CN102073477B - Implementation method of finite field multiplying unit with functions of detecting, correcting and locating error - Google Patents

Abstract

The invention provides an implementation method of a finite field multiplying unit with functions of detecting, correcting and locating an error. The finite field multiplying unit comprises an error locating unit, an error correction unit based on a redundant base, a finite field multiplication unit and an error detecting unit based on norm; and the finite field multiplying unit has the functions of detecting, correcting and locating the error. The finite field multiplying unit generated by the method has the function of locating the error so as to be convenient for dealing with hardware failure, and has the function of error correction so as to effectively resist the failure attack of an opponent.

Description

Implementation method with Galois field multiplier of error-detection error-correction and location of mistake function

Technical field

The present invention relates to a kind of Galois field multiplier, be specifically related to a kind of implementation method of the Galois field multiplier system based on systolic arrays with error-detection error-correction and location of mistake function.This multiplier implementation method is applicable on FPGA (field programmable gate array) and the chip, is the basis that block cipher is realized the restructural function.

Background technology

Along with computer technology, the develop rapidly of the communication technology, information security issue receives people's extensive attention, and various new encryption technologies and attack technology continue to bring out.It is very effective when fault attacks is analyzed symmetry and asymmetric cryptographic algorithm as a kind of side-channel attack.Therefore, the mistake of stopping to occur in the computation process becomes particularly important when preventing side-channel attack.The most simple a kind of method of stopping miscount is carried out EDC error detection and correction to result of calculation exactly.Finite field operations extensively uses at password and coding field; In all Galois field operations; Finite field multiplier is most important and the most complicated; The following problem of current Galois field multiplier ubiquity both domestic and external: 1. the means of main employing parity checking are carried out error detection, can ignore for the mistake of even bit, and the coverage rate that leads to errors is lower slightly; 2. do not have the location of mistake module, make when the Galois field multiplier is received fault attacks, can not carry out the processing hardware problem of the very first time.

Summary of the invention

The implementation method that the purpose of this invention is to provide a kind of Galois field multiplier based on systolic arrays with error detection, error correction and location of mistake function.

Error detection function of the present invention realizes that through the finite field multiplier unit with based on the error detection unit of norm concrete steps are following:

Step 1: the binary representation D that accepts two Galois field elements based on the error detection unit of norm _In

Step 2: the error detection unit based on norm calculates

Norm, be designated as N _A

Step 3: the error detection unit based on norm calculates

Norm, be designated as N _B

Step 4: the error detection unit based on norm receives the D as a result from the finite field multiplier unit ₁₀

Step 5: the error detection unit based on norm calculates D ₁₀Norm, be designated as N _C

Step 6: the error detection unit based on norm compares N _CWith N _A* N _BWhether identical; If identical, explain that the finite field multiplier computing is correct, then define the error detection of exporting D as a result based on the error detection unit of norm ₂₀Be 1; If inequality, the finite field multiplier operation mistake be described, then define the error detection of exporting D as a result based on the error detection unit of norm ₂₀Be 0.

Step 7: error detection finishes.

Error correction of the present invention realizes that through the finite field multiplier unit with based on the error correction unit of redundant operation concrete steps are following:

Step 1: the finite field multiplier unit receives the binary representation D of Galois field element _In

Step 2: the finite field multiplier unit carries out the finite field multiplier computing under polynomial basis ψ, with product D _10-1Send to error correction unit based on redundant base.

Step 3: the finite field multiplier unit is at polynomial basis ψ ₁Under carry out the finite field multiplier computing, with product D _10-1Send to error correction unit based on redundant base.

Step 4: the finite field multiplier unit is at polynomial basis ψ ₂Under carry out the finite field multiplier computing, with product D _10-1Send to error correction unit based on redundant base.

Step 5: based on the error correction unit of redundant base with the product in the step 2,3,4 according to coefficient c _i,

Conversion relation change into the product D under polynomial basis ψ _30-1, D _30-2, D _30-3, get in the lump based on the ballot device in the error correction unit of redundant base.

Step 6: if three products are all identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective; If have in three products two identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective, and the subscript n of the coefficient component that the result is made a mistake sends to the location of mistake unit; If three products are different, then the result after the error correction is changed to 0, and the duty indicator signal is changed to 0, the result after the sign error correction is invalid.

