[go: up one dir, main page]

CN104717053B - Data decryption circuit and method - Google Patents

Data decryption circuit and method Download PDF

Info

Publication number
CN104717053B
CN104717053B CN201310674644.4A CN201310674644A CN104717053B CN 104717053 B CN104717053 B CN 104717053B CN 201310674644 A CN201310674644 A CN 201310674644A CN 104717053 B CN104717053 B CN 104717053B
Authority
CN
China
Prior art keywords
data
decryption
length
package
carrying
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CN201310674644.4A
Other languages
Chinese (zh)
Other versions
CN104717053A (en
Inventor
王奕凯
王得权
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
MediaTek Inc
Original Assignee
MStar Semiconductor Inc Taiwan
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by MStar Semiconductor Inc Taiwan filed Critical MStar Semiconductor Inc Taiwan
Priority to CN201310674644.4A priority Critical patent/CN104717053B/en
Publication of CN104717053A publication Critical patent/CN104717053A/en
Application granted granted Critical
Publication of CN104717053B publication Critical patent/CN104717053B/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Landscapes

  • Storage Device Security (AREA)

Abstract

本发明揭露了一种数据解密电路及方法,用来解密一目前加密数据封包,该目前加密数据封包包含一标头数据及一承载数据。该数据解密电路包含:一运算单元,用来依据该标头数据及一虚拟随机数产生一第一数据,依据一会话密钥与一常数产生一第二数据,并依据该标头数据产生该承载数据的一长度信息及一起始位置信息;其中,该运算单元藉由执行程序代码来产生该第一数据、该第二数据、该长度信息及该起始位置信息;以及一解密计算电路,耦接该运算单元,用来依据该第一数据及该第二数据产生一解密密钥,以及依据该起始位置信息及该长度信息自该目前加密数据封包中取得该承载数据,并利用该解密密钥解密该承载数据。

The present invention discloses a data decryption circuit and method, which are used to decrypt a current encrypted data packet, wherein the current encrypted data packet includes a header data and a bearer data. The data decryption circuit includes: a computing unit, which is used to generate a first data according to the header data and a pseudo random number, generate a second data according to a session key and a constant, and generate a length information and a starting position information of the bearer data according to the header data; wherein the computing unit generates the first data, the second data, the length information and the starting position information by executing a program code; and a decryption calculation circuit, which is coupled to the computing unit, which is used to generate a decryption key according to the first data and the second data, obtain the bearer data from the current encrypted data packet according to the starting position information and the length information, and decrypt the bearer data using the decryption key.

Description

数据解密电路与方法Data decryption circuit and method

技术领域technical field

本发明是关于数据解密电路与方法,尤其是关于利用软件与硬件互相搭配的数据解密电路与方法。The present invention relates to a data decryption circuit and method, in particular to a data decryption circuit and method utilizing software and hardware to cooperate with each other.

背景技术Background technique

请参阅图1,其是习知高频宽数字内容保护(High-Bandwidth Digital ContentProtection,以下简称HDCP)的数据解密流程的示意图。请同时参阅图2,其是习知一个传输串流(transport stream,TS)封包的组成示意图。如图2所示,一个传输串流封包200包含TS标头数据、基本封包流(packetized elementary streams,以下简称PES)标头数据以及基本比特流(elementary stream,ES),或称为承载数据(payload)。在HDCP的标准中,TS标头数据包含一个名为承载数据单元起始指示(payload unit start indicator)的旗标,用来指示传输串流封包是否包含PES标头数据。PES标头数据包含用来解密的私有数据(privatedata),而私有数据主要包含streamCtr(流控制)数据及inputCtr(输入控制)数据。请注意,并非每个传输串流封包皆包含PES标头数据,实作时可以藉由承载数据单元起始指示旗标来判断。当传输串流封包包含PES标头数据时,可以由私有数据中取出inputCtr数据来执行解密程序;当传输串流封包未包含PES标头数据时,inputCtr数据可以依据目前正在解密的数据段(例如长度为16字节)推知,inputCtr数据以HDCP每次解密的数据段为单位递增。请参阅图1,32位的streamCtr数据与64位的虚拟随机数(pseudo-random number)riv的较低的32位做异或(exclusive or,XOR)运算后,再与虚拟随机数riv的较高的32位合并而得到64位的中间数据,该中间数据再与64位的inputCtr数据合并形成具有128位的中间数据p。128位的会话密钥(session key)Ks与128位的常数lc128做异或运算后的结果与中间数据p一起经由进阶加密标准(Advanced Encryption Standard,以下简称AES)运算后产生128位的密钥。一个数据段(block)长度(128位或16字节)的加密数据与密钥进行异或运算后即可得到该加密数据的原始数据(包含128位或16字节的数据)。上述的虚拟随机数riv及会话密钥Ks为传输串流的传送端与接收端互相沟通后所得的结果。Please refer to FIG. 1 , which is a schematic diagram of a data decryption process of conventional High-Bandwidth Digital Content Protection (HDCP for short). Please also refer to FIG. 2 , which is a schematic diagram of a conventional transport stream (TS) packet. As shown in FIG. 2 , a transport stream packet 200 includes TS header data, elementary packet stream (packetized elementary streams, hereinafter referred to as PES) header data, and elementary bit stream (elementary stream, ES), or called bearer data ( payload). In the HDCP standard, the TS header data includes a flag named payload unit start indicator, which is used to indicate whether the transport stream packet contains PES header data. The PES header data includes private data for decryption, and the private data mainly includes streamCtr (flow control) data and inputCtr (input control) data. Please note that not every transport stream packet contains PES header data, which can be judged by the bearer data unit start indicator flag during implementation. When the transport stream packet contains PES header data, the inputCtr data can be extracted from the private data to perform the decryption process; when the transport stream packet does not contain PES header data, the inputCtr data can be based on the data segment currently being decrypted (eg The length is 16 bytes), it is inferred that the inputCtr data is incremented by the data segment decrypted each time by HDCP. Please refer to Figure 1, the 32-bit streamCtr data and the lower 32 bits of the 64-bit virtual random number (pseudo-random number) r iv do an exclusive OR (XOR) operation, and then the pseudo-random number r iv The higher 32 bits are combined to obtain 64-bit intermediate data, and the intermediate data is combined with the 64-bit inputCtr data to form 128-bit intermediate data p. The 128-bit session key (session key) K s and the 128-bit constant lc 128 are XORed together with the intermediate data p to generate 128 bits after being operated by Advanced Encryption Standard (hereinafter referred to as AES) key. The original data of the encrypted data (including 128-bit or 16-byte data) can be obtained after the encrypted data of a block length (128 bits or 16 bytes) is XORed with the key. The virtual random number r iv and the session key K s mentioned above are the results obtained after the transmission end and the receiving end of the transmission stream communicate with each other.

