A key generation method and a cryptographic processing core system based on a scalable operation data path

By employing scalable computing data pathways and preemptive release logic, the inflexibility and compatibility issues caused by the fixed architecture in key generation methods are resolved, improving the efficiency and reliability of key generation, adapting to scenarios with different resource and performance requirements, and ensuring business continuity and accurate data synchronization.

CN121887394BActive Publication Date: 2026-06-19SHANGHAI YIRUIXIN ELECTRONIC TECHNOLOGY CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
SHANGHAI YIRUIXIN ELECTRONIC TECHNOLOGY CO LTD
Filing Date
2026-03-20
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

Existing key generation methods rely on fixed architecture designs, lack flexibility, and struggle to balance performance, power consumption, and area requirements. This results in performance bubbles in inter-stage operations, poor bus compatibility, the need to interrupt services for key updates, insufficient data synchronization accuracy, and low round key matching accuracy, all of which affect the practicality and robustness of the encryption system.

Method used

It adopts a scalable computing data path as the core, and combines key steps such as preemptive release logic, count generation, key expansion, data alignment and bitwise XOR. It adapts to slippage buffers, optimizes round key retrieval rules, and designs a non-interrupted key update process to achieve bus compatibility and business continuity.

Benefits of technology

The computing pathway architecture is designed to be flexible and adaptable to different PPA requirements, eliminating performance bubbles between levels, improving generation efficiency, avoiding data loss and deadlock, ensuring business continuity, improving data synchronization and round key matching accuracy, and achieving high-performance, resource-adaptive, and continuously reliable key generation.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN121887394B_ABST
    Figure CN121887394B_ABST
Patent Text Reader

Abstract

This application provides a key generation method and a core cryptographic processing system based on a scalable computing data path. The method includes: determining plaintext data, initial key data, counter configuration parameters, and encryption operation parameters based on key generation requirement information; generating counter block data based on the counter configuration parameters, and generating multiple round keys based on the initial key data; performing multi-level folding operations on the counter block data and round keys by the scalable computing data path according to the folding factor and pipeline number under preemptive release logic to generate intermediate key data, and performing synchronization buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data; and performing a bitwise XOR operation on the aligned plaintext data based on the intermediate key data to generate target key data. Through the above method, high performance, resource adaptability, accurate synchronization, and continuous reliability are achieved in key generation.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of cryptographic encryption technology, and in particular to a key generation method and a core cryptographic processing system based on a scalable computational data path. Background Technology

[0002] Key generation is a core and fundamental step in cryptographic encryption systems. Its efficiency, security, resource adaptability, and operational continuity directly determine the overall performance and reliability of the system. In practical applications of mainstream block cipher algorithms such as SM4, key generation typically employs Counter Mode (CTR) to generate a pseudo-random keystream, which is then encrypted using a bitwise XOR operation with the plaintext. This approach is widely used in data security transmission and storage scenarios such as high-speed encryption in data centers, low-power encryption in IoT terminals, and real-time encryption in industrial control systems. For example, it is crucial for ensuring data privacy and system stability in real-time video stream encryption, industrial control system data protection, and secure financial transaction transmission.

[0003] Existing key generation methods mostly rely on fixed architecture designs, lacking flexibility and making it difficult to balance performance, power consumption, and area (PPA) requirements: fixed computational path architectures result in poor PPA adaptability, failing to dynamically match resource-constrained scenarios or high-speed throughput needs; performance bubbles exist in inter-stage operations, causing a decrease in pipeline utilization and significantly reducing generation efficiency; poor bus compatibility easily leads to data loss or system deadlock, especially when standard buses such as AXI4-Stream are congested; key updates require interrupting business operations, failing to meet the requirements of real-time encryption continuity and increasing security risks; insufficient data synchronization accuracy leads to plaintext and key timing misalignment, increasing the error rate; low round key matching accuracy causes index misalignment, affecting computational reliability. These defects collectively restrict the practicality and robustness of encryption systems. Summary of the Invention

[0004] In view of this, the purpose of this application is to provide a key generation method and a core cryptographic processing system based on a scalable computational data path. By adopting a scalable computational data path as the core, and combining key steps such as preemptive release logic, counting generation, key expansion, data alignment, and bitwise XOR, while adapting to slippage buffers to achieve bus compatibility, optimizing round key retrieval rules, and designing an uninterrupted key update process, the application achieves the following technical effects: the computational path architecture can flexibly adapt to different PPA requirements; it eliminates inter-level performance bubbles to improve generation efficiency; it solves bus compatibility problems to avoid data loss and deadlock; it achieves uninterrupted key updates to ensure business continuity; and it improves data synchronization and round key matching accuracy to reduce error rate. This results in high performance, resource adaptation, accurate synchronization, and continuous reliability during key generation.

