CN105897406B - A kind of device for the AES encryption and decryption that bright ciphertext is isometric - Google Patents
A kind of device for the AES encryption and decryption that bright ciphertext is isometric Download PDFInfo
- Publication number
- CN105897406B CN105897406B CN201610388115.1A CN201610388115A CN105897406B CN 105897406 B CN105897406 B CN 105897406B CN 201610388115 A CN201610388115 A CN 201610388115A CN 105897406 B CN105897406 B CN 105897406B
- Authority
- CN
- China
- Prior art keywords
- data
- module
- key
- ciphertext
- sent
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0631—Substitution permutation network [SPN], i.e. cipher composed of a number of stages or rounds each involving linear and nonlinear transformations, e.g. AES algorithms
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a kind of devices of AES encryption and decryption that bright ciphertext is isometric, are related to field of information security technology.Described device includes encrypting module, deciphering module and key management module;Encrypting module includes at least one first data input module, at least one first data management module, at least one aes algorithm encrypting module and at least one first data transmission blocks;Deciphering module includes at least one second data input module, at least one second data management module, at least one aes algorithm deciphering module and at least one second data transmission blocks.Key management module for storing the key that host issues, and can according to the application of host by multiple groups delivering key to encrypting module or deciphering module.Each nucleus module passes through FPGA and realizes in the present invention, and FPGA is communicated by Pcie interface with host, the key that the non-readable key management module of host is stored, and so as to avoid the risk of key exposure, improves safety.
Description
Technical field
The present invention relates to field of information security technology more particularly to a kind of devices for the AES encryption and decryption that bright ciphertext is isometric.
Background technique
Advanced Encryption Standard (English: Advanced Encryption Standard, abbreviation: AES) is by American National mark
It is quasi- to be asserted effective standard on May 26th, 2002 with Institute for Research and Technology (NIST).2006, Advanced Encryption Standard already at
For one of most popular algorithm in the encryption of symmetrical packet key.
With the fast development of information technology, aes algorithm is widely used in various industries, but common application is all logical
Cross software realization.Although the arithmetic speed and core number of current CPU have all greatly enhanced, fortune handled by CPU
Calculation is also more complicated, so that the still comparable preciousness of cpu resource, then being accelerated by hardware realization aes algorithm to CPU
Also become a meaningful project.
Aes algorithm is a kind of symmetric block ciphers Encryption Algorithm, and the data for encryption and decryption are required by grouping, data
The length of block is fixed as 16 bytes, needs to carry out polishing filling, such bring when a data block length is less than 16 byte
The result is that ciphertext is longer than in plain text, so that not being available aes algorithm in the case where needing cleartext-ciphertext isometric.
Summary of the invention
The present invention provides a kind of device of AES encryption and decryption that bright ciphertext is isometric, can support the CBC of AES enciphering and deciphering algorithm
Mode (also referred to as cipher block chaining mode), cleartext-ciphertext data are isometric, and CPU usage is effectively reduced and improves the peace of encryption and decryption
Quan Xing.Described device, which is based on FPGA platform, realizes the isometric encryption of clear data by the multiple calling to aes algorithm, and has
Effect reduces CPU usage.
The present invention provides a kind of device of AES encryption and decryption that bright ciphertext is isometric, including the encrypting module for data processing
With deciphering module and key management module;Wherein encrypting module includes:
At least one first data input module, for obtaining data and queuing message to be encrypted from host.
At least one first data management module, be used for regular data block, and will be regular after data be sent into aes algorithm add
Close module;It is ciphertext is regular and be sent into data transmission blocks.
At least one aes algorithm encrypting module, for by data management module be sent into it is regular after data encrypt,
Ciphertext is formed, and ciphertext is passed back to data management module.
At least one first data transmission blocks, for ciphertext and queuing message to be passed back to host.
Deciphering module includes:
At least one second data input module, for obtaining data and queuing message to be decrypted from host.
At least one second data management module, be used for regular data block, and will be regular after data be sent into aes algorithm solution
Close module;It will be regular and be sent into data transmission blocks in plain text.
At least one aes algorithm deciphering module, for by data management module be sent into it is regular after data be decrypted,
It is formed in plain text, and data management module will be passed back in plain text.
At least one second data transmission blocks, for plaintext and queuing message to be passed back to host.
Key management module can store multiple groups key, and can be according to host for storing the key that host issues
Application by multiple groups delivering key to encrypting module or deciphering module.
