CN-116488793-B - Message encryption method and device

Abstract

The invention discloses a message encryption method and a device, which relate to the technical field of data encryption, wherein the message encryption method comprises the steps that in a previous clock period for processing a first message word and a second message word which are adjacent, a first hash module calculates a first e value and a first a value according to the first message word, a hash register value and a hash constant; the second hash module calculates a second e value and a second a value according to the second message word, the hash register value, the first e value, the first a value and the hash constant, and sequentially caches the second a value, the first a value, the second e value and the first e value to a third hash register, a fourth hash register, a seventh hash register and an eighth hash register of the hash register group. Two hash modules are adopted to process two message words in the same clock period, so that the clock period used for calculating the abstract value of the message word in the message encryption process is reduced, and the user experience can be remarkably improved.

Inventors

• MA ZHANGANG
• LI CHUNLEI
• CAO XIXIN

Assignees

• 北京雍鼎智能科技有限公司

Dates

Publication Date

20260508

Application Date

20191211

Claims (6)

1. 1. The message encrypting device is characterized by comprising a hash register set, a message word register set, a first hash module and a second hash module, wherein the hash register set is used for caching hash register values; In a previous clock period for processing adjacent first message words and second message words, a first hash module calculates a first e value and a first a value according to the first message words, hash register values and hash constants, a second hash module calculates a second e value and a second a value according to the second message words, hash register values, the first e value, the first a value and hash constants, and a third hash register, a fourth hash register, a seventh hash register and an eighth hash register from the first e value to the hash register set are sequentially cached; In a post-clock period for processing a third message word and a fourth message word which are connected with the second message word and are adjacent to the second message word, the first hash module calculates a third e value and a third a value according to the third message word, the hash register value and the hash constant, the second hash module calculates a fourth e value and a fourth a value according to the fourth message word, the hash register value, the third a value and the hash constant, and the fourth a value, the third a value, the fourth e value and the third e value are sequentially cached to a first hash register, a second hash register, a fifth hash register and a sixth hash register of the hash register group.
2. 2. The apparatus of claim 1, wherein the device comprises a plurality of sensors, The first hash module comprises a first 4-2 compressor, a first 5-2 compressor, a second 4-2 compressor, a first 3-2 compressor and a first carry-ahead adder which are sequentially connected, wherein the second 5-2 compressor, the third 4-2 compressor, the fourth 3-2 compressor and the fourth carry-ahead adder are sequentially connected, the output of the first 5-2 compressor is connected with the input of the second 5-2 compressor, the hash register value is input into the first 5-2 compressor, the second 4-2 compressor and the second 5-2 compressor, and the message word is input into the first 4-2 compressor or the first 5-2 compressor; The second hash module comprises a fourth 4-2 compressor, a third 5-2 compressor, a fifth 4-2 compressor, a sixth 3-2 compressor and a sixth carry-ahead adder which are sequentially connected, wherein the output of the third 5-2 compressor is connected with the input of the fourth 5-2 compressor, the hash register value is input into the third 5-2 compressor, the fifth 4-2 compressor and the fourth 5-2 compressor, the output of the first carry-ahead adder is connected with the third 5-2 compressor, the output of the fourth carry-ahead adder is connected with the fourth 5-2 compressor, and the message word is input into the fourth 4-2 compressor or the third 5-2 compressor; the outputs of the first carry-lookahead adder, the fourth carry-lookahead adder, the sixth carry-lookahead adder, and the ninth carry-lookahead adder are coupled to the hash register set.
3. 3. The apparatus of claim 2, further comprising a control module for controlling the input and output of the first hash module and the second hash module until all message word processing in a message block is completed.
4. 4. The apparatus of claim 3, further comprising a digest register set to cache a digest register value; The first hash module comprises a second 3-2 compressor and a second carry-ahead adder which are sequentially connected, and a fifth 3-2 compressor and a fifth carry-ahead adder which are sequentially connected, wherein the output of the first 3-2 compressor is connected with the input of the second 3-2 compressor, and the output of the fourth 3-2 compressor is connected with the input of the fifth 3-2 compressor; The second hash module comprises a seventh 3-2 compressor and a seventh carry-ahead adder which are sequentially connected, and a tenth 3-2 compressor and a tenth carry-ahead adder which are sequentially connected, wherein the output of the sixth 3-2 compressor is connected with the input of the seventh 3-2 compressor, and the output of the ninth 3-2 compressor is connected with the input of the tenth 3-2 compressor; The summary register value is input into the second 3-2 compressor, the fifth 3-2 compressor, the seventh 3-2 compressor and the tenth 3-2 compressor; the outputs of the second carry-lookahead adder, the fifth carry-lookahead adder, the seventh carry-lookahead adder and the tenth carry-lookahead adder are connected with the summary register set; When the encryption mode is single hash and at the last clock cycle of message block processing, the control module is configured to connect outputs of the second carry-ahead adder, the fifth carry-ahead adder, the seventh carry-ahead adder, and the tenth carry-ahead adder to the hash register set, and input the digest register value to the hash register set; When the encryption mode is double hash and the first round of hash calculation of the double hash is performed, the control module is used for inputting a hash initial value into the hash register set.
5. 5. The apparatus of claim 4, further comprising a bit-fill module, the message word buffer register set comprising a first buffer register queue and a second buffer register queue, an output of the bit-fill module coupled to the message word buffer register set, an output of the message word buffer register set coupled to the message word register set, the control module configured to cause the message word buffer register set to output a supplemental message word to the message word register set when the encryption mode is single hash or when the encryption mode is double hash and the double Ha Xizhong first round hash computation.
6. 6. The apparatus of any of claims 2-5, wherein the first hash module further comprises a third 3-2 compressor and a third carry-lookahead adder connected in sequence, the output of the first 4-2 compressor is connected to the third 3-2 compressor, the second hash module further comprises an eighth 3-2 compressor and an eighth carry-lookahead adder connected in sequence, the output of the fourth 4-2 compressor is connected to the eighth 3-2 compressor; The outputs of the third carry-lookahead adder and the eighth carry-lookahead adder are coupled to the set of message word registers.