[0005] This application provides a key generation method based on a scalable computational data path. The key generation method is applied to a cryptographic processing core system, which includes a scalable encryption / decryption core module, a counter generator, a data alignment module, and a bitwise XOR encryption / decryption module. The scalable encryption / decryption core module includes a core control unit, a key expansion unit, and a scalable computational data path. The key generation method includes:

[0006] In response to receiving input key generation requirement information, the core control unit determines the encryption configuration parameters corresponding to the cryptographic processing core system based on the key generation requirement information; wherein, the encryption configuration parameters include plaintext data, initial key data, counter configuration parameters, and encryption operation parameters;

[0007] The counter generator generates automatically incrementing counter block data based on the counter configuration parameters, and the key expansion unit generates multiple round keys corresponding to the scalable computing data path based on the initial key data.

[0008] The scalable computing data path performs multi-level folding operations based on the counter block data and the round key under the preemptive release logic, according to the folding factor and pipeline number in the encryption operation parameters, to generate intermediate key data. The data alignment module then performs synchronous buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data.

[0009] The bitwise XOR encryption / decryption module performs a bitwise XOR operation on the aligned plaintext data based on the intermediate key data to generate the target key data.

[0010] Furthermore, the cryptographic processing core system is also equipped with a slippage buffer; the key generation method further includes:

[0011] The slip buffer receives the intermediate key data generated by the scalable computing data path and the receive ready signal of the external data transmission bus, and detects in real time whether the amount of data corresponding to the intermediate key data is lower than the preset water level line.

[0012] In response to the data volume reaching the preset water level, an unready signal is output to the external data transmission bus, and the remaining inertial data output by the scalable encryption and decryption core module is received using the reserved space;

[0013] In response to the data volume being lower than the preset water level and the receive ready signal being high, the target key data is output to the external data transmission bus.

[0014] Furthermore, the key generation method also includes:

[0015] In response to the detection of bus congestion on the external data transmission bus, the slippage buffer initiates an inertial data absorption mechanism, and the scalable computing data path maintains normal operation to avoid pipeline blockage.

[0016] In response to the detection that the receive ready signal of the external data transmission bus is high, the slip buffer quickly empties the temporary data so that the cryptographic processing core system can resume operation.

[0017] Furthermore, the key generation method also includes:

[0018] In response to an externally triggered key update signal, the system acquires the initial update key data input from the external source and locks the input channel of the cryptographic processing core system.

[0019] The key expansion unit generates multiple update round keys corresponding to the scalable computing data path based on the initial update key data;

[0020] The scalable computing data path performs multi-level folding operations based on the counter block data and the update round key under preemptive release logic, according to the folding factor and the pipeline number, to generate intermediate update key data and ensure that the pipeline of the scalable computing data path is empty.

[0021] The bitwise XOR encryption / decryption module performs a bitwise XOR operation on the aligned plaintext data based on the intermediate update key data to generate the target update key data.

[0022] Furthermore, the intermediate key data is generated by the scalable computing data path performing multi-level folding operations based on the counter block data and the round key under preemptive release logic, according to the folding factor and pipeline number in the encryption operation parameters, including:

[0023] Each round function calculation unit in the scalable computing data path performs an encryption operation on the number of rounds corresponding to the folding factor based on the counter block data and the corresponding round key, to obtain the counter encryption result output by each round function calculation unit, so as to generate intermediate key data; the scalable computing data path includes a pipeline of round function calculation units;

[0024] In response to each round function calculation unit completing the encryption operation for the corresponding number of rounds, the output register state of the round function calculation unit is detected, and the input ready signal of the next-level round function calculation unit is detected.

[0025] Based on the output register state and the input ready signal, the output enable signal corresponding to the round function calculation unit is determined by the preemptive release judgment logic;

[0026] When the output enable signal is active, the round function calculation unit writes the encryption result into the output register and resets the busy state of this level to receive the counter encryption result from the previous round function calculation unit.

[0027] Furthermore, the step of each round function calculation unit in the scalable computing data path performing encryption operations on the round number corresponding to the folding factor based on the counter block data and the corresponding round key, to obtain the counter encryption result output by each round function calculation unit, in order to generate intermediate key data, includes:

[0028] Each round function calculation unit retrieves the target round key corresponding to that round function calculation unit from the round keys according to the corresponding index, based on the current stage sequence number and round counter value, through a multiplexer.

[0029] Based on the target round key and the counter encryption result output by the previous round function calculation unit, the time multiplexing of the encryption operation corresponding to the round number of the folding factor is performed by loop counting to obtain the counter encryption result output by the round function calculation unit.

[0030] The counter encryption result output by the final round function calculation unit is used as the intermediate key data.