如图2所示,一个传输串流封包的长度为188字节,其中TS标头数据的长度为4字节,PES标头数据可能存在或不存在,而且没有固定的长度,如上所述,可以藉由承载数据单元起始指示旗标来判断PES标头数据是否存在。如果PES标头数据存在,其中包含其长度的信息。因此承载数据的长度即传输串流封包的长度(188字节)减去TS标头数据的长度(4字节)及PES标头数据的长度(如果PES标头数据存在)之后所剩余的数据长度。如前述,HDCP每次解密的数据段为16字节,承载数据可能包含若干数据段,然而承载数据的数据量有可能不是16字节的整数倍。因此进行数据解密的过程中,一个传输串流封包很可能会剩余一小段数据(小于16字节)未解密,该未解密的数据必须与下一个传输串流封包中的承载数据的部分数据结合,以形成一个完整的数据段来进行HDCP数据解密程序。As shown in Figure 2, the length of a transport stream packet is 188 bytes, in which the length of the TS header data is 4 bytes, and the PES header data may or may not exist, and there is no fixed length, as mentioned above, Whether the PES header data exists can be judged by the bearer data unit start indication flag. If PES header data is present, it contains information about its length. Therefore, the length of the bearer data is the length of the transport stream packet (188 bytes) minus the length of the TS header data (4 bytes) and the length of the PES header data (if the PES header data exists). length. As mentioned above, the data segment decrypted by HDCP each time is 16 bytes, and the bearer data may include several data segments, but the data volume of the bearer data may not be an integer multiple of 16 bytes. Therefore, in the process of data decryption, a small piece of data (less than 16 bytes) may remain undecrypted in a transport stream packet, and the undecrypted data must be combined with part of the data carrying data in the next transport stream packet , to form a complete data segment for HDCP data decryption procedure.

如果图1所示的HDCP解密程序完全由硬件执行,由于硬件缺乏弹性,上述结合两个原本分属不同传输串流封包的承载数据的动作将造成硬件设计上的困难,必须有额外的电路设计来应付不同的情况,因此容易造成设计上耗时及电路成本增加;而如果HDCP解密程序完全由软件执行,也就是透过程序代码的方式由运算单元(processing unit)来执行,则HDCP解密程序会占用许多运算单元的资源,造成运算单元的负担,可能拖累电子装置的效能。If the HDCP decryption program shown in Figure 1 is completely executed by hardware, due to the lack of flexibility of the hardware, the above-mentioned action of combining two data-carrying packets originally belonging to different transport stream packets will cause difficulties in hardware design, and additional circuit design is necessary To cope with different situations, it is easy to cause time-consuming design and increased circuit cost; and if the HDCP decryption program is completely executed by software, that is, executed by the processing unit (processing unit) through program code, the HDCP decryption program It will occupy many computing unit resources, causing a burden on the computing unit, and possibly dragging down the performance of the electronic device.

发明内容Contents of the invention

鉴于先前技术的不足,本发明的一目的在于提供一种数据解密电路与一种数据解密方法,以加快解密速度及增加解密流程的弹性。In view of the shortcomings of the prior art, an object of the present invention is to provide a data decryption circuit and a data decryption method, so as to speed up the decryption speed and increase the flexibility of the decryption process.

本发明揭露了一种数据解密电路,用来解密一目前加密数据封包,该目前加密数据封包包含一标头数据及一承载数据,该数据解密电路包含:一运算单元,用来依据该标头数据及一虚拟随机数产生一第一数据,依据一会话密钥与一常数产生一第二数据,并依据该标头数据产生该承载数据的一长度信息及一起始位置信息;其中,该运算单元藉由执行程序代码来产生该第一数据、该第二数据、该长度信息及该起始位置信息;以及一解密计算电路,耦接该运算单元,用来依据该第一数据及该第二数据产生一解密密钥,以及依据该起始位置信息及该长度信息自该目前加密数据封包中取得该承载数据,并利用该解密密钥解密该承载数据。The present invention discloses a data decryption circuit, which is used to decrypt a currently encrypted data packet, the currently encrypted data packet includes a header data and a bearer data, and the data decryption circuit includes: an arithmetic unit, used for according to the header data and a virtual random number to generate a first data, generate a second data according to a session key and a constant, and generate a length information and a starting position information of the bearer data according to the header data; wherein, the operation The unit generates the first data, the second data, the length information and the start position information by executing the program code; and a decryption calculation circuit, coupled to the calculation unit, for according to the first data and the first data A decryption key is generated from the second data, and the bearer data is obtained from the current encrypted data packet according to the initial location information and the length information, and the bearer data is decrypted by using the decryption key.

本发明另揭露了一种数据解密方法,用来解密一目前加密数据封包,该目前加密数据封包包含一标头数据及一承载数据,该数据解密方法包含:利用一运算单元以执行程序代码的方式执行以下程序:(1)依据该标头数据及一虚拟随机数产生一第一数据;(2)依据一会话密钥与一常数产生一第二数据;以及(3)依据该标头数据产生该承载数据的一长度信息及一起始位置信息;将该第一数据、该第二数据、该长度信息及该起始位置信息传送至一解密计算电路;以及控制该解密计算电路执行以下程序:(1)依据该第一数据及该第二数据产生一解密密钥;(2)依据该起始位置信息及该长度信息自该目前加密数据封包中取得该承载数据;以及(3)利用该解密密钥解密该承载数据。The present invention also discloses a data decryption method for decrypting a currently encrypted data packet, the currently encrypted data packet includes a header data and a bearer data, the data decryption method includes: using an arithmetic unit to execute program codes Execute the following procedures in a manner: (1) generate a first data according to the header data and a virtual random number; (2) generate a second data according to a session key and a constant; and (3) generate a second data according to the header data generating a length information and a starting position information of the carrying data; transmitting the first data, the second data, the length information and the starting position information to a decryption calculation circuit; and controlling the decryption calculation circuit to execute the following program : (1) generating a decryption key according to the first data and the second data; (2) obtaining the bearer data from the currently encrypted data packet according to the starting position information and the length information; and (3) using The decryption key decrypts the bearer data.