Step 7: error correction finishes.

Location of mistake function of the present invention realizes that by error correction unit and location of mistake unit based on redundant base concrete steps are following:

Step 1: the location of mistake unit receives the erroneous results position n based on the error correction unit of redundant base, the coefficient component c of characterization result _nMade mistakes.

Step 2: the location of mistake unit confirms that the unit that makes a mistake is positioned at the position of systolic arrays, and promptly the unit of dislocation appears at U in the following scope _{P, q}, p+q≤m+n-1 is at D ₄₀(p q), is characterized in the subelement that might make a mistake in the systolic arrays to export all arrays that satisfy p+q≤m+n-1.

Step 3: location of mistake finishes.

Advantage of the present invention:

1. the Galois field multiplier error detecing capability is strong.

2. Galois field multiplier has the location of mistake function, is convenient to the processing hardware fault.

3. Galois field multiplier has error correction, can resist opponent's fault attacks.

4. the Galois field multiplier PDR is high.

Description of drawings

Fig. 1 is an entire system framework synoptic diagram

Fig. 2 is the systolic arrays electrical block diagram

Fig. 3 is a systolic arrays subelement electrical block diagram

Fig. 4 is based on the electricity of the ballot device in the error correction unit of redundant base structural representation

Fig. 5 is based on the electricity of the ballot device in the error correction unit of redundant operation structural representation

Embodiment

In the present invention, the mathematical expression formal specification is as follows:

The expression generator polynomial is the finite field gf (2 of P (x) ^m) in an element;

The expression generator polynomial is the finite field gf (2 of P (x) ^m) in another element;

C (x) expression A (x) and B (x) are at finite field gf (2 ^m) in product;

The generator polynomial of P (x) expression Galois field,

p _iCoefficient component for P (x);

Mod P (x) expression deconv is with the residue of P (x);

(n, number of times m) are the coding polynomial expression of n-m in g (x) the expression liner code;

X representes arbitrary uncertainty element;

x ⁱNumber of times is the element of i in the expression polynomial basis;

M representes the dimension of Galois field under polynomial basis;

a _iExpression A (x) x under polynomial basis ⁱCoefficient;

b _iExpression B (x) x under polynomial basis ⁱCoefficient;

c _iExpression C (x) x under polynomial basis ⁱCoefficient;

To combine accompanying drawing that the present invention is done further detailed description below.

Referring to shown in Figure 1; The Galois field multiplier that is a kind of based on systolic arrays of the present invention with error-detection error-correction and location of mistake function; This multiplier is realized carrier through fpga chip (field programmable gate array) conduct; Adopt top-down design proposal, so this system includes the confinement multiplication unit, based on the error detection unit of norm, based on the error correction unit and the location of mistake unit of redundant operation.

Error detection function of the present invention realizes that through the finite field multiplier unit with based on the error detection unit of norm concrete steps are following:

Step 1: the binary representation D that accepts two Galois field elements based on the error detection unit of norm _In

Step 2: the error detection unit based on norm calculates

Norm, be designated as N _A

Step 3: the error detection unit based on norm calculates

Norm, be designated as N _B

Step 4: the error detection unit based on norm receives the D as a result from the finite field multiplier unit ₁₀

Step 5: the error detection unit based on norm calculates D ₁₀Norm, be designated as N _C

Step 6: the error detection unit based on norm compares N _CWith N _A* N _BWhether identical; If identical, explain that the finite field multiplier computing is correct, then define the error detection of exporting D as a result based on the error detection unit of norm ₂₀Be 1; If inequality, the finite field multiplier operation mistake be described, then define the error detection of exporting D as a result based on the error detection unit of norm ₂₀Be 0.

Step 7: error detection finishes.

Error correction of the present invention realizes that through the finite field multiplier unit with based on the error correction unit of redundant operation concrete steps are following:

Step 1: the finite field multiplier unit receives the binary representation D of Galois field element _In

Step 2: the finite field multiplier unit carries out the finite field multiplier computing under polynomial basis ψ, with product D _10-1Send to error correction unit based on redundant base.

Step 3: the finite field multiplier unit is at polynomial basis ψ ₁Under carry out the finite field multiplier computing, with product D _10-1Send to error correction unit based on redundant base.