[0031] Furthermore, the step of the data alignment module performing synchronous buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data includes:

[0032] The data alignment module determines the alignment depth value based on the pipeline number and sets the alignment depth value as the dwell clock cycle.

[0033] The plaintext data is continuously written to the data alignment module, and each plaintext data block in the plaintext data is retained according to the dwell clock cycle;

[0034] In response to the folding operation performed on the scalable computing data path, the plaintext data is aligned, and aligned plaintext data is output.

[0035] This application embodiment also provides a cryptographic processing core system, which includes a scalable encryption / decryption core module, a counter generator, a data alignment module, and a bitwise XOR encryption / decryption module; wherein, the scalable encryption / decryption core module includes a core control unit, a key expansion unit, and a scalable computation data path;

[0036] The core control unit is used to respond to received key generation requirement information, and determine the encryption configuration parameters corresponding to the cryptographic processing core system based on the key generation requirement information; wherein, the encryption configuration parameters include plaintext data, initial key data, counter configuration parameters, and encryption operation parameters;

[0037] The counter generator is used to generate automatically incrementing counter block data based on the counter configuration parameters.

[0038] The key expansion unit is used to generate multiple round keys corresponding to the scalable computing data path based on the initial key data;

[0039] The scalable computing data path is used to perform multi-level folding operations based on the counter block data and the round key, under the preemptive release logic, according to the folding factor and pipeline number in the encryption operation parameters, to generate intermediate key data.

[0040] The data alignment module is used to perform synchronous buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data.

[0041] The bitwise XOR encryption / decryption module is used to perform a bitwise XOR operation on the aligned plaintext data based on the intermediate key data to generate the target key data.

[0042] Furthermore, the cryptographic processing core system is also equipped with a slippage buffer; the slippage buffer is used for:

[0043] The system receives the intermediate key data generated by the scalable computing data path and the receive ready signal of the external data transmission bus, and detects in real time whether the amount of data corresponding to the intermediate key data is lower than a preset water level.

[0044] In response to the data volume reaching the preset water level, an unready signal is output to the external data transmission bus, and the remaining inertial data output by the scalable encryption and decryption core module is received using the reserved space;

[0045] In response to the data volume being lower than the preset water level and the receive ready signal being high, the target key data is output to the external data transmission bus.

[0046] Furthermore, the slippage buffer is also used for:

[0047] In response to the detection of bus congestion on the external data transmission bus, the slippage buffer initiates an inertial data absorption mechanism, and the scalable computing data path maintains normal operation to avoid pipeline blockage.

[0048] In response to the detection that the receive ready signal of the external data transmission bus is high, the slip buffer quickly empties the temporary data so that the cryptographic processing core system can resume operation.

[0049] This application also provides an electronic device, including: a processor, a memory, and a bus. The memory stores machine-readable instructions executable by the processor. When the electronic device is running, the processor communicates with the memory via the bus. When the machine-readable instructions are executed by the processor, the steps of the key generation method based on the scalable computing data path described above are performed.

[0050] This application also provides a computer-readable storage medium storing a computer program, which, when executed by a processor, performs the steps of the key generation method based on a scalable computing data path as described above.

[0051] This application provides a key generation method and a cryptographic processing core system based on a scalable computational data path. The key generation method is applied to the cryptographic processing core system, which includes a scalable encryption / decryption core module, a counter generator, a data alignment module, and a bitwise XOR encryption / decryption module. The scalable encryption / decryption core module includes a core control unit, a key expansion unit, and a scalable computational data path. The key generation method includes: the core control unit, in response to receiving input key generation request information, determining encryption configuration parameters corresponding to the cryptographic processing core system based on the key generation request information; wherein the encryption configuration parameters include plaintext data, initial key data, counter configuration parameters, and encryption operation parameters. The calculation parameters are as follows: the counter generator generates automatically incrementing counter block data based on the counter configuration parameters, and the key expansion unit generates multiple round keys corresponding to the scalable computing data path based on the initial key data; the scalable computing data path performs multi-level folding operations based on the counter block data and the round keys under preemptive release logic according to the folding factor and pipeline number in the encryption operation parameters to generate intermediate key data; the data alignment module performs synchronous buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data; the bitwise XOR encryption / decryption module performs bitwise XOR operation on the aligned plaintext data based on the intermediate key data to generate target key data.

