CN107528690A - A kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery - Google Patents

A kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery Download PDF

Info

Publication number
CN107528690A
CN107528690A CN201710934651.1A CN201710934651A CN107528690A CN 107528690 A CN107528690 A CN 107528690A CN 201710934651 A CN201710934651 A CN 201710934651A CN 107528690 A CN107528690 A CN 107528690A
Authority
CN
China
Prior art keywords
data
kernel
fpga
target
host side
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201710934651.1A
Other languages
Chinese (zh)
Inventor
李雪雷
王丽
曹芳
段志刚
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Zhengzhou Yunhai Information Technology Co Ltd
Original Assignee
Zhengzhou Yunhai Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Zhengzhou Yunhai Information Technology Co Ltd filed Critical Zhengzhou Yunhai Information Technology Co Ltd
Priority to CN201710934651.1A priority Critical patent/CN107528690A/en
Publication of CN107528690A publication Critical patent/CN107528690A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/38Payment protocols; Details thereof
    • G06Q20/382Payment protocols; Details thereof insuring higher security of transaction
    • G06Q20/3829Payment protocols; Details thereof insuring higher security of transaction involving key management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Business, Economics & Management (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Accounting & Taxation (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Signal Processing (AREA)
  • Computing Systems (AREA)
  • Finance (AREA)
  • Strategic Management (AREA)
  • General Business, Economics & Management (AREA)
  • Storage Device Security (AREA)

Abstract

This application discloses a kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery, this method includes:Host side executable file is run at CPU ends, pending data collection and startup control signal is sent to FPGA ends, and obtain the result that FPGA ends obtain;Kernel executable files are run in FPGA ends in the case where starting the control of control signal, to carry out data encryption corresponding with target algorithm or decryption processing to pending data collection, obtain corresponding result;Wherein, target algorithm is SM4 symmetric cryptographies or decipherment algorithm;Host side executable file and Kernel executable files are respectively the executable file of Intrusion Detection based on host end program and Kernel Program Generatings;Host side program and Kernel programs are the program for target algorithm generate after high-level language description using OpenCL.By running above-mentioned Kernel executable files at FPGA ends the time needed for parallel processing in SM4 asymmetric encryption procedures or decrypting process can be greatly decreased, hence it is evident that improve the symmetrical encryption/decryption speeds of SM4 in the application.