A kind of device nucleus module of the isometric AES encryption and decryption of bright ciphertext provided by the invention is carried out by FPGA real
Existing, FPGA is communicated by Pcie interface with host, for reception and return data and information.The non-readable key pipe of host
The key that reason module is stored improves safety so as to avoid the risk of key exposure.
Detailed description of the invention
Fig. 1 is encrypting module structural schematic diagram of the present invention.
Fig. 2 is deciphering module structural schematic diagram of the present invention.
Fig. 3 is key management module schematic diagram of the present invention.
Fig. 4 is data encryption flow diagram of the present invention.
Fig. 5 is data deciphering flow diagram of the present invention.
Fig. 6 is key management flow diagram of the present invention.
Specific embodiment
Technical solution of the present invention is described in detail with reference to the accompanying drawing.
The present invention provides a kind of device of AES encryption and decryption that bright ciphertext is isometric, including the encrypting module for data processing
With deciphering module and key management module.
Fig. 1 shows the structure of encrypting module in the present invention, and the encrypting module is by the first data input module, first
Data management module, aes algorithm encrypting module and the first data transmission blocks are constituted.First data input module is responsible for host
Incoming queuing message and clear data is cached, and close to key management module application according to the queuing message that host is passed to
Key notifies the first data management module to handle the clear data cached;First data management module is responsible for from first
Data input module reads queuing message, key and the clear data cached, and queuing message, key and plaintext are sent into
Aes algorithm encrypting module;Aes algorithm encrypting module obtains ciphertext after carrying out data encryption, and data management module receives ciphertext, and
According to plaintext to ciphertext carry out it is regular, will be regular after ciphertext and queuing message be sent into the first data transmission blocks;First data
Sending module is responsible for ciphertext passing back to host by Pcie interface.
For the hardware resource reproducibility of FPGA, an encrypting module can be copied as multiple encrypting modules, such as same
Multiple encrypting modules are placed simultaneously inside one fpga chip, area is carried out to multiple encrypting modules by defining different address spaces
Point, host computer side accesses different encrypting modules by accessing different address spaces, to realize the parallel reality of multichannel encryption
It is existing;Deciphering module can carry out identical duplication and definition with encrypting module, to realize the Parallel Implementation of multichannel decryption.Fig. 4 is aobvious
Show that encrypting module carries out the process of data encryption, below with reference to Fig. 4 and has assumed the case where length of the plaintext is 23 byte to encryption
Process carries out detailed description gradually:
Step 1: host input rank information indicates the length of the plaintext, Key Sequence Number, the sequence of operation number of this cryptographic operation
And the offset address of passback host;First data input module controls reception and the key of plaintext by analysis queuing message
It obtains.
Step 2: according to the Key Sequence Number in queuing message to key management module application key, and key being sent to
Aes algorithm encrypting module.
Step 3: in plain text, since the plaintext bit wide of input is 64, and the data bit width that AES is capable of handling is for host input
128, so the first data input module is when caching plaintext, by 64 plaintexts that host inputs be spliced into again 128 it is bright
Text, the rule of splicing are the data buffer storage that first inputs to the high data buffer storage 64, inputted afterwards to low 64, effective when input
When plaintext is less than 128,0 will be added after effective plaintext and is supplied and is cached;When at least one 128 plaintext of caching
Afterwards, notify the first data management module to handling in plain text.In this example, first by received two 8 bytes in plain text according to rule
Then it is spliced into 128 Plaintext blocks;Again by last 7 byte caches to 56 high, 0 is mended by low 72, is then notified
Data management module to handling in plain text.
Step 4: after the first data management module receives the notice of data input module, analyzing this secondary encryption first
Length of the plaintext reads data from the caching of data input module according to length, reads a data block, i.e., 128 every time
In plain text, if this read it is effective be in plain text 128, aes algorithm encrypting module will be sent in plain text and encrypted, when adding
After the completion of close operation, ciphertext is fetched and cached from aes algorithm encrypting module, while the ciphertext fetched is sent to first
Data transmission blocks;Data are read from the first data input module caching again, and are repeated above operation;When from the first data
When the effective plaintext read in input module caching is less than 128, the ciphertext fetched to plaintext and last time is spliced, is spliced
At 128 data blocks, reinitialize aes algorithm encrypting module, by spliced data be sent into aes algorithm encrypting module into
Row encryption, the ciphertext that this is fetched are spliced and are shifted with the ciphertext that last time fetches, the ciphertext after splicing and displacement is sent
Enter to the first data transmission blocks;Notify all plaintexts of the first data transmission blocks have encrypted to complete and sent;To complete
At the isometric encryption of one whole section of plaintext.