[0052] Compared to existing methods that rely on fixed architecture designs, this approach, by employing a scalable computing data path as its core and combining key steps such as preemptive release logic, count generation, key expansion, data alignment, and bitwise XOR, while also incorporating slippage buffers for bus compatibility, optimizing round key retrieval rules, and designing an uninterrupted key update process, achieves the following technical effects: the computing path architecture can flexibly adapt to different PPA requirements; it eliminates inter-level performance bubbles to improve generation efficiency; it solves bus compatibility issues to avoid data loss and deadlock; it achieves uninterrupted key updates to ensure business continuity; and it improves data synchronization and round key matching accuracy to reduce error rates. This results in high performance, resource adaptation, accurate synchronization, and continuous reliability during key generation.

[0053] To make the above-mentioned objectives, features and advantages of this application more apparent and understandable, preferred embodiments are described below in detail with reference to the accompanying drawings. Attached Figure Description

[0054] To more clearly illustrate the technical solutions of the embodiments of this application, the accompanying drawings used in the embodiments will be briefly introduced below. It should be understood that the following drawings only show some embodiments of this application and should not be regarded as a limitation of the scope. For those skilled in the art, other related drawings can be obtained based on these drawings without creative effort.

[0055] Figure 1 This is one of the flowcharts for a key generation method based on a scalable computing data path provided in an embodiment of this application;

[0056] Figure 2 A second flowchart illustrating a key generation method based on a scalable computing data path provided in an embodiment of this application;

[0057] Figure 3 The third flowchart of a key generation method based on a scalable computing data path provided in the embodiments of this application;

[0058] Figure 4 This is one of the structural schematic diagrams of a cryptographic processing core system provided in an embodiment of this application;

[0059] Figure 5 This is a second schematic diagram of the structure of a cryptographic processing core system provided in an embodiment of this application;

[0060] Figure 6 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. Detailed Implementation

[0061] To make the objectives, technical solutions, and advantages of the embodiments of this application clearer, the technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments. The components of the embodiments of this application described and shown in the accompanying drawings can generally be arranged and designed in various different configurations. Therefore, the following detailed description of the embodiments of this application provided in the accompanying drawings is not intended to limit the scope of the claimed application, but merely represents selected embodiments of this application. Based on the embodiments of this application, every other embodiment obtained by those skilled in the art without inventive effort falls within the scope of protection of this application.

[0062] Research has shown that key generation is a core and fundamental step in cryptographic encryption systems. Its generation efficiency, security, resource adaptability, and operational continuity directly determine the overall performance and application reliability of the entire encryption system. In practical engineering applications of mainstream block cipher algorithms such as SM4, key generation typically requires the use of a counter mode (CTR) to generate a pseudo-random key stream. Then, a bitwise XOR operation is performed between the pseudo-random key stream and the plaintext data to obtain the final usable target key or encrypted ciphertext. This technical solution is widely used in various data security transmission and storage scenarios, such as high-speed encryption in data centers, low-power encryption in IoT terminals, and real-time encryption in industrial control.

[0063] Most existing key generation methods rely on fixed architecture computing path design, which lacks flexibility and adaptability, making it difficult to meet the PPA (performance, power consumption, area) balance requirements in different scenarios. They also have obvious technical defects in terms of operation continuity, data synchronization accuracy, and bus compatibility, as detailed below.

[0064] Fixed computational pathway architecture and poor PPA adaptability: Traditional key generation computational pathways often employ a single architecture design with a fixed pipeline or fixed iteration, which cannot flexibly adjust computational performance and hardware resource consumption according to the needs of actual application scenarios. For example, a fully pipelined architecture designed to pursue high-speed key generation performance will lead to a significant increase in hardware area and power consumption, making it unsuitable for resource-constrained scenarios such as IoT terminals; while a fully iterative architecture designed to save hardware resources will result in an excessively low key generation rate, making it difficult to meet the needs of scenarios with high encryption throughput requirements, such as data centers, resulting in extremely poor versatility.

[0065] Performance bubbles exist in inter-stage operations, resulting in low generation efficiency: In pipelined operation path design, a strict handshake mechanism is usually adopted between each operation unit. That is, the upper-level operation unit must wait for the downstream operation unit to send a ready signal before it can transmit the operation result. This leads to obvious waiting delays between stages (known in the industry as "performance bubbles"), which makes it impossible to achieve full cycle utilization of the operation path. This severely restricts the overall rate of key generation and makes it difficult to meet the needs of high-speed encryption scenarios.

[0066] Poor bus compatibility can easily lead to data loss or system deadlock: The key generation core module's computational output has high inertia characteristics, while the handshake mechanism of external standard data transmission buses (e.g., AXI4-Stream, SPI, EtherCAT, etc.) is incompatible with the core output characteristics. When the external bus becomes congested due to data blockage, terminal failure, or other reasons, the inertial key data output by the key generation core cannot be effectively received, easily leading to data loss, computational path blockage, or even system deadlock, severely affecting the continuity of key generation.