Step 4: the finite field multiplier unit is at polynomial basis ψ ₂Under carry out the finite field multiplier computing, with product D _10-1Send to error correction unit based on redundant base.

Step 5: based on the error correction unit of redundant base with the product in the step 2,3,4 according to coefficient c _i,

Conversion relation change into the product D under polynomial basis ψ _30-1, D _30-2, D _30-3, get in the lump based on the ballot device in the error correction unit of redundant base (the ballot device is promptly exported the input value that occupies the majority).

Step 6: if three products are all identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective; If have in three products two identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective, and the subscript n of the coefficient component that the result is made a mistake sends to the location of mistake unit; If three products are different, then the result after the error correction is changed to 0, and the duty indicator signal is changed to 0, the result after the sign error correction is invalid.

Step 7: error correction finishes.

Location of mistake function of the present invention realizes that by error correction unit and location of mistake unit based on redundant base concrete steps are following:

Step 1: the location of mistake unit receives the erroneous results position n based on the error correction unit of redundant base, the coefficient component c of characterization result _nMade mistakes.

Step 2: the location of mistake unit confirms that the unit that makes a mistake is positioned at the position of systolic arrays, and promptly the unit of dislocation appears at U in the following scope _{P, q}, p+q≤m+n-1 is at D ₄₀(p q), is characterized in the subelement that might make a mistake in the systolic arrays to export all arrays that satisfy p+q≤m+n-1.

Step 3: location of mistake finishes.

One, finite field multiplier unit

The process object of finite field multiplier unit is two elements A (x) and the B (x) on the Galois field, wherein

Its binary form is shown a _M-1a _M-2A ₁a ₀,

Its binary form is shown b _M-1b _M-2B ₁b ₀, the product of A (x) and B (x) is C (x),

Its binary form is shown c _M-1c _M-2C ₁c ₀The input data of finite field multiplier unit are D _In={ a _M-1a _M-2A ₁a ₀, b _M-1b _M-2B ₁b ₀, according to the finite field multiplier algorithm, obtain finite field multiplier D as a result ₁₀, D ₁₀={ c _M-1c _M-2C ₁c ₀.

According to following formula, define the implementation method of confinement multiplication unit.

$C\left(x\right)=A\left(x\right)B\left(x\right)\mathrm{mod}P\left(x\right)$

$=\underset{i=0}{\overset{m-1}{\mathrm{\Σ}}}{b}_{i}A\left(x\right)\mathrm{mod}P\left(x\right)$

$=(...(\left(b_{m-1}A\left(x\right)\mathrm{mod}F\left(x\right)\right)x+b_{m-2}A\left(x\right)\mathrm{mod}F\left(x\right))x+...b_{1}A\left(x\right)\mathrm{mod}F\left(x\right))x+b_{0}A\left(x\right)\mathrm{mod}P\left(x\right))$

The concrete manner of execution of above-mentioned formula is following:

Input: A (x), B (x)

Output: C (x)

1.T ₀＝0

2.for?i＝1?to?m?do?begin

2.1?T _i＝T _i-1x?mod?x ^m+b _m-iA(x)

2.2?T _i＝T _i+t _i-1，m-1P(x)

T _i=T _I-1X mod x ^m+ b _M-iVector (the z that the output of A (x) through the capable subelement of array i obtains _{I, m-1}, z _{I, m-2}..., z _{I, 0}) be T _i

endfor

3.return?T _m

Here T _mBe finant product C (x)

The present invention realizes above-mentioned algorithm through systolic arrays, particular circuit configurations such as Fig. 2.Here each subelement of systolic arrays is formed its circuit structure such as Fig. 3 by one 2 input with door, 2 input XOR gates and a signal exchange unit.Systolic arrays is according to external clock work, at subelement U _{I, j}In, at the odd number clock, receive from subelement U _{I-1, j+1}Output signal z _{I-1, j+1}, from subelement U _{I-1, j}Output signal a _jWith from subelement U _{I, j+1}Output signal b _i, data v ₁And v ₂Intercourse, through calculating b with door _iA _j, calculate b through XOR gate _iA _j+ c _{I-1, j}, and the result is stored among the register Reg1, will be through data v ₃And v ₄Intercourse the data storage that originally is stored among the register Reg1 in register Reg2, as the output z of subelement _{I, j}At the even number clock, receive from subelement U _{I-1, j}Output signal p _jWith from subelement U _{I, j+1}Output signal d _i, data v ₂And v ₄Intercourse, through calculating b with door and XOR gate _iA _j+ c _{I-1, j}+ d _iZ _{I-1, j+1}And it is stored among the register Reg1.For finite field multiplier unit based on systolic arrays, the odd number clock switch dial to above, dial downwards at the even number clock switch, m-j clock is to subelement U _{0, j}Input a _j, clockwise subelement U in the time of m-j+1 _{0, j}Input p _j3m-j clock, subelement U _{M-1, j}Output z _{M-1, j}, composition of vector (z _{M-1, m-1}, z _{M-1, m-2}..., z _M-1,0) as final multiplication result.

