High-Efficiency Parallel Cryptographic Accelerator for Real-Time Guaranteeing Dynamic Data Security in Embedded Systems

. 2021 May 15;12(5):560. doi: 10.3390/mi12050560

Algorithm 2 Data-load operation with hardware security checking from external memory

Inputs:Address, Ciphertext, Signature

Outputs:Data, Exception

1: Data ← set of data blocks to write back

{d a t a}_{i}

1 \leq i \leq n

2: signature ← Integrity

{s i g n a t u r e}_{s}

set of data blocks and corresponding addresses,

1 \leq s \leq \frac{n}{4}

3: assert the target address, map address to physical address;

4: assign

{a d d r e s s}_{i}

←

q \times

m o d (d, q) + 1

, i = 1, i++,

1 \leq i \leq 4

signature ←

m o d (d - 1, q) + 1

, where

q = 4

;

5: Input four physical address blocks and a corresponding signature to cryptographic accelerator;

6: begin timestamps memory pops four timestamps, Ts++;

7: IV_seed = {address [127:96],

0^{64}

, timestamp [31:0]};

8: repeat: the four IV seed blocks are generated;

9: Using AES engine to generate key_stream, and storing the first block key_stream_B1 in register B1;

10: Data = Ciphertext XOR key_stream, then Ciphertext = Data XOR key_stream input to the GHash engine;

11: until ciphertext blocks are computed in the GHash engine, the authenticated Tag of Tag-decry. is output;

12: Tag-encry. = Signature XOR key_stream_B1

13: if Tag-decry. = Tag-encry. then

Exception = NULL /* integrity valid */

else Exception = assertion; /* integrity invalid */