data, to the second transformation data
Deconsolidation process is carried out, the first fractionation data, the second fractionation data, third is generated and splits data and the 4th and split data, this process
Time-consuming is t;
S3: random selection described first splits data and carries out deconsolidation process again, generates four group first and splits data again, at random
First splits data again while carrying out byte replacement generation processing described in four groups, four groups of byte alternate datas is generated, to four groups of institutes
It states byte alternate data and carries out reorganization, generate recombination data, this process time-consuming is t;
S4: carrying out column mixed processing to the recombination data, generates column blended data, this process time-consuming is t;
S5: receiving the column blended data and key value, and key value described in the column blended data exclusive or generates key and adds
Data, this process time-consuming are t;
S6: to the key addend according to mask compensation deals are carried out, mask offset data is generated, this process time-consuming is t;
S7: successively receiving the mask offset data, carries out rearrangement column processing to the mask offset data, generates first
Encryption data, to complete the 1st wheel ciphering process.
The be-encrypted data is m group, and the be-encrypted data described in first group completes the step S1 and described in exporting
After exclusive or mask data, be-encrypted data described in receiving and processing next group was spaced after 3 clock cycle;
When the T moment, receives the first fractionation data and start to execute the step S3;
When the T+1t moment, receives the second fractionation data and start to execute the step S3;
When the T+2t moment, receives the third and split data and start to execute the step S3;
When the T+3t moment, receives the 4th fractionation data and start to execute the step S3.
A kind of beneficial effect of data ciphering method of the present invention is: the present invention is all using identical clock is spaced
Issue inputs the mode of multiple be-encrypted datas, and synchronization carries out different ciphering process to multiple be-encrypted datas, reduces
Data encryption process medium time to be encrypted, to improve the enciphering rate of data, random selection data are torn open again
Divide processing and byte alternate process, improves encryption intensity.
Preferably, the data ciphering method encryption n wheel completes encryption, and repeating said steps S2-S7 completes data the 2nd and arrives
The ciphering process of n-1 wheel, the beneficial effect is that: data carry out more wheel encryptions, improve encryption intensity.
Preferably, in the ciphering process of the 2nd to the n-1 wheel, the output data of the step S7 is the step S2's
Input data.The beneficial effect is that: datacycle transmission carries out more wheel encryptions to data, improves encryption intensity.
It is further preferred that the n-th wheel data encryption process is sequentially completed the step S2, the step S3, described
Step S5, the described step S6 and step S7 exports ciphertext.
It is further preferred that it is described n-th wheel data encryption process in, the key addend according to advanced row data selection at
Reason, then carry out the mask compensation deals.
Preferably, the AES mask algorithm that the data ciphering method is shared based on S box.
Preferably, the t is a clock cycle.
Preferably, in the step S7, while the mask offset data described in four groups carries out the rearrangement column processing.
Preferably, the mask compensation deals then are removed described close to the key addend according to first adding new mask value
Key addend is according to the mask value carry before the mask compensation deals.
Preferably, between the step S1 and the step S2, between the step S2 and the step S3, the step
Between S3 and the step S4, between the step S4 and the step S5, between the step S5 and the step S6 and
Buffer stock processing can be all carried out between the step S6 and the step S7.The beneficial effect is that: for being transmitted to data
Buffered, prevent data it is processed it is preceding accumulate, improve the fluency of data transmission and processing.
