Method and apparatus for hardware-accelerated encryption/decryption
First Claim
Patent Images
1. An apparatus comprising:
- a key-based block cipher circuit, the block cipher circuit configured to encrypt a data block based on a key;
wherein the block cipher circuit comprises a plurality of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits, the round circuits for simultaneously performing rounds of encryption; and
wherein the block cipher circuit is run-time scalable with respect to how many of the round circuits are active and how many passes through the round circuits are needed to encrypt a data block, and wherein the run-time scalability is achieved via a member of the group consisting of (1) clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with data blocks to control whether each round circuit is active or inactive, and (2) control over an output bus and a data feedback bus for the pipelined sequence via a plurality of tri-state buffers, where each tri-state buffer holds an output from a round circuit and where a power control circuit drives the tri-state buffers via an enable signal that operates to selectively connect and disconnect the tri-state buffers to and from the output bus and the data feedback bus.
2 Assignments
0 Petitions
Accused Products
Abstract
An integrated circuit for data encryption/decryption and secure key management is disclosed. The integrated circuit may be used in conjunction with other integrated circuits, processors, and software to construct a wide variety of secure data processing, storage, and communication systems. An embodiment of the integrated circuit includes a run-time scalable block cipher circuit, wherein the run-time scalable block cipher circuit is run-time scalable to balance throughput with power consumption.
-
Citations
41 Claims
-
1. An apparatus comprising:
-
a key-based block cipher circuit, the block cipher circuit configured to encrypt a data block based on a key; wherein the block cipher circuit comprises a plurality of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits, the round circuits for simultaneously performing rounds of encryption; and wherein the block cipher circuit is run-time scalable with respect to how many of the round circuits are active and how many passes through the round circuits are needed to encrypt a data block, and wherein the run-time scalability is achieved via a member of the group consisting of (1) clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with data blocks to control whether each round circuit is active or inactive, and (2) control over an output bus and a data feedback bus for the pipelined sequence via a plurality of tri-state buffers, where each tri-state buffer holds an output from a round circuit and where a power control circuit drives the tri-state buffers via an enable signal that operates to selectively connect and disconnect the tri-state buffers to and from the output bus and the data feedback bus. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An apparatus comprising:
-
a key-based block cipher hardware logic circuit, the block cipher hardware logic circuit configured to encrypt a data block based on a key; wherein the hardware logic block cipher circuit comprises a plurality of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits, the round circuits for simultaneously performing rounds of encryption; wherein the block cipher hardware logic circuit is run-time scalable with respect to how many of the round circuits are active and how many passes through the round circuits are needed to encrypt a data block; wherein the block cipher hardware logic circuit further comprises a multiplexer circuit positioned upstream from an entry into the pipelined sequence, the multiplexer circuit configured to select between a new data input and a feedback data input for passage to the pipelined sequence; wherein the pipelined sequence is configured with a feedback path from a plurality of the active round circuits to the multiplexer circuit, the feedback path thereby configured to provide the feedback data input to the multiplexer circuit; wherein the feedback path comprises a plurality of tri-state buffers, each tri-state buffer configured to receive input from an active round circuit in the pipelined sequence; and wherein the block cipher hardware logic circuit further comprises a control circuit configured to selectively enable the tri-state buffers at run-time to define a feedback characteristic for the pipelined sequence. - View Dependent Claims (14, 15)
-
-
16. A method comprising:
-
run-time scaling a key-based block cipher circuit, the block cipher circuit comprising a plurality of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits, the round circuits for simultaneously performing rounds of encryption, wherein the run-time scaling defines how many of the round circuits are active and how many passes through the round circuits are needed to encrypt or decrypt a data block; receiving a data block for encryption or decryption; receiving a key; and based on the key, encrypting or decrypting the data block via the active round circuits of the run-time scaled block cipher circuit; and wherein the run-time scaling is achieved via a member of the group consisting of (1) clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with data blocks to control whether each round circuit is active or inactive, and (2) control over an output bus and a data feedback bus for the pipelined sequence via a plurality of tri-state buffers, where each tri-state buffer holds an output from a round circuit and where a power control circuit drives the tri-state buffers via an enable signal that operates to selectively connect and disconnect the tri-state buffers to and from the output bus and the data feedback bus. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27)
-
-
28. A method comprising:
-
run-time scaling a key-based block cipher hardware logic circuit, the block cipher hardware logic circuit comprising a plurality N of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits within the block cipher hardware logic circuit, the round circuits for simultaneously performing rounds of encryption, wherein the run-time scaling defines how many of the round circuits are active and how many passes through the round circuits are needed to encrypt or decrypt a data block by the block cipher hardware logic circuit dynamically adjusting how many of the N round circuits are active at a given time, thereby defining a pipeline depth of simultaneously performed rounds of encryption for the pipelined sequence; receiving a data block for encryption or decryption; receiving a key; selecting between a new data block input and a feedback data block input for passage into the pipelined sequence; passing the selected new data block input or feedback data block input into the pipelined sequence; based on the key, encrypting or decrypting the data block via the active round circuits of the run-time scaled block cipher circuit; and communicating a feedback data block from an active round circuit to the selecting step via a feedback path, wherein the feedback path comprises a plurality of tri-state buffers, the method further comprising; a plurality of the tri-state buffers receiving input from a plurality of active round circuits in the pipelined sequence; and selectively enabling the tri-state buffers at run-time to define a feedback characteristic for the pipelined sequence. - View Dependent Claims (29, 30)
-
-
31. A method comprising:
-
streaming a plurality of data blocks through a key-based block cipher circuit, the block cipher circuit comprising a plurality of round circuits that are arranged in a pipelined sequence of operatively adjacent round circuits; run-time scaling the block cipher circuit by selectively enabling and disabling the round circuits within the pipelined sequence to define a desired pipeline depth for the pipelined sequence, wherein the selectively enabling and disabling step comprises controlling whether a round circuit within the pipelined sequence is enabled or disabled via a member of the group consisting of (1) clock enable propagation where a clock enable signal is propagated through the pipelined sequence along with the data blocks to control whether each round circuit is enabled or disabled, and (2) control over an output bus and a data feedback bus for the pipelined sequence via a plurality of tri-state buffers, where each tri-state buffer holds an output from a round circuit and where a power control circuit drives the tri-state buffers via an enable signal that operates to selectively connect and disconnect the tri-state buffers to and from the output bus and the data feedback bus; and performing simultaneous rounds of key-based encryption or decryption on the streaming data blocks via each enabled round circuit of the pipelined sequence. - View Dependent Claims (32, 33, 34, 35, 36, 37, 38, 39, 40, 41)
-
Specification