Two, based on the error detection unit of norm

In the present invention, import data D based on the error detection unit of norm _In={ a _M-1a _M-2A ₁a ₀, b _M-1b _M-2B ₁b ₀And finite field multiplier D as a result ₁₀Carry out handling, thereby obtain error detection D as a result based on the error detection strategy of norm ₂₀

Described error detection strategy based on norm is:

Step 1: the binary representation D that accepts two Galois field elements based on the error detection unit of norm _In

Step 2: the error detection unit based on norm calculates

Norm, be designated as N _A

Step 3: the error detection unit based on norm calculates Norm, be designated as N _B

Step 4: the error detection unit based on norm receives the D as a result from the finite field multiplier unit ₁₀

Step 5: based on the error detection computing unit D of norm ₁₀Norm, be designated as N _C

Step 6: the error detection unit based on norm compares N _CWith N _A* N _BWhether identical; If identical, explain that the finite field multiplier computing is correct, then define the error detection of exporting D as a result based on the error detection unit of norm ₂₀Be 1; If inequality, the finite field multiplier operation mistake be described, then define the error detection of exporting D as a result based on the error detection unit of norm ₂₀Be 0.

Step 7: error detection finishes.

In the present invention, GF (2 ^m) be a Galois field, K is GF (2 ^m) subdomain, α is a finite field gf (2 ^m) in any element (mathematical expression is α ∈ GF (2 ^m)), then the norm of α is defined as

$N_{\mathrm{GF}\left(2^m\right)/K}\left(\mathrm{\α}\right)=\mathrm{\α}\×{\mathrm{\α}}^2\×{\mathrm{\α}}^{2^2...\×{\mathrm{\α}}^{2^{m-1}}={\mathrm{\α}}^{2^m-1}}.$

In the present invention, the error detection unit further based on norm replaces through the error detection module based on liner code.

Described error detection strategy based on liner code is:

Step 1: two Galois field elements A (x) and B (x) are accepted in the error detection unit based on liner code.

Step 2:A (x) carries out that (n, m) liner code L obtains A ^*(x), A ^*(x)=A (x) g (x).

Step 3: calculate C through the finite field multiplier unit ^*(x)=A ^*(x) B (x) mod F (x) g (x).

Step 4: judge whether g (x) divides exactly C ^*(x), be then to go to step 5, otherwise go to step 6.

Step 5: output C (x)=C ^*(x)/g (x), with it as final multiplication result and export multiplier and calculate correct prompting.

Step 6: the prompting of output multiplier miscount.

Step 7: error detection finishes.

Three, based on redundant basic error correction unit

The finite field multiplier unit under three groups of redundant bases to D _InCarry out 3 multiplyings, three times the result is designated as D respectively _10-1, D _10-2, D _10-3, subsequently based on the error correction unit of redundant base with D _10-1, D _10-2, D _10-3Carry out the equivalent substitution computing, obtain the replacement result 3 times, be designated as D respectively _30-1, D _30-2, D _30-3Then the ballot device in to D _30-1, D _30-2And D _30-3In put to the vote, if three products are all identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective; If have in three products two identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective, and the subscript n of the coefficient component that the result is made a mistake sends to the location of mistake unit; If three products are different, then the result after the error correction is changed to 0, and the duty indicator signal is changed to 0, the result after the sign error correction is invalid.

At GF (2 ^m) on, 1, x, x ², x ³..., x ^M-1Be one group of polynomial basis, be designated as ψ, two elements of any two elements on it

Obviously, and 1, x, x ², x ³..., x ^M-1, x ^mAlso be one group of polynomial basis, be designated as ψ ₁, 1, x, x ², x ³..., x ^M-1, x ^m, x ^M+1Be one group of polynomial basis equally, be designated as ψ ₂At ψ ₁Down

A wherein _m=b _m=0; At ψ ₂Down

A wherein _m=b _m=a _M+1=b _M+1=0.