Description

Message encryption method and device Technical Field The present invention relates to the field of data encryption technologies, and in particular, to a method and an apparatus for encrypting a message. Background In recent years, with the popularization and wide application of the internet, encryption technology has become an important tool for ensuring the privacy of data transmission. For this purpose, the National Institute of Standards and Technology (NIST) and the united states security agency (NSA) have published a series of secure hash algorithms (Secure Hash Algorithm, SHA) in succession. Among them, SHA-256 algorithm is widely used because of high security. The SHA-256 algorithm generates a 256-bit message digest after encrypting an input message, the first step of encrypting the input message forms a 512-bit message by bit filling, the second step of decomposing the message into n 512-bit message blocks, the third step of splitting the first message block into 16 32-bit original message words and calculating a 256-bit digest value of the first message block according to a hash calculation rule and a known hash constant, the fourth step of splitting the second message block into 16 32-bit message words and calculating another 256-bit digest value according to the hash calculation rule and the digest value calculated in the last step, and so on, and the steps of splitting and calculating the digest value of the rest message blocks are respectively carried out in sequence until the 256-bit digest value obtained by the completion of the calculation of the last message block is the message digest of the input message. In the process of calculating the digest value for each message block, the first step is to split the message block, and the split 16 original message words are ：W0、W1、W2、W3、W4、W5、W6、W7、W8、W9、W10、W11、W12、W13、W14、W15; in the order from the lower order to the higher order, respectively, and the second step is to iterate the 16 original message words 48 times according to the following message word construction formula (formula one), to generate 48 construction message words, and adding the original 16 original message words to 64 message words. Formula one, W t＝σ1(Wt-2)+Wt-7+σ0(Wt-15)+Wt-16, where ,σ0(x)＝S7(x)⊕S18(x)⊕R3(x);σ1(x)＝S17(x)⊕S19(x)⊕R10(x);Sn is a circular right shift by n bits, R n is a right shift by n bits, and "is bitwise exclusive or". The third step is to calculate the known 8 hash initial values of 32 bits and the first message word according to the following digest value calculation formula (formula two) (t=1, indicating that the 1 st message word is calculated) to obtain the digest value of the first message word, where the digest value is also represented by 8 32bit values. The initial values of the 8 hashes are a 0、b0、c0、d0、e0、f0、g0、h0 respectively, and the generated digest value is a 1、b1、c1、d1、e1、f1、g1、h1. Formula II: t1=h t-1+Σ1(et-1)+Ch(et-1,ft-1,gt-1)+Kt-1+Wt-1; T2=Σ0(at-1)+Maj(at-1,bt-1,ct-1); a t=T1+T2; b t＝at-1; c t＝bt-1; d t＝ct-1; e t＝dt-1+T1; f t＝et-1; g t＝ft-1; h t＝gt-1。 In the second formula, the first formula is a formula, "Λ" is a bitwise AND; The method is to find "complement"; ma (x, y, z) = (x ∈y) ("x ∈z) (" y ∈z), "is by-bit exclusive OR". Fig. 1 is a schematic diagram of a formula for calculating the digest value of a message word in the prior art, and as can be seen from fig. 1 in combination with the formula two, a hash register set is used in calculating the digest value of each message word, wherein the hash register set includes 8 hash registers, namely, a hash register a, a hash register B, a hash register C, a hash register D, a hash register E, a hash register F, a hash register G and a hash register H. Prior to calculation of the first message word W 0, the above-mentioned 8 initial hash values are stored in the hash register set, a 0 in hash register A, b 0 in hash register B, c 0 in hash register C, d 0 in hash register D, e 0 in hash register E, f 0 in hash register F, g 0 in hash register G, H 0 in hash register H. The plus sign in FIG. 1 represents adding two digits together, and if the result is greater than the power of 2 to 32, the result must be divided by 2 {32} and the remainder found. When the first message word W 0 is calculated, t=1, the generated b 1、c1、d1 is obtained by shifting a 0、b0、c0 backward, the generated f 1、g1、h1 is obtained by shifting e 0、f0、g0 backward, only e 1 and a 1 are obtained by calculation, and the hash initial value a 0～h0 and the first message word W 0 are used in calculation, and the hash constant K 0 is also used. According to this calculation rule, the subsequent step in calculating the digest value of the t+1th message word W t requires not only the hash constant K t, but also the digest value a t～h t calculated from the message word W t-1. After the calculation of the last message word W 63 is completed, the obtained digest value is added to the digest value obtained by the calculation of the last m