In this example, first 128 Plaintext block is sent into aes algorithm encrypting module first and is encrypted, after fetching ciphertext
It is cached;Low 72 of the ciphertext fetched are spliced with remaining 56 plaintexts again, the rule of splicing is the low of ciphertext
72 are a high position, and 56 plaintexts are low level;Aes algorithm encrypting module is reinitialized, spliced plaintext is sent into AES and is calculated
Method encrypting module is encrypted;After fetching the last one ciphertext, by the low of the high last ciphertext fetched of 72 coverings of ciphertext
72, by low 56 bit shift of the last one ciphertext to 56 high, remaining low 72 are covered with 0;To constitute most
Two ciphertext blocks of result afterwards, first piece of ciphertext are 128, and second piece of ciphertext is 56, totally 23 byte, isometric with plaintext.It will
The two ciphertext blocks are sent to the first data transmission blocks and are cached, and notify that the first sending module is sent.
Step 5: after the first data transmission blocks receive the transmission request of the first data management module, being requested according to sending
The information such as length, sending deviation address, sent first using queuing message as first transmission unit, then from caching
In read ciphertext one by one and sent, after the last one effective ciphertext is sent completely, send a queuing message unit again
Terminate this transmission, while the first data input module this cryptographic operation being notified to complete, the first data input module enters
New reception data mode.
Fig. 2 shows the structure of deciphering module of the present invention, and the deciphering module is by the second data input module, the second number
It is constituted according to management module, aes algorithm deciphering module and the second data transmission blocks.Second data input module is responsible for passing in host
The queuing message and ciphertext entered is cached, and the queuing message being passed to according to host is to key management module application key, root
Ciphertext is spliced according to ciphertext length information, notifies the second data management module to queuing message, the key and close cached
Literary data are handled;Second data management module be responsible for from data input module read cached queuing message, key and
Ciphertext, and queuing message, key and ciphertext are sent into aes algorithm deciphering module;Ciphertext is decrypted in aes algorithm deciphering module
It obtains in plain text;Second data management module receives the plaintext of aes algorithm deciphering module output, and according to ciphertext to advising in plain text
It is whole, will be regular after plaintext and queuing message be sent into the second data transmission blocks;Second data transmission blocks are responsible for plaintext is logical
It crosses Pcie interface and passes back to host.
Fig. 5 shows that deciphering module carries out the process of data deciphering, below with reference to Fig. 5 and assumes that length of the plaintext is 23 bytes
The case where detailed description gradually is carried out to decryption process:
Step 1: host input rank information indicates ciphertext length, Key Sequence Number, the sequence of operation number of this decryption oprerations
And the offset address of passback host;Second data input module controls reception and the key of ciphertext by analysis queuing message
It obtains.
Step 2: according to the Key Sequence Number in queuing message to key management module application key, and key being sent to
Aes algorithm deciphering module.
Step 3: host inputs ciphertext, and since the ciphertext bit wide of input is 64, and the data bit width that AES is capable of handling is
It 128, so data input module is spliced into 128 plaintexts when caching ciphertext, by 64 ciphertexts that host inputs again, spells
The rule connect is the data buffer storage that first inputs to the high data buffer storage 64, inputted afterwards to low 64, when effective ciphertext of input
When less than 128,0 will be added after effective ciphertext and is supplied and is cached;After the completion of all ciphertexts caching, according to ciphertext
Length splices ciphertext again.In this example, received two 8 byte cryptograms are spliced into one 128 according to rule first
Position ciphertext blocks;Again by last 7 byte caches to 56 high, 0 is mended by low 72;According to the ciphertext length of this operation letter
Breath, by high 56 bitwise shift right of the last one ciphertext blocks to low 56, covers the last one for low 72 of first ciphertext blocks
Ciphertext blocks it is 72 high, to be spliced into the last one 128 ciphertext blocks;By first ciphertext blocks and it is spliced last
A ciphertext blocks caching, and the second data management module is notified to start to process ciphertext.
