本文選題：AES　切入點(diǎn)：面積優(yōu)化　出處：《南京航空航天大學(xué)》2016年博士論文　論文類型：學(xué)位論文

【摘要】：信息安全的核心是密碼技術(shù),高級(jí)加密標(biāo)準(zhǔn)(Adavanced Encryption Standard,AES)作為最新的分組密碼算法,已被廣泛應(yīng)用于信息安全的各個(gè)領(lǐng)域,包括無線傳感網(wǎng)和射頻識(shí)別技術(shù)(Radio Frequency Identification,RFID)等資源受限場(chǎng)合。然而如何在這種低成本、低功耗、資源受限的硬件平臺(tái)上實(shí)現(xiàn)AES密碼算法,給電路設(shè)計(jì)帶來新的挑戰(zhàn)。論文針對(duì)資源受限的應(yīng)用領(lǐng)域,研究基于復(fù)合域運(yùn)算的AES密碼電路優(yōu)化設(shè)計(jì)方法,降低加密電路面積和延時(shí)。在AES密碼電路的算法級(jí),重點(diǎn)解決了公共項(xiàng)消除(Common Subexpression Elimination,CSE)算法優(yōu)化過程中的延時(shí)控制、最優(yōu)GF((2~4)~2)域乘法逆結(jié)構(gòu)、GF(((2~2)~2)~2)乘法逆運(yùn)算單元之間的公共項(xiàng)(Common Subexpressions,CSs)消除等關(guān)鍵問題,在結(jié)構(gòu)級(jí)研究了基于復(fù)合域的S盒與行移位、列混合之間的運(yùn)算合并方法,在系統(tǒng)級(jí)研究了面向ZigBee節(jié)點(diǎn)芯片的AES-CCM*協(xié)處理器實(shí)現(xiàn)方法。論文主要工作與創(chuàng)新點(diǎn)如下�；谧疃搪窂蕉鏄浣Y(jié)構(gòu)理論,研究了CSE優(yōu)化過程中的延時(shí)控制方法,解決了CSE算法在優(yōu)化過程中容易造成延時(shí)增加問題。首先根據(jù)最短路徑二叉樹構(gòu)造理論,從數(shù)學(xué)形式證明消除CSs會(huì)增加路徑長(zhǎng)度,并得出一個(gè)保持最短路徑不變的充分非必要條件。根據(jù)這個(gè)充分非必要條件,提出了最短路徑CSE(Shortest Path CSE,SPCSE)算法,在CSs消除過程中保持各個(gè)輸出信號(hào)的路徑長(zhǎng)度不變。在SPCSE基礎(chǔ)上,提出了基于最短路徑二叉樹構(gòu)造理論的延時(shí)敏感CSE(Delay Aware CSE,DACSE)算法,DACSE算法能夠在給定延時(shí)約束條件下對(duì)CSs消除,不僅擴(kuò)大了CSs選擇范圍,提高了面積優(yōu)化效率,還能夠給出從最小電路面積到最小關(guān)鍵路徑延時(shí)之間更廣泛的面積—延時(shí)折衷設(shè)計(jì)。針對(duì)目前GF((2~4)~2)域S盒結(jié)構(gòu)單一,電路實(shí)現(xiàn)面積和延時(shí)都較大的問題,全面分析了GF((2~4)~2)域乘法逆結(jié)構(gòu),提出了一種短延時(shí)GF((2~4)~2)域S盒電路,降低了電路延時(shí)。分析了GF(2~4)域乘法逆和GF(2~4)乘法器的電路特點(diǎn),提出了基于AND-XOR陣列結(jié)構(gòu)的GF(2~4)域乘法逆單元和乘法器單元,減少了電路實(shí)現(xiàn)面積和延時(shí)。在此基礎(chǔ)上,分析了不可約多項(xiàng)式和基對(duì)GF((2~4)~2)乘法逆和映射矩陣硬件復(fù)雜度的影響,基于最優(yōu)映射矩陣和最優(yōu)乘法逆結(jié)構(gòu)構(gòu)造出短延時(shí)GF((2~4)~2)S盒電路結(jié)構(gòu)。為消除GF(((2~2)~2)~2)乘法逆運(yùn)算單元之間的冗余邏輯,提出了基于DACSE分組聯(lián)合優(yōu)化方法,減少了GF(((2~2)~2)~2)S盒電路實(shí)現(xiàn)的面積和延時(shí)。根據(jù)GF(((2~2)~2)~2)乘法逆結(jié)構(gòu)特點(diǎn),對(duì)乘法逆中的運(yùn)算單元進(jìn)行分組,推導(dǎo)出各個(gè)運(yùn)算單元在GF((2~2)~2)域上的邏輯表達(dá)式,采用DACSE對(duì)每個(gè)分組內(nèi)的運(yùn)算單元分別進(jìn)行聯(lián)合優(yōu)化和單獨(dú)優(yōu)化。優(yōu)化之后的GF(((2~2)~2)~2)S盒進(jìn)一步減少了電路面積和延時(shí)。研究了復(fù)合域S盒、行移位和列混合之間的運(yùn)算合并方法,提出了基于運(yùn)算合并的輪變換電路優(yōu)化設(shè)計(jì)方法,以進(jìn)一步減少AES電路實(shí)現(xiàn)的面積和延時(shí)。首先推導(dǎo)了列混合運(yùn)算中乘常數(shù)的矩陣形式,根據(jù)輪變換公式將復(fù)合域S盒與行移位、列混合進(jìn)行合并�；贒ACSE算法,對(duì)合并矩陣進(jìn)行聯(lián)合優(yōu)化。最后,基于分時(shí)復(fù)用方法實(shí)現(xiàn)了AES加/解密復(fù)用電路,相比于加密電路和解密電路的單獨(dú)實(shí)現(xiàn),AES加/解密復(fù)用電路減少了28.12%電路面積,與未采用任何優(yōu)化技術(shù)的AES加/解密復(fù)用電路相比,基于運(yùn)算合并和聯(lián)合優(yōu)化的AES加/解密復(fù)用電路減少了46.06%電路面積。在AES密碼電路優(yōu)化設(shè)計(jì)基礎(chǔ)上,提出了一個(gè)面向ZigBee節(jié)點(diǎn)芯片的基于單個(gè)AES處理單元的AES-CCM*協(xié)處理器架構(gòu)�；趩蝹�(gè)AES處理單元完成了ZigBee安全模式中的AES-CCM*運(yùn)算和ZigBee密鑰傳輸協(xié)議中的HMAC運(yùn)算,有效減小了ZigBee系統(tǒng)中的資源開銷。