The present invention also provides the data encryption device for realizing the data ciphering method, the data encryption device
Including exclusive or module, row shift module, split module, selecting module, byte alternative module, column mixing module, key add module,
Mask compensating module, permutatation module, cipher key expansion module, memory module, recombination module and buffer register;The exclusive or mould
Block is used to carry out data exclusive or processing, and 1 be-encrypted data time-consuming of the exclusive or resume module is t;The row shift module
For carrying out row conversion process to data;The fractionation module is used to carry out deconsolidation process to data;The row shift module and
It is t that it is time-consuming altogether, which to encrypt 1 be-encrypted data, for the fractionation module;The selecting module is used to carry out multi-group data random
Selection, and carry out deconsolidation process again;The byte alternative module is used to carry out byte alternate process to data;The selecting module
It is 4t that it is time-consuming altogether, which to encrypt 1 be-encrypted data, with the byte alternative module;The column mixing module be used for data into
Ranks mixed processing;It is 4t that the column mixing module, which encrypts 1 be-encrypted data time-consuming,;The key add module for pair
Data carry out key and add processing;It is 4t that the key, which adds module to encrypt 1 be-encrypted data time-consuming,;The mask compensates mould
Block is used to carry out mask compensation deals to data;It is 4t that the mask compensating module, which encrypts 1 be-encrypted data time-consuming,;Institute
Permutatation module is stated for carrying out rearrangement column processing to data;The cipher key expansion module is for storing and transmitting initial key values
And key value;Memory module is for storing and transmitting mask value;The recombination module is used to data carrying out reorganization;It is described
Buffer register is used for the transmission to data and buffers and deposit.
The beneficial effect of data encryption device of the present invention is: in data encryption process, synchronization is to multiple
Be-encrypted data carries out different ciphering process, reduces the data encryption process medium time to be encrypted, to improve number
According to enciphering rate, by selecting module randomly choose data pass to byte alternative module, improve data encryption intensity.
Preferably, the byte alternative module includes S box, and the quantity of the S box is four.
Preferably, the buffer register includes the first buffer register, the second buffer register, third buffer stock
Device, the 4th buffer register, the 5th buffer register and the 6th buffer register.
Preferably, first buffer register is set between the exclusive or module and the row shift module, described
Second buffer register is set to the row and splits between module and the selecting module, and the third buffer register is set to
Between the byte alternative module and the recombination module, the 4th buffer register is set to the column mixing module and institute
Key is stated to add between module, the 5th buffer register be set to the key add module and the mask compensating module it
Between, the 6th buffer register is set between the mask compensating module and the permutatation module.
Detailed description of the invention
Fig. 1 is data ciphering method flow chart of the invention;
Fig. 2 is the structural block diagram of data encryption device of the invention.
Specific embodiment
To make the object, technical solutions and advantages of the present invention clearer, below in conjunction with attached drawing of the invention, to this hair
Technical solution in bright embodiment is clearly and completely described, it is clear that described embodiment is that a part of the invention is real
Example is applied, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art are not making creation
Property labour under the premise of every other embodiment obtained, shall fall within the protection scope of the present invention.Unless otherwise defined, make herein
Technical term or scientific term should be persons with general skills in the field understood it is usual
Meaning.The similar word such as " comprising " used herein, which means to occur element or object before the word, to be covered and appears in this
The element of word presented hereinafter perhaps object and its equivalent and be not excluded for other elements or object.
In view of the problems of the existing technology, the embodiment provides a kind of data ciphering methods, referring to Fig.1,
The data ciphering method has follow steps:
S1: receiving be-encrypted data, initial key values and mask value, after mask value described in the be-encrypted data exclusive or,
The initial key values described in exclusive or again, generate exclusive or mask data, this process time-consuming is t;
S2: carrying out row conversion process to the exclusive or mask data, generates row transformation data, to the second transformation data
Deconsolidation process is carried out, the first fractionation data, the second fractionation data, third is generated and splits data and the 4th and split data, this process
Time-consuming is t;
S3: selection described first splits data and carries out deconsolidation process again, generates four group first and splits data again, at random to four
Group described first splits data again while carrying out byte replacement generation processing, generates four groups of byte alternate datas, the word described in four groups
It saves alternate data and carries out reorganization, generate recombination data, this process time-consuming is t;
S4: carrying out column mixed processing to the recombination data, generates column blended data, this process time-consuming is t;
S5: receiving the column blended data and key value, and key value described in the column blended data exclusive or generates key and adds
Data, this process time-consuming are t;
S6: to the key addend according to mask compensation deals are carried out, mask offset data is generated, this process time-consuming is t;
S7: successively receiving the mask offset data, carries out rearrangement column processing to the mask offset data, generates first
Encryption data, to complete the 1st wheel encryption.