Under ψ, $C\left(x\right)=\underset{i=0}{\overset{m-1}{\mathrm{\Σ}}}{c}_i{x}^i=A\left(x\right)\×B\left(x\right)=\left(\underset{i=0}{\overset{m-1}{\mathrm{\Σ}}}{a}_i{x}^i\right)B\left(x\right)$

$=a_{0}B\left(x\right)+a_1\mathrm{xB}\left(x\right)+a_2{x}^{2}B\left(x\right)+...+a_{m-1}{x}^{m-1}B\left(x\right)$

In order to represent conveniently to introduce among the intermediate variable D [i, j], D [i, j] satisfies following relational expression:

D[i，0]＝b _i?for?0≤i≤m-1；

D[0，j+1]＝D[m-1，j]for?0≤j≤m-2；

D[i+1，j+1]＝D[i，j]+p _i+1D[m-1，j]for?0≤i，j≤m-2

Through calculating $c_i=\underset{j=0}{\overset{m-1}{\mathrm{\Σ}}}{a}_{j}D[i,j].$

At ψ ₁Down, $C=\underset{i=0}{\overset{m}{\mathrm{\Σ}}}{c}_i^1{x}^i=\mathrm{AB}=\left(\underset{i=0}{\overset{m}{\mathrm{\Σ}}}{a}_i{x}^i\right)B$

$=a_{0}B+a_1\mathrm{xB}+a_2{x}^{2}B+...+a_{m-1}{x}^{m-1}B+a_m{x}^{m}B$

Through calculating ${\mathrm{<figure-callout\; id="1"\; label="c\; i"\; filenames="HDA0000034801980000012.png,HDA0000034801980000021.png"\; state="\{\{state\}\}">c</figure-callout>}}_i^{}=\underset{j=0}{\overset{m}{\mathrm{\&Sigma;}}}{a}_{j}D[i,j].$

At ψ ₂Down, $C=\underset{i=0}{\overset{m+1}{\mathrm{\&Sigma;}}}{c}_i^2{x}^i=\mathrm{AB}=\left(\underset{i=0}{\overset{m+1}{\mathrm{\&Sigma;}}}{a}_i{x}^i\right)B$

$=a_{0}B+a_1\mathrm{xB}+a_2{x}^{2}B+...+a_{m-1}{x}^{m-1}B+a_m{x}^{m}B+a_{m+1}{x}^{m+1}B$

Through calculating ${\mathrm{<figure-callout\; id="2"\; label="c\; i"\; filenames="HDA0000034801980000012.png"\; state="\{\{state\}\}">c</figure-callout>}}_i^{}=\underset{j=0}{\overset{m+1}{\mathrm{\&Sigma;}}}{a}_{j}D[i,j].$

For c _i, Satisfy following conversion relation

$c_i={\mathrm{<figure-callout\; id="1"\; label="c\; i"\; filenames="HDA0000034801980000012.png,HDA0000034801980000021.png"\; state="\{\{state\}\}">c</figure-callout>}}_i^{}+p_i{c}_{\mathrm{<figure-callout\; id="1"\; label="m"\; filenames="HDA0000034801980000012.png,HDA0000034801980000021.png"\; state="\{\{state\}\}">m</figure-callout>}}^1$ for?0≤i≤m-1

$c_i={\mathrm{<figure-callout\; id="2"\; label="c\; i"\; filenames="HDA0000034801980000012.png"\; state="\{\{state\}\}">c</figure-callout>}}_i^{}+c_m^2{p}_{i-1}+c_m^2{p}_i+c_{m+1}^2{p}_{m-1}{p}_i$ for?1≤i≤m-1

$c_0=c_0^2+c_m^2{p}_0+c_{m+1}^2{p}_{m-1}{p}_0$

The basic error correction strategies of described redundancy is:

Step 1: the finite field multiplier unit receives the binary representation D of Galois field element _In

Step 2: the finite field multiplier unit calculates under polynomial basis ψ and carries out the finite field multiplier computing, with product D _10-1Send to error correction unit based on redundant base.