本发明另揭露了一种数据解密电路,用来解密一目前加密数据封包,该目前加密数据封包包含一标头数据及一承载数据,该数据解密电路包含:一运算单元,用来依据该标头数据产生该承载数据的一长度信息及一起始位置信息;其中,该运算单元藉由执行程序代码来产生该长度信息及该起始位置信息;以及一解密计算电路,耦接该运算单元,用来产生一解密密钥,以及依据该起始位置信息及该长度信息自该目前加密数据封包中取得该承载数据,并利用该解密密钥解密该承载数据。The present invention also discloses a data decryption circuit for decrypting a currently encrypted data packet, the currently encrypted data packet includes a header data and a bearer data, the data decryption circuit includes: an arithmetic unit, used to The header data generates a length information and a starting position information of the bearer data; wherein, the operation unit generates the length information and the starting position information by executing program code; and a decryption calculation circuit, coupled to the operation unit, It is used to generate a decryption key, obtain the bearer data from the current encrypted data packet according to the initial location information and the length information, and use the decryption key to decrypt the bearer data.

本发明另揭露了一种数据解密方法,用来解密一目前加密数据封包,该目前加密数据封包包含一标头数据及一承载数据,该数据解密方法包含:控制一运算单元以执行程序代码的方式,依据该标头数据产生该承载数据的一长度信息及一起始位置信息;将该长度信息及该起始位置信息传送至一解密计算电路;以及控制该解密计算电路执行以下程序:(1)产生一解密密钥;(2)依据该起始位置信息及该长度信息自该目前加密数据封包中取得该承载数据;以及(3)以及利用该解密密钥解密该承载数据。The present invention also discloses a data decryption method for decrypting a currently encrypted data packet, the currently encrypted data packet includes a header data and a bearer data, the data decryption method includes: controlling an arithmetic unit to execute program codes way, generating a length information and a starting position information of the bearing data according to the header data; transmitting the length information and the starting position information to a decryption calculation circuit; and controlling the decryption calculation circuit to execute the following program: (1 ) generating a decryption key; (2) obtaining the bearer data from the currently encrypted data packet according to the initial location information and the length information; and (3) decrypting the bearer data by using the decryption key.

本发明的数据解密电路与数据解密方法利用软件搭配硬件来进行数据的解密。软件的好处在于具有弹性且容易修改,可以依据不同的加密数据封包的格式,来调整软件的设计,因此可以很容易找出加密数据封包的承载数据的位置。而硬件可以加快解密的流程,使解密的流程更快速完成以提高电路的效能。习知技术中使用纯软件的方式来执行解密程序虽然富有弹性,但却消耗运算单元的资源,对硬件资源有限(例如运算单元的运算速度较慢)的嵌入式系统而言,将造成负担;而习知技术中使用纯硬件的方式来执行解密程序虽然快速,但却缺乏弹性,当遇到加密数据封包的承载数据不是解密的最小单位的整数倍时,便造成错误。相较于习知技术,本发明兼具软硬件的优点,能快速完成解密且富有弹性。The data decryption circuit and the data decryption method of the present invention use software and hardware to decrypt data. The advantage of the software is that it is flexible and easy to modify. The design of the software can be adjusted according to the format of different encrypted data packets, so it is easy to find out the location of the encrypted data packets carrying data. The hardware can speed up the decryption process, so that the decryption process can be completed more quickly to improve the performance of the circuit. Although the conventional technology uses pure software to execute the decryption program, although it is flexible, it consumes the resources of the computing unit, which will cause a burden to the embedded system with limited hardware resources (such as the computing speed of the computing unit is relatively slow); However, in the prior art, although the pure hardware method is used to execute the decryption program, although it is fast, it lacks flexibility. When the bearer data of the encrypted data packet is not an integer multiple of the minimum unit for decryption, an error will be caused. Compared with the conventional technology, the present invention has the advantages of both software and hardware, and can quickly complete decryption and is flexible.

有关本发明的特征、实作与功效,兹配合图式作较佳实施例详细说明如下。Regarding the characteristics, implementation and effects of the present invention, preferred embodiments are described in detail below in conjunction with the drawings.

附图说明Description of drawings

图1为习知HDCP的数据解密流程的示意图;Fig. 1 is the schematic diagram of the data decryption process of conventional HDCP;

图2为习知一个传输串流封包的组成示意图;FIG. 2 is a schematic diagram of the composition of a conventional transport stream packet;

图3为本发明HDCP数据解密电路的一实施例的示意图;Fig. 3 is the schematic diagram of an embodiment of HDCP data decryption circuit of the present invention;

图4为本发明的数据解密方法的一实施例的流程图;以及Fig. 4 is a flowchart of an embodiment of the data decryption method of the present invention; and

图5为本发明HDCP数据解密电路的另一实施例的示意图。FIG. 5 is a schematic diagram of another embodiment of the HDCP data decryption circuit of the present invention.

具体实施方式Detailed ways

以下说明内容的技术用语是参照本技术领域的习惯用语,如本说明书对部分用语有加以说明或定义,该部分用语的解释是以本说明书的说明或定义为准。The technical terms in the following description refer to the customary terms in this technical field. If some terms are explained or defined in this manual, the explanations of these terms shall be based on the descriptions or definitions in this manual.

本发明的揭露内容包含数据解密电路与数据解密方法,能够处理数据长度不为数据段的整数倍的承载数据。该电路与方法可应用于传输串流的封包,在实施为可能的前提下,本技术领域具有通常知识者能够依本说明书的揭露内容来选择等效的组件或步骤来实现本发明,亦即本发明的实施并不限于后叙的实施例。由于本发明的数据解密电路所包含的部分组件单独而言可能为已知组件,因此在不影响该装置发明的充分揭露及可实施性的前提下,以下说明对于已知组件的细节将予以节略。此外,本发明的数据解密方法可藉由本发明的数据解密电路或其等效装置来执行,在不影响该方法发明的充分揭露及可实施性的前提下,以下方法发明的说明将着重于步骤内容而非硬件。The disclosed content of the present invention includes a data decryption circuit and a data decryption method, which can process bearer data whose data length is not an integer multiple of a data segment. The circuit and method can be applied to the packets of the transmission stream. On the premise that the implementation is possible, those skilled in the art can select equivalent components or steps to realize the present invention according to the content disclosed in this specification, that is, The implementation of the present invention is not limited to the examples described below. Since some of the components included in the data decryption circuit of the present invention may be known components individually, the details of the known components will be omitted in the following description without affecting the full disclosure and implementability of the device invention . In addition, the data decryption method of the present invention can be executed by the data decryption circuit of the present invention or its equivalent device. On the premise of not affecting the full disclosure and implementability of the method invention, the description of the following method invention will focus on the steps content, not hardware.

