Method and system for high throughput blockwise independent encryption/decryption
First Claim
Patent Images
1. An apparatus comprising:
- an encryption circuit for encrypting a plurality of data blocks of a data segment, the encryption circuit configured to selectively switch between a blockwise independent randomized (BIR) encryption mode and a cipher block chaining (CBC) encryption mode based on a configurable feedback stride;
wherein the encryption circuit comprises a combiner circuit, a block cipher circuit, and a sequence generator circuit;
wherein the combiner circuit is configured to combine a plurality of bit vectors with a plurality of data blocks of the data segment to generate a plurality of bit vector data block combinations for encryption by the block cipher circuit;
the block cipher circuit comprising a plurality m of pipelined stages for simultaneously processing, in a pipelined fashion, a plurality m of different bit vector-data block combinations corresponding to m data blocks of the data segment to thereby generate a plurality of encrypted data blocks, the encrypted data blocks comprising a first plurality of encrypted data blocks for the data segment that were encrypted according to the BIR encryption mode and a second plurality of encrypted data blocks for the same data segment that were encrypted according to the CBC encryption mode, the value for m being configurable to define the feedback stride; and
the sequence generator configured to selectively switch between the BIR encryption mode and the CBC encryption mode based on the feedback stride, wherein the sequence generator is further configured to (1) generate and output a plurality of randomized blockwise independent bit vectors for delivery to the combiner circuit while in the BIR encryption mode, and (2) generate and output a plurality of blockwise dependent bit vectors for delivery to the combiner circuit while in the CBC encryption mode, the blockwise dependent bit vectors being based on a previously encrypted bit vector-data block combination fed back from the block cipher circuit.
2 Assignments
0 Petitions
Accused Products
Abstract
An encryption technique is disclosed for encrypting a plurality of data blocks of a data segment where the encryption selectively switches between a blockwise independent randomized (BIR) encryption mode and a cipher block chaining (CBC) encryption mode based on a configurable feedback stride. A corresponding decryption technique is also disclosed.
332 Citations
20 Claims
-
1. An apparatus comprising:
-
an encryption circuit for encrypting a plurality of data blocks of a data segment, the encryption circuit configured to selectively switch between a blockwise independent randomized (BIR) encryption mode and a cipher block chaining (CBC) encryption mode based on a configurable feedback stride; wherein the encryption circuit comprises a combiner circuit, a block cipher circuit, and a sequence generator circuit; wherein the combiner circuit is configured to combine a plurality of bit vectors with a plurality of data blocks of the data segment to generate a plurality of bit vector data block combinations for encryption by the block cipher circuit; the block cipher circuit comprising a plurality m of pipelined stages for simultaneously processing, in a pipelined fashion, a plurality m of different bit vector-data block combinations corresponding to m data blocks of the data segment to thereby generate a plurality of encrypted data blocks, the encrypted data blocks comprising a first plurality of encrypted data blocks for the data segment that were encrypted according to the BIR encryption mode and a second plurality of encrypted data blocks for the same data segment that were encrypted according to the CBC encryption mode, the value for m being configurable to define the feedback stride; and the sequence generator configured to selectively switch between the BIR encryption mode and the CBC encryption mode based on the feedback stride, wherein the sequence generator is further configured to (1) generate and output a plurality of randomized blockwise independent bit vectors for delivery to the combiner circuit while in the BIR encryption mode, and (2) generate and output a plurality of blockwise dependent bit vectors for delivery to the combiner circuit while in the CBC encryption mode, the blockwise dependent bit vectors being based on a previously encrypted bit vector-data block combination fed back from the block cipher circuit. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A method for encrypting a plurality of data blocks of a data segment, the method comprising:
-
