Method and apparatus for hardware-accelerated encryption/decryption

US 9,363,078 B2
Filed: 10/09/2014
Issued: 06/07/2016
Est. Priority Date: 03/22/2007
Status: Active Grant

First Claim

Patent Images

1. An apparatus comprising:

a key-based block cipher circuit, the block cipher circuit configured to encrypt a data block based on a key;

wherein the block cipher circuit comprises a plurality of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits, the round circuits for simultaneously performing rounds of encryption; and

wherein the block cipher circuit is run-time scalable with respect to how many of the round circuits are active and how many passes through the round circuits are needed to encrypt a data block, and wherein the run-time scalability is achieved via a member of the group consisting of (1) clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with data blocks to control whether each round circuit is active or inactive, and (2) control over an output bus and a data feedback bus for the pipelined sequence via a plurality of tri-state buffers, where each tri-state buffer holds an output from a round circuit and where a power control circuit drives the tri-state buffers via an enable signal that operates to selectively connect and disconnect the tri-state buffers to and from the output bus and the data feedback bus.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An integrated circuit for data encryption/decryption and secure key management is disclosed. The integrated circuit may be used in conjunction with other integrated circuits, processors, and software to construct a wide variety of secure data processing, storage, and communication systems. An embodiment of the integrated circuit includes a run-time scalable block cipher circuit, wherein the run-time scalable block cipher circuit is run-time scalable to balance throughput with power consumption.

274 Citations

41 Claims

1. An apparatus comprising:
- a key-based block cipher circuit, the block cipher circuit configured to encrypt a data block based on a key;
  
  wherein the block cipher circuit comprises a plurality of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits, the round circuits for simultaneously performing rounds of encryption; and
  
  wherein the block cipher circuit is run-time scalable with respect to how many of the round circuits are active and how many passes through the round circuits are needed to encrypt a data block, and wherein the run-time scalability is achieved via a member of the group consisting of (1) clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with data blocks to control whether each round circuit is active or inactive, and (2) control over an output bus and a data feedback bus for the pipelined sequence via a plurality of tri-state buffers, where each tri-state buffer holds an output from a round circuit and where a power control circuit drives the tri-state buffers via an enable signal that operates to selectively connect and disconnect the tri-state buffers to and from the output bus and the data feedback bus.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
- - 2. The apparatus of claim 1 wherein the round circuits comprise a plurality N of round circuits arranged in the pipelined sequence within the block cipher circuit;
    - andwherein the block cipher circuit is configured to dynamically adjust how many of the N round circuits are active at a given time and thereby define a pipeline depth of simultaneously performed rounds of encryption for the pipelined sequence.
  - 3. The apparatus of claim 2 wherein the block cipher circuit is further configured to disable a clock signal to a round circuit in the pipelined sequence to render that round circuit inactive within the pipelined sequence and thereby decrease the pipeline depth for the pipelined sequence.
  - 4. The apparatus of claim 2 wherein the block cipher circuit further comprises:
    - a multiplexer circuit positioned upstream from an entry into the pipelined sequence, the multiplexer circuit configured to select between a new data input and a feedback data input for passage to the pipelined sequence; and
      
      wherein the pipelined sequence is configured with a feedback path from a plurality of the active round circuits to the multiplexer circuit, the feedback path thereby configured to provide the feedback data input to the multiplexer circuit.
  - 5. The apparatus of claim 2 wherein the block cipher circuit is run-time scaled based on clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with the data blocks to control whether each round circuit is enabled or disabled.
  - 6. The apparatus of claim 5 wherein the block cipher circuit is configured to (1) encrypt a plurality of data blocks via the pipelined sequence and (2) propagate a clock enable signal along with the data blocks through the pipelined sequence, wherein each round circuit in the pipelined sequence is configured for activation or deactivation with respect to a round of encryption on a data block based on the propagated clock enable signal with which that data block is propagated.
  - 7. The apparatus of claim 2 wherein the block cipher circuit is configured to selectively perform encryption or decryption of the data block via the same set of round circuits.
  - 8. The apparatus of claim 7 wherein the pipelined sequence comprises:
    - an add round key stage as a first stage of the pipelined sequence; and
      
      a plurality of the round circuits of the pipelined sequence positioned downstream from the first stage, each of the plurality of round circuits comprising the same plurality of stages arranged in a variable processing order; and
      
      wherein the block cipher circuit is further configured to selectively control the processing order of the stages within the round circuits based on whether the round circuits are being used for encryption or decryption.
  - 9. The apparatus of claim 8 wherein each round circuit comprises:
    - a byte substitution stage;
      