请参阅图3,其是本发明HDCP数据解密电路的一实施例的示意图。HDCP数据解密电路300用来解密连续的传输串流封包,并且包含运算单元310及AES计算电路320。运算单元310取得一个传输串流封包的PES标头数据,解析(parse)该PES标头数据以取得streamCtr数据及inputCtr数据,并将streamCtr数据、inputCtr数据与虚拟随机数riv做异或运算及合并后得到图1所示的中间数据p;另外,运算单元310也将会话密钥Ks与常数lc128做异或运算而产生中间数据q。中间数据p与中间数据q以一简单合并方式组成密钥keys输出至AES计算电路320。此外,当传输串流封包包含PES标头数据时,运算单元310还解析PES标头数据来得到PES标头数据的长度信息。依据PES标头数据的长度信息,运算单元310可以计算出图2的传输串流封包200中承载数据的起始位置P以及长度L。更详细地说,由于传输串流封包200具有固定的长度188字节,而传输串流封包200的TS标头数据也具有固定的长度4字节,假设PES标头数据的长度为n字节(n为整数,若PES标头数据不存在则n为0),则承载数据的起始位置P为第(4+n+1)个字节,而承载数据的长度L为(188-4-n)字节。得到承载数据的起始位置P及长度L的信息后,运算单元310便将此信息传送给AES计算电路320。当上述的密钥keys、承载数据的起始位置P及承载数据的长度L等信息皆输出给AES计算电路320后,运算单元310发出控制信号Ctrl来触发AES计算电路320的解密程序。Please refer to FIG. 3 , which is a schematic diagram of an embodiment of the HDCP data decryption circuit of the present invention. The HDCP data decryption circuit 300 is used for decrypting continuous transport stream packets, and includes a computing unit 310 and an AES computing circuit 320 . The operation unit 310 obtains the PES header data of a transport stream packet, parses (parses) the PES header data to obtain streamCtr data and inputCtr data, and performs an XOR operation on the streamCtr data, inputCtr data and the virtual random number r iv and After the combination, the intermediate data p shown in FIG. 1 is obtained; in addition, the operation unit 310 also performs an XOR operation on the session key K s and the constant lc 128 to generate the intermediate data q. The intermediate data p and the intermediate data q are combined in a simple manner to form keys keys and output to the AES calculation circuit 320 . In addition, when the transport stream packet includes PES header data, the computing unit 310 also parses the PES header data to obtain length information of the PES header data. According to the length information of the PES header data, the computing unit 310 can calculate the starting position P and the length L of the data carried in the transport stream packet 200 in FIG. 2 . In more detail, since the transport stream packet 200 has a fixed length of 188 bytes, and the TS header data of the transport stream packet 200 also has a fixed length of 4 bytes, assuming that the length of the PES header data is n bytes (n is an integer, if the PES header data does not exist, then n is 0), then the starting position P of the bearer data is the (4+n+1)th byte, and the length L of the bearer data is (188-4 -n) bytes. After obtaining the information of the starting position P and the length L of the carrying data, the computing unit 310 transmits the information to the AES computing circuit 320 . After the above information such as the keys, the starting position P of the loaded data, and the length L of the loaded data are all output to the AES computing circuit 320 , the computing unit 310 sends a control signal Ctrl to trigger the decryption procedure of the AES computing circuit 320 .

AES计算电路320是一个支持多种加解密算法的电路,其中所包含的AES-CTR模块可以用于本发明HDCP的数据解密运算。AES-CTR模块对密钥keys包含的中间数据p与中间数据q进行AES运算后得到最终用来解密加密数据的128位的密钥。AES计算电路320再依据承载数据的起始位置P及长度L,从传输串流封包中取得待解密的数据段,并且将待解密的数据段与最终的密钥做异或运算而得到未加密的原始数据。当目前的传输串流封包所包含的承载数据超过一个数据段的长度(即16字节),则AES计算电路320于完成目前数据段的解密后,便进行紧邻的下一个数据段的解密。如果目前的传输串流封包所包含的承载数据为16字节的倍数,AES计算电路320于解密完承载数据的所有数据段后,便进行下一个传输串流封包的解密;如果目前的传输串流封包所包含的承载数据不为16字节的倍数,亦即解密目前的承载数据的过程中,最后将剩下不足16字节的数据,此时AES计算电路320可以依据运算单元310所提供的下一个传输串流封包的承载数据的起始位置P及长度L,来取得下一个传输串流封包的承载数据的部分数据,并将该部分数据与上一个传输串流封包的承载数据所剩余的数据组成16元位组的数据段,来进行解密运算。综上所述,即使解密的过程中遇到数据长度不为16字节的倍数的承载数据,本发明的HDCP数据解密电路300也能够持续进行解密而不会有错误产生。值得注意的是,运算单元310可以执行程序代码的方式运作,AES计算电路320则可为硬件计算电路。使得本发明以软件与硬件互相配合以完成解密程序。The AES calculation circuit 320 is a circuit that supports multiple encryption and decryption algorithms, and the AES-CTR module contained therein can be used for the data decryption operation of the HDCP of the present invention. The AES-CTR module performs AES operations on the intermediate data p and intermediate data q contained in the key keys to obtain a 128-bit key that is finally used to decrypt the encrypted data. The AES calculation circuit 320 then obtains the data segment to be decrypted from the transport stream packet according to the initial position P and length L of the carried data, and performs an XOR operation on the data segment to be decrypted and the final key to obtain an unencrypted of the original data. When the bearer data contained in the current transport stream packet exceeds the length of one data segment (ie 16 bytes), the AES calculation circuit 320 decrypts the next data segment immediately after completing the decryption of the current data segment. If the bearer data contained in the current transport stream packet is a multiple of 16 bytes, the AES calculation circuit 320 will decrypt the next transport stream packet after decrypting all the data segments of the bearer data; if the current transport stream packet The bearer data contained in the stream packet is not a multiple of 16 bytes, that is, in the process of decrypting the current bearer data, there will be less than 16 bytes of data left at the end. At this time, the AES calculation circuit 320 can use the data provided by the operation unit 310 The starting position P and length L of the bearer data of the next transport stream packet to obtain part of the data bearer of the next transport stream packet, and combine the part of data with the bearer data of the previous transport stream packet The remaining data constitutes a 16-byte data segment for decryption operations. To sum up, even if bearer data whose data length is not a multiple of 16 bytes is encountered during the decryption process, the HDCP data decryption circuit 300 of the present invention can continue to decrypt without error. It should be noted that the operation unit 310 can operate in the manner of executing program codes, and the AES calculation circuit 320 can be a hardware calculation circuit. This makes the present invention cooperate with software and hardware to complete the decryption program.

