Efficient Implementation of National Security Algorithms SM2, SM3 and SM4 Based on RISC-V Instruction Extension Method

WANG Ming-deng; YAN Ying-jian; GUO Peng-fei; ZHANG Fan

doi:10.12263/DZXB.20230391

您当前的位置：

首页 >

文章列表页 >

Efficient Implementation of National Security Algorithms SM2, SM3 and SM4 Based on RISC-V Instruction Extension Method

PAPERS | 更新时间：2025-12-08

- Efficient Implementation of National Security Algorithms SM2, SM3 and SM4 Based on RISC-V Instruction Extension Method
- ACTA ELECTRONICA SINICA Vol. 52, Issue 8, Pages: 2850-2865(2024)
- 作者机构：
  
  1.信息工程大学密码工程学院，河南郑州 450001
  2.浙江大学网络空间安全学院，浙江杭州 310058
- 作者简介：
- 基金信息：
  
  National Natural Science Foundation of China(62072398);Open Foundation of Henan Key Laboratory of Cyberspace Situation Awareness(HNTS2022001)
- DOI：10.12263/DZXB.20230391
  CLC： TP332;TP309
- Received：28 April 2023，
  
  Revised：2023-11-06，
  
  Published：25 August 2024
- 稿件说明：
移动端阅览
王明登, 严迎建, 郭朋飞, 等. 基于RISC-V指令扩展方式的国密算法SM2、SM3和SM4的高效实现[J]. 电子学报, 2024, 52(08): 2850-2865.

WANG Ming-deng, YAN Ying-jian, GUO Peng-fei, et al. Efficient Implementation of National Security Algorithms SM2, SM3 and SM4 Based on RISC-V Instruction Extension Method[J]. Acta Electronica Sinica, 2024, 52(08): 2850-2865.
王明登, 严迎建, 郭朋飞, 等. 基于RISC-V指令扩展方式的国密算法SM2、SM3和SM4的高效实现[J]. 电子学报, 2024, 52(08): 2850-2865. DOI：10.12263/DZXB.20230391

WANG Ming-deng, YAN Ying-jian, GUO Peng-fei, et al. Efficient Implementation of National Security Algorithms SM2, SM3 and SM4 Based on RISC-V Instruction Extension Method[J]. Acta Electronica Sinica, 2024, 52(08): 2850-2865. DOI：10.12263/DZXB.20230391

摘要

基于指令扩展的密码算法实现是兼顾性能和面积的轻量级实现方式，特别适用于日益普及的物联网设备.SM2、SM3和SM4等国密算法有利于提高自主可控设备的安全性，但针对这些算法进行指令扩展的相关研究还不够充分.RISC-V由于其开源、简洁及可扩展等优点已成为业界最流行的指令集架构之一，本文主要基于国产开源RISC-V处理器对国密算法SM2、SM3和SM4进行指令扩展和高效实现.本文基于软硬件协同的理念提出总体指令的扩展方案.对相关密码算法进行深入分析和方案对比，分别设计了硬件单元，提出高效的实现方式.设计实现的协处理器具有2级流水线结构，顺序派遣、乱序执行和顺序写回的指令执行模式，以及独立内存访问单元和大位宽寄存器.协处理器统一接管了密码算法的部分控制逻辑，降低硬件资源消耗.实验结果表明，本文设计的密码协处理器硬件结构精简，资源利用率高.SM2、SM3和SM4算法占用资源少，但执行速率相比纯硬件有一定程度下降，资源面积和花费时间的乘积与其他相关文献相比有不同程度的优势.

Abstract

The implementation of the cryptographic algorithm based on instruction extension is a lightweight scheme that balances both performance and area

which is especially suitable for the increasingly popular Internet of Things devices. The proposal of national cryptographic algorithms such as SM2

SM3

and SM4 is conducive to improving the security of self-controlled devices. However

the relevant research on instruction extensions for these algorithms is insufficient. RISC-V has become one of the most popular instruction set architectures due to its advantages of open source

simplicity

extensibility

etc. This paper mainly focuses on the instruction extensions and efficient implementation of the SM2

SM3

and SM4 algorithms based on a domestic open-source RISC-V processor. Specifically

this paper proposes an overall instruction expansion scheme based on the concept of hardware-software co-design; this paper conducts an in-depth analysis of the related cryptographic algorithms and comparison of the implementation schemes and then proposes efficient implementations of the hardware units

respectively. This paper designs and implements a coprocessor with a two-stage pipeline structure

sequential dispatching

out-of-order execution

and sequential write-back instruction execution modes

as well as an independent memory access unit and a large bit-wide register. The coprocessor takes over part of the control logic of the cryptographic algorithm

reducing hardware resource consumption. The experimental results show that the hardware structure of the cryptographic coprocessor designed in this paper is simplified

and the utilization of hardware resources is high. SM2

SM3

and SM4 algorithms occupy very few resources

but the execution rate decreases only to a certain extent compared with pure hardware implementation. The product of resource area and time spent has varying degrees of advantages compared to other relevant literature.

