共查询到18条相似文献,搜索用时 187 毫秒
1.
一种新的加密标准 AES 总被引:6,自引:0,他引:6
AES是一种新的加密标准,它是分组加密算法,分组长度为128位,密钥长度为128bits、192bits、256bits三种,分别称为AES-128、AES-192、AES-256。本文介绍了AES的加密算法的加密过程,函数定义,密钥扩展过程。 相似文献
2.
AES密码算法的结构优化与实现 总被引:4,自引:0,他引:4
对AES密码算法的结构进行了优化,并应用0.6μmCMOS工艺实现了AES加密/解密芯片。使用Ver-ilogHDL进行算法建模,采用自动综合技术完成版图设计。芯片支持加密/解密模式及所有3种密钥长度。已完成流片,测试的最高时钟频率为20MHz,128位、192位和256位密钥时的数据吞吐率分别可达49.2Mbps、41.3Mbps和35.6Mbps。 相似文献
3.
基于低成本FPGA的AES密码算法设计 总被引:2,自引:1,他引:1
主要介绍在逻辑资源少的现场可编程门阵列(FPGA)上实现高级数据加密标准(AES)算法设计。首先描述了AES加密算法,并在FPGA上优化实现AES算法,设计结构采用多轮加密共用一个轮运算的顺序结构,加密和解密模块共用密钥扩展模块,减少资源占用,在低时钟频率下保持较高的性能。采用了16位的并行总线通信接口,利用先进先出缓冲器(FIFO)对输入输出数据进行缓存。最后通过仿真和实测表明,在50MHz时钟下加解密速率可达530Mb/s。 相似文献
4.
针对嵌入式设备,基于128位AES加密算法提出了一种基于软件的轻量化实现方案,利用T型查找表存储方案,将AES加密算法中字节替代、行移位和列混合操作转化成查表操作,并优化内存访问机制,使AES加密算法能够在有限的处理器速度、代码空间、能源使用的环境中运行。在Firefly-RK3399嵌入式开发板上进行了硬件实现,基于TCP/IP的套接字通讯方案,设计了轻量级AES加密通讯系统。采用32字节报文内容、128位的时间动态密钥,进行系统实验,结果表明较传统AES加密算法,在环境因素相同的情况下,所提方法在不降低安全性的同时,加解密速度可提升15.02%。 相似文献
5.
6.
基于硬件控制器的乱序执行抗差分功耗攻击AES芯片 总被引:1,自引:1,他引:0
本文描述了一款通过硬件控制器实现乱序执行以抵抗差分功耗攻击(DPA)的AES 芯片。
该芯片实现了高级加密标准(AES)中规定的加密和解密算法。芯片采用细粒度数据流结构,
动态发掘了算法中的字节粒度操作的并发性。文章提出了一个新颖的电路,暂存-匹配-转发
单元(HMF),作为乱序执行的基本控制结构,将并行的操作以乱序的方式执行。该芯片已
在中芯国际(SMIC)180 纳米工艺下流片。功能测试的结果表明,128 位密钥长度下加密一
组明文的平均功耗为19nJ,裸片面积为0.43mm2。芯片抗功耗攻击的能力通过一个实际攻击
平台进行了评估。实际测试结果表明,在乱序执行情况下,在64000 条样本功耗曲线下无法
识别正确密钥。和确定操作顺序的情况相比,本文提出的通过硬件控制器实现乱序执行的方
法将破解成本至少提高21 倍。 相似文献
7.
描述了基于AMBA(高级微控制器总线架构)总线的AES(高级加密标准)算法硬件设计。AES算法采用状态机实现,具有4种工作模式、支持2种密钥以及AHB(高级高性能总线)。采用实验室的SEGPS平台对设计进行仿真验证,并与采用C++语言实现的AES进行比对验证。最后,选用FPGA(现场可编程门阵列)进行综合,结果显示,可工作最高频率为140.1MHz,占用逻辑单元的资源为6977,数据吞吐率最高为351.65Mbit/s。 相似文献
8.
9.
为了防止智能卡在做加密运算时,旁路信息会通过功耗的变化而泄露,提出了一种抗差分功耗分析攻击的方法.首先研究了AES算法的加密规则,然后采用8位的处理器模拟智能卡,在智能卡上实现了对AES算法中的轮密钥加的差分功耗攻击.为了抵抗轮密钥加的差分功耗攻击,文中在算法级别上提出了一种掩码技术,其核心是用不同的随机量对密码运算过程中明文和密钥进行掩码,实验结果表明,该方法成功地抵抗了差分功耗攻击. 相似文献
10.
一种优化可配置的AES密码算法硬件实现 总被引:2,自引:0,他引:2
AES加密算法是下一代的常规加密算法,其将被广泛应用在政府部门和商业领域。本文首先介绍了AES加密算法.然后分析了其硬件实现的要点和难点,最后在Xilinx的FPGA VirtexII XC2V3000-4上对AES密码算法进行了实现和验证。本方案采用一种优化的非流水线加密解密数据路径;同时提出了一种新的可配置的动态密钥调度结构,使得该设计支持128、192和256比特的密钥;而且该设计可以配置AES的四种工作模式。实验的结果表明该设计比其它的设计具有更高的性能。 相似文献
11.
In this paper, we characterize the performance of datapath architectures of the Advanced Encryption Standard (AES). These architectures are parameterized by a datapath width of 8, 16, 32, 64, or 128 bits and, for the 128-bit width, an unrolling factor of 1, 2, 5 or 10. Composite field S-boxes are adopted for all the architectures and shift registers based ShiftRows and MixColumns components are used for architectures with datapath widths of less than 128 bits. Their performance in terms of area, peak power and average energy is benchmarked using a 90-nm standard cell CMOS technology under a variety of throughput requirements. Through this characterization, the performance trade-offs affected by the architecture parameters are extensively explored. The parameters leading to the best performance are identified. It is found that the 8-bit width datapath, which is conventionally adopted for resource efficient purposes, has the worst energy efficiency and does not result in the minimal peak power among the architectures. As well, the 16, 32 and 64-bit width AES datapath architectures are newly considered or represent improvements over previous work. 相似文献
12.
A high-throughput low-cost AES processor 总被引:5,自引:0,他引:5
Chih-Pin Su Tsung-Fu Lin Chih-Tsiun Huang Cheng-Wen Wu 《Communications Magazine, IEEE》2003,41(12):86-91
We propose an efficient hardware implementation of the advanced encryption standard algorithm, with key expansion capability. Compared to the widely used table lookup technique, the proposed basis transformation technique reduces the hardware overhead of the S-box by 64 percent. Our pipelined design has a very high throughput rate. Using typical 0.35 /spl mu/m CMOS technology, a 200 MHz clock is easily achieved, and the throughput rate in the non-feedback cipher mode is 2.38 Gb/s for 128-bit keys, 2.008 Gb/s for 192-bit keys, and 1.74 Gb/s for 256-bit keys, respectively. Testability of the design is also considered. The hardware cost of the AES design is approximately 58 K gates using a standard synthesis flow. 相似文献
13.
《Solid-State Circuits, IEEE Journal of》2006,41(4):781-792
Security ICs are vulnerable to side-channel attacks (SCAs) that find the secret key by monitoring the power consumption or other information that is leaked by the switching behavior of digital CMOS gates. This paper describes a side-channel attack resistant coprocessor IC fabricated in 0.18-$muhbox m$ CMOS consisting of an Advanced Encryption Standard (AES) based cryptographic engine, a fingerprint-matching engine, template storage, and an interface unit. Two functionally identical coprocessors have been fabricated on the same die. The first coprocessor was implemented using standard cells and regular routing techniques. The second coprocessor was implemented using a logic style called wave dynamic differential logic (WDDL) and a layout technique called differential routing to combat the differential power analysis (DPA) side-channel attack. Measurement-based experimental results show that a DPA attack on the insecure coprocessor requires only 8000 encryptions to disclose the entire 128-bit secret key. The same attack on the secure coprocessor does not disclose the entire secret key even after 1 500 000 encryptions. 相似文献
14.
对蓝牙安全机制鉴权过程中的加密算法进行了研究.分析了目前采用的基于序列密码的加密算法存在的安全隐患,提出利用分组密码实现加密的思路.详细讨论了蓝牙鉴权过程中的各类攻击方式,从硬件和软件两个方面阐述了防范的措施.对128位AES加密算法进行了研究和改进,使之能够适用于运算速度相对较低、存储资源相对较少的蓝牙移动系统环境.测试表明,改进后的AES算法可以为蓝牙的鉴权过程提供更为可靠的安全保证. 相似文献
15.
16.
Structural Cryptanalysis of SASAS 总被引:1,自引:0,他引:1
In this paper we consider the security of block ciphers which contain alternate layers of invertible S-boxes and affine mappings
(there are many popular cryptosystems which use this structure, including the winner of the AES competition, Rijndael). We
show that a five-layer scheme with 128-bit plaintexts and 8-bit S-boxes is surprisingly weak against what we call a multiset attack, even when all the S-boxes and affine mappings are key dependent (and thus completely unknown to the attacker). We
tested the multiset attack with an actual implementation, which required just 216 chosen plaintexts and a few seconds on a single PC to find the 217 bits of information in all the unknown elements of the scheme. 相似文献
17.
This paper presents a practical differential fault analysis method for the faulty Advanced Encryption Standard (AES) with a reduced round by means of a semi‐invasive fault injection. To verify our proposal, we implement the AES software on the ATmega128 microcontroller as recommended in the standard document FIPS 197. We reduce the number of rounds using a laser beam injection in the experiment. To deduce the initial round key, we perform an exhaustive search for possible key bytes associated with faulty ciphertexts. Based on the simulation result, our proposal extracts the AES 128‐bit secret key in less than 10 hours with 10 pairs of plaintext and faulty ciphertext. 相似文献
18.
由于硬件木马种类的多样性和SoC电路制造过程中不可预测的工艺变化,硬件木马检测变得极具挑战性。现有的旁路信号分析法存在两个缺点,一是需要黄金模型作为参考,二是工艺波动会掩盖部分硬件木马的活动效果。针对上述不足,提出一种利用电路模块结构自相似性的无黄金模型检测方法。通过对32位超前进位加法器的软件仿真实验和对128位AES加密电路的硬件仿真实验,验证了该方法的有效性。实验结果表明,在45 nm工艺尺寸下,对于面积占比较小的硬件木马,该方法的检测成功率可以达到90.0%以上。 相似文献