请参阅图4,其是本发明的数据解密方法的一实施例的流程图。除前述的数据解密电路外,本发明亦相对应地揭露了一种数据解密方法,用于解密传输串流封包,能够对具有不同承载数据长度的传输串流封包进行解密。本方法利用AES计算电路来负责HDCP的数据解密程序所需的AES-CTR加解密算法。本方法可以由前揭HDCP数据解密电路300或其等效装置来执行。本发明的数据解密方法用来解密连续的传输串流封包,包含目前正在进行解密的目前传输串流封包,以及紧接于目前传输串流封包之后的次一传输串流封包。目前传输串流封包及次一传输串流封包皆包含PES标头数据及承载数据。如图4所示,本发明的一实施例包含下列步骤:Please refer to FIG. 4 , which is a flowchart of an embodiment of the data decryption method of the present invention. In addition to the aforementioned data decryption circuit, the present invention also correspondingly discloses a data decryption method for decrypting transport stream packets, capable of decrypting transport stream packets with different data lengths. The method utilizes the AES calculation circuit to be responsible for the AES-CTR encryption and decryption algorithm required by the HDCP data decryption program. The method can be implemented by the aforementioned HDCP data decryption circuit 300 or its equivalent device. The data decryption method of the present invention is used to decrypt consecutive transport stream packets, including the current transport stream packet currently being decrypted and the next transport stream packet immediately after the current transport stream packet. Both the current transport stream packet and the next transport stream packet include PES header data and bearer data. As shown in Figure 4, an embodiment of the present invention comprises the following steps:

步骤S410:依据目前传输串流封包的PES标头数据及虚拟随机数riv产生中间数据p。此步骤以软件的方式来实作,更明确地说是利用电子装置的运算单元来执行程序代码的方式来完成。PES标头数据包含用来解密的私有数据。私有数据主要包含streamCtr数据及inputCtr数据。此步骤将streamCtr数据、inputCtr数据及虚拟随机数riv拿来运算而得到中间数据p。其运算的细节已于前揭的说明中详述,故不再重复;Step S410: Generate intermediate data p according to the PES header data and the virtual random number r iv of the current transport stream packet. This step is implemented in the form of software, more specifically, it is implemented by using the computing unit of the electronic device to execute program codes. The PES header data contains private data used for decryption. Private data mainly includes streamCtr data and inputCtr data. In this step, the streamCtr data, inputCtr data and virtual random number r iv are used for calculation to obtain the intermediate data p. The details of its operation have been described in detail in the previous disclosure, so it will not be repeated;

步骤S420:依据会话密钥Ks与常数lc128产生中间数据q。此步骤同样以软件的方式来实作,也就是利用电子装置的运算单元来执行程序代码的方式来完成。会话密钥Ks与常数lc128为HDCP解密过程中的必要数据,其产生的方法为本技术领域具有通常知识者所熟知,故不再赘述。会话密钥Ks与常数lc128运算之后产生中间数据q,其运算的细节已于前揭的说明中详述,故不再重复;Step S420: Generate intermediate data q according to the session key K s and the constant lc 128 . This step is also implemented in the form of software, that is, it is completed by using the computing unit of the electronic device to execute program codes. The session key K s and the constant lc 128 are necessary data in the HDCP decryption process, and the method for generating them is well known to those skilled in the art, so details will not be repeated here. The intermediate data q is generated after the operation of the session key K s and the constant lc 128. The details of the operation have been detailed in the previous disclosure, so they will not be repeated;

步骤S430:依据PES标头数据产生承载数据的长度信息及起始位置信息。此步骤同样以软件的方式来实作,也就是利用电子装置的运算单元来执行程序代码的方式来完成。如图2所示,本方法所处理的传输串流封包的长度固定,且包含TS标头数据、PES标头数据及承载数据。其中TS标头数据的长度固定,PES标头数据的长度不固定,但PES标头数据包含的其长度信息。所以依据PES标头数据的长度信息便可得知承载数据的起始位置信息及长度信息;Step S430: Generate length information and starting position information of bearer data according to the PES header data. This step is also implemented in the form of software, that is, it is completed by using the computing unit of the electronic device to execute program codes. As shown in FIG. 2 , the length of the Transport Stream packet processed by the method is fixed, and includes TS header data, PES header data and bearer data. The length of the TS header data is fixed, and the length of the PES header data is not fixed, but the PES header data contains its length information. Therefore, according to the length information of the PES header data, the start position information and length information of the bearer data can be known;

步骤S440:将中间数据p、中间数据q、长度信息及起始位置信息传送至AES计算电路。此步骤提供解密所需的中间数据p、中间数据q及承载数据的长度信息及起始位置信息给AES计算电路;以及Step S440: Send the intermediate data p, intermediate data q, length information and initial position information to the AES calculation circuit. This step provides the intermediate data p, intermediate data q and the length information and starting position information of the bearer data required for decryption to the AES calculation circuit; and

步骤S450:控制AES计算电路执行以下的解密程序:Step S450: Control the AES computing circuit to execute the following decryption program:

依据中间数据p及中间数据q产生解密密钥。AES计算电路包含AES-CTR模块,用来对中间数据p及中间数据q进行AES运算以产生最终用来解密的解密密钥,其运算的细节为本技术领域具有通常知识者所熟知,故不赘述;A decryption key is generated according to the intermediate data p and the intermediate data q. The AES computing circuit includes an AES-CTR module, which is used to perform AES operations on the intermediate data p and intermediate data q to generate a decryption key for final decryption. The details of the operation are well known to those skilled in the art, so it is not necessary repeat;

依据起始位置信息及长度信息自目前传输串流封包中取得承载数据。AES计算电路取得目前传输串流封包后,依据承载数据的起始位置信息及长度信息,便可取得目前传输串流封包的承载数据;以及The bearer data is obtained from the current transport stream packet according to the start position information and the length information. After obtaining the current transmission stream packet, the AES calculation circuit can obtain the bearer data of the current transport stream packet according to the initial position information and length information of the bearer data; and

利用解密密钥解密承载数据。AES计算电路将解密密钥与承载数据一同运算后,便可以将承载数据解密,而得到未加密的原始数据。运算的方法已揭露于先前的说明,故不再赘述。The bearer data is decrypted using the decryption key. After the AES calculation circuit operates the decryption key and the bearer data together, the bearer data can be decrypted to obtain unencrypted original data. The calculation method has been disclosed in the previous description, so it will not be described again.

