摘要:
ANSI X3.92 Data Encryption algorithm is public knowledge, and is widely used where data security and integrity is vital, such as commercial banks, secret service organizations etc. Even though this algorithm is feasible to implement in software, it is impractical to achieve desired performance for most of the applications. Hence, a hardware solution is highly recommended. Prior art DES hardware in CMOS technology served performance needs of low-end and mid-range systems only, due to the technology constraints. However, some of these constraints are removed through the technology breakthroughs and the current CMOS is well suited for high performance applications. While prior art DES designs allowed one round per cycle to minimize the cell count, the current technology allows of multiple rounds per cycle due to the denser CMOS chip technology. In order to maximize the number of rounds for a given cycle time, careful study of algorithm to determine the critical paths from a logic implementation perspective is required. This invention identifies one such path in f-function of the DES algorithm, where the expanded data and the key is XOR'd prior to entering S-function. It is mathematically proven that if the left half of the input data is expanded and XOR'ed with the second key at the same time the right half of the input data which is still going through its XOR, S-function, permute and expansion, then this expanded result can be immediately XOR'ed with the left input data being expanded and XOR'ed in parallel. The resulting output can be used as input to the next S-function, thus eliminating a stage of expansion and XOR logic for all subsequent S-function inputs in rounds 2 through 15.
摘要:
A system and method for implementing a new protocol that uses new data structures in order to improve the performance of a token ring without changing its topology or degrading its fairness. A primary sender sends a data frame containing a data field addressed to a primary receiver. The protocol allows the primary receiver to enter "transmit mode" and assume another role as a secondary sender when the data frame is received and copied. The secondary sender overwrites the data field. Then, the secondary sender designates a secondary receiver to receive the update data and sends an acknowledgement message back to the primary sender to indicate that it has received data. The secondary receiver sends an acknowledgement to the secondary sender when the secondary transmission data is received. The primary sender checks for an acknowledgement from the primary receiver when the data frame returns. Then the primary sender transmits the data frame downstream. The primary sender regenerates a token and either releases it or seizes it based on whether it has more data to send. The secondary sender verifies the acknowledgement from the secondary receiver and returns to "listen mode".
摘要:
A method and system for increasing performance on a standard dual ring token ring by generating one or more sub-tokens so that multiple data transmissions can occur concurrently. Upon receipt of a data frame from the token holder, interface logic enables a receiver to generate a sub-token frame. The sub-token is used to notify the next downstream station that it may transmit data frames to other downstream stations. In this way, a second data transmission path can be established between downstream stations. In a similar manner, the receiver of a data frame sent by a sub-token owner will generate a sub-token frame for use by the next downstream station when its data arrives. Each sub-token is used to create a new sub-ring, thus allowing for concurrent data transmissions. Each new sub-ring must obey token ring protocol to avoid data collisions.
摘要:
An improved DES unit internally checks whether the DES algorithm is being performed without error. A standard DES algorithm performs an initial permutation of input data and then multiple rounds or iterations of the following: expanding part of a result of the initial permutation for the first iteration and a result of the previous iteration for the subsequent iterations, exclusive ORing a result of the expansion with key bits, performing a selection function on a result of the exclusive ORing, permuting a result of the selection function, and exclusive ORing a result of the permuting. In the improved DES unit, data check bits that correspond to the input data which has been expanded are exclusive NORed with key check bits that correspond to the key, and a result of the exclusive NORing is checked against a result of the exclusive ORing to identify any errors in the operation of the basic DES unit. Also, a check selection function is performed on the result of the exclusive ORing. A result of the check selection function is exclusive NORed with data check bits for another part of the input data to yield input data for input to the expanding function for a next iteration. Also, the improved DES unit checks for accuracy in processing an input key by permuted choicing the input key, key shifting a result of the permuted choicing, and checking a result of the key shifting against key check bits which correspond to the input key and bypass the permuted choicing and key shifting functions.