Step 3: the finite field multiplier unit is at polynomial basis ψ ₁The finite field multiplier computing is carried out in following calculating, with product D _10-1Send to error correction unit based on redundant base.

Step 4: the finite field multiplier unit is at polynomial basis ψ ₂The finite field multiplier computing is carried out in following calculating, with product D _10-1Send to error correction unit based on redundant base.

Step 5: based on the error correction unit of redundant base with the product in the step 2 and 3 and 4 according to coefficient c _i,

Conversion relation change into the product D under polynomial basis ψ _30-1, D _30-2, D _30-3, get in the lump based on the ballot device in the error correction unit of redundant base, like Fig. 4.

Step 6: if three products are all identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective; If have in three products two identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective, and the subscript n of the coefficient component that the result is made a mistake sends to the location of mistake unit; If three products are different, then the result after the error correction is changed to 0, and the duty indicator signal is changed to 0, the result after the sign error correction is invalid.

Step 7: error correction finishes.

In the present invention, can be based on the error correction unit of redundant base through error correction unit replacement based on redundant operation.

Described redundant operation error correction strategies is:

Step 1: the finite field multiplier unit receives the binary representation D of Galois field element _In

Step 2: the finite field multiplier unit calculates under polynomial basis ψ and carries out the finite field multiplier computing, with product D _10-1Send to error correction unit based on redundant base.

Step 3: the finite field multiplier unit calculates under polynomial basis ψ and carries out the finite field multiplier computing, with product D _10-2Send to error correction unit based on redundant base.

Step 4: the finite field multiplier unit calculates under polynomial basis ψ and carries out the finite field multiplier computing, with product D _10-3Send to error correction unit based on redundant base.

Step 5: based on the error correction unit of redundant base with the product D in the step 2 and 3 and 4 _10-1, D _10-2, D _10-3Get in the lump based on the ballot device in the error correction unit of redundant base, like Fig. 5.

Step 6: if three products are all identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective; If have in three products two identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective, and the subscript n of the coefficient component that the result is made a mistake sends to the location of mistake unit; If three products are different, then the result after the error correction is changed to 0, and the duty indicator signal is changed to 0, the result after the sign error correction is invalid.

Step 7: error correction finishes.

Four, location of mistake unit

The location of mistake function of hardware system has been realized in location of mistake of the present invention unit.

Described location of mistake strategy is:

Step 1: the location of mistake unit receives the erroneous results position n based on the error correction unit of redundant base, the coefficient component c of characterization result _nMade mistakes.

Step 2: the location of mistake unit confirms that the unit that makes a mistake is positioned at the position of systolic arrays, and promptly the unit of dislocation appears at U in the following scope _{P, q}, p+q≤m+n-1 is at D ₄₀(p q), is characterized in the subelement that might make a mistake in the systolic arrays to export all arrays that satisfy p+q≤m+n-1.

Step 3: location of mistake finishes.

Claims (4)

1. implementation method based on the Galois field multiplier of systolic arrays, said Galois field multiplier comprises: location of mistake unit, the error correction unit based on redundant base, finite field multiplier unit, based on the error detection unit of norm; This Galois field multiplier has error detection, error correction and location of mistake function, it is characterized in that,

The performing step of-said error detection function is following:

1) accepts the binary representation D of two Galois field elements based on the error detection unit of norm _In

2) the error detection unit based on norm calculates

Norm, be designated as N _A

3) the error detection unit based on norm calculates

Norm, be designated as N _B

4) the error detection unit based on norm receives the D as a result from the finite field multiplier unit ₁₀

5) the error detection unit based on norm calculates D ₁₀Norm, be designated as N _C

6) the error detection unit based on norm compares N _CWith N _A* N _BWhether identical; If identical, explain that the finite field multiplier computing is correct, then define the error detection of exporting D as a result based on the error detection unit of norm ₂₀Be 1; If inequality, the finite field multiplier operation mistake be described, then define the error detection of exporting D as a result based on the error detection unit of norm ₂₀Be 0;

7) error detection finishes;

The performing step of-said error correction is following:

1) the finite field multiplier unit receives the binary representation D of Galois field element _In

2) the finite field multiplier unit carries out the finite field multiplier computing under polynomial basis ψ, with product D _10-1Send to error correction unit based on redundant base;