值得注意的是,步骤S450的解密程序是以一个数据段为单位来做运算,在一个较佳的实施例中,一个数据段的长度设定为16字节。一个承载数据通常包含一个以上的数据段,当一个数据段解密完成,AES计算电路便进行下一个数据段的解密。如果承载数据包含整数个数据段,也就是承载数据的长度为16字节的倍数,则AES计算电路可以将整个承载数据完全解密,不会有任何未解密的数据残留在目前传输串流封包中;然而如果承载数据并非包含整数个数据段,也就是承载数据的长度不为16字节的整数倍,则目前传输串流封包中势必将残留未足16字节的数据无法被解密,此时必须将目前传输串流封包的次一个传输串流封包中的承载数据拿来与目前传输串流封包中残留的数据相结合,以形成一个完整的数据段,如此AES计算电路才能够对其做解密运算。而次一个传输串流封包的承载数据的起始位置信息及长度信息同样由电子装置的运算单元由软件运算的方式取得。It should be noted that the decryption program in step S450 operates in units of one data segment, and in a preferred embodiment, the length of a data segment is set to 16 bytes. A bearer data usually includes more than one data segment. When a data segment is decrypted, the AES calculation circuit will decrypt the next data segment. If the bearer data contains an integer number of data segments, that is, the length of the bearer data is a multiple of 16 bytes, the AES calculation circuit can completely decrypt the entire bearer data, and there will be no undecrypted data remaining in the current transport stream packet ; However, if the bearer data does not contain an integer number of data segments, that is, the length of the bearer data is not an integer multiple of 16 bytes, then the data less than 16 bytes will inevitably remain in the current transport stream packet and cannot be decrypted. The bearer data in the next transport stream packet of the current transport stream packet must be combined with the remaining data in the current transport stream packet to form a complete data segment, so that the AES calculation circuit can do it Decryption operation. The initial position information and length information of the carrying data of the next transport stream packet are also obtained by the calculation unit of the electronic device through software calculation.

本发明以软件与硬件互相配合来完成解密程序的好处是,AES计算电路只要依据运算单元所给予的起始位置及长度信息,便能够取得适当的数据段来解密,因此AES计算电路可以被设计成以全硬件的方式进行解密,以加快解密的程序,而且AES计算电路不需负责找出传输串流封包的承载数据,如此可以使硬件的设计简单化。另一方面,以软件的方式来找出承载数据的起始位置信息及长度信息可以使本发明更有弹性,将来若传输串流封包的组成方式改变,或本发明处理的数据不是以传输串流的格式传送,只需稍微修改程序便能适用。The present invention uses software and hardware to cooperate with each other to complete the decryption program. The advantage is that the AES calculation circuit can obtain the appropriate data segment for decryption as long as the initial position and length information given by the calculation unit are used. Therefore, the AES calculation circuit can be designed. In order to speed up the decryption process, the decryption is performed in an all-hardware manner, and the AES calculation circuit does not need to be responsible for finding out the carrying data of the transmission stream packet, which can simplify the design of the hardware. On the other hand, using software to find out the initial position information and length information of the carried data can make the present invention more flexible. The format of the stream is transmitted, and the program can be applied only by slightly modifying the program.

请注意,以上的说明仅为本发明以软件结合硬件的方式来执行解密运算的较佳实施例之一,在其它的实施例中,运算单元可能执行较少的运算,而原本由软件完成的工作则藉由增加AES计算电路的硬件功能来实作。举例来说,请参阅图5,其是本发明HDCP数据解密电路的另一实施例的示意图。HDCP数据解密电路500包含运算单元510及AES计算电路520。AES计算电路520依据虚拟随机数riv、会话密钥Ks及常数lc128来产生中间数据p及中间数据q,再取中间数据p及中间数据q来运算而得到最后用来解密的128元位密钥。运算单元510依据PES标头数据取得承载数据的起始位置信息P及长度数据L,将该信息输出给AES计算电路520,以及发出控制信号Ctrl来触发AES计算电路520的解密程序。而之后AES计算电路520的解密程序则与前一个装置项的实施例相同,故不再赘述。对应于本实施例的方法步骤与图4的流程图所揭露的步骤近似,差别在于前述的步骤S410及步骤S420不再以软件的方式来实作,而是改为由控制AES计算电路520以硬件的方式来实作;而步骤S430仍旧维持以软件的方式来实作。Please note that the above description is only one of the preferred embodiments of the present invention in which software is combined with hardware to perform decryption operations. The work is implemented by increasing the hardware function of the AES calculation circuit. For example, please refer to FIG. 5 , which is a schematic diagram of another embodiment of the HDCP data decryption circuit of the present invention. The HDCP data decryption circuit 500 includes a computing unit 510 and an AES computing circuit 520 . The AES calculation circuit 520 generates intermediate data p and intermediate data q according to the virtual random number r iv , the session key K s and the constant lc 128 , and then takes the intermediate data p and intermediate data q for calculation to obtain the final 128 yuan for decryption bit key. The calculation unit 510 obtains the initial position information P and the length data L of the bearer data according to the PES header data, outputs the information to the AES calculation circuit 520 , and sends a control signal Ctrl to trigger the decryption process of the AES calculation circuit 520 . The subsequent decryption procedure of the AES computing circuit 520 is the same as the embodiment of the previous device item, so it will not be described again. The method steps corresponding to this embodiment are similar to the steps disclosed in the flow chart of FIG. It is implemented by means of hardware; and step S430 is still implemented by means of software.

在其它的实施例中,解密程序的工作或步骤在软件及硬件之间可能另有其它的分配方式,但为了维持能够解密不同长度的承载数据的弹性,亦即为了处理当承载数据的长度不为解密数据段长度(前述的实施例为16字节)的整数倍的情形,本发明的运算单元应至少执行步骤S430,也就是依据PES标头数据来产生承载数据的长度信息及起始位置信息。其余的工作或步骤可以在软件及硬件间弹性分配及设计,而不脱离本发明的范筹。In other embodiments, the work or steps of the decryption program may be allocated in other ways between software and hardware, but in order to maintain the flexibility of decrypting bearer data of different lengths, that is, to handle when the length of bearer data is different In order to decrypt the integer multiple of the length of the data segment (the aforementioned embodiment is 16 bytes), the computing unit of the present invention should at least perform step S430, that is, generate the length information and the starting position of the carried data according to the PES header data information. The rest of the work or steps can be flexibly allocated and designed between software and hardware without departing from the scope of the present invention.

