摘要:
A system for ciphering data for transmission by a communication device is provided. The system includes a memory device having a memory buffer a first access port connected to the memory buffer and a second access port connected to the memory buffer. The system also has a data processing processor connected to the first access port via a first bus and a ciphering processor connected to the second access port via a second bus. The first access port and the second access port each provide mutually independent access to the memory buffer. The second bus is not connected to the first bus. The data processing processor is adapted to receive the data and provide the data to the memory buffer over the first bus. The ciphering processor is adapted to retrieve the data from the memory buffer over the second bus, generate ciphered data from the data, generate integrity check information for the ciphered data using the data and provide the ciphered data to the memory buffer over the second bus.
摘要:
An apparatus and method are described for performing efficient Boolean operations in a pipelined processor which, in one embodiment, does not natively support three operand instructions. For example, a processor according to one embodiment of the invention comprises: a set of registers for storing packed operands; Boolean operation logic to execute a single instruction which uses three or more source operands packed in the set of registers, the Boolean operation logic to read at least three source operands and an immediate value to perform a Boolean operation on the three source operands, wherein the Boolean operation comprises: combining a bit read from each of the three operands to form an index to the immediate value, the index identifying a bit position within the immediate value; reading the bit from the identified bit position of the immediate value; and storing the bit from the identified bit position of the immediate value in a destination register.
摘要:
A method and apparatus is described for processing of network data packets by a network processor having cipher processing cores and authentication processing cores which operate on data within the network data packets, in order to provide a one-pass ciphering and authentication processing of the network data packets.
摘要:
The present disclosure provides a system and method for performing modular exponentiation. The method may include dividing a first polynomial into a plurality of segments and generating a first product by multiplying the plurality of segments of the first polynomial with a second polynomial. The method may also include generating a second product by shifting the contents of an accumulator with a factorization base. The method may further include adding the first product and the second product to yield a first intermediate result and reducing the first intermediate result to yield a second intermediate result. The method may also include generating a public key based on, at least in part, the second intermediate result. Of course, many alternatives, variations and modifications are possible without departing from this embodiment.
摘要:
In one embodiment, circuitry is provided to generate a residue based at least in part upon operations and a data stream generated based at least in part upon a packet. The operations may include at least one iteration of at least one reduction operation including (a) multiplying a first value with at least one portion of the data stream, and (b) producing a reduction by adding at least one other portion of the data stream to a result of the multiplying. The operations may include at least one other reduction operation including (c) producing another result by multiplying with a second value at least one portion of another stream based at least in part upon the reduction, (d) producing a third value by adding at least one other portion of the another stream to the another result, and (e) producing the residue by performing a Barrett reduction based at least in part upon the third value.
摘要:
The present disclosure provides an apparatus and method for generating a Galois-field syndrome. One exemplary method may include loading a first data byte from a first storage device to a first register and loading a second data byte from a second storage device to a second register; ANDing the most significant bit (MSB) of the first data byte and a Galois-field polynomial to generate a first intermediate output; XORing each bit of the first intermediate output with the least significant bits (LSBs) of the first data byte to generate a second intermediate output; MUXing the second intermediate output with each bit of the first data byte to generate a third intermediate output; XORing each bit of the third intermediate output with each bit of the second data byte to generate at a fourth intermediate output; and generating a RAID Q syndrome based on, at least in part, the fourth intermediate output. Of course, many alternatives, variations and modifications are possible without departing from this embodiment.
摘要:
In one embodiment, the present disclosure provides a method capable of processing a variety of different operations. A method according to one embodiment may include loading configuration data from a shared memory unit into a hardware configuration register, the hardware configuration register located within circuitry included within a hardware accelerator unit. The method may also include issuing a command set from a microengine to the hardware accelerator unit having the circuitry. The method may additionally include receiving the command set at the circuitry from the microengine, the command set configured to allow for the processing of a variety of different operations. The method may further include processing an appropriate operation based upon the configuration data loaded into the hardware configuration register. Of course, many alternatives, variations and modifications are possible without departing from this embodiment.
摘要:
The present disclosure provides a system and method for performing carry/borrow handling. A method according to one embodiment may include generating a first result having a first carry or borrow from a first mathematical operation and storing the first carry or borrow and a first pointer address in a temporary register. The method may further include generating a second result having a second carry or borrow from a second mathematical operation and calling a subroutine configured to perform carry and borrow handling. The method may also include copying the first pointer address from the temporary register into a global variable. Of course, many alternatives, variations and modifications are possible without departing from this embodiment.
摘要:
The present disclosure provides a method for performing modular exponentiation. The method may include generating a first remainder (xp) based on an encrypted message (X) modulo a first prime number (p) and generating a second remainder (xq) based on the encrypted message (X) modulo a second prime number (q). The method may further include generating a third remainder(v1) based on the first remainder (xp) raised to a first private key number (d1) modulo the first prime number (p) and simultaneously generating a fourth remainder (v2) based on the second remainder (xq) raised to a second private key number (d2) modulo the second prime number(q). The method may also include subtracting the fourth remainder (v2) from the third remainder (v1) to yield a result (v1−v2) and multiplying the result (v1−v2) by a constant (c) to produce a second result. The method may additionally include generating a sixth remainder (h) by taking the second result modulo the first prime number (p) and multiplying the sixth remainder (h) by the second prime number (q) to produce a third result. The method may further include adding the third result and the fourth remainder (v2) to yield a final result (Y) and generating, at least in part, a public key based on the final result (Y). Of course, many alternatives, variations and modifications are possible without departing from this embodiment.
摘要:
A network processing having cryptographic processing includes an authentication buffer for storing ciphered data and providing the ciphered data to an authentication core.