System and method for implementing DES permutation functions

US 20040086114A1
Filed: 11/06/2002
Published: 05/06/2004
Est. Priority Date: 11/06/2002
Status: Abandoned Application

First Claim

Patent Images

1. A method of implementing at least a portion of the data encryption standard (DES) algorithm on a general purpose processor comprising:

fetching a permutation instruction comprising a permutation opcode and a permutation identifier;

decoding said permutation opcode to determine the function that is to be performed;

instructing an encryption unit to perform a DES permutation function by sending a permutation request and said permutation identifier to said encryption unit;

performing a DES permutation function in response to receiving said permutation request and said permutation identifier, said permutation identifier delineating the type of DES permutation function that is to be performed; and

loading the permutation result of said DES permutation function in a general purpose register.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system and method is provided for using a general purpose processor to implement permutation and/or round opcodes for encrypting and/or decrypting data in accordance with the data encryption standard (DES) algorithm. In one embodiment of the present invention, an encryption unit is adapted to implement a permutation (or rotation) function on a first operand obtained from a general purpose register, where the permutation function is derived from a permutation opcode and a second operand provided to the encryption unit. In this embodiment, the permutation opcode is used to instruct the encryption unit to perform a permutation function, and the second operand is used to delineate which permutation function is to be performed. In another embodiment of the present invention, the encryption unit is adapted to implement a round function on two operands obtained from general purpose registers. In this embodiment a round opcode is used to instruct the encryption unit to perform the round function. In another embodiment, the encryption unit is adapted to perform the round function by implementing four permutation and two exclusive-or functions.

Citations

30 Claims

1. A method of implementing at least a portion of the data encryption standard (DES) algorithm on a general purpose processor comprising:
- fetching a permutation instruction comprising a permutation opcode and a permutation identifier;
  
  decoding said permutation opcode to determine the function that is to be performed;
  
  instructing an encryption unit to perform a DES permutation function by sending a permutation request and said permutation identifier to said encryption unit;
  
  performing a DES permutation function in response to receiving said permutation request and said permutation identifier, said permutation identifier delineating the type of DES permutation function that is to be performed; and
  
  loading the permutation result of said DES permutation function in a general purpose register.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 2. The method of claim 1, wherein said step of loading said permutation result in said general purpose register further includes loading said permutation result in a particular general purpose register identified by a destination identifier, said permutation instruction further including said destination identifier.
  - 3. The method of claim 1, wherein said step of performing said DES permutation function further includes performing said DES permutation function on the content of a particular general purpose register identified by an operand identifier, said permutation instruction further including said operand identifier.
  - 4. The method of claim 1, further comprising:
    - fetching a round instruction comprising a round opcode;
      
      decoding said round opcode to determine the function that is to be performed;
      
      instructing said encryption unit to perform a DES round function by sending a round request to said encryption unit;
      
      performing a DES round function in response to receiving said round request; and
      
      loading the round result of said DES permutation function in a general purpose register.
  - 5. The method of claim 4, wherein said step of loading said round result in said general purpose register further includes loading said round result in a particular general purpose register identified by a destination identifier, said round instruction further including said destination identifier.
  - 6. The method of claim 4, wherein said step of performing said DES round function further includes performing said DES round function on the contents of two particular general purpose registers corresponding to two operand identifiers, said round instruction further including said two operand identifiers.
  - 7. The method of claim 1, wherein said step of performing said DES permutation function further includes performing an initial-permutation function on a first set of text data to produce a second set of text data.
  - 8. The method of claim 1, wherein said step of performing said DES permutation function further includes performing a key-permutation function on a first set of key data to produce a second set of key data.
  - 9. The method of claim 1, wherein said step of performing said DES permutation function further includes performing a circular-rotation-of-the-key-by-one function on a second set of key data to produce a third set of key data.
  - 10. The method of claim 1, wherein said step of performing said DES permutation function further includes performing a circular-rotation-of-the-key-by-two function on a fourth set of key data to produce a fifth set of key data.
  - 11. The method of claim 1, wherein said step of performing said DES permutation function further includes performing a final-permutation function on a final set of text data to produce a resulting set of text data.
  - 12. The method of claim 4, wherein said step of performing said DES round function further includes performing:
    - a first-exclusive-or function on a least-significant-bit portion of a second set of text data and a portion of a second set of key data to produce a first set of E data;
      
      a look-up-table function on said first set of E data to produce a first set of S data; and
      
      a second-exclusive-or function on a most-significant-bit portion of said second set of text data and said first set of S data to produce a first set of P data, said first set of P data being the least significant bits in a third set of text data.
  - 13. The method of claim 9, wherein said step of performing a circular-rotation-of-the-key-by-one function further includes performing a circular-rotation-of-the-key-by-one function to the left if a first set of text data is being encrypted and to the right if said first set of text data is being decrypted.
  - 14. The method of claim 10, wherein said step of performing a circular-rotation-of-the-key-by-two function further includes performing a circular-rotation-of-the-key-by-two function to the left if a first set of text data is being encrypted and to the right if said first set of text data is being decrypted.
  - 15. The method of claim 1, wherein said step of performing said DES permutation function further includes performing an expansion-permutation function on a least-significant-bit portion of a second set of text data to produce a first set of R data.
  - 16. The method of claim 1, wherein said step of performing said DES permutation function further includes performing a select-key-permutation function on a portion of a second set of key data to produce a first set of Y data.
  - 17. The method of claim 1, wherein said step of performing said DES permutation function further includes performing a value-substitution-permutation function on a first set of E data to produce a first set of S data.
  - 18. The method of claim 1, wherein said step of performing said DES permutation function further includes performing a bit-permutation function on said first set of S data to produce a first set of Z data.
  - 19. The method of claim 11, wherein said step of performing said final-permutation function further includes performing a reverse-order permutation function immediately proceeding said final-permutation function.
  - 20. The method of claim 4, further comprising:
    - fetching an alternate-round instruction comprising an alternate-round opcode;
      