由于本技术领域具有通常知识者可藉由图3的装置发明的揭露内容来了解图4的方法发明的实施细节与变化,因此,为避免赘文,在不影响该方法发明的揭露要求及可实施性的前提下,重复的说明在此予以节略。请注意,前揭图标中,组件的形状、尺寸、比例以及步骤的顺序等仅为示意,是供本技术领域具有通常知识者了解本发明之用,非用以限制本发明。另外,本技术领域人士可依本发明的揭露内容及自身的需求选择性地实施任一实施例的部分或全部技术特征,或者选择性地实施多个实施例的部分或全部技术特征的组合,藉此增加本发明实施时的弹性。再者,前揭实施例虽以传输串流封包为例,然此并非对本发明的限制,本技术领域人士可依本发明的揭露适当地将本发明应用于以其它格式传输的加密数据。Since those skilled in the art can understand the implementation details and changes of the method invention in FIG. 4 through the disclosure of the device invention in FIG. Under the premise of practicality, repeated descriptions are omitted here. Please note that the shapes, sizes, proportions, and sequence of steps of the components in the preceding illustrations are only illustrative, and are for those skilled in the art to understand the present invention, and are not intended to limit the present invention. In addition, those skilled in the art can selectively implement some or all of the technical features of any embodiment according to the disclosure of the present invention and their own needs, or selectively implement a combination of some or all of the technical features of multiple embodiments, In this way, the flexibility of the implementation of the present invention is increased. Furthermore, although the above-disclosed embodiments take transport stream packets as an example, this is not a limitation of the present invention. Persons skilled in the art can appropriately apply the present invention to encrypted data transmitted in other formats according to the disclosure of the present invention.

虽然本发明的实施例如上所述,然而该些实施例并非用来限定本发明,本技术领域具有通常知识者可依据本发明的明示或隐含的内容对本发明的技术特征施以变化,凡此种种变化均可能属于本发明所寻求的专利保护范畴,换言之,本发明的专利保护范围须视本说明书的请求项所界定者为准。Although the embodiments of the present invention are as described above, these embodiments are not intended to limit the present invention, and those skilled in the art can make changes to the technical characteristics of the present invention according to the explicit or implicit content of the present invention. All these changes may belong to the scope of patent protection sought by the present invention. In other words, the scope of patent protection of the present invention shall be subject to what is defined in the claims of this specification.

Claims (16)

1. a kind of data deciphering circuit, for decrypting current encryption data package, which includes the first mark Head data and carrying data, the data deciphering circuit include:
Arithmetic element is used for generating the first data according to first header data and pseudorandom numbers, according to session key and often Number generates the second data, and the length information and start position information of the carrying data are generated according to first header data;Its In, which generates first data, second data, the length information and the start bit by program code is executed Confidence ceases;And
Counting circuit is decrypted, the arithmetic element is coupled, is used for generating decruption key according to first data and second data, with And the carrying data are obtained from the current encryption data package according to the start position information and the length information, utilize the solution The close secret key decryption carrying data, and a part for the carrying data is decrypted with preset data length every time;Wherein
Immediately secondary encryption data package after the current encryption data package, and when the non-decryption portion of carrying data is less than should Preset data length, carrying data of the decryption counting circuit according to the current encryption data package, secondary encryption data package Carrying data and secondary encryption data package carrying data start position information, generation meet the preset data length Data to be decrypted are simultaneously decrypted.
2. data deciphering circuit as described in claim 1, which is characterized in that the length of the current encryption data package is fixed simultaneously And the second header data is further included, the length of second header data is fixed, and first header data includes that header data is long Information is spent, which generates the length information and initial position of the carrying data according to the header data length information Information.
3. data deciphering circuit as described in claim 1, which is characterized in that the decryption program of the decryption counting circuit meets The specification of HDCP.
4. data deciphering circuit as described in claim 1, which is characterized in that the encryption data package is transmission stream format Package.
5. a kind of data decryption method, for decrypting current encryption data package, which includes the first mark Head data and carrying data, the data decryption method include:
Following procedure is executed in the way of executing program code by arithmetic element:
The first data are generated according to first header data and pseudorandom numbers;
The second data are generated according to session key and constant;And
The length information and start position information of the carrying data are generated according to first header data;
First data, second data, the length information and the start position information are sent to decryption counting circuit;And
It controls the decryption counting circuit and executes following procedure:
Decruption key is generated according to first data and second data;
The decryption counting circuit is controlled to take from the current encryption data package according to the start position information and the length information Obtain the carrying data;And
The decryption counting circuit is controlled using the decryption key decryption carrying data, and every time should with the decryption of preset data length Carry a part for data;Wherein
Immediately secondary encryption data package, the data decryption method also include after the current encryption data package:
When the non-decryption portion of carrying data be less than the preset data length, control the decryption counting circuit according to the current encryption The carrying data of the carrying data of data packet, the carrying data of secondary encryption data package and secondary encryption data package rise Beginning location information generates the data to be decrypted for meeting the preset data length and is decrypted.
6. data decryption method as claimed in claim 5, which is characterized in that the length of the current encryption data package is fixed simultaneously And the second header data is further included, the length of second header data is fixed, and first header data includes that header data is long Information is spent, wherein this generates the length information of the carrying data and the step of the start position information according to first header data Suddenly it is length information and the start position information that the carrying data are generated according to the header data length information.
7. data decryption method as claimed in claim 5, which is characterized in that the decryption program of the decryption counting circuit meets The specification of HDCP.
8. data decryption method as claimed in claim 5, which is characterized in that the encryption data package is transmission stream format Package.
9. a kind of data deciphering circuit, for decrypting current encryption data package, which includes the first mark Head data and carrying data, the data deciphering circuit include:
Arithmetic element, for generating the length information and start position information of the carrying data according to first header data;Its In, which generates the length information and the start position information by program code is executed;And
Counting circuit is decrypted, the arithmetic element is coupled, for generating decruption key, and according to the start position information and the length Degree information obtains the carrying data from the current encryption data package, and using the decryption key decryption carrying data, and A part for the carrying data is decrypted with preset data length every time;Wherein
Immediately secondary encryption data package after the current encryption data package, and when the non-decryption portion of carrying data is less than should Preset data length, carrying data of the decryption counting circuit according to the current encryption data package, secondary encryption data package Carrying data and secondary encryption data package carrying data start position information, generation meet the preset data length Data to be decrypted are simultaneously decrypted.
10. data deciphering circuit as claimed in claim 9, which is characterized in that the length of the current encryption data package is fixed And the second header data is further included, the length of second header data is fixed, and first header data includes header data Length information, the arithmetic element generate length information and the start bit of the carrying data according to the header data length information Confidence ceases.
11. data deciphering circuit as claimed in claim 9, which is characterized in that the decryption program of the decryption counting circuit meets The specification of HDCP.
12. data deciphering circuit as claimed in claim 9, which is characterized in that the encryption data package is transmission stream format Package.
13. a kind of data decryption method, for decrypting current encryption data package, which includes the first mark Head data and carrying data, the data decryption method include:
Arithmetic element is controlled in a manner of executing program code, the length letter of the carrying data is generated according to first header data Breath and start position information;
The length information and the start position information are sent to decryption counting circuit;And
It controls the decryption counting circuit and executes following procedure:
Generate decruption key;
According to the start position information and the length information carrying data are obtained from the current encryption data package;And
Using the decryption key decryption carrying data, and a part for the carrying data is decrypted with preset data length every time; Wherein
Immediately secondary encryption data package, the data decryption method also include after the current encryption data package:
When the non-decryption portion of carrying data be less than the preset data length, control the decryption counting circuit according to the current encryption The carrying data of the carrying data of data packet, the carrying data of secondary encryption data package and secondary encryption data package rise Beginning location information generates the data to be decrypted for meeting the preset data length and is decrypted.
14. data decryption method as claimed in claim 13, which is characterized in that the length of the current encryption data package is fixed And the second header data is further included, the length of second header data is fixed, and first header data includes header data Length information, the wherein length information and the start position information that the carrying data are generated according to first header data Step is that the length information and the start position information of the carrying data are generated according to the header data length information.
15. data decryption method as claimed in claim 13, which is characterized in that the decryption program of the decryption counting circuit meets The specification of HDCP.
16. data decryption method as claimed in claim 13, which is characterized in that the encryption data package is transmission stream format Package.
CN201310674644.4A 2013-12-11 2013-12-11 Data decryption circuit and method Expired - Fee Related CN104717053B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310674644.4A CN104717053B (en) 2013-12-11 2013-12-11 Data decryption circuit and method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310674644.4A CN104717053B (en) 2013-12-11 2013-12-11 Data decryption circuit and method