[Abstract]:Is the core of the information security encryption technology, advanced encryption standard (Adavanced Encryption Standard, AES) as a new block cipher algorithm, has been widely used in various fields of information security, including wireless sensor network and RFID (Radio Frequency Identification, RFID) and other resource constrained occasions. However in this low cost low power consumption, implementation of AES algorithm for resource constrained hardware platform, which brings new challenges to the circuit design. Aiming at the application of limited resource, optimization of AES cipher circuit design method based on composite field arithmetic, reduce the encryption circuit area and delay. In the algorithm level AES password circuit, mainly to solve the public elimination (Common Subexpression Elimination CSE) control algorithm in the process of optimizing delay, the optimal GF ((2~4) ~2) multiplicative inverse structure (GF ((2~2) ~2) ~2) multiplicative inverse unit Between the public (Common Subexpressions, CSs) key issues to eliminate, in the structure level of composite domain S box and line shift based on the combined method of mixed column operation between, at the system level of AES-CCM* co processor for ZigBee node chip implementation method. The main work and innovations are as follows. The theory of the two shortest path tree structure based on delay control method of CSE in the optimization process, CSE algorithm is solved easily in the optimization process caused by the increased delay problem. According to the two shortest path tree structure theory, from the mathematical form of proof elimination of CSs will increase the length of the path and get a shortest path keep unchanged sufficient but not necessary. According to the sufficient but not necessary condition, put forward the shortest path CSE (Shortest Path CSE, SPCSE CSs) algorithm, in the elimination process to keep the output signal path length Variable. On the basis of SPCSE, we propose a delay sensitive CSE shortest path tree is constructed based on the theory of two (Delay Aware CSE DACSE) algorithm, DACSE algorithm can eliminate the CSs at a given delay constraint conditions, not only to expand the CSs range of choices, improve the area optimization efficiency, but also be able to give the minimum circuit area to the minimum critical path delay of the broader area and delay tradeoff design. Aiming at the GF ((2~4) ~2) S box single structure, circuit area and delay are big problems, a comprehensive analysis of the GF ((2~4) ~2) multiplicative inverse structure, this paper presents a short delay ((GF 2~4) ~2) S box circuit, reduces the circuit delay. Analysis of GF (2~4) multiplicative inverse and GF (2~4) circuit characteristic multiplier, put forward the structure of AND-XOR array based on GF (2~4) multiplicative inverse unit and multiplier unit, reduce the area and delay circuit. On the basis of, 鍒嗘瀽浜?jiǎn)涓嶅彲绾﹀椤瑰紡鍜屽熀瀵笹F((2~4)~2)涔樻硶閫嗗拰鏄犲皠鐭╅樀紜歡澶嶆潅搴︾殑褰卞搷,鍩轟簬鏈，

本文編號(hào)：1624748