Description

A kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery
Technical field
It is more particularly to a kind of to accelerate the SM4 of platform symmetrically to add based on isomery the present invention relates to data encrypting and deciphering technical field Decryption method and system.
Background technology
Symmetric encipherment algorithm is using AES earlier, technology maturation.In a symmetric encryption algorithm, data transmission side In plain text (initial data) and encryption key together after the processing of special AES, it will be made to become complicated encrypted cipher text and sent out See off.After destination receives ciphertext, if wanting to understand original text, the inverse operator for encrypting used key and identical algorithms is needed to use Ciphertext is decrypted method, just it can be made to revert to readable plaintext.In a symmetric encryption algorithm, the key used only has one, Hair collection of letters both sides are encrypted and decrypted using this data key, and it is close that this requires that decryption side must be known by encrypting in advance Key.
The quite varied commercial cipher standard of a kind of application field in symmetric encipherment algorithm be present, be mainly used in not being related to State secret content but protection is encrypted with internal information of sensitiveness, administrative affair information, economic information etc..Than Such as:Commercial cipher prevents available for enterprise's entrance guard management, the transmission of all kinds of sensitive informations of enterprises encryption, storage encryption Illegal third party obtains the information content;It can also be used for various safety certifications, Web bank, digital signature etc..
SM4 block cipher standards are the packet symmetric cryptographic algorithms of China's autonomous Design, and national Password Management office is in 2012 Issue on March 21, in, for realizing encryption/decryption computing of data, to ensure the confidentiality of data and information.SM4 packets are close Code algorithm is the packet dedicated cryptographic algorithm for WLAN and credible accounting system, and the block length of the algorithm is 128 Bit, key length are 128 bits, the data encryption flow after packet as shown in Figure 1 (it is corresponding, decrypting process in plain text with it is close Literary transposition, other flows are constant, but the inverse operation each other of concrete operations details).SM4 algorithms are that China formulates WAPI standards Part, while can be used for the protecting data encryption under other environment.
Due to exploding for information age data volume, the personal secrets of information and data turn into most worthy in each commercial field Assets.Each commercial company can be admitted to digital independent to the data in oneself field from system can all be strict information guarantor Shield.Data encryption is exactly a kind of effective means protected to information, can prevent the reading and propagation of unauthorized user.So And certain computing resource is needed to the encryption and decryption processes of data, especially in the bar that data explode, the response time is limited Under part, faster SM4 encryption/decryption speeds how are realized to meet that access response of the user to data turns into a stern challenge.
The content of the invention
In view of this, it is an object of the invention to provide a kind of symmetrical encipher-decipher methods of SM4 for accelerating platform based on isomery And system, the symmetrical encryption/decryption speeds of SM4 can be obviously improved.Its concrete scheme is as follows:
A kind of symmetrical encipher-decipher methods of SM4 for accelerating platform based on isomery, including:
Host side executable file is run at CPU ends, and pending data collection and startup control signal are sent to FPGA ends, And obtain the result that the FPGA ends obtain;
Kernel executable files are run, under the control of the startup control signal to be treated to described in the FPGA ends Processing data collection carries out data encryption corresponding with target algorithm or decryption processing, obtains corresponding result;
Wherein, the target algorithm is SM4 symmetric cryptographies or decipherment algorithm;The host side executable file and described Kernel executable files are respectively the executable file of Intrusion Detection based on host end program and Kernel Program Generatings;The host side journey Sequence and the Kernel programs are the program for the target algorithm generate after high-level language description using OpenCL.
Optionally, the generating process of the host side executable file, including:
The host side program is compiled using GCC compilers, obtains the host side executable file.
Optionally, the generating process of the Kernel executable files, including:
The Kernel programs are compiled using Altera SDK for OpenCL, to generate corresponding AOCX texts Part, obtain the Kernel executable files.
Optionally, the CPU ends by pending data collection and start the step of control signal is sent to FPGA ends, including:
Original target data is grouped, obtains grouped data;Wherein, the original target data is original to be added Ciphertext data or data to be decrypted;
The assistance data collection of the grouped data, corresponding key data and correlation is merged, obtains described treat Processing data collection;
Target cache is created on the DDR internal memories of the development board at the FPGA ends, and the pending data collection is transmitted To the target cache;
Parameter information of the FPGA ends needed for during actual motion is set;
The startup control signal is generated, and the startup control signal is sent to the FPGA ends.
Optionally, the FPGA ends carry out corresponding with target algorithm data encryption or decryption to the pending data collection Processing, the step of obtaining corresponding result, including:
The pending data collection is read to caching on the piece at the FPGA ends in batches from the target cache;