Step 4: after the second data management module receives the notice of data input module, analyzing this secondary decryption first
Ciphertext length, if the integral multiple that ciphertext length is 128, reads from the caching of the second data input module according to length
Data read a data block every time, i.e., ciphertext is sent to aes algorithm deciphering module and is decrypted by 128 ciphertexts, when
After the completion of decryption oprerations, plaintext is fetched from aes algorithm encrypting module and is sent to the second data transmission blocks;Again from second
Data are read in data input module caching, and are repeated above operation;The second number is notified after the completion of the processing of all ciphertext blocks
It is sent according to sending module.If non-128 integral multiples of ciphertext length, first from the second data input module caching
The ciphertext of the last one caching is read, aes algorithm deciphering module is sent into and is decrypted for the first time, the plaintext after decryption is delayed
It deposits;Aes algorithm deciphering module is initialized again, reads ciphertext one by one from data input module caching, is sent into aes algorithm decryption
Module is decrypted, and the plaintext after decryption is sent into the second data transmission blocks and is cached;When reading the last one ciphertext
When, the high-order portion in the plaintext decrypted for the first time is taken out, is spliced with the last one ciphertext, aes algorithm decryption is re-fed into
Module is decrypted, and the plaintext which obtains is spliced with the plaintext decrypted for the first time, is sent to data transmission blocks
It is sent, to complete a decryption oprerations.In this example, being decrypted for the first time is to pass through the ciphertext spliced again, this 128
Position ciphertext contains the 56 high of low 72 of first piece of ciphertext and last block ciphertext;128 ciphertexts generate after decrypted
Plaintext, include 72 ciphertexts and 56 plaintexts that need to carry out second of decryption;Second of decryption need to be carried out by 72
After ciphertext covers low 72 of low one piece of ciphertext, it is sent to aes algorithm deciphering module and is decrypted, the plaintext decrypted is i.e.
For first piece of plaintext of final decrypted result;By decrypt for the first time 56 plaintexts move left to high 56 obtain second piece it is bright
Text;First piece of plaintext and second piece of plaintext are sent to the second data transmission blocks to send;To complete 23 bytes
The ciphertext of length is decrypted.
Step 5: after the second data transmission blocks receive the transmission request of the second data management module, being requested according to sending
Length, send the information such as address, sent first using queuing message as first transmission unit, then from caching by
A reading is sent in plain text, after the last one is effectively sent completely in plain text, sends a queuing message unit again to tie
Shu Benci is sent, while this decryption oprerations of the second data input module being notified to complete, and the second data input module enters new
Receive data mode.
Fig. 3 shows the structure of key management module, and the key management module is by cipher key storage block, key verification
Module and key distribution module are constituted.The key storage that cipher key storage block is responsible for issuing in host is in ram in slice;Key school
Test the correctness that module is responsible for check key;Key distribution module is responsible for according to key application, and key is sent to encryption or solution
Close module.
Fig. 6 shows that key management module carries out the process of key management, carries out below with reference to Fig. 6 to key management process
It is described in detail:
Step 1: host issues key to key management module, can once issue most 256 group keys.
Step 2: host application issues key verification instruction, and for host again by delivering key, key verification module will again
The key issued is compared with the key issued for the first time, if the key issued for the first time and the key issued again differ,
" return " key" mistake number, returns to 0 if equal;Host repeats key verification movement, until all key verifications are completed.When
When there is wrong cipher key, host needs, which re-start, issues key and checkout action.It is returned since apparatus of the present invention do not provide host
Cipher key function is read, so using the correctness for issuing and being used to ensure key with verification scheme.
Step 3: when data encryption or deciphering module are to key management module application key, Key Sequence Number is provided first,
Key management module chooses key according to Key Sequence Number, and key is sent to corresponding deciphering module or encrypting module.
In conclusion a kind of device of the isometric AES encryption and decryption of bright ciphertext provided by the present invention uses hardware realization
The core of aes algorithm and by secondary calling aes algorithm and to the rational joint of plain/cipher text realize in plain text, ciphertext
Stringent isometric encryption/decryption.
The present invention can realize that the parallel processing of multichannel encryption and decryption has compared to software realization on same fpga chip
Reduce CPU consumption, the processing speed characteristics such as faster;Key therein can not readback mechanism greatly reduce key exposure wind
Danger, to improve safety.