[0067] Key updates require service interruptions, making it difficult to balance security and continuity: Traditional key update methods generally employ a "stop and reload" approach. During the update process, all key generation operations must be paused, the computation pipeline emptied, and then a new initial key reloaded to generate a new round key. This entire process interrupts key generation, making it unsuitable for scenarios requiring continuous key generation, such as real-time video streaming and industrial control data encryption. Furthermore, frequent downtime increases system security risks and reduces the operational stability of the encryption system.

[0068] Insufficient data synchronization accuracy and high key generation error rate: Plaintext data and intermediate key data generated by computation are prone to misalignment in time sequence. The main reason is that there is an inherent delay in the computation path, and traditional synchronization logic cannot adapt to the delay changes according to the architecture of the computation path. This leads to errors in subsequent bitwise XOR operations, invalidating the generated target key and seriously affecting the reliability of the encryption system.

[0069] Low round key matching accuracy and poor computational reliability: When each level of the computational unit in the computational path retrieves the round key, there is a lack of unified and accurate indexing rules, which can easily lead to round key index misalignment, resulting in abnormal encryption operations. This in turn affects the correctness of intermediate key data, ultimately causing the target key generation to fail and reducing the computational reliability of the entire key generation method.

[0070] Based on this, the embodiments of this application provide a key generation method based on a scalable computing data path. By adopting a scalable computing data path as the core, and combining key steps such as preemptive release logic, count generation, key expansion, data alignment, and bitwise XOR, while adapting to slippage buffers to achieve bus compatibility, optimizing round key retrieval rules, and designing an uninterrupted key update process, the method achieves the following technical effects: the computing path architecture can flexibly adapt to different PPA requirements, eliminate inter-level performance bubbles to improve generation efficiency, solve bus compatibility problems to avoid data loss and deadlock, achieve uninterrupted key updates to ensure business continuity, and improve data synchronization and round key matching accuracy to reduce error rate. This results in high performance, resource adaptation, accurate synchronization, and continuous reliability in key generation.

[0071] Please see Figure 1 , Figure 1 This is one of the flowcharts for a key generation method based on a scalable computing data path provided in an embodiment of this application. For example... Figure 1 As shown in the embodiments of this application, the key generation method based on a scalable computing data path is typically applied to core cryptographic processing systems.

[0072] In this embodiment of the application, the cryptographic processing core system is provided with a scalable encryption / decryption core module, a counter generator, a data alignment module, and a bitwise XOR encryption / decryption module.

[0073] Here, the cryptographic processing core system is the application carrier of the key generation method described in the embodiments of this application. It is the core hardware cluster that realizes key generation, data encryption and decryption and related control functions. It has built-in scalable encryption and decryption core module, counter generator, data alignment module and bitwise XOR encryption and decryption module. In addition, a slippage buffer can be selectively configured according to the actual application scenario requirements. It can flexibly configure various operation parameters according to the PPA target of different scenarios to adapt to different resource constraints and performance requirements.

[0074] The counter generator is an auxiliary operation module of the core cryptographic processing system. It is mainly responsible for generating an automatically incrementing 128-bit counter block data based on the counter configuration parameters (including a 96-bit Nonce and a 32-bit initial counter) input from external input, in accordance with the requirements of CTR mode. This data serves as the initial operation input for the scalable operation data path, providing the basic operation carrier for the generation of intermediate key data.

[0075] The data alignment module is used to synchronize the timing of plaintext data and intermediate key data. Essentially, it is a data alignment FIFO (First-In-First-Out buffer). Its core working principle is to determine the corresponding alignment depth value (usually S+1) based on the pipeline number (S) of the scalable computing data path, and set this alignment depth value as the dwell clock cycle of the plaintext data. By caching the plaintext data for S+1 clock cycles, it compensates for the inherent computing delay of the scalable computing data path, ensuring that the plaintext data and intermediate key data can arrive at the bitwise XOR encryption / decryption module synchronously, avoiding computing errors caused by timing misalignment.

[0076] The bitwise XOR encryption / decryption module is the core module responsible for generating the final target key data. Its core operation logic is to perform a bitwise XOR operation on the intermediate key data (pseudo-random key stream) output by the scalable operation data path and the aligned plaintext data output by the data alignment module. In encryption mode, the output of this module is the target key data (or the final encrypted ciphertext). Its operation logic is simple, has no performance loss, and can realize the reuse of encryption and decryption logic, reducing hardware resource overhead.

[0077] The scalable encryption / decryption core module includes a core control unit, a key expansion unit, and a scalable computation data path.

[0078] Here, the scalable encryption / decryption core module is the core computing module of the cryptographic processing core system. It is mainly responsible for core operations such as round key generation and intermediate key data operation generation. Internally, it integrates a core control unit, a key expansion unit, and a scalable computing data path. It is the core carrier for realizing scalable computing path and preemptive release of data between levels, and directly determines the efficiency and flexibility of key generation.