Parallel and streamlined iteration corresponding with the target algorithm is carried out to the grouped data in described upper caching Obscure and dispersion operation, obtain the result, and the result is preserved to the target cache, so as to described The result is read from the target cache in CPU ends.
The present invention further correspondingly disclose it is a kind of based on isomery accelerate platform the symmetrical encrypting and deciphering systems of SM4, including CPU ends and FPGA ends;Wherein,
The CPU ends, for running host side executable file, by pending data collection and start control signal transmission To the FPGA ends, and obtain the result that the FPGA ends obtain;
The FPGA ends, under the control of the startup control signal, Kernel executable files being run, with to institute State pending data collection and carry out data encryption corresponding with target algorithm or decryption processing, obtain corresponding result;
Wherein, the target algorithm is SM4 symmetric cryptographies or decipherment algorithm;The host side executable file and described Kernel executable files are respectively the executable file of Intrusion Detection based on host end program and Kernel Program Generatings;The host side journey Sequence and the Kernel programs are the program for the target algorithm generate after high-level language description using OpenCL.
Optionally, the symmetrical encrypting and deciphering systems of the SM4, in addition to:
First collector, for being compiled using GCC compilers to the host side program, obtain the host side Executable file.
Optionally, the symmetrical encrypting and deciphering systems of the SM4, in addition to:
Second collector, for being compiled using Altera SDK for OpenCL to the Kernel programs, with Corresponding AOCX files are generated, obtain the Kernel executable files.
Optionally, the CPU ends, including:
Data packet units, for being grouped to original target data, obtain grouped data;Wherein, the original mesh It is original be-encrypted data or data to be decrypted to mark data;
Data combination unit, for the assistance data collection of the grouped data, corresponding key data and correlation to be entered Row merges, and obtains the pending data collection;
Creating unit is cached, for creating target cache on the DDR internal memories of the development board at the FPGA ends;
Data transmission unit, for the pending data collection to be transmitted to the target cache;
Parameter set unit, for setting FPGA ends parameter information required during actual motion;
Start control unit, sent for generating the startup control signal, and by the startup control signal to described FPGA ends.
Optionally, the FPGA ends, including:
Data-reading unit, for the pending data collection to be read to the FPGA in batches from the target cache Cached on the piece at end;
Data processing unit, for corresponding with the target algorithm simultaneously to the grouped data progress in described upper caching The iteration of row and streamlined obscures and dispersion operation, obtains the result, and the result is preserved to described Target cache, so that the result is read at the CPU ends from the target cache.
It can be seen that carrying out high-level language description to SM4 symmetric cryptographies or decipherment algorithm using OpenCL in the present invention, phase is generated The host side program and Kernel programs answered, and then generate in the host side executable file of CPU ends operation and transported at FPGA ends Capable Kernel executable files, because FPGA ends have powerful parallel processing capability, so, by the operation of FPGA ends Kernel executable files are stated, the time needed for parallel processing in SM4 asymmetric encryption procedures or decrypting process can be greatly decreased, The symmetrical encryption/decryption speeds of SM4 have been obviously improved, there is outstanding hardware-accelerated effect.
Brief description of the drawings
In order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing There is the required accompanying drawing used in technology description to be briefly described, it should be apparent that, drawings in the following description are only this The embodiment of invention, for those of ordinary skill in the art, on the premise of not paying creative work, can also basis The accompanying drawing of offer obtains other accompanying drawings.
Fig. 1 is SM4 block encryption algorithm flow charts;
Fig. 2 is a kind of symmetrical encipher-decipher method flow charts of SM4 for accelerating platform based on isomery disclosed in the embodiment of the present invention;
Fig. 3 is the symmetrical encryption and decryption schematic flow sheets of a kind of specific SM4 disclosed in the embodiment of the present invention;
Fig. 4 is a kind of symmetrical encrypting and deciphering system structure charts of SM4 for accelerating platform based on isomery disclosed in the embodiment of the present invention.
Embodiment
Below in conjunction with the accompanying drawing in the embodiment of the present invention, the technical scheme in the embodiment of the present invention is carried out clear, complete Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, rather than whole embodiments.It is based on Embodiment in the present invention, those of ordinary skill in the art are obtained every other under the premise of creative work is not made Embodiment, belong to the scope of protection of the invention.
The embodiment of the invention discloses a kind of symmetrical encipher-decipher methods of SM4 for accelerating platform based on isomery, referring to Fig. 2 institutes Show, this method includes:
Step S11:Host side executable file is run at CPU ends, by pending data collection and starts control signal transmission To FPGA ends, and obtain the result that FPGA ends obtain;
Step S12:Kernel executable files are run, in the case where starting the control of control signal with to pending in FPGA ends Data set carries out data encryption corresponding with target algorithm or decryption processing, obtains corresponding result;