In the embodiment of the present invention, the be-encrypted data is m group, and the be-encrypted data described in first group completes the step
Rapid S1 and after exporting the exclusive or mask data, receive and process next group described in be-encrypted data;
When the T moment, receives the first fractionation data and start to execute the step S3;
When the T+1t moment, receives the second fractionation data and start to execute the step S3;
When the T+2t moment, receives the third and split data and start to execute the step S3;
When the T+3t moment, receives the 4th fractionation data and start to execute the step S3.
In some embodiments of the invention, the data ciphering method encryption n wheel completes encryption, repeating said steps S2-S7
Complete the ciphering process that data the 2nd arrive n-1 wheel.
In some embodiments of the present invention, in the ciphering process of the 2nd to the n-1 wheel, the output data of the step S7
For the input data of the step S2.
In some embodiments of the present invention, the n-th wheel data encryption process is sequentially completed the step S2, the step
S3, the step S5, the step S6 and the step S7 export ciphertext.
In some embodiments of the present invention, in the n-th wheel data encryption process, the key addend is according to advanced row data
Selection processing, then carry out the mask compensation deals.
In some embodiments of the present invention, the data ciphering method AES mask algorithm shared based on S box.
In some embodiments of the present invention, the AES mask algorithm is when the key value length is 128, the n=
10, for the AES mask algorithm when the key value length is 192, the n=12, the AES mask algorithm is described close
When key value length is 256, the n=14.
In some embodiments of the present invention, the t is a clock cycle.
In some embodiments of the present invention, in the step S7, while described in the progress of the mask offset data described in four groups
Reset column processing.
In some embodiments of the present invention, the mask compensation deals are to the key addend according to first adding new mask
Value, then remove the key addend according to the mask value carry before the mask compensation deals.
In some embodiments of the present invention, between the step S1 and the step S2, the step S2 and the step
Between S3, between the step S3 and the step S4, between the step S4 and the step S5, the step S5 and described
Buffer stock processing can be all carried out between step S6 and between the step S6 and the step S7.
The embodiment of the invention also provides the data encryption device for realizing the data ciphering method, the data add
Close device includes exclusive or module, row shift module, splits module, selecting module, byte alternative module, column mixing module, key
Add module, mask compensating module, permutatation module, cipher key expansion module, memory module, recombination module and buffer register.
In some embodiments of the present invention, the byte alternative module includes S box, and the quantity of the S box is four.
In some embodiments of the present invention, the buffer register include the first buffer register, the second buffer register,
Third buffer register, the 4th buffer register, the 5th buffer register and the 6th buffer register.
Fig. 2 is the structural block diagram of the data encryption device of some embodiments of the invention.With reference to Fig. 2, the data encryption dress
It sets mixed with exclusive or module 201, row shift module 203, fractionation module 204, selecting module 205, byte alternative module 206, column
Molding block 208, key add module 209, mask compensating module 210, permutatation module 211, cipher key expansion module 212, storage mould
Block 213, recombination module 207, the first buffer register 2021, the second buffer register 2022, third buffer register 2023,
Four buffer registers 2024, the 5th buffer register 2025 and the 6th buffer register 2026, the exclusive or module 201 for pair
Data carry out exclusive or processing;The row shift module 203 is for carrying out row conversion process to data;The fractionation module 204 is used
In to data progress deconsolidation process;The selecting module 205 carries out deconsolidation process again for selecting multi-group data;
The byte alternative module 206 is used to carry out byte alternate process to data;The column mixing module 208 is used to carry out data
Column mixed processing;The key adds module 209 to add processing for carrying out key to data;The mask compensating module 210 is used for
Mask compensation deals are carried out to data;The permutatation module 211 is for carrying out rearrangement column processing to data;The cipher key spreading
Module 212 is for storing and transmitting initial key values and key value;The memory module 213 is for storing and transmitting mask value;
The recombination module 207 is used to data carrying out reorganization;The buffer register is used for the transmission to data and buffers and post
It deposits.