      decoding said alternate-round opcode to determine the function that is to be performed;
      
      instructing said encryption unit to perform a DES alternate-round function by sending an alternate-round request to said encryption unit; and
      
      performing a DES alternate-round function in response to receiving said alternate-round request, said alternate-round function comprising;
      
      performing a first-exclusive-or function on a least-significant-bit portion of a seventeenth set of text data and a portion of a seventeenth set of key data to produce a sixteenth set of E data;
      
      performing a look-up-table function on said sixteenth set of E data to produce a sixteenth set of S data; and
      
      performing a second-exclusive-or function on a most-significant bit portion of said seventeenth set of text data and said sixteenth set of S data to produce a sixteenth set of P data, said sixteenth set of P data being the most significant bits in a final set of text data.

21. A method of implementing at least a portion of the data encryption standard (DES) algorithm on a general purpose processor, said general purpose processor being adapted to perform a portion of said DES algorithm in response to receiving a permutation opcode, comprising:
- obtaining a first set of text data and a first set of key data from a plurality of sixty-four bit general purpose registers;
  
  performing an initial-data-permutation function on said first set of text data to produce a second set of text data;
  
  performing a key-permutation function on said first set of key data to produce a second set of key data;
  
  performing a round computation on said second set of text data and said second set of key data to produce a third set of text data;
  
  performing a rotation computation by performing a circular-rotation-of-the-key function on said second set of key data to produce a third set of key data;
  
  repeating said round and rotation computation to produce a final set of text data; and
  
  performing a final-data-permutation function on said final set of text data to produce a resulting set of text data.
- View Dependent Claims (22, 23, 24, 25)
- - 22. The method of claim 21, wherein said round computation comprises:
    - obtaining said second set of text data and said second set of key data from said plurality of sixty-four bit general purpose registers; and
      
      performing a first-exclusive-or function on a least-significant-bit portion of said second set of text data and a portion of said second set of key data to produce a first set of E data;
      
      performing a look-up-table function on said first set of E data to produce a first set of S data; and
      
      performing a second-exclusive-or function on a most-significant-bit portion of said second set of text data and said first set of S data to produce a first set of P data, wherein said first set of P data and said least-significant-bit portion of said second set of text data is used to produce a third set of text data.
  - 23. The method of claim 21, wherein said round computation comprises:
    - performing an expansion-permutation function on a least-significant-bit portion of said second set of text data to produce a first set of R data;
      
      performing a select-key-permutation function on a portion of said second set of key data to produce a first set of Y data;
      
      performing an exclusive-or (XOR) on said first set of R data and said first set of Y data to produce a first set of E data;
      
      performing a value-substitution-permutation function on said first set of E data to produce a first set of S data;
      
      performing a bit-permutation function on said first set of S data to produce a first set of Z data; and
      
      performing an XOR on said first set of Z data with a most-significant-bit portion of said second set of text data to produce a first set of P data, wherein said first set of P data and said least-significant-bit portion of said second set of text data is used to produce a third set of text data.
  - 24. The method of claim 21, further comprising performing a reverse-order permutation computation immediately proceeding said final-permutation function.
  - 25. The method of claim 21, further comprising:
    - performing said first-exclusive-or function on a least-significant-bit portion of a seventeenth set of text data and a portion of a seventeenth set of key data to produce a sixteenth set of E data;
      
      performing said look-up-table function on said sixteenth set of E data to produce a sixteenth set of S data; and
      
      performing said second-exclusive-or-function on a most-significant-bit portion of said seventeenth set of text data and said sixteenth set of S data to produce a sixteenth set of P data, said sixteenth set of P data being the most significant bits in a final set of text data.

26. A general purpose processor for encrypting and decrypting data using the data encryption standard (DES) algorithm, said general purpose processor comprising:
- a memory adapted to store a permutation instruction comprising a permutation opcode and a permutation identifier;
  
  a control unit adapted to generate a permutation request in response to receiving said permutation opcode from said memory;
  
  a plurality of general purpose registers; and
  
  an encryption unit adapted to perform a DES permutation function on an operand obtained from said plurality of general purpose registers in response to receiving said permutation request and said permutation identifier, said permutation identifier delineating the type of DES permutation function that is to be performed.
- View Dependent Claims (27, 28, 29, 30)
- - 27. The general purpose processor of claim 26, wherein said memory is further adapted to store a round instruction comprising a round opcode, said control unit is further adapted to generate a round request in response to receiving said round opcode from said memory, and said encryption unit is further adapted to perform a DES round function on two other operands obtained from said plurality of general purpose registers in response to receiving said round request.
  - 28. The general purpose processor of claim 26, wherein said plurality of general purpose registers consist of a plurality of sixty-four bit general purpose registers.
  - 29. The general purpose processor of claim 26, wherein said permutation instruction further comprises a destination identifier and an operand identifier, said operand identifier corresponding to a particular one of said plurality of general purpose registers containing said operand.
  - 30. The general purpose processor of claim 26, further comprising an I/O interface operatively connected to at least one communication device, said at least one communication device selected from a list consisting of a local communication device and a remotely located communication device.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
Rarick, Leonard D.

Application Number

US10/289,970
Publication Number

US 20040086114A1
Time in Patent Office

Days
Field of Search
US Class Current

380/29
CPC Class Codes

H04L 2209/12 Details relating to cryptog...

H04L 9/0625 with splitting of the data ...

System and method for implementing DES permutation functions

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

30 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for implementing DES permutation functions

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

30 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links