关键词

Keywords

references

KOUICEM D E , BOUABDALLAH A , LAKHLEF H . Internet of things security: A top-down survey [J ] . Computer Networks , 2018 , 141 ( 4 ): 199 - 221 .

OpenSSL . OpenSSL technical committee: OpenSSL project [EB/OL ] . ( 2022-05-27 )[ 2023-04-23 ] . https://www.openssl.org/ https://www.openssl.org/ .

FABIAN A . Botan: Crypto and TLS for modern C++ [EB/OL ] . ( 2023-04-11 ) [ 2023-04-23 ] . http://botan.randombit.net/ http://botan.randombit.net/ .

NIIBE Y . Libgcrypt [EB/OL ] .( 2023-04-06 )[ 2023-04-23 ] . https://www.gnupg.org/software/libgcrypt/ https://www.gnupg.org/software/libgcrypt/ .

刘云涛 , 申泽生 , 方硕 , 等 . 高吞吐率流水线结构的ZUC-256流密码硬件设计 [J ] . 电子学报 , 2023 , 51 ( 2 ): 438 - 445 .

LIU Y T , SHEN Z S , FANG S , et al . A hardware design of ZUC-256 stream cipher of pipelining structure with high throughput [J ] . Acta Electronica Sinica , 2023 , 51 ( 2 ): 438 - 445 . (in Chinese)

杜怡然 , 杨萱 , 戴紫彬 , 等 . 粗粒度可重构密码逻辑阵列智能映射算法研究 [J ] . 电子学报 , 2020 , 48 ( 1 ): 101 - 109 .

DU Y R , YANG X , DAI Z B , et al . Research on coarse-grained reconfigurable cryptographic logic array intelligent mapping algorithm [J ] . Acta Electronica Sinica , 2020 , 48 ( 1 ): 101 - 109 . (in Chinese)

李沐 , 崔益军 , 倪子颖 , 等 . ZUC-256流密码轻量级硬件设计与实现 [J ] . 数据采集与处理 , 2022 , 37 ( 3 ): 695 - 702 .

LI M , CUI Y J , NI Z Y , et al . Lightweight hardware design and implementations of ZUC-256 stream cipher on FPGA [J ] . Journal of Data Acquisition and Processing , 2022 , 37 ( 3 ): 695 - 702 . (in Chinese)

芮康康 , 王成华 , 范赛龙 , 等 . 一种高性能R-LWE格加密算法的电路结构及其FPGA实现 [J ] . 数据采集与处理 , 2019 , 34 ( 4 ): 689 - 696 .

RUI K K , WANG C H , FAN S L , et al . High performance hardware architecture of lattice-based cryptography and its FPGA implementation [J ] . Journal of Data Acquisition and Processing , 2019 , 34 ( 4 ): 689 - 696 . (in Chinese)

NANNIPIERI P , DI MATTEO S , ZULBERTI L , et al . A RISC-V post quantum cryptography instruction set extension for number theoretic transform to speed-up CRYSTALS algorithms [J ] . IEEE Access , 2021 , 9 : 150798 - 150808 .

HAO C , GROßSCHÄDL J , MARSHALL B , et al . RISC-V instruction set extensions for lightweight symmetric cryptography [J ] . IACR Transactions on Cryptographic Hardware and Embedded Systems , 2022 : 193 - 237 .

HADJ YOUSSEF W EL , ABDELLI A , DRIDI F , et al . An efficient lightweight cryptographic instructions set extension for IoT device security [J ] . Security and Communication Networks , 2022 : 9709601 .

PAN L H , TU G Q , LIU S B , et al . A lightweight AES coprocessor based on RISC-V custom instructions [J ] . Security and Communication Networks , 2021 : 9355123 .

LIU Z , CHOO K K R , GROSSSCHADL J . Securing edge devices in the post-quantum Internet of Things using lattice-based cryptography [J ] . IEEE Communications Magazine , 2018 , 56 ( 2 ): 158 - 162 .