With reference to Fig. 2, first buffer register 2021 be set to the exclusive or module 201 and row shift module 203 it
Between, second buffer register 2022 is set to the row and splits between module 204 and the selecting module 205, and described the
Three buffer registers 2023 are set between the byte alternative module 206 and the recombination module 207, and the 4th buffering is posted
Storage 2024 is set to the column mixing module 208 and the key adds between module 209, the 5th buffer register 2025
It is set to the key to add between module 209 and the mask compensating module 210, the 6th buffer register 2026 is set to
Between the mask compensating module 210 and the permutatation module 211.
In some specific embodiments of the present invention, the data ciphering method is to 10 128 be-encrypted datas encryptions 10
Wheel.
Specifically, the 1st wheel ciphering process are as follows:
Exclusive or module described in S1a: the 1 clock cycle receives the 1st 128 be-encrypted datas, the cipher key spreading mould
The initial key values of block transmitting and the mask value of memory module transmitting, 128 be-encrypted data elder generations exclusive or mask value,
Initial key values described in exclusive or again generate 128 exclusive or mask datas, and 128 exclusive or mask datas are passed to institute
Storage in the first buffer register is stated, exclusive or module described in the 2nd clock cycle receives and processes the 2nd 128 numbers to be encrypted
According to, exclusive or module described in the 3rd clock cycle receives and processes the 3rd 128 be-encrypted datas, and so on, at the 10th
Exclusive or module described in the clock period receives and processes the 10th 128 be-encrypted datas, wherein what the 2-10 clock cycle received
9th 128 be-encrypted datas are identical as first subsequent processes of 128 data, when the processing time is successively spaced 3
The clock period;
First buffer register described in S2a: the 2 clock cycle passes to 128 exclusive or mask datas described
Row shift module, the row shift module carry out row conversion process to the 128 exclusive or mask data, generate 128 row transformation
Data, the fractionation module carry out deconsolidation process to described 128 row transformation data, generate 32 first fractionation data, 32
Second splits data, and 32 thirds split data, 32 the 4th fractionation data, and are transmitted to storage in second buffer register
It deposits;
Selecting module described in S3a: the 3 clock cycle randomly chooses 32 first out of described second buffer register and tears open
Divided data carries out deconsolidation process again, generates four groups 8 first and splits data again, four groups of S boxes at random to four groups 8 first again
It splits data and carries out byte alternate process simultaneously, generate four groups of octet alternate datas, the recombination module is to four groups of 8 words
It saves alternate data and carries out the reorganization, generate 32 recombination datas, and be transmitted to storage in the third buffer register;
Column mixing module described in S4a: the 4 clock cycle receives 32 recombination datas and carries out the column mixed processing, raw
Blended data is ranked at 32, and is transmitted to storage in the 4th buffer register;
Key described in S5a: the 5 clock cycle adds module reception 32 to rank blended data and cipher key expansion module biography
The key value passed, 32 column blended data exclusive or key values, generates 32 key addend evidences, and be transmitted to the 5th buffered data
Interior storage;
What the 32 key addend evidences of reception of mask compensating module described in S6a: the 6 clock cycle and storage module transmitted covers
Code value, and carry out mask compensation deals, to 32 key addends according to the mask value of addition memory module transmitting, then remove 32 it is close
Key addend generates mask offset data, and be transmitted to the described 6th according in the mask value for carrying out the mask compensation deals carrying
Storage in buffered data;
Wherein, the 4th clock cycle carries out the step S3a to 32 second fractionation data;
5th clock cycle carries out the step S4a to 32 second fractionation data, and 32 thirds split data and carry out
The step S3a;
6th clock cycle carries out the step S5a to 32 second fractionation data, to 32 thirds split data into
The row step S4a carries out the step S3a to 32 the 4th fractionation data;
7th clock cycle carries out the step S6a to 32 second fractionation data, to 32 thirds split data into
The row step S5a carries out the step S4a to 32 the 4th fractionation data;
8th clock cycle splits data to 32 thirds and carries out the step S6a, to 32 the 4th fractionation data into
The row step S5a;
9th clock cycle carries out the step S6a to 32 the 4th fractionation data;
S7a: the permutatation module successively receives four groups of mask compensating modules, resets to four groups of mask offset datas
Column processing generates 128 the first encryption datas, this process does not consume the clock cycle, so far the 9th clock cycle, and the 1st 128
Be-encrypted data completes the 1st wheel encryption.