3) the finite field multiplier unit is at polynomial basis ψ ₁Under carry out the finite field multiplier computing, with product D _10-1Send to error correction unit based on redundant base;

4) the finite field multiplier unit is at polynomial basis ψ ₂Under carry out the finite field multiplier computing, with product D _10-1Send to error correction unit based on redundant base;

5) based on the error correction unit of redundant base with step 2), 3), 4) in product according to coefficient c _i,

Conversion relation change into the product D under polynomial basis ψ _30-1, D _30-2, D _30-3, get in the lump based on the ballot device in the error correction unit of redundant base;

6) if three products are all identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective; If have in three products two identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective, and the subscript n of the coefficient component that the result is made a mistake sends to the location of mistake unit; If three products are different, then the result after the error correction is changed to 0, and the duty indicator signal is changed to 0, the result after the sign error correction is invalid;

7) step 7: error correction finishes;

The performing step of-said location of mistake function is following:

1) the location of mistake unit receives the erroneous results position n based on the error correction unit of redundant base, the coefficient component c of characterization result _nMade mistakes;

2) the location of mistake unit confirms that the unit that makes a mistake is positioned at the position of systolic arrays, and promptly the unit of dislocation appears at U in the following scope _{P, q}, p+q≤m+n-1 is at D ₄₀(p q), is characterized in the subelement that might make a mistake in the systolic arrays to export all arrays that satisfy p+q≤m+n-1;

3) location of mistake finishes.

2. the method for claim 1 is characterized in that, said finite field multiplier unit is realized according to following formula:

$C\left(x\right)=A\left(x\right)B\left(x\right)\mathrm{mod}P\left(x\right)$

$=\underset{i=0}{\overset{m-1}{\mathrm{\&Sigma;}}}{b}_{i}A\left(x\right)\mathrm{mod}P\left(x\right)$

$=(...(\left(b_{m-1}A\left(x\right)\mathrm{mod}F\left(x\right)\right)x+b_{m-2}A\left(x\right)\mathrm{mod}F\left(x\right))x+...b_{1}A\left(x\right)\mathrm{mod}F\left(x\right))x+b_{0}A\left(x\right)\mathrm{mod}P\left(x\right)).$

3. the method for claim 1 is characterized in that, uses the error detection module based on liner code to replace the error detection unit based on norm, and corresponding error detection function performing step is:

1) accepts two Galois field elements A (x) and B (x) based on the error detection unit of liner code;

2) A (x) carries out that (n, m) liner code L obtains A ^*(x), A ^*(x)=A (x) g (x);

3) calculate C through the finite field multiplier unit ^*(x)=A ^*(x) B (x) mod F (x) g (x);

4) judge whether g (x) divides exactly C ^*(x), be then to go to step 5), otherwise go to step 6);

5) output C (x)=C ^*(x)/g (x), with it as final multiplication result and export multiplier and calculate correct prompting;

6) prompting of output multiplier miscount;

7) error detection finishes.

4. like claim 1 or 3 described methods, it is characterized in that use based on the error correction unit of redundant operation and replace the error correction unit based on redundant base, corresponding error correction performing step is:

1) the finite field multiplier unit receives the binary representation D of Galois field element _In

2) the finite field multiplier unit calculates under polynomial basis ψ and carries out the finite field multiplier computing, with product D _10-1Send to error correction unit based on redundant base;

3) the finite field multiplier unit calculates under polynomial basis ψ and carries out the finite field multiplier computing, with product D _10-2Send to error correction unit based on redundant base;

4) the finite field multiplier unit calculates under polynomial basis ψ and carries out the finite field multiplier computing, with product D _10-3Send to error correction unit based on redundant base;

5) based on the error correction unit of redundant base with step 2), 3), 4) in product D _10-1, D _10-2, D _10-3Get in the lump based on the ballot device in the error correction unit of redundant base;

6) if three products are all identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective; If have in three products two identical, this identical product D of the device of then voting output ₃₀, and the duty indicator signal being changed to 1, the result who characterizes after the error correction is effective, and the subscript n of the coefficient component that the result is made a mistake sends to the location of mistake unit; If three products are different, then the result after the error correction is changed to 0, and the duty indicator signal is changed to 0, the result after the sign error correction is invalid;

7) error correction finishes.

Images