KR-20260066941-A - ENCRYPTOR AND MEMORY CONTROLLER INCLUDING THE SAME

Abstract

The encryption device includes a first operation unit, a second operation unit, a third operation unit, and a fourth operation unit. The first operation unit receives plaintext data, performs an XOR operation based on one of a plurality of round key data in each round, and outputs ciphertext data. The second operation unit performs a substitution operation on the output of the first operation unit in each round using an SBOX implemented according to a first modification lookup table converted from a first standard lookup table. The third operation unit performs a row transformation operation on the output of the second operation unit in each round. The fourth operation unit performs a column transformation operation on the output of the third operation unit in each round using at least one TBOX and an SBOX implemented according to at least one second modification lookup table converted from at least one second standard lookup table.

Inventors

• 이위직
• 김지엽
• 신동민

Assignees

• 삼성전자주식회사

Dates

Publication Date

20260512

Application Date

20241105

Claims (10)

1. An encryption device that generates ciphertext data by performing multiple rounds based on plaintext data, A first operation unit that receives the plaintext data, performs an XOR operation based on one of a plurality of round key data in each round, and outputs the ciphertext data; A second operation unit that performs a substitution operation on the output of the first operation unit in each round using an SBOX implemented according to a first modification lookup table converted from a first standard lookup table; A third operation unit that performs a row transformation operation on the output of the second operation unit in each round; and An encryption device comprising a fourth operation unit that performs a column transformation operation on the output of the third operation unit in each round using at least one TBOX and the SBOX implemented according to at least one second modification lookup table converted from at least one second standard lookup table.
2. In Article 1, The first modification lookup table is obtained by performing an XOR operation on the first standard lookup table, and An encryption device characterized in that the at least one second modification lookup table is obtained by performing an XOR operation on the at least one second standard lookup table.
3. In Article 2, Each of the plurality of first modification elements included in the first modification lookup table is obtained by performing an XOR operation with each of the plurality of first standard elements included in the first standard lookup table and a first value, and An encryption device characterized in that each of the plurality of second modification elements included in the at least one second modification lookup table is obtained by performing an XOR operation with each of the plurality of second standard elements included in the at least one second standard lookup table and a second value.
4. In Paragraph 3, Each of the above SBOX and the at least one TBOX is implemented as hardware comprising a plurality of logic gates, and The first value and the second value are determined such that the logic depth of the above SBOX and the at least one TBOX becomes the smallest, and An encryption device characterized in that the above logic depth represents the maximum value among the number of logic gates through which the input signal passes until an output signal is generated based on the input signal.
5. In Article 1, The above at least one second standard lookup table includes a second-1 standard lookup table and a second-2 standard lookup table, and The at least one second modified lookup table comprises a second-1 modified lookup table obtained by performing an XOR operation on the second-1 standard lookup table and a second-2 modified lookup table obtained by performing an XOR operation on the second-2 standard lookup table. An encryption device characterized in that the above at least one TBOX includes a first TBOX implemented according to the above 2-1 modification lookup table and a second TBOX implemented according to the above 2-2 modification lookup table.
6. In Article 5, An encryption device characterized in that one of the plurality of elements included in the operation data output from the fourth operation unit is obtained based on two of the plurality of first modification elements included in the first modification lookup table, one of the plurality of second-1 modification elements included in the second-1 modification lookup table, and one of the plurality of second-2 modification elements included in the second-2 modification lookup table.
7. In Article 6, An encryption device characterized by including an XOR operation unit that performs an XOR operation based on two of the plurality of first modification elements, one of the plurality of second-1 modification elements, and one of the plurality of second-2 modification elements.
8. In Article 1, The above at least one second standard lookup table includes a second-1 standard lookup table, and The above at least one second modified lookup table includes a second-1 modified lookup table obtained by performing an XOR operation on the second-1 standard lookup table, and An encryption device characterized in that the above at least one TBOX includes a first TBOX implemented according to the above 2-1 modification lookup table.
9. In Article 8, An encryption device characterized in that one of the plurality of elements included in the operation data output from the fourth operation unit is obtained based on three of the plurality of first modification elements included in the first modification lookup table and two of the plurality of second-1 modification elements included in the second-1 modification lookup table.
10. processor; and A buffer memory for temporarily storing data processed by the above processor; and It includes an encryption device that performs an encryption operation on first data received from the above buffer memory, and The above encryption device generates ciphertext data by performing a plurality of rounds based on the first data, which is plaintext data. A first operation unit that receives the first data, performs an XOR operation based on one of a plurality of round key data in each round, and outputs the ciphertext data; A second operation unit that performs a substitution operation on the output of the first operation unit in each round using an SBOX implemented according to a first modification lookup table converted from a first standard lookup table; A third operation unit that performs a row transformation operation on the output of the second operation unit in each round; and A memory controller comprising a fourth operation unit that performs a column conversion operation on the output of the third operation unit in each round using at least one TBOX and the SBOX implemented according to at least one second modification lookup table converted from at least one second standard lookup table.