Wherein, target algorithm is SM4 symmetric cryptographies or decipherment algorithm;Host side executable file and the executable texts of Kernel Part is respectively the executable file of Intrusion Detection based on host end program and Kernel Program Generatings;Host side program and Kernel programs are profit The program for target algorithm generate after high-level language description with OpenCL.
It is to above-mentioned mesh using OpenCL (Open Computing Language, open computing language) in the present embodiment Mark algorithm is described, so as to obtain host side program and Kernel programs.It is understood that above-mentioned Kernel programs are profits The program obtained after the parallel algorithm in above-mentioned target algorithm is described with OpenCL so that it is more efficient that generation can be mapped FPGA hardware circuit structure, subsequent regeneration is into corresponding executable file, then in the executable texts of FPGA ends operation Kernel Part, to accelerate SM4 symmetric cryptographies or decryption processing speed by the powerful concurrent operation ability in FPGA ends.
In the present embodiment, the generating process of host side executable file, it can specifically include:Using GCC compilers to master Generator terminal program is compiled, and obtains host side executable file.
In the present embodiment, the generating process of Kernel executable files, it can specifically include:Utilize Altera SDK for OpenCL is compiled to Kernel programs, to generate corresponding AOCX files, obtains Kernel executable files.
Further, in the present embodiment, above-mentioned CPU ends send pending data collection and startup control signal to FPGA ends The step of, it can specifically include:
Original target data is grouped, obtains grouped data;Wherein, original target data is original number to be encrypted According to or data to be decrypted;The assistance data collection of grouped data, corresponding key data and correlation is merged, obtains waiting to locate Manage data set;Target cache is created on the DDR internal memories of the development board at FPGA ends, and pending data collection is transmitted to target and delayed Deposit;Parameter information of the FPGA ends needed for during actual motion is set;Generation starts control signal, and will start control letter Number send to FPGA ends.
Accordingly, above-mentioned FPGA ends are carried out to pending data collection at corresponding with target algorithm data encryption or decryption Reason, the step of obtaining corresponding result, it can specifically include:
Pending data collection is read from target cache in batches to caching on the piece at FPGA ends;To point in being cached on piece Group data progress parallel and streamlined iteration corresponding with target algorithm obscures and dispersion operation, obtains result, and Result is preserved to target cache, so as to CPU ends from target cache reading process result.
It can be seen that high-level language description is carried out to SM4 symmetric cryptographies or decipherment algorithm using OpenCL in the embodiment of the present invention, Generate corresponding host side program and Kernel programs, so generate the operation of CPU ends host side executable file and The Kernel executable files of FPGA ends operation, because FPGA ends have powerful parallel processing capability, so, by FPGA Above-mentioned Kernel executable files are run at end, and parallel processing institute in SM4 asymmetric encryption procedures or decrypting process can be greatly decreased The time needed, hence it is evident that improve the symmetrical encryption/decryption speeds of SM4, there is outstanding hardware-accelerated effect.
It is shown in Figure 3, a kind of symmetrical encryption and decryption flows of SM4 for specifically accelerating platform based on isomery are shown in Fig. 3 Schematic diagram.First, the description of the symmetrical encryption/decryption algorithms of SM4 is completed using OpenCL high-level languages, is generated respectively in general procedure The host side program run on device CPU, and the Kernel programs towards FPGA platform.Then, using GCC compilers to main frame End program is compiled, and generates the host side executable file that can be performed on general processor CPU;Using Altera SDK For OpenCL High Level Synthesis instruments are compiled synthesis to Kernel programs, generate the AOCX texts that can be run on FPGA Part, it that is to say to obtain above-mentioned Kernel executable files.Finally, host side program is run on general processor CPU, is called The symmetrical enciphering/deciphering core algorithm hardware circuit progress of the upper SM4 of FPGA is hardware-accelerated, is connected between CPU and FPGA using PCI-E interface Connect, enter row data communication, using the DDR3 internal memories on FPGA development boards as data buffer storage Buffer.
Accordingly, following steps are mainly included when host side program is realized:
Prepare pending data collection, create the caching that host side enters row data communication with FPGA ends, the caching is stored in On the DDR internal memories of FPGA development boards;By the ready data set transmissions of host side into caching, above-mentioned data set can specifically wrap Include fill and the plaintext that is grouped ciphertext data, counterpart keys generation encryption decruption key data and other participate in computings Data set;Required parameter information when setting FPGA ends to run, caching of the above-mentioned parameter information mainly comprising storage data are big The process and FPGA platform information that small, data write-ins and reading, kernel are performed;Control start FPGA end SM4 symmetrically add/ Decipherment algorithm;, will from the caching on the DDR internal memories of FPGA ends after waiting the symmetrical encryption/decryption algorithm end of runs of FPGA end SM4 The digital independent of the symmetrical enciphering/decipherings of SM4 completes the symmetrical enciphering/deciphering processes of SM4 and exports corresponding ciphertext or bright to host side Text.
Further, the operation of FPGA ends is obtained after the symmetrical encryption/decryption algorithms of SM4 are described using OpenCL language The process of Kernel programs, it can include:
The key for generating to be added/ciphertext data and host side after the enabling signal for receiving host side and other ginsengs Cached with the assistance data collection of computing from FPGA DDR batches reading to FPGA piece;The plain/cipher text data of packet are entered Row is parallel and the iteration of streamlined obscures and dispersion operation;By computed information write-in FPGA DDR;Above-mentioned encryption/decryption Step performs completion, in caching pending data processing terminate, returned to host side and complete signal.
The embodiment of the present invention performs the symmetrical encryption/decryption algorithm nucleus modules of SM4 using FPGA hardware platform, can be by simultaneously The optimal way of row flowing water improves the degree of parallelism of algorithm, throughput performance during so as to improve algorithm performs.It is hard with general RTL Part description language implementation is compared, and the embodiment of the present invention carries out the generation of FPGA hardware bit stream, energy using OpenCL language Enough it is effectively improved algorithm and realizes efficiency, reduces the construction cycle that algorithm is realized.It is parallel that FPGA can be easily achieved grain refined, nothing Expensive server or cluster are needed, can effectively solve hardware cost
Accordingly, the embodiment of the present invention further correspondingly discloses a kind of symmetrical encryption and decryption systems of SM4 for accelerating platform based on isomery System, it is shown in Figure 4, including CPU ends and FPGA ends;Wherein,
CPU ends, for running host side executable file, by pending data collection and start control signal send to FPGA ends, and obtain the result that FPGA ends obtain;
FPGA ends, in the case where starting the control of control signal, Kernel executable files being run, with to pending data Collection carries out data encryption corresponding with target algorithm or decryption processing, obtains corresponding result;
Wherein, target algorithm is SM4 symmetric cryptographies or decipherment algorithm;Host side executable file and the executable texts of Kernel Part is respectively the executable file of Intrusion Detection based on host end program and Kernel Program Generatings;Host side program and Kernel programs are profit The program for target algorithm generate after high-level language description with OpenCL.
Wherein, the symmetrical encrypting and deciphering systems of above-mentioned SM4, can also include:
First collector, for being compiled using GCC compilers to host side program, obtain the executable text of host side Part.
In addition, the above-mentioned symmetrical encrypting and deciphering systems of SM4, can also include:
Second collector, for being compiled using Altera SDK for OpenCL to Kernel programs, with generation Corresponding AOCX files, obtain Kernel executable files.
In the present embodiment, above-mentioned CPU ends, it can specifically include data packet units, data combination unit, caching and create list Member, data transmission unit, parameter set unit and startup control unit;Wherein,
Data packet units, for being grouped to original target data, obtain grouped data;Wherein, original object number According to for original be-encrypted data or data to be decrypted;
Data combination unit, for the assistance data collection of grouped data, corresponding key data and correlation to be closed And obtain pending data collection;
Creating unit is cached, target cache is created on the DDR internal memories of the development board at FPGA ends;
Data transmission unit, for pending data collection to be transmitted to target cache;
Parameter set unit, for setting FPGA ends parameter information required during actual motion;
Start control unit, start control signal for generating, and send control signal is started to FPGA ends.
In the present embodiment, above-mentioned FPGA ends, it can specifically include data-reading unit and data processing unit;Wherein,
Data-reading unit, for reading pending data collection in batches from target cache to slow on the piece at FPGA ends Deposit;
Data processing unit, for carrying out parallel and flowing water corresponding with target algorithm to the grouped data in being cached on piece The iteration of change obscures and dispersion operation, obtains result, and result is preserved to target cache, so as to CPU ends from Reading process result in target cache.
The phase disclosed in previous embodiment is may be referred on above-mentioned modules and the more specifical course of work of unit Content is answered, is no longer repeated herein.
Finally, it is to be noted that, herein, such as first and second or the like relational terms be used merely to by One entity or operation make a distinction with another entity or operation, and not necessarily require or imply these entities or operation Between any this actual relation or order be present.Moreover, term " comprising ", "comprising" or its any other variant meaning Covering including for nonexcludability, so that process, method, article or equipment including a series of elements not only include that A little key elements, but also the other element including being not expressly set out, or also include for this process, method, article or The intrinsic key element of equipment.In the absence of more restrictions, the key element limited by sentence "including a ...", is not arranged Except other identical element in the process including the key element, method, article or equipment being also present.
A kind of symmetrical encryption and decryption method and systems of SM4 based on isomery acceleration platform provided by the present invention are carried out above It is discussed in detail, specific case used herein is set forth to the principle and embodiment of the present invention, above example Explanation be only intended to help understand the present invention method and its core concept;Meanwhile for those of ordinary skill in the art, According to the thought of the present invention, there will be changes in specific embodiments and applications, in summary, in this specification Appearance should not be construed as limiting the invention.