13rd clock cycle, the 2nd 128 be-encrypted data complete the 1st wheel encryption;17th clock cycle, the 3rd
128 be-encrypted datas complete the 1st wheel encryption;And so on, the 41st clock cycle, the 9th 128 be-encrypted data is completed
1st wheel encryption;45th clock cycle, the 10th 128 be-encrypted data complete the 1st wheel encryption.
2nd wheel ciphering process are as follows:
10th clock cycle, the row shift module receive what the 1st 128 be-encrypted datas the 1st wheel encryption generated
128 the first encryption datas, start the 2nd wheel encryption of the 1st 128 be-encrypted datas, and the 2nd wheel encrypts time-consuming 8 clocks altogether
Period, the 17th clock cycle complete the 2nd wheel encryption of the 1st 128 be-encrypted datas;And so on, the 46th clock week
Phase, the row shift module receive 128 the first encryption datas that the 10th 128 be-encrypted datas the 1st wheel encryption generates, open
The 2nd wheel encryption of the 10th 128 be-encrypted datas that begin, the 2nd wheel encryption total time-consuming 8 clock cycle, the 53rd clock cycle
Complete the 2nd wheel encryption of the 10th 128 be-encrypted datas;
The uniform 2nd wheel ciphering process of the ciphering process of 3rd wheel to the 8th wheel is identical;
9th wheel ciphering process are as follows:
66th clock cycle, the row shift module receive what the 1st 128 be-encrypted datas the 8th wheel encryption generated
128 the 8th encryption datas, start the 9th wheel encryption of the 1st 128 be-encrypted datas, and the 9th wheel encrypts time-consuming 8 clocks altogether
Period, the 73rd clock cycle complete the 9th wheel encryption of the 1st 128 be-encrypted datas;And so on, the 102nd clock week
Phase, the row shift module receive 128 the 8th encryption datas that the 10th 128 be-encrypted datas the 8th wheel encryption generates, open
The 9th wheel encryption of the 10th 128 be-encrypted datas that begin, the 9th wheel encryption total time-consuming 8 clock cycle, the 109th clock cycle
Complete the 9th wheel encryption of the 10th 128 be-encrypted datas.
10th wheel ciphering process are as follows:
Row shift module described in 74th clock cycle receives what the 1st 128 be-encrypted datas the 9th wheel encryption generated
128 the 9th encryption datas, start the 10th wheel encryption of the 1st 128 be-encrypted datas, and the 10th wheel data are mixed without column
Processing, time-consuming 7 clock cycle, the 80th clock cycle complete the 10th of the 1st 128 be-encrypted data altogether for the 10th wheel encryption
Wheel encryption, exports ciphertext.And so on, the 110th clock cycle, the row shift module receive the 10th 128 it is to be encrypted
128 the 9th encryption datas that the wheel encryption of data the 9th generates start the 10th wheel encryption of the 10th 128 be-encrypted datas, the
10 wheel data are without column mixed processing, and time-consuming 7 clock cycle, the 116th clock cycle complete the 10th altogether for the 10th wheel encryption
10th wheel encryption of a 128 be-encrypted datas, exports ciphertext.So far 10 128 data encryptions 10 wheels are completed and consume 116 altogether
Clock cycle.