刘畅 , 武延军 , 吴敬征 , 等 . RISC-V指令集架构研究综述 [J ] . 软件学报 , 2021 , 32 ( 12 ): 3992 - 4024 .

LIU C , WU Y J , WU J Z , et al . Survey on RISC-V system architecture research [J ] . Journal of Software , 2021 , 32 ( 12 ): 3992 - 4024 . (in Chinese)

RAO J L , AO T Y , XU S , et al . Design exploration of SHA-3 ASIP for IoT on a 32-bit RISC-V processor [J ] . IEICE Transactions on Information and Systems , 2018 , E101.D( 11 ): 2698 - 2705 .

KUNDI D E S , KHALID A , AZIZ A , et al . Resource-shared crypto-coprocessor of AES enc/dec with SHA-3 [J ] . IEEE Transactions on Circuits and Systems I: Regular Papers , 2020 , 67 ( 12 ): 4869 - 4882 .

WANG W Z , HAN J , CHENG X , et al . An energy-efficient crypto-extension design for RISC-V [J ] . Microelectronics Journal , 2021 , 115 : 105165 .

WANG D M , LIN Y H , HU J G , et al . FPGA implementation for elliptic curve cryptography algorithm and circuit with high efficiency and low delay for IoT applications [J ] . Micromachines , 2023 , 14 ( 5 ): 1037 .

李斌 , 周清雷 , 陈晓杰 , 等 . 可重构的素域SM2算法优化方法 [J ] . 通信学报 , 2022 , 43 ( 3 ): 30 - 41 .

LI B , ZHOU Q L , CHEN X J , et al . Optimization of reconfigurable SM2 algorithm over prime filed [J ] . Journal on Communications , 2022 , 43 ( 3 ): 30 - 41 . (in Chinese)

李建立 , 莫燕南 , 粟涛 , 等 . 基于国密算法SM2、SM3、SM4的高速混合加密系统硬件设计 [J ] . 计算机应用研究 , 2022 , 39 ( 9 ): 2818 - 2825, 2831 .

LI J L , MO Y N , SU T , et al . Hardware design of high-speed hybrid encryption system based on SM2, SM3 and SM4 algorithm [J ] . Application Research of Computers , 2022 , 39 ( 9 ): 2818 - 2825, 2831 . (in Chinese)

方轶 , 丛林虎 , 邓建球 , 等 . 基于FPGA的SM3算法快速实现方案 [J ] . 计算机应用与软件 , 2020 , 37 ( 6 ): 259 - 262 .

FANG Y , CONG L H , DENG J Q , et al . Fast implementation of SM3 algorithm based on FPGA [J ] . Computer Applications and Software , 2020 , 37 ( 6 ): 259 - 262 . (in Chinese)

CHEN Y X , SONG J F , CHEN S , et al . Exploring the high-throughput and low-delay hardware design of SM4 on FPGA [C ] // 2022 19th International SoC Design Conference (ISOCC) . Piscataway : IEEE , 2022 : 211 - 212 .

HUANG X Y , GUO Z C , SONG M G , et al . Accelerating the SM3 hash algorithm with CPU-FPGA Co-Designed architecture [J ] . IET Computers & Digital Techniques , 2021 , 15 ( 6 ): 427 - 436 .

王腾飞 , 张海峰 , 许森 . SM2专用指令协处理器设计与实现 [J ] . 计算机工程与应用 , 2022 , 58 ( 2 ): 102 - 109 .

WANG T F , ZHANG H F , XU S . Design and implementation of SM2 co-processor with specific instructions [J ] . Computer Engineering and Applications , 2022 , 58 ( 2 ): 102 - 109 . (in Chinese)

ZHENG X , XU C Y , HU X H , et al . The software/hardware co-design and implementation of SM2/3/4 encryption/decryption and digital signature system [J ] . IEEE Transactions on Computer-Aided Design of Integrated Circuits and Systems , 2020 , 39 ( 10 ): 2055 - 2066 .

陈锐 , 李冰 , 刘向东 . 基于RISC-V指令扩展的低开销SM4算法设计与实现 [J ] . 电子器件 , 2021 , 44 ( 1 ): 108 - 113 .

CHEN R , LI B , LIU X D . Design and implementation of low-cost SM4 algorithm based on RISC-V instruction set extension [J ] . Chinese Journal of Electron Devices , 2021 , 44 ( 1 ): 108 - 113 . (in Chinese)

LING Z , YAN H Y , SHAO X H , et al . Secure boot, trusted boot and remote attestation for ARM TrustZone-based IoT Nodes [J ] . Journal of Systems Architecture , 2021 , 119 : 102240 .