Claims (10)

  1. A kind of 1. symmetrical encipher-decipher methods of SM4 for accelerating platform based on isomery, it is characterised in that including:
    Host side executable file is run at CPU ends, and pending data collection and startup control signal are sent to FPGA ends, and is obtained The result for taking the FPGA ends to obtain;
    Kernel executable files are run, under the control of the startup control signal with to described pending in the FPGA ends Data set carries out data encryption corresponding with target algorithm or decryption processing, obtains corresponding result;
    Wherein, the target algorithm is SM4 symmetric cryptographies or decipherment algorithm;The host side executable file and the Kernel Executable file is respectively the executable file of Intrusion Detection based on host end program and Kernel Program Generatings;The host side program and institute It is the program for the target algorithm generate after high-level language description using OpenCL to state Kernel programs.
  2. 2. the SM4 symmetrical encipher-decipher methods according to claim 1 for accelerating platform based on isomery, it is characterised in that described The generating process of host side executable file, including:
    The host side program is compiled using GCC compilers, obtains the host side executable file.
  3. 3. the SM4 symmetrical encipher-decipher methods according to claim 1 for accelerating platform based on isomery, it is characterised in that described The generating process of Kernel executable files, including:
    The Kernel programs are compiled using Altera SDK for OpenCL, to generate corresponding AOCX files, obtained To the Kernel executable files.
  4. 4. the symmetrical encipher-decipher methods of SM4 for accelerating platform based on isomery according to any one of claims 1 to 3, its feature It is, the CPU ends are by pending data collection and start the step of control signal is sent to FPGA ends, including:
    Original target data is grouped, obtains grouped data;Wherein, the original target data is original number to be encrypted According to or data to be decrypted;
    The assistance data collection of the grouped data, corresponding key data and correlation is merged, obtained described pending Data set;
    Target cache is created on the DDR internal memories of the development board at the FPGA ends, and the pending data collection is transmitted to institute State target cache;
    Parameter information of the FPGA ends needed for during actual motion is set;
    The startup control signal is generated, and the startup control signal is sent to the FPGA ends.
  5. 5. the SM4 symmetrical encipher-decipher methods according to claim 4 for accelerating platform based on isomery, it is characterised in that described FPGA ends carry out data encryption corresponding with target algorithm or decryption processing to the pending data collection, are handled accordingly As a result the step of, including:
    The pending data collection is read to caching on the piece at the FPGA ends in batches from the target cache;
    Parallel and streamlined iteration corresponding with the target algorithm is carried out to the grouped data in described upper caching to obscure And dispersion operation, the result is obtained, and the result is preserved to the target cache, so as to the CPU The result is read from the target cache in end.
  6. 6. a kind of symmetrical encrypting and deciphering systems of SM4 for accelerating platform based on isomery, it is characterised in that including CPU ends and FPGA ends;Its In,
    The CPU ends, for running host side executable file, pending data collection and startup control signal are sent to institute FPGA ends are stated, and obtain the result that the FPGA ends obtain;
    The FPGA ends, under the control of the startup control signal, Kernel executable files being run, to be treated to described Processing data collection carries out data encryption corresponding with target algorithm or decryption processing, obtains corresponding result;
    Wherein, the target algorithm is SM4 symmetric cryptographies or decipherment algorithm;The host side executable file and the Kernel Executable file is respectively the executable file of Intrusion Detection based on host end program and Kernel Program Generatings;The host side program and institute It is the program for the target algorithm generate after high-level language description using OpenCL to state Kernel programs.
  7. 7. the SM4 symmetrical encrypting and deciphering systems according to claim 6 for accelerating platform based on isomery, it is characterised in that also wrap Include:
    First collector, for being compiled using GCC compilers to the host side program, obtaining the host side can hold Style of writing part.
  8. 8. the SM4 symmetrical encrypting and deciphering systems according to claim 6 for accelerating platform based on isomery, it is characterised in that also wrap Include:
    Second collector, for being compiled using Altera SDK for OpenCL to the Kernel programs, with generation Corresponding AOCX files, obtain the Kernel executable files.
  9. 9. the symmetrical encrypting and deciphering systems of SM4 for accelerating platform based on isomery according to any one of claim 6 to 8, its feature It is, the CPU ends, including:
    Data packet units, for being grouped to original target data, obtain grouped data;Wherein, the original object number According to for original be-encrypted data or data to be decrypted;
    Data combination unit, for the assistance data collection of the grouped data, corresponding key data and correlation to be closed And obtain the pending data collection;
    Creating unit is cached, for creating target cache on the DDR internal memories of the development board at the FPGA ends;
    Data transmission unit, for the pending data collection to be transmitted to the target cache;
    Parameter set unit, for setting FPGA ends parameter information required during actual motion;
    Start control unit, sent for generating the startup control signal, and by the startup control signal to the FPGA End.
  10. 10. the SM4 symmetrical encrypting and deciphering systems according to claim 9 for accelerating platform based on isomery, it is characterised in that described FPGA ends, including:
    Data-reading unit, for the pending data collection to be read to the FPGA ends in batches from the target cache Cached on piece;
    Data processing unit, for described it is upper cache in grouped data carry out it is corresponding with the target algorithm parallel and The iteration of streamlined obscures and dispersion operation, obtains the result, and the result is preserved to the target Caching, so that the result is read at the CPU ends from the target cache.
CN201710934651.1A 2017-10-10 2017-10-10 A kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery Pending CN107528690A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201710934651.1A CN107528690A (en) 2017-10-10 2017-10-10 A kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201710934651.1A CN107528690A (en) 2017-10-10 2017-10-10 A kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery

Publications (1)

Publication Number Publication Date
CN107528690A true CN107528690A (en) 2017-12-29

Family

ID=60684687

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201710934651.1A Pending CN107528690A (en) 2017-10-10 2017-10-10 A kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery

Country Status (1)

Country Link
CN (1) CN107528690A (en)

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108566393A (en) * 2018-04-13 2018-09-21 清华大学无锡应用技术研究院 The methods, devices and systems of data encryption
CN109639513A (en) * 2019-01-29 2019-04-16 郑州云海信息技术有限公司 A kind of IPSec scheme debugging apparatus, method and system
CN109710266A (en) * 2019-01-17 2019-05-03 郑州云海信息技术有限公司 Task processing method, host server, heterogeneous system in a kind of heterogeneous system
CN111104363A (en) * 2019-12-27 2020-05-05 浪潮(北京)电子信息产业有限公司 FPGA cloud platform using method, device, equipment and medium
CN111193591A (en) * 2019-12-31 2020-05-22 郑州信大先进技术研究院 Encryption and decryption method and system based on CPU + FPGA
CN111914307A (en) * 2020-08-11 2020-11-10 山东大学 High-level synthesis-based SM4 accelerated processing method and system
WO2021136014A1 (en) * 2019-12-31 2021-07-08 中兴通讯股份有限公司 Secure computing control method, data packet processing method and device and system thereof
CN114969851A (en) * 2022-05-31 2022-08-30 浪潮电子信息产业股份有限公司 Data processing method, device, equipment and medium based on FPGA
CN116070292A (en) * 2023-03-07 2023-05-05 苏州宏存芯捷科技有限公司 SM4 encryption heterogeneous acceleration system based on FPGA
CN116861470A (en) * 2023-09-05 2023-10-10 苏州浪潮智能科技有限公司 Encryption and decryption method, encryption and decryption device, computer readable storage medium and server

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103973431A (en) * 2014-04-16 2014-08-06 华南师范大学 AES parallel implementation method based on OpenCL
CN103973432A (en) * 2014-05-23 2014-08-06 浪潮电子信息产业股份有限公司 SM4 algorithm encryption unit based on FPGA chip and USB interface chip
US20160197600A1 (en) * 2015-01-07 2016-07-07 Raytheon Company Method and apparatus for control of pulsed power in hybrid energy storage module
CN106533652A (en) * 2015-09-15 2017-03-22 中兴通讯股份有限公司 XTS-SM4-based storage encryption and decryption method and device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103973431A (en) * 2014-04-16 2014-08-06 华南师范大学 AES parallel implementation method based on OpenCL
CN103973432A (en) * 2014-05-23 2014-08-06 浪潮电子信息产业股份有限公司 SM4 algorithm encryption unit based on FPGA chip and USB interface chip
US20160197600A1 (en) * 2015-01-07 2016-07-07 Raytheon Company Method and apparatus for control of pulsed power in hybrid energy storage module
CN106533652A (en) * 2015-09-15 2017-03-22 中兴通讯股份有限公司 XTS-SM4-based storage encryption and decryption method and device

