Method and apparatus for high speed implementation of data encryption and decryption utilizing, e.g. Rijndael or its subset AES, or other encryption/decryption algorithms having similar key expansion data flow

US 20030198345A1
Filed: 04/15/2002
Published: 10/23/2003
Est. Priority Date: 04/15/2002
Status: Abandoned Application

First Claim

Patent Images

1. An encryption/decryption circuit comprising:

a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;

a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;

an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;

a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit; and

, a first selector circuit adapted to select as the input to the substitution circuit the first or the second input.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An encryption/decryption method and apparatus may comprise performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages; holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width; encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width; decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step; performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block. A subsequent stage input data block may be the subsequent stage of the series of stages the output of the substitution step or the stage input data block. One may perform in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each comprising a round, and repeat this operation a selected number of times and a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds. One may perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary. One may generate each round key by the expansion of a starting key of a second selected width. The second selected width may equal the first selected width; and, the encryption step may further include performing an affine transformation and the decryption step may further include performing an inverse of the affine transformation.

Citations

110 Claims

1. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
  
  a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit; and
  
  , a first selector circuit adapted to select as the input to the substitution circuit the first or the second input.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30)
- - 2. The apparatus of claim 1, further comprising:
    - a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block.
  - 3. The apparatus of claim 1 further comprising:
    - the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.
  - 4. The apparatus of claim 2 further comprising:
    - the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.
  - 5. The apparatus of claim 3 further comprising:
    - the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.
  - 6. The apparatus of claim 4 further comprising:
    - the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.
  - 7. The apparatus of claim 1 further comprising:
    - a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 8. The apparatus of claim 2 further comprising:
    - a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 9. The apparatus of claim 3 further comprising:
    - a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 10. The apparatus of claim 4 further comprising:
    - a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 11. The apparatus of claim 5 further comprising:
    - a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 12. The apparatus of claim 6 further comprising:
    - a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 13. The apparatus of claim 7, further comprising:
    - the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width.
  - 14. The apparatus of claim 8, further comprising:
    - the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width.
  - 15. The apparatus of claim 9, further comprising:
    - the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width.
  - 16. The apparatus of claim 10, further comprising:
    - the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width.
  - 17. The apparatus of claim 11, further comprising:
    - the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width.
  - 18. The apparatus of claim 12, further comprising:
    - the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width.
  - 19. The apparatus of claim 13, further comprising:
    - the second selected width equals the first selected width.
  - 20. The apparatus of claim 14, further comprising:
    - the second selected width equals the first selected width.
  - 21. The apparatus of claim 15, further comprising:
    - the second selected width equals the first selected width.
  - 22. The apparatus of claim 16, further comprising:
    - the second selected width equals the first selected width.
  - 23. The apparatus of claim 17, further comprising:
    - the second selected width equals the first selected width.
  - 24. The apparatus of claim 18, further comprising:
    - the second selected width equals the first selected width.
  - 25. The apparatus of claim 19 further comprising:
    - the encryption circuit is adapted to perform an affine transformation and the decryption circuit is adapted to perform an inverse of the affine transformation.
  - 26. The apparatus of claim 20 further comprising:
    - the encryption circuit is adapted to perform an affine transformation and the decryption circuit is adapted to perform an inverse of the amine transformation.
  - 27. The apparatus of claim 21 further comprising:
    - the encryption circuit is adapted to perform an affine transformation and the decryption circuit is adapted to perform an inverse of the affine transformation.
  - 28. The apparatus of claim 22 further comprising:
    - the encryption circuit is adapted to perform an affine transformation and the decryption circuit is adapted to perform an inverse of the amine transformation.
  - 29. The apparatus of claim 23 further comprising:
    - the encryption circuit is adapted to perform an affine transformation and the decryption circuit is adapted to perform an inverse of the affine transformation.
  - 30. The apparatus of claim 24 further comprising:
    - the encryption circuit is adapted to perform an affine transformation and the decryption circuit is adapted to perform an inverse of the affine transformation.

31. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
  
  a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit adapted to select as the input to the substitution circuit the first or the second input; and
  
  , a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block.

32. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
  
  a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
  
  a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block; and
  
  , the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.

33. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
  
  a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
  
  a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block;
  
  the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds; and
  
  , the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.

34. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
  
  a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
  
  a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block;
  
  the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary; and
  
  , a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.

35. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
  
  a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
  
  a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block;
  
  the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
  
  a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width; and
  
  , the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width.

36. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
  
  a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
  
  a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block;
  
  the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
  
  a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width; and
  
  , the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width, equal to the first selected width.

37. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit adapted to perform in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and to provide an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer adapted to hold the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit adapted to encrypt the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit;
  
  a decryption circuit adapted to decrypt the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit adapted to select as the input to the substitution circuit the first or the second input;
  
  a second selector circuit adapted to select as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit the output of the substitution circuit or the stage input data block;
  
  the staged pipelined logic circuit being further adapted to perform in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit, each of the stages of the first plurality of stages comprising a round, and to repeat this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  the staged pipelined logic circuit being further adapted to perform in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
  
  a round key generation circuit adapted to provide a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width;
  
  the round key generation circuit being adapted to generate each round key by the expansion of a starting key of a second selected width, equal to the first selected width; and
  
  , the encryption circuit is adapted to perform an affine transformation and the decryption circuit is adapted to perform an inverse of the affine transformation.

38. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
  
  a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit; and
  
  , a first selector circuit means for selecting as the input to the substitution circuit the first or the second input.
- View Dependent Claims (39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 58, 59, 60, 61, 62, 63, 64, 65, 66, 67)
- - 39. The apparatus of claim 38, further comprising:
    - a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block.
  - 40. The apparatus of claim 38 further comprising:
    - the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.
  - 41. The apparatus of claim 39 further comprising:
    - the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.
  - 42. The apparatus of claim 40 further comprising:
    - the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.
  - 43. The apparatus of claim 41 further comprising:
    - the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.
  - 44. The apparatus of claim 38 further comprising:
    - a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 45. The apparatus of claim 39 further comprising:
    - a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 46. The apparatus of claim 40 further comprising:
    - a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 47. The apparatus of claim 41 further comprising:
    - a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 48. The apparatus of claim 42 further comprising:
    - a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 49. The apparatus of claim 43 further comprising:
    - a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 50. The apparatus of claim 44, further comprising:
    - the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width.
  - 51. The apparatus of claim 45, further comprising:
    - the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width.
  - 52. The apparatus of claim 46, further comprising:
    - the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width.
  - 53. The apparatus of claim 47, further comprising:
    - the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width.
  - 54. The apparatus of claim 48, further comprising:
    - the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width.
  - 55. The apparatus of claim 49, further comprising:
    - the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width.
  - 56. The apparatus of claim 50, further comprising:
    - the second selected width equals the first selected width.
  - 57. The apparatus of claim 51, further comprising:
    - the second selected width equals the first selected width.
  - 58. The apparatus of claim 52, further comprising:
    - the second selected width equals the first selected width.
  - 59. The apparatus of claim 53, further comprising:
    - the second selected width equals the first selected width.
  - 60. The apparatus of claim 54, further comprising:
    - the second selected width equals the first selected width.
  - 61. The apparatus of claim 55, further comprising:
    - the second selected width equals the first selected width.
  - 62. The apparatus of claim 56 further comprising:
    - the encryption circuit means further includes means for performing an affine transformation and the decryption circuit means further includes means for performing an inverse of the affine transformation.
  - 63. The apparatus of claim 57 further comprising:
    - the encryption circuit means further includes means for performing an affine transformation and the decryption circuit means further includes means for performing an inverse of the affine transformation.
  - 64. The apparatus of claim 58 further comprising:
    - the encryption circuit means further includes means for performing an affine transformation and the decryption circuit means further includes means for performing an inverse of the affine transformation.
  - 65. The apparatus of claim 59 further comprising:
    - the encryption circuit means further includes means for performing an affine transformation and the decryption circuit means further includes means for performing an inverse of the affine transformation.
  - 66. The apparatus of claim 60 further comprising:
    - the encryption circuit means further includes means for performing an affine transformation and the decryption circuit means further includes means for performing an inverse of the affine transformation.
  - 67. The apparatus of claim 61 further comprising:
    - the encryption circuit means further includes means for performing an affine transformation and the decryption circuit means further includes means for performing an inverse of the affine transformation.

68. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
  
  a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit means for selecting as the input to the substitution circuit the first or the second input; and
  
  , a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block.

69. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
  
  a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
  
  a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block; and
  
  , the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.

70. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
  
  a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
  
  a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block;
  
  the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds; and
  
  , the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.

71. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit, a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
  
  a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
  
  a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block;
  
  the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary; and
  
  , a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.

72. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit, a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
  
  a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
  
  a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block;
  
  the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
  
  a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width; and
  
  , the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width.

73. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
  
  a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
  
  a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block;
  
  the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
  
  a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width; and
  
  , the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width equal to the first selected width.

74. An encryption/decryption circuit comprising:
- a staged pipelined logic circuit means for performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the staged pipelined logic circuit;
  
  a stage input data block buffer means for holding the stage input data block for input into a stage of the staged pipelined logic circuit, the input data block having the first selected width;
  
  an encryption circuit means for encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width, and the encrypted stage input data block forming an input to a stage substitution circuit, the output of the stage substitution circuit forming a first subsequent stage input data block for a subsequent stage of the staged pipelined logic circuit means;
  
  a decryption circuit means for decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption circuit, the decrypted stage input data block forming a second subsequent stage input to the substitution circuit;
  
  a first selector circuit means for selecting as the input to the substitution circuit the first or the second input;
  
  a second selector circuit means for selecting as the subsequent stage input data block for the subsequent stage of the staged pipelined logic circuit means the output of the substitution circuit or the stage input data block;
  
  the staged pipelined logic circuit means further including means for performing in series the stages of the encryption/decryption operations in a first plurality of stages of the staged pipelined logic circuit means, each of the stages of the first plurality of stages comprising a round, and for repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  the staged pipelined logic circuit means further comprising means for performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
  
  a round key generation circuit means for providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width;
  
  the round key generation circuit means further including means for generating each round key by the expansion of a starting key of a second selected width equal to the first selected width; and
  
  , the encryption circuit means further includes means for performing an affine transformation and the decryption circuit means further includes means for performing an inverse of the affine transformation.

75. An encryption/decryption method comprising:
- performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
  
  holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
  
  encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
  
  decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step; and
  
  , performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block.
- View Dependent Claims (76, 77, 78, 79, 80, 81, 82, 83, 84, 85, 86, 87, 88, 89, 90, 91, 92, 93, 94, 95, 96, 97, 98, 99, 100, 101, 102, 103, 104)
- - 76. The method of claim 75, further comprising:
    - selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block.
  - 77. The method of claim 76 further comprising:
    - performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.
  - 78. The method of claim 76 further comprising:
    - performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.
  - 79. The method of claim 77 further comprising:
    - performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.
  - 80. The method of claim 78 further comprising:
    - performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.
  - 81. The apparatus of claim 75 further comprising:
    - providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 82. The method of claim 76 further comprising:
    - providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 83. The method of claim 77 further comprising:
    - providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 84. The method of claim 78 further comprising:
    - providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 85. The method of claim 79 further comprising:
    - providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 86. The method of claim 80 further comprising:
    - providing a round encryption or decryption key of the first selected width for combination with the block data of the first selected width, based upon an initial encryption or decryption key of a second selected width.
  - 87. The method of claim 81, further comprising:
    - generating each round key by the expansion of a starting key of a second selected width.
  - 88. The method of claim 82, further comprising:
    - generating each round key by the expansion of a starting key of a second selected width.
  - 89. The method of claim 83, further comprising:
    - generating each round key by the expansion of a starting key of a second selected width.
  - 90. The method of claim 84, further comprising:
    - generating each round key by the expansion of a starting key of a second selected width.
  - 91. The method of claim 85, further comprising:
    - generating each round key by the expansion of a starting key of a second selected width.
  - 92. The method of claim 86, further comprising:
    - generating each round key by the expansion of a starting key of a second selected width.
  - 93. The method of claim 87, further comprising:
    - the second selected width equals the first selected width.
  - 94. The method of claim 88, further comprising:
    - the second selected width equals the first selected width.
  - 95. The method of claim 89, further comprising:
    - the second selected width equals the first selected width.
  - 96. The method of claim 90, further comprising:
    - the second selected width equals the first selected width.
  - 97. The method of claim 91, further comprising:
    - the second selected width equals the first selected width.
  - 98. The method of claim 92, further comprising:
    - the second selected width equals the first selected width.
  - 99. The method of claim 93 further comprising:
    - the encryption step further includes performing an affine transformation and the decryption step further includes performing an inverse of the affine transformation.
  - 100. The method of claim 94 further comprising:
    - the encryption step further includes performing an affine transformation and the decryption step further includes performing an inverse of the affine transformation.
  - 101. The method of claim 95 further comprising:
    - the encryption step further includes performing an affine transformation and the decryption step further includes performing an inverse of the affine transformation.
  - 102. The method of claim 96 further comprising:
    - the encryption step further includes performing an affine transformation and the decryption step further includes performing an inverse of the affine transformation.
  - 103. The method of claim 97 further comprising:
    - the encryption step further includes performing an affine transformation and the decryption step further includes performing an inverse of the affine transformation.
  - 104. The method of claim 98 further comprising:
    - the encryption step further includes performing an affine transformation and the decryption step further includes performing an inverse of the affine transformation.