      a row shifting stage downstream from the byte substitution stage;
      
      an add round key stage downstream from the row shifting stage; and
      
      a column mixing stage downstream from the row shifting stage; and
      
      wherein the processing order of the add round key stage and the column mixing stage is variable such that, for a round circuit not serving as a final round for encryption or decryption of the data block, (1) the add round key stage has a processing order downstream from the column mixing stage when the round circuit is used for encryption, and (2) the column mixing stage has a processing order downstream from the add round key stage when the round circuit is used for decryption.
  - 10. The apparatus of claim 7 wherein the pipelined sequence comprises:
    - an add round key stage as a first stage of the pipelined sequence; and
      
      a plurality of the round circuits of the pipelined sequence positioned downstream from the first stage, the plurality of round circuits being able to perform encryption or decryption without requiring instantiation of a plurality of column mixing stages or add round key stages within each round of the plurality of round circuits.
  - 11. The apparatus of claim 1 wherein the block cipher circuit comprises a hardware logic circuit.
  - 12. The apparatus of claim 11 wherein the hardware logic circuit comprises a reconfigurable logic device.

13. An apparatus comprising:
- a key-based block cipher hardware logic circuit, the block cipher hardware logic circuit configured to encrypt a data block based on a key;
  
  wherein the hardware logic block cipher circuit comprises a plurality of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits, the round circuits for simultaneously performing rounds of encryption;
  
  wherein the block cipher hardware logic circuit is run-time scalable with respect to how many of the round circuits are active and how many passes through the round circuits are needed to encrypt a data block;
  
  wherein the block cipher hardware logic circuit further comprises a multiplexer circuit positioned upstream from an entry into the pipelined sequence, the multiplexer circuit configured to select between a new data input and a feedback data input for passage to the pipelined sequence;
  
  wherein the pipelined sequence is configured with a feedback path from a plurality of the active round circuits to the multiplexer circuit, the feedback path thereby configured to provide the feedback data input to the multiplexer circuit;
  
  wherein the feedback path comprises a plurality of tri-state buffers, each tri-state buffer configured to receive input from an active round circuit in the pipelined sequence; and
  
  wherein the block cipher hardware logic circuit further comprises a control circuit configured to selectively enable the tri-state buffers at run-time to define a feedback characteristic for the pipelined sequence.
- View Dependent Claims (14, 15)
- - 14. The apparatus of claim 13 wherein the feedback path comprises a data block feedback bus and a round key feedback bus.
  - 15. The apparatus of claim 13 wherein the block cipher hardware logic circuit further comprises an output bus and a plurality of tri-state buffers configured to connect each active round circuit to the output bus;
    - andwherein the control circuit is further configured to selectively enable the tri-state buffers interconnecting the output bus with the active round circuits to define which of the active round circuits serves as a final round of encryption that produces a cipher block output for the data block.

16. A method comprising:
- run-time scaling a key-based block cipher circuit, the block cipher circuit comprising a plurality of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits, the round circuits for simultaneously performing rounds of encryption, wherein the run-time scaling defines how many of the round circuits are active and how many passes through the round circuits are needed to encrypt or decrypt a data block;
  
  receiving a data block for encryption or decryption;
  
  receiving a key; and
  
  based on the key, encrypting or decrypting the data block via the active round circuits of the run-time scaled block cipher circuit; and
  
  wherein the run-time scaling is achieved via a member of the group consisting of (1) clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with data blocks to control whether each round circuit is active or inactive, and (2) control over an output bus and a data feedback bus for the pipelined sequence via a plurality of tri-state buffers, where each tri-state buffer holds an output from a round circuit and where a power control circuit drives the tri-state buffers via an enable signal that operates to selectively connect and disconnect the tri-state buffers to and from the output bus and the data feedback bus.
- View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
- - 17. The method of claim 16 wherein the round circuits comprise a plurality N of round circuits arranged in the pipelined sequence within the block cipher circuit;
    - andwherein the run-time scaling step comprises the block cipher circuit dynamically adjusting how many of the N round circuits are active at a given time, thereby defining a pipeline depth of simultaneously performed rounds of encryption for the pipelined sequence.
  - 18. The method of claim 17 wherein the run-timing scaling is achieved via the clock enable propagation, and wherein dynamically adjusting step comprises disabling a clock signal to a round circuit in the pipelined sequence via the clock enable signal that is propagated through the pipelined sequence along with data blocks to render that round circuit inactive within the pipelined sequence and thereby decrease the pipeline depth for the pipelined sequence.
  - 19. The method of claim 17 wherein the run-time scaling step comprises run-time scaling the pipelined sequence based on clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with the data blocks to control whether each round circuit is enabled or disabled.
  - 20. The method of claim 17 wherein the encrypting or decrypting step comprises selectively performing encryption or decryption of the data block via the same set of round circuits.
  - 21. The method of claim 20 wherein the pipelined sequence comprises:
    - an add round key stage as a first stage of the pipelined sequence; and
      
