An authentication method and schemes using a block cipher to protect data integrity (authenticity) during communication over insecure channels and during data storage on insecure media. The authentication method and schemes of this invention allow, in a further aspect, message and data signing and verification in parallel or pipelined manners, in addition to sequential operation, without requiring twice as many block enciphering operations as the number of input plaintext blocks. The present invention allows, in a yet further aspect, software and hardware implementations used in high-performance systems and networks where multiple processing units are available for block enciphering operations. In a yet further aspect, the authentication method and schemes of this invention allow incremental updates and out-of-order processing of authentication tags. In a yet further aspect, the authentication method and schemes of this invention are suitable for real-time applications where message length remains unknown until the entire message is received, and commencing message authentication cannot be deferred until the end of the message.
CROSS-REFERENCE TO RELATED APPLICATION(S)
This application claims the benefit of priority under 35 U.S.C Section 119(e) of provisional application Ser. No. 60/193,447 entitled "XCBC Encryption Modes and XECB Authentication Modes" filed on Mar. 31, 2000, the disclosure of which is incorporated herein in its entirety.
The present invention provides an apparatus and method for performing cryptographic operations on a plurality of input data blocks within a processor, where the size of the input data blocks is programmable. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes fetch logic and execution logic. The fetch logic is disposed within a microprocessor and is configured to receive a cryptographic instruction single atomic cryptographic instruction as part of an instruction flow executing on the microprocessor. The cryptographic instructionsingle atomic cryptographic instruction prescribes one of the cryptographic operations, and also one of a plurality of data block sizes. The execution logic is disposed within the microprocessor and is operatively coupled to the single atomic cryptographic instruction. The execution logic executes the one of the cryptographic operations. The execution logic has a block size controller that employs the one of a plurality of data block sizes during execution of the one of the cryptographic operations.
An apparatus and method for performing cryptographic operations on a plurality of input data blocks within a processor. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction, CFB mode logic, and execution logic. The cryptographic instruction is received by a pipeline microprocessor as part of an application program executing on the pipeline microprocessor. The cryptographic instruction prescribes one of the cryptographic operations. The one of the cryptographic operations includes a plurality of CFB block cryptographic operations performed on a corresponding plurality of input text blocks. The CFB mode logic is operatively coupled to the cryptographic instruction. The CFB mode logic directs the pipeline microprocessor to update pointer registers and intermediate results for each of the plurality of CFB block cryptographic operations. The execution logic is operatively coupled to the CFB mode logic. The execution logic executes the one of the cryptographic operations.
An apparatus and method for performing cryptographic operations on a plurality of input data blocks. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction, OFB mode logic, and execution logic. The cryptographic instruction is received by a pipeline microprocessor as part of an application program executing on the pipeline microprocessor. The cryptographic instruction prescribes one of the cryptographic operations. The one of the cryptographic operations includes a plurality of OFB block cryptographic operations performed on a corresponding plurality of input text blocks. The OFB mode logic is operatively coupled to the cryptographic instruction. The OFB mode logic directs the pipeline microprocessor to update pointer registers and an initialization vector location for each of the plurality of CFB block cryptographic operations. The execution logic is operatively coupled to the OFB mode logic. The execution logic executes the one of the cryptographic operations.
The present invention provides an apparatus and method for performing cryptographic operations on a plurality of input data blocks within a processor. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes a cryptographic instruction and execution logic. The cryptographic instruction is received by a computing device as part of an instruction flow executing on the computing device, wherein the cryptographic instruction prescribes one of the cryptographic operations. The execution logic is operatively coupled to the cryptographic instruction and executes the one of the cryptographic operations. The one of the cryptographic operations includes indicating whether the one of the cryptographic operations has been interrupted by an interrupting event.
The present invention provides an apparatus and method for performing cryptographic operations on a plurality of input data blocks within a microprocessor, where the size cryptographic key that is employed is programmable. In one embodiment, an apparatus for performing cryptographic operations is provided. The apparatus includes fetch logic and execution logic. The fetch logic is disposed within a microprocessor, and receives a cryptographic instructionsingle atomic cryptographic instruction as part of an instruction flow executing on the microprocessor. The cryptographic instructionsingle atomic cryptographic instruction prescribes one of the cryptographic operations, and also one of a plurality of cryptographic key sizes. The execution logic disposed within the microprocessor and is operatively coupled to the single atomic cryptographic instruction. The execution logic executes the one of the cryptographic operations. The execution logic has a cryptographic key size controller that employs the one of a plurality of cryptographic key sizes during execution of the one of the cryptographic operations.