105. An encryption/decryption method comprising:
- performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
  
  holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
  
  encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
  
  decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
  
  performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block; and
  
  , selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block.

106. An encryption/decryption method comprising:
- performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
  
  holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
  
  encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
  
  decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
  
  performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block;
  
  selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block; and
  
  , performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds.

107. An encryption/decryption method comprising:
- performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
  
  holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
  
  encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
  
  decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
  
  performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block;
  
  selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block;
  
  performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds; and
  
  , performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary.

108. An encryption/decryption method comprising:
- performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
  
  holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
  
  encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
  
  decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
  
  performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block;
  
  selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block;
  
  performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary; and
  
  , generating each round key by the expansion of a starting key of a second selected width.

109. An encryption/decryption method comprising:
- performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
  
  holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
  
  encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
  
  decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
  
  performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block;
  
  selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block;
  
  performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
  
  generating each round key by the expansion of a starting key of a second selected width; and
  
  , the second selected width equals the first selected width.

110. An encryption/decryption method comprising:
- performing in series stages of encryption/decryption operations on a stage data block of a first selected width utilizing an encryption/decryption key of the first selected width and providing an output data block of the first selected width, comprising a subsequent stage input data block input to a subsequent stage of the series of stages;
  
  holding the stage input data block for input into a stage of the series of stages, the input data block having the first selected width;
  
  encrypting the stage input data block into a encrypted stage input data block having the first selected width, the encrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width;
  
  decrypting the stage input data block into a decrypted stage input data block having the first selected width, the decrypted stage input data block comprising a unique combination of data bits for each unique combination of data bits in the stage input data block of the first selected width that is the inverse of the encryption performed by the encryption step;
  
  performing a substitution operation on either the encrypted stage input data block or the decrypted stage input data block;
  
  selecting as a subsequent stage input data block for the subsequent stage of the series of stages the output of the substitution step or the stage input data block;
  
  performing in series the stages of the encryption/decryption operations in a first plurality of stages of the series of stages, each of the stages of the first plurality of stages comprising a round, and repeating this operation for a selected number of times and for a selected number of rounds each of the selected number of times, to thereby effect a total number of rounds;
  
  performing in any given one of the first plurality of times less than the first plurality of rounds depending upon the total number of rounds necessary;
  
  generating each round key by the expansion of a starting key of a second selected width;
  
  the second selected width equals the first selected width; and
  
  , the encryption step further includes performing an affine transformation and the decryption step further includes performing an inverse of the affine transformation.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Xlabs Holdings LLC
Original Assignee
Xlabs Holdings LLC
Inventors
Van Buer, Darrel J.

Application Number

US10/040,087
Publication Number

US 20030198345A1
Time in Patent Office

Days
Field of Search
US Class Current

380/43
CPC Class Codes

H04L 2209/125 Parallelization or pipelini...

H04L 9/0631 Substitution permutation ne...

Method and apparatus for high speed implementation of data encryption and decryption utilizing, e.g. Rijndael or its subset AES, or other encryption/decryption algorithms having similar key expansion data flow

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

110 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for high speed implementation of data encryption and decryption utilizing, e.g. Rijndael or its subset AES, or other encryption/decryption algorithms having similar key expansion data flow

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

110 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links