Claims (2)
1. a kind of device for the AES encryption and decryption that bright ciphertext is isometric, it is characterised in that: including encrypting module, deciphering module and key
Management module;Wherein encrypting module includes:
At least one first data input module, for obtaining data and queuing message to be encrypted from host;
At least one first data management module, be used for regular data block, and will be regular after data be sent into aes algorithm encrypt mould
Block;By ciphertext it is regular and be sent into the first data transmission blocks;
At least one aes algorithm encrypting module, for by the first data management module be sent into it is regular after data encrypt,
Ciphertext is formed, and ciphertext is passed back to the first data management module;
At least one first data transmission blocks, for ciphertext and queuing message to be passed back to host;
Deciphering module includes:
At least one second data input module, for obtaining data and queuing message to be decrypted from host;
At least one second data management module, be used for regular data block, and will be regular after data be sent into aes algorithm decrypt mould
Block;It will regular in plain text and the second data transmission blocks of feeding;
At least one aes algorithm deciphering module, for by the second data management module be sent into it is regular after data be decrypted,
It is formed in plain text, and cleartext-ciphertext is passed back to the second data management module;
At least one second data transmission blocks, for ciphertext and queuing message to be passed back to host;
Key management module gives multiple groups delivering key to encryption for storing the key that host issues, and according to the application of host
Module or deciphering module;
The process that data are encrypted are as follows:
Step 1: host input rank information indicates the length of the plaintext of this cryptographic operation, Key Sequence Number, the sequence of operation number and returns
The offset address of hero of biography machine;First data input module controls the reception of plaintext and obtaining for key by analysis queuing message
It takes;
Step 2: according to the Key Sequence Number in queuing message to key management module application key, and key being sent to AES and is calculated
Method encrypting module;
Step 3: in plain text, since the plaintext bit wide of input is 64, and the data bit width that AES is capable of handling is 128 for host input
Position, so the first data input module is spliced into 128 plaintexts when caching plaintext, by 64 plaintexts that host inputs again,
The rule of splicing is the data buffer storage that first inputs to the high data buffer storage 64, inputted afterwards to low 64, effective bright when input
It is literary less than 128 when, addition 0 will be supplied and cached after effective plaintext;After caching at least one 128 plaintext,
Notify the first data management module to handling in plain text;
Step 4: after the first data management module receives the notice of the first data input module, according to the length of the plaintext to be encrypted
Read data from the caching of the first data input module, every time one data block of reading, i.e., 128 plaintexts, if this
The effective plaintext read is 128, then will be sent to aes algorithm encrypting module in plain text and encrypt, after the completion of cryptographic operation,
Ciphertext is fetched and cached from aes algorithm encrypting module, while the ciphertext fetched is sent to the first data transmission blocks;
Data are read from the first data input module caching again, and are repeated above operation;It is cached when from the first data input module
When effective plaintext of middle reading is less than 128, the ciphertext fetched to plaintext and last time is spliced, 128 numbers are spliced into
According to block, aes algorithm encrypting module is reinitialized, spliced data feeding aes algorithm encrypting module is encrypted, incite somebody to action this
The secondary ciphertext fetched is spliced and is shifted with the ciphertext that last time fetches, and the ciphertext after splicing and displacement is sent to the first data
Sending module;Notify all plaintexts of the first data transmission blocks have encrypted to complete and sent;So that one whole section of completion is bright
The isometric encryption of text;
Step 5: after the first data transmission blocks receive the transmission request of the first data management module, according to the length for sending request
Degree, sending deviation address information, send queuing message as first transmission unit, then from caching one by one first
It reads ciphertext to be sent, after the last one effective ciphertext is sent completely, sends a queuing message unit again to terminate
This sends, while this cryptographic operation of the first data input module being notified to complete, and the first data input module enters new connect
Receive data mode;
The process that data are decrypted are as follows:
Step 1: host input rank information indicates the ciphertext length of this decryption oprerations, Key Sequence Number, the sequence of operation number and returns