Description

Encryption device and memory controller including the same The present invention relates to a semiconductor integrated circuit, and more specifically, to an encryption device and a memory controller including said encryption device. Encryption technology is widely used to ensure the security of data transmission. Encryption technology encrypts plaintext at the transmission side and decrypts ciphertext at the reception side. This encryption of plaintext and decryption of ciphertext is known as encryption technology. Because encryption operations are generally slow, encryption devices can be implemented in hardware for application to devices such as smart cards. For example, various encryption algorithms such as DES (Data Encryption Standard), AES (Advanced Encryption Standard), and ARIA (Academy, Research Institute and Agency) can be used. FIG. 1 is a block diagram showing an encryption device according to embodiments of the present invention. FIG. 2 is a flowchart illustrating the operation method of an encryption device according to embodiments of the present invention. FIGS. 3a, 3b, 3c, 3d, and 3e are drawings for explaining the operations of FIG. 2. FIGS. 4a, 4b, 4c, 4d, 4e, 4f, 4g, and 4h are drawings for explaining the operation of FIGS. 1, 2, 3a, 3b, 3c, 3d, and 3e. FIG. 5 is a block diagram showing an example of a fourth operation unit included in the encryption device of FIG. 1. FIG. 6 is a diagram illustrating the logical depth of the SBOX and TBOX included in the fourth operation unit of FIG. 5. FIGS. 7a, 7b, and 7c are drawings for explaining the SBOX, the first TBOX, and the second TBOX included in the fourth operation unit of FIG. 5. FIG. 8 is a block diagram showing an example of a fourth operation unit included in the encryption device of FIG. 1. FIG. 9 is a flowchart illustrating a method for designing an encryption device according to embodiments of the present invention. FIG. 10 is a block diagram showing a memory controller and a memory system including the same according to embodiments of the present invention. FIG. 11 is a block diagram showing a memory controller according to embodiments of the present invention. FIGS. 12a and 12b are block diagrams showing examples of memory devices controlled by a memory controller according to embodiments of the present invention. FIG. 13 is a block diagram showing an electronic system including an encryption device according to embodiments of the present invention. Hereinafter, preferred embodiments of the present invention will be described in more detail with reference to the attached drawings. Identical components in the drawings are given the same reference numerals, and redundant descriptions of identical components are omitted. FIG. 1 is a block diagram showing an encryption device according to embodiments of the present invention. Referring to FIG. 1, the encryption device (100) includes a first operation unit (110), a second operation unit (120), a third operation unit (130), and a fourth operation unit (140). The encryption device (100) generates ciphertext data (CTDAT) by performing a plurality of rounds based on plaintext data (PTDAT). For example, the plurality of rounds may include an initial round and first to Nth rounds (N is a positive integer greater than or equal to 2). In one embodiment, the encryption device (100) may be implemented based on the Advanced Encryption Standard (AES). In other words, the encryption device (100) may be an AES encryption device. However, the present invention is not limited thereto, and the encryption device (100) may be implemented based on one of various other algorithms. The first operation unit (110) receives plaintext data (PTDAT), performs an XOR operation based on one of a plurality of round key data (RK) in each round to generate one of a plurality of first operation data (XDAT), and outputs ciphertext data (CTDAT). For example, the plurality of round key data (RK) may include initial round key data corresponding to the initial round and first to N round key data corresponding to the first to N rounds. For example, one input data may be received in each round, an XOR operation may be performed on the one input data and one round key data, and one first operation data may be generated. For example, the one input data may be plaintext data (PTDAT), may be the output of the fourth operation unit (140), or may be the output of the third operation unit (130). The first operation unit (110) may also be referred to as the XOR operation unit. The second operation unit (120) uses the SBOX (122) to perform a substitution operation on one of the multiple first operation data (XDAT), which is the output of the first operation unit, in each round to generate one of the multiple second operation data (SDAT). For example, one first operation data may be received in each round, the substitution operation on the one first operation data may be performed, and one second operation data may be performed. The seco