[0079] The core control unit is the central control hub of the scalable encryption and decryption core module. It is mainly responsible for receiving key generation requirement information from external input, parsing and configuring various encryption parameters, coordinating the collaborative work of various units within the scalable encryption and decryption core module and other modules of the cryptographic processing core system, triggering the key update process, and handling abnormal scenarios such as bus congestion, so as to ensure that the entire key generation process proceeds in an orderly and stable manner.

[0080] The key expansion unit is specifically responsible for expanding the initial key data (or the initial updated key data when updating the key) according to the SM4 national standard, generating multiple round keys required to complete 32 rounds of SM4 encryption operations on a scalable computing data path. It supports two expansion methods: centralized (pre-compute and store all round keys, suitable for high-performance scenarios) and distributed (generate the required round keys in real time, suitable for low-resource scenarios). The method can be flexibly selected according to different resource constraints, improving the adaptability of the method.

[0081] The scalable computing data path is the core innovative component of this application's embodiments. It is the core computing carrier for realizing multi-level folding operations and improving key generation efficiency. It consists of cascaded round function computing units of pipeline number (S). Each round function computing unit can reuse its own computing logic and complete the corresponding round of SM4 encryption operation according to the preset folding factor (G), strictly satisfying the relationship "G×S=32" (ensuring that the 32 rounds of complete encryption operation required by the SM4 algorithm are covered). By flexibly configuring the folding factor G and the pipeline number S, any architecture can be realized from a full pipeline (G=1, S=32, high performance, high resources) to a full iteration (G=32, S=1, low resources, low power consumption), perfectly adapting to the PPA requirements of different scenarios.

[0082] Among them, the round function calculation unit is the basic operation unit of the scalable operation data path. Each unit integrates a round counter, complete SM4 round operation logic (including S-box, linear transformation, round key addition module) and output register. It is mainly responsible for receiving the operation data (or initial counter block data) input from the previous level, performing SM4 encryption operation for the specified round, generating the counter encryption result, and passing the result to the next level round function calculation unit. It is the specific execution carrier of the folding operation.

[0083] like Figure 1 As shown, the key generation method includes:

[0084] S101. In response to receiving the input key generation requirement information, determine the encryption configuration parameters corresponding to the cryptographic processing core system based on the key generation requirement information.

[0085] The encryption configuration parameters include plaintext data, initial key data, counter configuration parameters, and encryption operation parameters, all of which comply with the SM4 national standard and CTR mode requirements.

[0086] Here, the encryption configuration parameters are the core set of configuration parameters in the key generation process, which directly determine the performance, security and adaptability of key generation.

[0087] The plaintext data is the original data to be encrypted, with a standard bit width of 128 bits. The initial key data (128 bits, the base key for generating round keys, allocated by an external key management system), the counter configuration parameters include a 96-bit Nonce and a 32-bit initial counter, used to generate automatically incrementing counter block data, and the encryption operation parameters include the folding factor G and the pipeline number S, which satisfy "G×S=32", used to configure the architecture of the scalable operation data path.

[0088] In this step, in specific implementation, in response to receiving key generation requirement information from external input, the core control unit parses the requirement information and determines the complete set of encryption configuration parameters corresponding to the cryptographic processing core system based on the performance requirements, resource constraints, encryption modes, and other contents contained in the requirement information.

[0089] Among them, the key generation requirement information is a set of instructions and related parameters input from external devices (such as key management systems, MCUs, etc.) to trigger the key generation process. It usually includes information such as key generation trigger signals, encryption modes, performance requirements, and resource constraints, which are used to trigger the key generation process and provide the core basis for configuring encryption parameters.

[0090] In this embodiment, the core purpose of this step is to trigger the entire key generation process, clarify all the core parameters required in the key generation process, and provide clear parameter support for subsequent steps such as counter block data generation, round key generation, folding operation, and bitwise XOR operation, so as to ensure that the key generation process proceeds in an orderly and accurate manner. At the same time, by flexibly configuring encryption operation parameters (folding factor G, pipeline number S), the operation path architecture can be flexibly adjusted to adapt to the PPA requirements of different scenarios and improve the versatility of the method.

[0091] In this way, the response delay for parameter determination does not exceed one clock cycle, resulting in a fast response speed and enabling rapid triggering of the key generation process. Encryption operation parameters can be flexibly configured according to key generation requirements, supporting any architecture from full pipeline (G=1, S=32) to full iteration (G=32, S=1). One method can cover various scenarios such as data centers, IoT terminals, and industrial control without refactoring the operation logic, significantly improving the method's versatility and adaptability. The parameter configuration accuracy is high, with no parameter omissions or configuration errors, providing a reliable parameter foundation for the stable execution of subsequent steps and ensuring the stability of the key generation process.