MENG Y F , LI J Z . Data sharing mechanism of sensors and actuators of industrial IoT based on blockchain-assisted identity-based cryptography [J ] . Sensors , 2021 , 21 ( 18 ): 6084 .

HU X H , ZHENG X , ZHANG S S , et al . A high-performance elliptic curve cryptographic processor of SM2 over GF(p) [J ] . Electronics , 2019 , 8 ( 4 ): 431 .

LIAO K , CUI X X , LIAO N , et al . High-performance noninvasive side-channel attack resistant ECC coprocessor for GF(2 m ) [J ] . IEEE Transactions on Industrial Electronics , 2017 , 64 ( 1 ): 727 - 738 .

国家密码算法局 . SM2椭圆曲线公钥密码算法 [EB/OL ] . ( 2010-12-17 )[ 2023-04-23 ] . https://www.oscca.gov.cn/sca/xxgk/2010-12/17/1002386/files/b791a9f908bb4803875ab6aeeb7b4e03.pdf https://www.oscca.gov.cn/sca/xxgk/2010-12/17/1002386/files/b791a9f908bb4803875ab6aeeb7b4e03.pdf .

State Cryptography Administration . Public Key Cryptographic Algorithm SM2 Based on Elliptic Curves [EB/OL ] . ( 2010-12-17 ) [ 2023-04-23 ] . https://www.oscca.gov.cn/sca/xxgk/2010-12/17/1002386/files/b791a9f908bb4803875ab6aeeb7b4e03.pdf. https://www.oscca.gov.cn/sca/xxgk/2010-12/17/1002386/files/b791a9f908bb4803875ab6aeeb7b4e03.pdf. (in Chinese)

国家密码算法局 . SM3密码杂凑算法 [EB/OL ] . ( 2010-12-17 )[ 2023-04-23 ] . https://www.oscca.gov.cn/sca/xxgk/2010-12/17/1002389/files/302a3ada057c4a73830536d03e683110.pdf https://www.oscca.gov.cn/sca/xxgk/2010-12/17/1002389/files/302a3ada057c4a73830536d03e683110.pdf .

State Cryptography Administration . SM3 Cryptographic Hash Algorithm [EB/OL ] . ( 2010-12-17 )[ 2023-04-23 ] . https://www.oscca.gov.cn/sca/xxgk/2010-12/17/1002389/files/302a3ada057c4a73830536d03e683110.pdf. https://www.oscca.gov.cn/sca/xxgk/2010-12/17/1002389/files/302a3ada057c4a73830536d03e683110.pdf. (in Chinese)

国家密码算法局 . 无线局域网产品使用的SMS4密码算法 [EB/OL ] . ( 2016-11-18 )[ 2023-04-23 ] . https://www.oscca.gov.cn/sca/c100061/201611/1002423/files/330480f731f64e1ea75138211ea0dc27.pdf https://www.oscca.gov.cn/sca/c100061/201611/1002423/files/330480f731f64e1ea75138211ea0dc27.pdf .

State Cryptography Administration . SMS4 cryptographic algorithm used in wireless LAN products [EB/OL ] . ( 2016-11-18 ). [ 2023-04-23 ] . https://www.sca.gov.cn/sca/c100061/201611/1002423/files/330480f731f64e1ea75138211ea0dc27.pdf. https://www.sca.gov.cn/sca/c100061/201611/1002423/files/330480f731f64e1ea75138211ea0dc27.pdf. (in Chinese)

Nuclei . Hummingbirdv 2 E 203 Core and SoC[EB/OL ] . ( 2022-10-27 )[ 2023-04-23 ] . https://doc.nucleisys.com/hbirdv2 https://doc.nucleisys.com/hbirdv2 .

胡振波 . 手把手教你RISC-V CPU(上) 处理器设计 [M ] . 北京 : 人民邮电出版社 , 2021 : 282 - 289 .

HU Z B . Hands-on RISC-V CPU Processor Design (book one) [M ] . Beijing : The People’s Posts and Telecommunications Press , 2021 : 282 - 289 . (in Chinese)

车光宁 , 张钊锋 . GF(2 m )域上的低功耗可配置ECC点乘算法ASIC设计实现 [J ] . 微电子学与计算机 , 2018 , 35 ( 1 ): 15 - 20 .