processing a first plurality j of data blocks of a data segment in a blockwise independent randomized (BIR) mode by (1) combining the first plurality j of the data blocks with a plurality of blockwise independent bit vectors to generate a first plurality j of data block-bit vector combinations, and (2) encrypting the j data block-bit vector combinations through a plurality of pipelined block cipher stages; processing a second plurality k of data blocks of the same data segment in a cipher block chaining (CBC) mode by (1) combining the second plurality k of the data blocks with a plurality of blockwise dependent bit vectors to generate a second plurality k of data block-bit vector combinations, and (2) encrypting the k data block-bit vector combinations through the pipelined block cipher stages; and selectively switching between the BIR mode and the CBC mode by generating the blockwise independent bit vectors and the blockwise dependent bit vectors under control of a feedback stride that defines values for j and k; and wherein the method steps are performed by an encryption circuit, the encryption circuit thereby generating the plurality of encrypted data blocks such that the first j encrypted data blocks of the same data segment are encrypted based on blockwise independent bit vectors and wherein k of the other encrypted data blocks of the same data segment are encrypted based on blockwise dependent bit vectors. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16)
-
-
17. An apparatus comprising:
-
an decryption circuit for decrypting a plurality of encrypted data blocks of a data segment, the decryption circuit configured to selectively switch between a blockwise independent randomized (BIR) decryption mode and a cipher block chaining (CBC) decryption mode based on a configurable feedback stride; wherein the decryption circuit comprises a combiner circuit, a block cipher circuit, and a sequence generator circuit; wherein the combiner circuit is configured to combine a plurality of bit vectors with a plurality of encrypted data blocks of the data segment to generate a plurality of bit vector data block combinations for decryption by the block cipher circuit; the block cipher circuit comprising a plurality m of pipelined stages for simultaneously processing, in a pipelined fashion, a plurality m of different bit vector-data block combinations corresponding to m data blocks of the data segment to thereby generate a plurality of decrypted data blocks, the decrypted data blocks comprising a first plurality of decrypted data blocks for the data segment that were decrypted according to the BIR decryption mode and a second plurality of decrypted data blocks for the same data segment that were decrypted according to the CBC decryption mode, the value for m being configurable to define the feedback stride; and the sequence generator configured to selectively switch between the BIR decryption mode and the CBC decryption mode based on the feedback stride, wherein the sequence generator is further configured to (1) generate and output a plurality of randomized blockwise independent bit vectors for delivery to the combiner circuit while in the BIR decryption mode, and (2) generate and output a plurality of blockwise dependent bit vectors for delivery to the combiner circuit while in the CBC decryption mode, the blockwise dependent bit vectors being based on a previously decrypted bit vector-data block combination fed back from the block cipher circuit.
-
-
18. A method for decrypting a plurality of encrypted data blocks of a data segment, the method comprising:
-
processing a first plurality j of encrypted data blocks of a data segment in a blockwise independent randomized (BIR) mode by (1) combining the first plurality j of the encrypted data blocks with a plurality of blockwise independent bit vectors to generate a first plurality j of encrypted data block-bit vector combinations, and (2) decrypting the j encrypted data block-bit vector combinations through a plurality of pipelined block cipher stages; processing a second plurality k of encrypted data blocks of the same data segment in a cipher block chaining (CBC) mode by (1) combining the second plurality k of the encrypted data blocks with a plurality of blockwise dependent bit vectors to generate a second plurality k of encrypted data block-bit vector combinations, and (2) decrypting the k data block-bit vector combinations through the pipelined block cipher stages; and selectively switching between the BIR mode and the CBC mode by generating the blockwise independent bit vectors and the blockwise dependent bit vectors under control of a feedback stride that defines values for j and k; and wherein the method steps are performed by a decryption circuit, the decryption circuit thereby generating the plurality of decrypted data blocks such that the first j decrypted data blocks of the same data segment are decrypted based on blockwise independent bit vectors and wherein k of the other decrypted data blocks of the same data segment are decrypted based on blockwise dependent bit vectors. - View Dependent Claims (19, 20)
-
Specification