Publications (2)

Publication Number Publication Date
CN104717053A CN104717053A (en) 2015-06-17
CN104717053B true CN104717053B (en) 2018-08-07

Family

ID=53416051

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310674644.4A Expired - Fee Related CN104717053B (en) 2013-12-11 2013-12-11 Data decryption circuit and method

Country Status (1)

Country Link
CN (1) CN104717053B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107241185A (en) * 2016-03-29 2017-10-10 百度在线网络技术(北京)有限公司 Data transmitting and receiving method and transmission and reception device
CN108206820B (en) * 2016-12-20 2021-05-11 扬智科技股份有限公司 Decryption method for network device and its transport stream packet

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6845159B1 (en) * 1998-10-07 2005-01-18 Protego Information Ab Processing method and apparatus for converting information from a first format into a second format
JP2003333024A (en) * 2002-05-09 2003-11-21 Nec Corp Encryption/decryption system and its deciphering prevention/tampering proof method
JP2008271253A (en) * 2007-04-20 2008-11-06 Toshiba Corp Stream reproducing apparatus
US20120082435A1 (en) * 2009-05-18 2012-04-05 Akira Kimura Moving image display device

Also Published As

Publication number Publication date
CN104717053A (en) 2015-06-17

Similar Documents

Publication Publication Date Title
US9374218B2 (en) Method for conducting data encryption and decryption using symmetric cryptography algorithm and table look-up device
US10623176B2 (en) Authentication encryption method, authentication decryption method, and information-processing device
US11546135B2 (en) Key sequence generation for cryptographic operations
US8594321B2 (en) Apparatus and method for operating a symmetric cipher engine in cipher-block chaining mode
US10979212B2 (en) Method and apparatus for decrypting and authenticating a data record
US20090147947A1 (en) Digital-encryption hardware accelerator
CA3051928A1 (en) Equivocation augmentation
US20150149788A1 (en) System, method, and computer program product for optimizing data encryption and decryption by implementing asymmetric aes-cbc channels
WO2007105709A1 (en) Information processing system, information processing method, and information processing program
US8122075B2 (en) Pseudorandom number generator and encryption device using the same
EP2449719B1 (en) Pattern-free encryption
US7406595B1 (en) Method of packet encryption that allows for pipelining
CN104717053B (en) Data decryption circuit and method
TWI520553B (en) Data decryption circuit and method thereof
KR100949538B1 (en) Encryption and decryption apparatus using AES linedal algorithm and method thereof
KR101240243B1 (en) Encryption apparatus and method according to CTR mode of AES(advanced encryption standard)
JP2011114594A (en) Data encryption method, data encryption processing program, and information processor
US8560832B2 (en) Information processing apparatus
KR20080072345A (en) Encryption device and method
CN111740818A (en) A data processing method, device, equipment and storage medium
JP6167721B2 (en) ENCRYPTION DEVICE, DECRYPTION DEVICE, ENCRYPTION METHOD, DECRYPTION METHOD, AND PROGRAM
JP4395527B2 (en) Information processing device
KR101583285B1 (en) Block cipher method using expansion key and apparatus thereof
CN106788968A (en) It is applied to the implementation method of the security coprocessor of WIA-PA agreements
JP2013205437A (en) Method and apparatus for calculating nonlinear function s-box

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant
TR01 Transfer of patent right
TR01 Transfer of patent right

Effective date of registration: 20200413

Address after: No.1, Duhang 1st Road, Hsinchu City, Hsinchu Science Park, Taiwan, China

Patentee after: MEDIATEK Inc.

Address before: Taiwan Hsinchu County Tai Yuan Street China jhubei City, No. 26 4 floor 1

Patentee before: MSTAR SEMICONDUCTOR Inc.

CF01 Termination of patent right due to non-payment of annual fee
CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20180807