      a plurality of the round circuits of the pipelined sequence positioned downstream from the first stage, each of the plurality of round circuits comprising the same plurality of stages arranged in a variable processing order; and
      
      wherein the method further comprises selectively controlling the processing order of the stages within the round circuits based on whether the round circuits are being used for encryption or decryption.
  - 22. The method of claim 21 wherein each round circuit comprises:
    - a byte substitution stage;
      
      a row shifting stage downstream from the byte substitution stage;
      
      an add round key stage downstream from the row shifting stage; and
      
      a column mixing stage downstream from the row shifting stage; and
      
      wherein the method further comprises varying the processing order of the add round key stage and the column mixing stage such that, for a round circuit not serving as a final round for encryption or decryption of the data block, (1) the add round key stage has a processing order downstream from the column mixing stage when the round circuit is used for encryption, and (2) the column mixing stage has a processing order downstream from the add round key stage when the round circuit is used for decryption.
  - 23. The method of claim 20 wherein the pipelined sequence comprises:
    - an add round key stage as a first stage of the pipelined sequence; and
      
      a plurality of the round circuits of the pipelined sequence positioned downstream from the first stage; and
      
      wherein the method further comprises the plurality of round circuits performing encryption or decryption without requiring instantiation of a plurality of column mixing stages or add round key stages within each round of the plurality of round circuits.
  - 24. The method of claim 17 wherein the run-timing scaling is achieved via the control over an output bus and a data feedback bus for the pipelined sequence via tri-state buffers, and wherein the method further comprises:
    - selecting between a new data input and a feedback data input for passage into the pipelined sequence;
      
      passing the selected new data input or feedback data input into the pipelined sequence;
      
      communicating feedback data from an active round circuit to the selecting step via the data feedback bus.
  - 25. The method of claim 16 wherein the block cipher circuit comprises a hardware logic circuit.
  - 26. The method of claim 25 wherein the hardware logic circuit comprises a reconfigurable logic device.
  - 27. The method of claim 16 further comprising performing the method steps with respect to a plurality of streaming data blocks, wherein the run-time scaling step comprises propagating a clock enable signal along with the data blocks through the pipelined sequence, each round circuit being activated or deactivated with respect to performing a round of encryption on a data block based on the propagated clock enable signal with which that data block is propagated.

28. A method comprising:
- run-time scaling a key-based block cipher hardware logic circuit, the block cipher hardware logic circuit comprising a plurality N of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits within the block cipher hardware logic circuit, the round circuits for simultaneously performing rounds of encryption, wherein the run-time scaling defines how many of the round circuits are active and how many passes through the round circuits are needed to encrypt or decrypt a data block by the block cipher hardware logic circuit dynamically adjusting how many of the N round circuits are active at a given time, thereby defining a pipeline depth of simultaneously performed rounds of encryption for the pipelined sequence;
  
  receiving a data block for encryption or decryption;
  
  receiving a key;
  
  selecting between a new data block input and a feedback data block input for passage into the pipelined sequence;
  
  passing the selected new data block input or feedback data block input into the pipelined sequence;
  
  based on the key, encrypting or decrypting the data block via the active round circuits of the run-time scaled block cipher circuit; and
  
  communicating a feedback data block from an active round circuit to the selecting step via a feedback path, wherein the feedback path comprises a plurality of tri-state buffers, the method further comprising;
  
  a plurality of the tri-state buffers receiving input from a plurality of active round circuits in the pipelined sequence; and
  
  selectively enabling the tri-state buffers at run-time to define a feedback characteristic for the pipelined sequence.
- View Dependent Claims (29, 30)
- - 29. The method of claim 28 wherein the communicating step comprises communicating data blocks to the selecting step via a data block feedback bus and communicating round keys to the selecting step via a round key feedback bus.
  - 30. The method of claim 28 wherein the block cipher hardware logic circuit further comprises an output bus and another plurality of tri-state buffers, the method further comprising:
    - the another plurality of tri-state buffers connecting the active round circuits to the output bus; and
      
      selectively enabling the another plurality of tri-state buffers interconnecting the output bus with the active round circuits to define which of the active round circuits serves as a final round of encryption that produces a cipher block output for the data block.