The data ciphering method of the embodiment of the present invention is 80+4* to the clock cycle of x 128 data encryptions 10 wheels
(x-1), in the prior art, the clock cycle of x 128 data encryptions 10 wheels is 80x.As x > 1, speed-up ratio, i.e. (80*x)/
(80+4* (x-1)) is greater than 1.As it can be seen that the data ciphering method of the embodiment of the present invention can be improved enciphering rate.
Although embodiments of the present invention are hereinbefore described in detail, show for those skilled in the art
And be clear to, these embodiments can be carry out various modifications and be changed.However, it is understood that this modifications and variations are all
Belong within scope and spirit of the present invention described in the claims.Moreover, the present invention described herein can have others
Embodiment, and can be practiced or carried out in several ways.
Claims (14)
1. a kind of data ciphering method, it is characterised in that: the following steps are included:
S1: receiving be-encrypted data, initial key values and mask value, after mask value described in the be-encrypted data exclusive or, then it is different
Or the initial key values, exclusive or mask data is generated, this process time-consuming is t;
S2: carrying out row conversion process to the exclusive or mask data, generates row transformation data, carries out to the second transformation data
Deconsolidation process generates the first fractionation data, the second fractionation data, third and splits data and the 4th fractionation data, this process is time-consuming
For t;
S3: random selection described first splits data and carries out deconsolidation process again, generates four group first and splits data again, at random to four
Group described first splits data again while carrying out byte replacement generation processing, generates four groups of byte alternate datas, the word described in four groups
It saves alternate data and carries out reorganization, generate recombination data, this process time-consuming is t;
S4: carrying out column mixed processing to the recombination data, generates column blended data, this process time-consuming is t;
S5: receiving the column blended data and key value, and key value described in the column blended data exclusive or generates key addend
According to this process time-consuming is t;
S6: to the key addend according to mask compensation deals are carried out, mask offset data is generated, this process time-consuming is t;
S7: successively receiving the mask offset data, carries out rearrangement column processing to the mask offset data, generates the first encryption
Data, to complete the 1st wheel ciphering process;
The be-encrypted data is m group, and the be-encrypted data described in first group completes the step S1 and exports the exclusive or
After mask data, be-encrypted data described in receiving and processing next group was spaced after 3 clock cycle;
When the T moment, receives the first fractionation data and start to execute the step S3;
When the T+1t moment, receives the second fractionation data and start to execute the step S3;
When the T+2t moment, receives the third and split data and start to execute the step S3;
When the T+3t moment, receives the 4th fractionation data and start to execute the step S3.
2. data ciphering method according to claim 1, it is characterised in that: the data ciphering method includes n wheel encryption
Process, wherein repeating said steps S2-S7 completes the ciphering process that the wheel of data the 2nd is taken turns to n-1.
3. data ciphering method according to claim 1 or 2, it is characterised in that: the 2nd wheel adds to what the n-1 took turns
During close, the output data of the step S7 is the input data of the step S2.
4. data ciphering method according to claim 1 or 2, it is characterised in that: the n-th wheel data encryption process is successively
After completing the step S2, the step S3, the step S5, the step S6 and the step S7, ciphertext is exported.
5. data ciphering method according to claim 1 or 2, it is characterised in that: in the n-th wheel data encryption process,
The key addend is handled according to the data selection is first carried out, then carries out the mask compensation deals.
6. data ciphering method according to claim 1, it is characterised in that: the data ciphering method is shared based on S box
AES mask algorithm.
7. data ciphering method according to claim 1, it is characterised in that: the t is a clock cycle.
8. data ciphering method according to claim 1, it is characterised in that: in the step S7, while described in four groups
Mask offset data carries out the rearrangement column processing.
9. data ciphering method according to claim 1, it is characterised in that: the mask compensation deals add the key
Data first add new mask value, then remove the key addend according to the mask value carry before the mask compensation deals.
10. data ciphering method according to claim 1, it is characterised in that: between the step S1 and the step S2,
Between the step S2 and the step S3, between the step S3 and the step S4, the step S4 and the step S5
Between, can all carry out buffer stock between the step S5 and the step S6 and between the step S6 and the step S7
Processing.