[0092] S102. The counter generator generates automatically incrementing counter block data based on the counter configuration parameters, and the key expansion unit generates multiple round keys corresponding to the scalable computing data path based on the initial key data.

[0093] Here, the round key is the core computational parameter in the key generation process. The 128-bit initial key data (or initial update key data) is expanded by the key expansion unit according to the SM4 specification to generate a total of 32 32-bit round keys, which correspond to the 32 rounds of encryption operations of the SM4 algorithm.

[0094] Each round function calculation unit retrieves the round key for computation based on its own sequence number and the current round, according to the corresponding index. The indexing rule is uniformly "i×G+g", where i is the sequence number of the round function calculation unit and g is the round counter value, ensuring accurate matching of the round key.

[0095] In this step, the counter generator generates an automatically incrementing 128-bit counter block data (CTR_Block) based on the 96-bit Nonce parameter and the 32-bit initial counter in the counter configuration parameters, strictly following the preset counter (CTR) mode rules.

[0096] Furthermore, the key expansion unit operates based on 128-bit initial key data, performs key expansion processing in accordance with the SM4 specification, and generates multiple round keys required for 32 rounds of SM4 encryption operations to be completed by a scalable computing data path. The number of round keys is precisely matched with the architecture configuration of the computing path (folding factor G, pipeline number S).

[0097] In this embodiment of the application, the core purpose of this step is to provide two indispensable core inputs for the folding operation of the scalable computing data path, so as to ensure that the subsequent encryption operation is legal and accurate.

[0098] Among them, the counter block data serves as the initial computational carrier for the folding operation, providing the original input for the generation of intermediate key data (pseudo-random key stream), and is the basis for the generation of pseudo-random key stream in CTR mode; the round key, as the core parameter of SM4 encryption operation, provides key support for each of the 32 rounds of encryption operation, ensuring that the folding operation fully complies with the SM4 specification and CTR mode requirements, and guaranteeing the legality and correctness of the intermediate key data.

[0099] In this way, the generation rate of counter block data perfectly matches the input rate of plaintext data, reaching up to 1 packet / cycle. The generated data is free of duplication and distortion, fully meeting the basic requirements of CTR mode for pseudo-random key stream generation. The generation time of round keys is no more than 32 clock cycles, which is highly efficient. It supports two expansion methods: centralized (pre-compute and store all round keys to adapt to high-performance scenarios) and distributed (generate the required round keys in real time to adapt to low-resource scenarios), which can be flexibly selected according to the scenario. The latency of round key storage and retrieval is low, enabling fast retrieval. The generation accuracy is high, with no missing, incorrect, or misaligned index issues, providing reliable support for the accurate execution of subsequent folding operations.

[0100] S103. The scalable computing data path performs multi-level folding operations based on the counter block data and the round key under the preemptive release logic, according to the folding factor and pipeline number in the encryption operation parameters, to generate intermediate key data. The data alignment module performs synchronous buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data.

[0101] In this step, after the counter block data and round key are generated, the scalable computing data path, based on the counter block data and round key, and under the control of the preemptive release logic, strictly follows the folding factor and pipeline number in the encryption operation parameters to perform multi-level folding operations, completing 32 rounds of SM4 encryption operations to generate intermediate key data. Simultaneously with the scalable computing data path triggering the operation, the data alignment module, based on the pipeline number of the scalable computing data path, determines the alignment depth value and dwell clock period, and performs synchronous buffering alignment processing on the externally input plaintext data to compensate for the inherent delay of the computing path, obtaining aligned plaintext data that is time-synchronized with the intermediate key data.

[0102] Here, the preemptive release logic is the core control logic for resolving performance bubbles between stages in the scalable computing data path. Its core decision rule is to "generate the output enable signal of this stage based on the output register state of the current stage round function calculation unit and the input ready signal of the next stage round function calculation unit." Unlike the traditional handshake mechanism, after the current stage round function calculation unit completes its calculation, it can release the calculation result according to the decision rule without waiting for the downstream unit to be ready, thus achieving full cycle utilization of the computing path and completely eliminating performance bubbles between stages.

[0103] The folding factor G specifically refers to the number of SM4 encryption rounds completed by each round function computation unit using the same set of computational logic. Its value ranges from 1 to 32, and its value is positively correlated with resource overhead and computation cycle: the larger G is, the longer the computation cycle of each round function computation unit and the smaller the required hardware resource overhead, which is suitable for low-resource scenarios; the smaller G is, the shorter the computation cycle of each round function computation unit and the higher the key generation rate, which is suitable for high-performance scenarios.