The offset address of hero of biography machine;Second data input module controls the reception of ciphertext and obtaining for key by analysis queuing message
It takes;
Step 2: according to the Key Sequence Number in queuing message to key management module application key, and key being sent to AES and is calculated
Method deciphering module;
Step 3: host inputs ciphertext, and since the ciphertext bit wide of input is 64, and the data bit width that AES is capable of handling is 128
Position, so the second data input module is spliced into 128 plaintexts when caching ciphertext, by 64 ciphertexts that host inputs again,
The rule of splicing is the data buffer storage that first inputs to the high data buffer storage 64, inputted afterwards to low 64, effective close when input
It is literary less than 128 when, addition 0 will be supplied and cached after effective ciphertext;After the completion of all ciphertexts caching, according to ciphertext
Length ciphertext is spliced again;
Step 4: after the second data management module receives the notice of the second data input module, analyzing this secondary decryption first
Ciphertext length, if the integral multiple that ciphertext length is 128, reads from the caching of the second data input module according to length
Data read a data block every time, i.e., ciphertext is sent to aes algorithm deciphering module and is decrypted by 128 ciphertexts, when
After the completion of decryption oprerations, plaintext is fetched from aes algorithm encrypting module and is sent to the second data transmission blocks;Again from second
Data are read in data input module caching, and are repeated above operation;The second number is notified after the completion of the processing of all ciphertext blocks
It is sent according to sending module;If non-128 integral multiples of ciphertext length, first from the second data input module caching
The ciphertext of the last one caching is read, aes algorithm deciphering module is sent into and is decrypted for the first time, the plaintext after decryption is delayed
It deposits;Aes algorithm deciphering module is initialized again, is read ciphertext one by one from the second data input module caching, is sent into aes algorithm
Deciphering module is decrypted, and the plaintext after decryption is sent into the second data transmission blocks and is cached;When reading the last one
When ciphertext, the high-order portion in the plaintext decrypted for the first time is taken out, is spliced with the last one ciphertext, is re-fed into aes algorithm
Deciphering module is decrypted, and the plaintext which obtains is spliced with the plaintext decrypted for the first time, is sent to the second data
Sending module is sent, to complete a decryption oprerations;
Step 5: after the second data transmission blocks receive the transmission request of the second data management module, according to the length for sending request
Degree sends address information, sends queuing message as first transmission unit, then reads one by one from caching first
It is sent in plain text, after the last one is effectively sent completely in plain text, sends a queuing message unit again to terminate this
It sends, while this decryption oprerations of the second data input module being notified to complete, the second data input module enters new reception number
According to state.
2. a kind of device of the isometric AES encryption and decryption of bright ciphertext according to claim 1, it is characterised in that: key management
The process of module progress key management are as follows:
Step 1: host issues key to key management module;
Step 2: host application issues key verification instruction, and again by delivering key, key verification module will issue host again
Key be compared with the key issued for the first time, if the key issued for the first time and the key issued again differ, return
Wrong cipher key number, returns to 0 if equal;Host repeats key verification movement, until all key verifications are completed;Work as appearance
When wrong cipher key, host needs, which re-start, issues key and checkout action;
Step 3: when data encryption or deciphering module are to key management module application key, providing Key Sequence Number, key first
Management module chooses key according to Key Sequence Number, and key is sent to corresponding deciphering module or encrypting module.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610388115.1A CN105897406B (en) | 2016-06-02 | 2016-06-02 | A kind of device for the AES encryption and decryption that bright ciphertext is isometric |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201610388115.1A CN105897406B (en) | 2016-06-02 | 2016-06-02 | A kind of device for the AES encryption and decryption that bright ciphertext is isometric |
Publications (2)
Publication Number | Publication Date |
---|---|
CN105897406A CN105897406A (en) | 2016-08-24 |
CN105897406B true CN105897406B (en) | 2019-04-12 |
Family
ID=56710726
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201610388115.1A Active CN105897406B (en) | 2016-06-02 | 2016-06-02 | A kind of device for the AES encryption and decryption that bright ciphertext is isometric |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN105897406B (en) |