11. a kind of data encryption device, it is characterised in that: the data encryption device is appointed for realizing in such as claim 1-10
Data ciphering method described in one, the data encryption device include exclusive or module, row shift module, split module, choosing
It selects module, byte alternative module, column mixing module, key and adds module, mask compensating module, permutatation module, cipher key spreading mould
Block, memory module, recombination module and buffer register;
The exclusive or module is used to carry out data exclusive or processing, and 1 be-encrypted data time-consuming of the exclusive or resume module is t,
The row shift module is used to carry out data row conversion process, and the fractionation module is used to carry out deconsolidation process, institute to data
It is t that it is time-consuming altogether, which to state 1 be-encrypted data of row shift module and fractionation module encryption, and the selecting module is used for more
Group data are randomly choosed, and carry out deconsolidation process again, and the byte alternative module is used to carry out at byte substitution data
It is 4t, the column hybrid guided mode that it is time-consuming altogether, which to encrypt 1 be-encrypted data, for reason, the selecting module and the byte alternative module
Block is used to carry out data column mixed processing, and it is 4t that the column mixing module, which encrypts 1 be-encrypted data time-consuming, described close
Key adds module to add processing for carrying out key to data, and it is 4t that the key, which adds module to encrypt 1 be-encrypted data time-consuming,
The mask compensating module is used to carry out data mask compensation deals, and described the encryption of mask compensating module 1 described to be encrypted
Data time-consuming is 4t, and the permutatation module is used to carry out data rearrangement column processing, and the cipher key expansion module is for storing
With transmitting initial key values and key value, memory module is used for for storing and transmitting mask value, the recombination module by data
Reorganization is carried out, the buffer register is used for the transmission to data and buffers and deposit.
12. data encryption device according to claim 11, it is characterised in that: the byte alternative module includes S box, institute
The quantity for stating S box is four.
13. data encryption device according to claim 11, it is characterised in that: the buffer register includes the first buffering
Register, the second buffer register, third buffer register, the 4th buffer register, the 5th buffer register and the 6th buffering
Register.
14. data encryption device according to claim 11 or 13, it is characterised in that: the first buffer register setting
Between the exclusive or module and row shift module, second buffer register is set to the row and splits module and the choosing
It selects between module, the third buffer register is set between the byte alternative module and the recombination module, and described
Four buffer registers are set to the column mixing module and the key adds between module, and the 5th buffer register is set to
The key adds between module and the mask compensating module, and the 6th buffer register is set to the mask compensating module
Between the permutatation module.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811386188.2A CN109495242A (en) | 2018-11-20 | 2018-11-20 | A kind of data ciphering method and data encryption equipment |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811386188.2A CN109495242A (en) | 2018-11-20 | 2018-11-20 | A kind of data ciphering method and data encryption equipment |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN109495242A true CN109495242A (en) | 2019-03-19 |
Family
ID=65696482
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811386188.2A Pending CN109495242A (en) | 2018-11-20 | 2018-11-20 | A kind of data ciphering method and data encryption equipment |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN109495242A (en) |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110111496A (en) * | 2019-04-04 | 2019-08-09 | 浙江万胜智能科技股份有限公司 | A kind of local charge control electric energy meter takes the change method of control data |
| CN110414940A (en) * | 2019-07-31 | 2019-11-05 | 武汉科技大学 | Coupling electronic campus card sign-in APP and construction method of student classroom information database |
