| US 7,509,501 B2 | ||
| Cryptographic apparatus for supporting multiple modes | ||
| Tae-Gon Park, Suwon-shi (Korea, Republic of); Kyung-Wan Nam, Sungnam-shi (Korea, Republic of); and Young-Wook Park, Ahnyang-shi (Korea, Republic of) | ||
| Assigned to Samsung Electronics Co., Ltd., (Korea, Republic of) | ||
| Filed on Dec. 23, 2003, as Appl. No. 10/744,125. | ||
| Claims priority of application No. 10-2003-0004806 (KR), filed on Jan. 24, 2003. | ||
| Prior Publication US 2004/0148512 A1, Jul. 29, 2004 | ||
| Int. Cl. G06F 11/30 (2006.01); G06F 12/14 (2006.01); H04L 9/32 (2006.01) | ||
| U.S. Cl. 713—193 | 2 Claims |
| 1. A cryptographic apparatus for encrypting data stored in a memory, the apparatus comprising:
a control unit for generating control signals in response to externally supplied encryption information;
a memory controller for reading out the data from the memory;
an input buffer for storing the data read out by the memory controller;
an encryption unit for encrypting a data block stored in the input buffer; and
an output buffer for storing the data encrypted by the encryption unit;
wherein the memory controller writes the encrypted data stored in the output buffer to the memory,
the memory controller, the input buffer, the encryption unit and the output buffer operate in response to the control signals,
wherein the mode is any one selected from a group consisting of electronic codebook (ECB) mode, cipher block chaining (CBC)
mode, CBC-message authentication (CBC-MAC) mode and counter (CNT) mode, and
wherein the encryption unit comprises:
an initial vector register for storing an initial vector supplied from the control unit;
a data input register for storing the data supplied from the input buffer;
an encryptor for encrypting input data;
a data output register for storing data to be supplied to the output buffer;
an adder;
a first selection circuit for supplying any one of data stored in the initial vector register, result data of logic operation
of the data stored in the initial vector register and the data stored in the data input register, and the data stored in the
data input register to the encryptor as input data in response to the mode signal, and supplying the data stored in the initial
vector register to the adder in response to the mode signal; and
a second selection circuit for supplying any one of result data of logic operation of the data stored in the data input register
and the data encrypted by the block encryptor, and the data encrypted by the block encryptor to the data output register in
response to the mode signal, and supplying the data encrypted by the encryptor to the initial vector register in response
to the mode signal,
wherein the adder adds a predetermined value to data supplied from the first selection circuit and stores it in the initial
vector register,
wherein the first selection circuit comprises:
a first multiplexer;
a first logic operator;
a second multiplexer for supplying the data stored in the initial vector register to both the adder and the first multiplexer
or the first logic operator in response to the mode signal; and
a third multiplexer for supplying the data stored in the initial vector register to the first logic operator or the first
multiplexer in response to the mode signal;
wherein the first logic operator received outputs from the second and third multiplexers and performs logic operation on them,
and
the first multiplexer transfers any one of an output of the second multiplexer, an output of the first logic operator and
an output of the third multiplexer to the encryption.
|