31. A method comprising:
- streaming a plurality of data blocks through a key-based block cipher circuit, the block cipher circuit comprising a plurality of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits;
  
  run-time scaling the block cipher circuit by selectively enabling and disabling the round circuits within the pipelined sequence to define a desired pipeline depth for the pipelined sequence, wherein the selectively enabling and disabling step comprises controlling whether a round circuit within the pipelined sequence is enabled or disabled via a member of the group consisting of (1) clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with the data blocks to control whether each round circuit is enabled or disabled, and (2) control over an output bus and a data feedback bus for the pipelined sequence via a plurality of tri-state buffers, where each tri-state buffer holds an output from a round circuit and where a power control circuit drives the tri-state buffers via an enable signal that operates to selectively connect and disconnect the tri-state buffers to and from the output bus and the data feedback bus; and
  
  performing simultaneous rounds of key-based encryption or decryption on the streaming data blocks via each enabled round circuit of the pipelined sequence.
- View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
- - 32. The method of claim 31 wherein the run-time scaling comprises:
    - for a first plurality of the streaming data blocks, increasing the pipeline depth for the pipelined sequence by enabling an additional round circuit of the pipelined sequence.
  - 33. The method of claim 32 wherein the increasing step comprises enabling a sufficient number of the round circuits to provide for full pipelining of the rounds of encryption or decryption on the first plurality of streaming data blocks.
  - 34. The method of claim 32 wherein the increasing step causes an increase in throughput for the block cipher circuit.
  - 35. The method of claim 32 wherein the run-time scaling further comprises:
    - for a second plurality of the streaming data blocks, decreasing the pipeline depth for the pipelined sequence by disabling a formerly enabled round circuit of the pipelined sequence.
  - 36. The method of claim 35 wherein the decreasing step causes a decrease in power consumption for the block cipher circuit.
  - 37. The method of claim 31 wherein the run-time scaling further comprises:
    - for a plurality of the streaming data blocks, decreasing the pipeline depth for the pipelined sequence by disabling a formerly enabled round circuit of the pipelined sequence.
  - 38. The method of claim 31 wherein the block cipher circuit is implemented on a field programmable gate array (FPGA).
  - 39. The method of claim 31 wherein the selectively enabling and disabling step comprises controlling whether a round circuit within the pipelined sequence is enabled or disabled via clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with the data blocks to control whether each round circuit is enabled or disabled.
  - 40. The method of claim 31 wherein the selectively enabling and disabling step comprises controlling whether a round circuit within the pipelined sequence is enabled or disabled via control over an output bus and a data feedback bus for the pipelined sequence via a plurality of tri-state buffers, where each tri-state buffer holds an output from a round circuit and where a power control circuit drives the tri-state buffers via an enable signal that operates to selectively connect and disconnect the tri-state buffers to and from the output bus and the data feedback bus.
  - 41. The method of claim 40 wherein the pipelined sequence further comprises a round key feedback bus for the pipelined sequence and a plurality of additional tri-state buffers, where each additional tri-state buffer holds a round key output from a round circuit and where a power control circuit drives the additional tri-state buffers via another enable signal that operates to selectively connect the additional tri-state buffers to the round key feedback bus to control how round keys are fed back through the pipelined sequence.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Ip Reservoir, LLC
Original Assignee
Ip Reservoir, LLC
Inventors
Taylor, David E., Thurmon, Brandon Parks, Indeck, Ronald S.
Primary Examiner(s)
Schwartz, Darren B

Application Number

US14/510,315
Publication Number

US 20150023501A1
Time in Patent Office

607 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 2209/122   Hardware reduction or effic...

H04L 2209/125   Parallelization or pipelini...

H04L 2209/24   Key scheduling, i.e. genera...

H04L 9/0618   Block ciphers, i.e. encrypt...

H04L 9/0819   Key transport or distributi...

H04L 9/0822   using key encryption key

H04L 9/0844   with user authentication or...

H04L 9/0861   Generation of secret inform...

Method and apparatus for hardware-accelerated encryption/decryption

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

274 Citations

41 Claims

Specification

Solutions

Use Cases

Quick Links

Method and apparatus for hardware-accelerated encryption/decryption

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

274 Citations

41 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links