| CN111859436A (en) * | 2020-07-29 | 2020-10-30 | 贵州力创科技发展有限公司 | Data security encryption method for vehicle insurance anti-fraud platform |
| CN116015981A (en) * | 2023-03-21 | 2023-04-25 | 深圳市星火数控技术有限公司 | Sewing numerical control file data encryption method |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105743930A (en) * | 2005-11-18 | 2016-07-06 | 安全第一公司 | Secure data parser method and system |
| US20170373831A1 (en) * | 2016-06-28 | 2017-12-28 | Eshard | Methods and devices against side-channel analysis |
| CN108111298A (en) * | 2017-12-04 | 2018-06-01 | 哈尔滨理工大学 | The low entropy mask scheme shared based on S boxes |
-
2018
- 2018-11-20 CN CN201811386188.2A patent/CN109495242A/en active Pending
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105743930A (en) * | 2005-11-18 | 2016-07-06 | 安全第一公司 | Secure data parser method and system |
| US20170373831A1 (en) * | 2016-06-28 | 2017-12-28 | Eshard | Methods and devices against side-channel analysis |
| CN108111298A (en) * | 2017-12-04 | 2018-06-01 | 哈尔滨理工大学 | The low entropy mask scheme shared based on S boxes |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110111496A (en) * | 2019-04-04 | 2019-08-09 | 浙江万胜智能科技股份有限公司 | A kind of local charge control electric energy meter takes the change method of control data |
| CN110414940A (en) * | 2019-07-31 | 2019-11-05 | 武汉科技大学 | Coupling electronic campus card sign-in APP and construction method of student classroom information database |
| CN111859436A (en) * | 2020-07-29 | 2020-10-30 | 贵州力创科技发展有限公司 | Data security encryption method for vehicle insurance anti-fraud platform |
| CN111859436B (en) * | 2020-07-29 | 2023-10-17 | 贵州力创科技发展有限公司 | Data security encryption method for vehicle insurance anti-fraud platform |
| CN116015981A (en) * | 2023-03-21 | 2023-04-25 | 深圳市星火数控技术有限公司 | Sewing numerical control file data encryption method |
| CN116015981B (en) * | 2023-03-21 | 2023-06-23 | 深圳市星火数控技术有限公司 | Sewing numerical control file data encryption method |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN109495242A (en) | A kind of data ciphering method and data encryption equipment | |
| CN102025484B (en) | Block cipher encryption and decryption method | |
| EP1271839B1 (en) | AES Encryption circuit | |
| US5214703A (en) | Device for the conversion of a digital block and use of same | |
| CN105049194B (en) | A kind of SM4 algorithms of pipeline organization realize system | |
| EP2048810B1 (en) | AES encryption/decryption circuit | |
| CN101114903A (en) | High grade encrypting criterion encrypter in Gbpassive optical network system and implementing method thereof | |
| CN104852798B (en) | A kind of data encrypting and deciphering system and method | |
| CN102035641A (en) | Device and method for implementing AES encryption and decryption | |
| JP2000066587A (en) | Data processor and communication system as well as recording medium | |
| CN105007154A (en) | Encryption and decryption device based on AES (Advanced Encryption Standard) algorithm | |
| CN101409616B (en) | AES encryption/decryption circuit | |
| JP2002040932A (en) | Ciphering device using standard algorithm for ciphering data | |
| KR20060012002A (en) | Encryption / Decryption Methods, Data Encryption / Decryption Devices, Conversion Modules, and Computer Program Products | |
| EP2651070B1 (en) | Code processing device, code processing method, and program | |
| CN107888373A (en) | XTS AES encryptions circuit, decryption circuit and its method | |
| CN101355423B (en) | Method for generating stream cipher | |
| KR101662291B1 (en) | Device for encryption and decryption based on Lightweight encryption algorithm LEA | |
| EP1629626B1 (en) | Method and apparatus for a low memory hardware implementation of the key expansion function | |
| CN103051443A (en) | AES (Advanced Encryption Standard) key expansion method | |
| CN108133450A (en) | A kind of New chaotic image encryption method based on hybrid feedback | |
| JPH05249891A (en) | Ciphering processor and ciphering process method using the same | |
| CN114826558A (en) | Mass data rapid encryption method and system | |
| CN201178468Y (en) | AES algorithm ciphering apparatus and digital television frontend bidirectional authentication system | |
| CN106789056A (en) | A kind of hardware encryption system and method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20190319 |
|
| RJ01 | Rejection of invention patent application after publication |