Cited By (17)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108566393A (en) * 2018-04-13 2018-09-21 清华大学无锡应用技术研究院 The methods, devices and systems of data encryption
CN109710266B (en) * 2019-01-17 2022-02-18 郑州云海信息技术有限公司 Task processing method in heterogeneous system, host server and heterogeneous system
CN109710266A (en) * 2019-01-17 2019-05-03 郑州云海信息技术有限公司 Task processing method, host server, heterogeneous system in a kind of heterogeneous system
CN109639513A (en) * 2019-01-29 2019-04-16 郑州云海信息技术有限公司 A kind of IPSec scheme debugging apparatus, method and system
CN111104363A (en) * 2019-12-27 2020-05-05 浪潮(北京)电子信息产业有限公司 FPGA cloud platform using method, device, equipment and medium
CN111104363B (en) * 2019-12-27 2022-04-22 浪潮(北京)电子信息产业有限公司 FPGA cloud platform using method, device, equipment and medium
CN111193591A (en) * 2019-12-31 2020-05-22 郑州信大先进技术研究院 Encryption and decryption method and system based on CPU + FPGA
CN113132264A (en) * 2019-12-31 2021-07-16 中兴通讯股份有限公司 Security calculation control method, data packet processing method, device and system
WO2021136014A1 (en) * 2019-12-31 2021-07-08 中兴通讯股份有限公司 Secure computing control method, data packet processing method and device and system thereof
CN111193591B (en) * 2019-12-31 2023-06-20 郑州信大先进技术研究院 Encryption and decryption method and system based on CPU+FPGA
CN113132264B (en) * 2019-12-31 2024-02-02 中兴通讯股份有限公司 Security calculation control method, data packet processing method, device and system thereof
CN111914307A (en) * 2020-08-11 2020-11-10 山东大学 High-level synthesis-based SM4 accelerated processing method and system
CN114969851A (en) * 2022-05-31 2022-08-30 浪潮电子信息产业股份有限公司 Data processing method, device, equipment and medium based on FPGA
CN114969851B (en) * 2022-05-31 2024-02-23 浪潮电子信息产业股份有限公司 FPGA-based data processing method, device, equipment and medium
CN116070292A (en) * 2023-03-07 2023-05-05 苏州宏存芯捷科技有限公司 SM4 encryption heterogeneous acceleration system based on FPGA
CN116861470A (en) * 2023-09-05 2023-10-10 苏州浪潮智能科技有限公司 Encryption and decryption method, encryption and decryption device, computer readable storage medium and server
CN116861470B (en) * 2023-09-05 2024-01-26 苏州浪潮智能科技有限公司 Encryption and decryption method, encryption and decryption device, computer readable storage medium and server

Similar Documents

Publication Publication Date Title
CN107528690A (en) A kind of symmetrical encryption and decryption method and systems of SM4 for accelerating platform based on isomery
CN107491317A (en) A kind of symmetrical encryption and decryption method and systems of AES for accelerating platform based on isomery
CN106980794A (en) TrustZone-based file encryption and decryption method and device and terminal equipment
CN105306194B (en) For encrypted file and/or the multiple encryption method and system of communications protocol
CN101997834A (en) Device for supporting high-performance safety protocol
CN107566113A (en) The symmetrical encipher-decipher methods of 3DES, system and computer-readable recording medium
CN205901794U (en) System for it encrypts to carry out selectivity to big data content
CN113641648A (en) Distributed cloud security storage method, system and storage medium
CN109687966A (en) Encryption method and its system
CN107911221B (en) Key management method for secure storage of solid-state disk data
Gayathri et al. Hybrid cryptography for random-key generation based on ECC algorithm
CN112788001A (en) Data encryption-based data processing service processing method, device and equipment
CN117786758A (en) Trusted execution environment-based secret database system and electronic equipment
CN106919348A (en) Distributed memory system and storage method that anti-violence is cracked
Hu Study of file encryption and decryption system using security key
CN112528309A (en) Data storage encryption and decryption method and device
CN110502911A (en) A kind of method, equipment and storage medium based on Faas cloud service configuration vFPGA
CN105893862A (en) Browser cache data protection method and device
Nema et al. Survey of the security algorithms over cloud environment to protect information
CN106330877A (en) Method and system for authorizing switching of terminal state
Alrehaili et al. Cloud computing security challenges
CN110162989A (en) Polymorphic type file encryption based on CBC mode is shared and access control method
CN116881945B (en) Solid state disk encryption and decryption method and system based on TPCM and electronic equipment
CN117979051B (en) Audio anti-counterfeiting method, equipment and medium
Modugula A Hybrid approach for Augmenting password security using Argon2i hashing and AES Scheme.

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20171229