| 摘要 |
This invention makes the number of cycles required for AES encryption or decryption by hardware smaller than before by reducing the difference among the summation of the signal processing time for each sub-block transformations in each clock cycle period. To do this, an encryption/decryption circuit includes a first AddRoundKey Transformation module, a second AddRoundKey Transformation module, a ShiftRows Transformation module, a SubBytes Transformation module, a MixColumns Transformation module, and a data holding unit, wherein in a cycle of encryption, the first AddRoundKey Transformation module and the second AddRoundKey Transformation module are executed using different Round Keys. |
| 主权项 |
1. An Advanced Encryption Standard (AES) encryption circuit comprising:
a first AddRoundKey Transformation module for performing a first AddRoundKey Transformation operation; a second AddRoundKey Transformation module for performing a second AddRoundKey Transformation operation; a ShiftRows Transformation module for performing a ShiftRows Transformation operation; a SubBytes Transformation module for performing a SubBytes Transformation operation; a MixColumns Transformation module for performing a MixColumns Transformation operation; and a data holding unit,
wherein, in a plurality of clock cycles, an encryption is executed using said first AddRoundkey Transformation module, said second AddRoundkey Transformation module, said ShiftRows Transformation module, said SubBytes Transformation module, said MixColumns Transformation module and said data holding unit,wherein, in a last clock cycle of the plurality of clock cycles, said first AddRoundKey Transformation module and said second AddRoundKey Transformation module are both used and said MixColumns Transformation module is not used,wherein, in other clock cycles other than the last clock cycle among the plurality of clock cycles, either said first AddRoundKey Transformation module or said second AddRoundKey Transformation module, but not both, is used,wherein each of the steps in the plurality of clock cycles is performed sequentially, andwherein, in a first clock cycle of encryption,
said first AddRoundKey Transformation module inputs plaintext data,said SubBytes Transformation module inputs the output from said first AddRoundKey Transformation module,said ShiftRows Transformation module inputs the output from said SubBytes Transformation module,said MixColumns Transformation module inputs the output from said ShiftRows Transformation module, andsaid data holding unit inputs the output from said MixColumns Transformation module,in each clock cycle of encryption from a second clock cycle to an (Nr−1)th clock cycle, where Nr is a number of rounds,
said first AddRoundKey Transformation module inputs the output from said data holding unit,said SubBytes Transformation module inputs the output from said first AddRoundKey Transformation module,said ShiftRows Transformation module inputs the output from said SubBytes Transformation module,said MixColumns Transformation module inputs the output from said ShiftRows Transformation module, andsaid data holding unit inputs the output from said MixColumns Transformation module, andin an Nrth clock cycle of encryption,
said first AddRoundKey Transformation module inputs the output from said data holding unit,said SubBytes Transformation module inputs the output from said first AddRoundKey Transformation module,said ShiftRows Transformation module inputs the output from said SubBytes Transformation module,said second AddRoundKey Transformation module inputs the output from said ShiftRows Transformation module, andsaid data holding unit inputs the output from said second AddRoundKey Transformation module. |