Families Citing this family (10)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN106549970A (en) * | 2016-11-25 | 2017-03-29 | 济南浪潮高新科技投资发展有限公司 | A kind of PCIE interface data encipher-decipher methods based on FPGA |
CN107612682A (en) * | 2017-09-25 | 2018-01-19 | 郑州云海信息技术有限公司 | A kind of data processing method based on SHA512 algorithms, apparatus and system |
CN107612681A (en) * | 2017-09-25 | 2018-01-19 | 郑州云海信息技术有限公司 | A kind of data processing method based on SM3 algorithms, apparatus and system |
CN107566113A (en) * | 2017-09-29 | 2018-01-09 | 郑州云海信息技术有限公司 | The symmetrical encipher-decipher methods of 3DES, system and computer-readable recording medium |
CN107491317A (en) * | 2017-10-10 | 2017-12-19 | 郑州云海信息技术有限公司 | A kind of symmetrical encryption and decryption method and systems of AES for accelerating platform based on isomery |
CN107749792A (en) * | 2017-10-13 | 2018-03-02 | 郑州云海信息技术有限公司 | Realize the method, system and computer-readable recording medium of data encrypting and deciphering |
CN110134621B (en) * | 2018-02-09 | 2023-12-19 | 北京忆芯科技有限公司 | Providing CMB via a loopback data path |
CN111400744B (en) * | 2020-04-20 | 2023-09-05 | 深信服科技股份有限公司 | File encryption and decryption processing method, device, equipment and readable storage medium |
CN116070292B (en) * | 2023-03-07 | 2023-06-16 | 苏州宏存芯捷科技有限公司 | SM4 encryption heterogeneous acceleration system based on FPGA |
CN116204911B (en) * | 2023-04-27 | 2023-08-04 | 苏州浪潮智能科技有限公司 | Encryption and decryption system, encryption and decryption control method, computer device and storage medium |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101534190A (en) * | 2009-05-05 | 2009-09-16 | 成都市华为赛门铁克科技有限公司 | A multi-channel encryption/decryption method, device and system |
CN104363091A (en) * | 2014-12-01 | 2015-02-18 | 国家计算机网络与信息安全管理中心 | Encryption and decryption method capable of automatically retrieving keys and selecting algorithms |
US9002002B1 (en) * | 2006-12-12 | 2015-04-07 | Marvell International Ltd. | Method and apparatus of high speed encryption and decryption |
-
2016
- 2016-06-02 CN CN201610388115.1A patent/CN105897406B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9002002B1 (en) * | 2006-12-12 | 2015-04-07 | Marvell International Ltd. | Method and apparatus of high speed encryption and decryption |
CN101534190A (en) * | 2009-05-05 | 2009-09-16 | 成都市华为赛门铁克科技有限公司 | A multi-channel encryption/decryption method, device and system |
CN104363091A (en) * | 2014-12-01 | 2015-02-18 | 国家计算机网络与信息安全管理中心 | Encryption and decryption method capable of automatically retrieving keys and selecting algorithms |
Also Published As
Publication number | Publication date |
---|---|
CN105897406A (en) | 2016-08-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN105897406B (en) | A kind of device for the AES encryption and decryption that bright ciphertext is isometric | |
US20220027288A1 (en) | Technologies for low-latency cryptography for processor-accelerator communication | |
KR102430042B1 (en) | Memory Behavior Encryption | |
US8879727B2 (en) | Method and apparatus for hardware-accelerated encryption/decryption | |
CN102138300B (en) | Message authentication code pre-computation with applications to secure memory | |
CN107924448A (en) | The one-way cipher art that hardware is implemented | |
JP7116050B2 (en) | Computer program product, computer system, and computer-implemented method for implementing cryptographic messages containing authentication instructions | |
US20120134495A1 (en) | Cloud Storage Data Access Method, Apparatus and System Based on OTP | |
CN104809407B (en) | Cloud storage front end data encryption and decryption and method of calibration and system | |
CN112751852A (en) | Data transmission method and related equipment | |
CN109245881A (en) | A kind of photograph video cloud encryption storage method | |
WO2018090665A1 (en) | Data processing method and device | |
CN107491317A (en) | A kind of symmetrical encryption and decryption method and systems of AES for accelerating platform based on isomery | |
CN103368975B (en) | A kind of method and system of batch data safe transmission | |
CN107528690A (en) | A kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery | |
US11722313B2 (en) | State synchronization for post-quantum signing facilities | |
CN110289946A (en) | A kind of generation method and block chain node device of block chain wallet localization file | |
CN103345609A (en) | Method and device for text encryption and decryption | |
CN102546156A (en) | Method, system and device for grouping encryption | |
CN107566113A (en) | The symmetrical encipher-decipher methods of 3DES, system and computer-readable recording medium | |
JP5689826B2 (en) | Secret calculation system, encryption apparatus, secret calculation apparatus and method, program | |
US9641321B1 (en) | Method and apparatus for the virtualization of cryptographic resources | |
CN103457721B (en) | A kind of method and device of Mass production password | |
CN116204911A (en) | Encryption and decryption system, encryption and decryption control method, computer device and storage medium | |
CN110457924A (en) | Storing data guard method and device |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |