Method and apparatus for high speed implementation of data encryption and decryption utilizing, e.g. Rijndael or its subset AES, or other encryption/decryption algorithms having similar key expansion data flow
First Claim
1. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit; and
, a first selector circuit adapted to select as the input to the substitution circuit the first or the second input.
2 Assignments
0 Petitions
Accused Products
Abstract
An encryption/decryption method and apparatus may comprise performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages; holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width; encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width; decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step; performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block. A subsequent stage input data block may be the subsequent stage of the series of stages the output of the substitution step or the stage input data block. One may perform in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each comprising a round, and repeat this operation a selected number of times and a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds. One may perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary. One may generate each round key by the expansion of a starting key of a second selected width. The second selected width may equal the first selected width; and, the encryption step may further include performing an affine transformation and the decryption step may further include performing an inverse of the affine transformation.
-
Citations
110 Claims
-
1. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit; and
,a first selector circuit adapted to select as the input to the substitution circuit the first or the second input. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
-
-
31. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit adapted to select as the input to the substitution circuit the first or the second input; and
,a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block.
-
-
32. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block; and
,the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.
-
-
33. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block;
the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds; and
,the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.
-
-
34. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block;
the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary; and
,a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
-
-
35. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block;
the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width; and
,the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width.
-
-
36. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block;
the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width; and
,the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width, equal to the first selected width.
-
-
37. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block;
the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width;
the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width, equal to the first selected width; and
,the encryption circuit is adapted to perform an affine transformation and the decryption circuit is adapted to perform an inverse of the affine transformation.
-
-
38. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit; and
,a first selector circuit means for selecting as the input to the substitution circuit the first or the second input. - View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67)
-
-
68. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit means for selecting as the input to the substitution circuit the first or the second input; and
,a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block.
-
-
69. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block; and
,the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.
-
-
70. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block;
the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds; and
,the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.
-
-
71. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit, a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block;
the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary; and
,a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
-
-
72. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit, a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block;
the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width; and
,the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width.
-
-
73. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block;
the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width; and
,the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width equal to the first selected width.
-
-
74. An encryption/decryption circuit comprising:
-
a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block;
the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width;
the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width equal to the first selected width; and
,the encryption circuit means further includes means for performing an affine transformation and the decryption circuit means further includes means for performing an inverse of the affine transformation.
-
-
75. An encryption/decryption method comprising:
-
performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step; and
,performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block. - View Dependent Claims (76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104)
-
-
105. An encryption/decryption method comprising:
-
performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block; and
,selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block.
-
-
106. An encryption/decryption method comprising:
-
performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block;
selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block; and
,performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.
-
-
107. An encryption/decryption method comprising:
-
performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block;
selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block;
performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds; and
,performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.
-
-
108. An encryption/decryption method comprising:
-
performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block;
selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block;
performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary; and
,generating each round key by the expansion of a starting key of a second selected width.
-
-
109. An encryption/decryption method comprising:
-
performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block;
selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block;
performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
generating each round key by the expansion of a starting key of a second selected width; and
,the second selected width equals the first selected width.
-
-
110. An encryption/decryption method comprising:
-
performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block;
selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block;
performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
generating each round key by the expansion of a starting key of a second selected width;
the second selected width equals the first selected width; and
,the encryption step further includes performing an affine transformation and the decryption step further includes performing an inverse of the affine transformation.
-
Specification