CHE G N , ZHANG Z F . Low power configurable ASIC based elliptic curve scalar multiplication over GF(2 m ) [J ] . Microelectronics & Computer , 2018 , 35 ( 1 ): 15 - 20 . (in Chinese)

刘金龙 , 张玉婷 , 王尧 . GF(2 m )域ECC点乘算法优化设计 [J ] . 通信技术 , 2020 , 53 ( 6 ): 1488 - 1494 .

LIU J L , ZHANG Y T , WANG Y . Optimal design of ECC point multiplication algorithm over GF(2 m ) [J ] . Communications Technology , 2020 , 53 ( 6 ): 1488 - 1494 . (in Chinese)

AWALUDIN A M , LARASATI H T , KIM H . High-speed and unified ECC processor for generic weierstrass curves over GF( p ) on FPGA [J ] . Sensors , 2021 , 21 ( 4 ): 1451 .

LI Y , MA X P , ZHANG Y , et al . Mastrovito form of non-recursive karatsuba multiplier for all trinomials [J ] . IEEE Transactions on Computers , 2017 , 66 ( 9 ): 1573 - 1584 .

HEIDARPUR M , MIRHASSANI M . An efficient and high-speed overlap-free karatsuba-based finite-field multiplier for FGPA implementation [J ] . IEEE Transactions on Very Large Scale Integration (VLSI) Systems , 2021 , 29 ( 4 ): 667 - 676 .

苗佳 . 杂凑算法SM3/SHA256/SHA3的硬件设计与实现 [D ] . 北京 : 清华大学 , 2018 .

MIAO J . Hardware Design and Implementation of Secure Hash Algorithms SM3/SHA256/SHA3 [D ] . Beijing : Tsinghua University , 2018 . (in Chinese)

何诗洋 , 李晖 , 李凤华 . SM4算法的FPGA优化实现方法 [J ] . 西安电子科技大学学报 , 2021 , 48 ( 3 ): 155 - 162 .

HE S Y , LI H , LI F H . Optimization and implementation of the SM4 on FPGA [J ] . Journal of Xidian University , 2021 , 48 ( 3 ): 155 - 162 . (in Chinese)

夏辉 , 于佳 , 秦尧 , 等 . 嵌入式领域ECC专用指令处理器的研究 [J ] . 计算机学报 , 2017 , 40 ( 5 ): 1092 - 1108 .

XIA H , YU J , QIN Y , et al . The researches on the ASIP of ECC in embedded domain [J ] . Chinese Journal of Computers , 2017 , 40 ( 5 ): 1092 - 1108 . (in Chinese)

ZHAO X , LI B , ZHANG L , et al . FPGA implementation of high-efficiency ECC point multiplication circuit [J ] . Electronics , 2021 , 10 ( 11 ): 1252 .

于永鹏 , 严迎建 , 李伟 . SM3算法高速ASIC设计及实现 [J ] . 微电子学与计算机 , 2016 , 33 ( 4 ): 21 - 26 .

YU Y P , YAN Y J , LI W . High speed ASIC design and implementation of SM3 algorithm [J ] . Microelectronics & Computer , 2016 , 33 ( 4 ): 21 - 26 . (in Chinese)

刘金峒 , 梁科 , 王锦 , 等 . SM4加密算法可裁剪式结构设计与硬件实现 [J ] . 南开大学学报(自然科学版) , 2019 , 52 ( 4 ): 41 - 45 .

LIU J T , LIANG K , WANG J , et al . Cuttable structure design and hardware implementation of SM4 encryption algorithm [J ] . Acta Scientiarum Naturalium Universitatis Nankaiensis , 2019 , 52 ( 4 ): 41 - 45 . (in Chinese)

Views

下载量

CSCD

Alert me when the article has been cited

提交

Tools

Publicity Resources

Basic Math Library Implementation for RISC-V

Design and Implementation of Embedded Multiple-ISA Processor Based on RISC-V

Multi-Pass Decoding Algorithm Based on a Speech Recognition Chip

Study on System-Level Power Model for Low Power Optimization

Related Author

XU Jin-chen

SONG Guang-hui

HOU Ming

HAO Jiang-wei

GUO Shao-zhong

LI Fei

HUANG Li-bo

CUI Yi-jun

Related Institution

PLA Information Engineering University

State Key Laboratory of Mathematical Engineering and Advanced Computing

College of Computer Science and Technology， National University of Defense Technology

Dept.of Electronic Engineering,Tsinghua University

Dept.of Computer Science,University of Science and Technology of China

⁰