[0104] The pipeline number S specifically refers to the number of cascaded round function computation units in the scalable computing data path, with a value ranging from 1 to 32. It strictly satisfies the relationship "G×S=32" with the folding factor G. Its value is positively correlated with parallelism and key generation rate: the larger S is, the higher the parallelism of the computing path and the faster the key generation rate, which is suitable for high-performance scenarios; the smaller S is, the lower the parallelism and the lower the resource overhead, which is suitable for low-resource scenarios.

[0105] In the embodiments of this application, the core objectives of this step include: first, eliminating inter-stage performance bubbles in the scalable computing data path, achieving full cycle utilization of the computing path, ensuring the rapid completion of 32 rounds of complete encryption operations on the counter block data, and generating compliant intermediate key data; second, achieving precise timing synchronization between plaintext data and intermediate key data, avoiding timing misalignment in subsequent bitwise XOR operations, ensuring the correctness of target key data generation, and improving the reliability of key generation.

[0106] Thus, with an architecture configuration where the folding factor is greater than 1, the folding operation cycle is compressed to the theoretical limit of G clock cycles. After steady-state operation, one intermediate key data can be generated every G clock cycles, and the key generation rate reaches the theoretical limit. The preemptive release logic completely eliminates the inter-stage performance bubbles of the traditional pipeline, significantly improving the key generation rate compared to the traditional full handshake architecture. The data alignment module achieves precise timing synchronization based on the pipeline stage S, with a timing deviation of almost 0 and no synchronization errors, providing a precise synchronized data foundation for subsequent bitwise XOR operations and ensuring the correctness of the XOR operation.

[0107] Here, the intermediate key data is the output of the scalable computing data path after completing 32 rounds of full SM4 encryption operations on the counter block data. Its essence is a pseudo-random key stream that meets the requirements of CTR mode. It is the core input for generating the target key data. After performing an XOR operation with the aligned plaintext data output by the data alignment module, the final target key data can be obtained.

[0108] The aligned plaintext data is the plaintext data obtained by the data alignment module after performing synchronous buffering alignment on the externally input plaintext data. Its timing is completely synchronized with the intermediate key data, ensuring that the bitwise XOR encryption and decryption module can accurately perform the XOR operation and avoid errors in the target key data due to timing misalignment.

[0109] In one possible implementation of this application, in specific implementation, the step S103, in which the scalable computing data path performs multi-level folding operations based on the counter block data and the round key under preemptive release logic according to the folding factor and pipeline number in the encryption operation parameters to generate intermediate key data, may include:

[0110] S1031. Each round function calculation unit in the scalable computing data path performs encryption operation on the number of rounds corresponding to the folding factor based on the counter block data and the corresponding round key, to obtain the counter encryption result output by each round function calculation unit, so as to generate intermediate key data.

[0111] The scalable computational data path includes a pipeline of round function calculation units.

[0112] In step S1031, the preemptive release inter-level decoupling logic is implemented in the folding operation through the following steps:

[0113] S1031A: In response to each round function calculation unit completing the encryption operation for the corresponding number of rounds, the output register status of the round function calculation unit is detected, and the input ready signal of the next-level round function calculation unit is detected.

[0114] S1031B: Based on the output register state and the input ready signal, the output enable signal corresponding to the round function calculation unit is determined by the preemptive release judgment logic.

[0115] S1031C. When the output enable signal is active, the round function calculation unit writes the encryption result into the output register and resets the busy state of this level to receive the counter encryption result from the previous round function calculation unit.

[0116] In this step, the scalable computation data path consists of cascaded pipelined (S) round function computation units. Each round function computation unit corresponds to a fixed sequence number. Based on its own sequence number, each round function computation unit retrieves the corresponding round key, combines it with the received counter block data (or the counter encryption result output by the previous stage), and performs SM4 encryption operation corresponding to the number of rounds of the folding factor (G) to obtain the counter encryption result output by each round function computation unit. All round function computation units work together to complete 32 rounds of encryption operation, and finally generate intermediate key data.

[0117] Each round function calculation unit, after completing its corresponding G-round encryption operation, does not wait for the ready signal of the next level unit. Instead, it immediately checks the status of its own output register (valid_out, valid is 1, indicating that the output register is empty; invalid is 0, indicating that the output register has stored data). At the same time, it checks the input ready signal of the next level round function calculation unit (ready_in, ready is 1, indicating that the next level unit can receive data; busy is 0, indicating that the next level unit cannot receive data at the moment).

[0118] Furthermore, based on the detected output register state (valid_out) and the next-level input ready signal (ready_in), the output enable signal (out_en) corresponding to the round function calculation unit is determined through preemptive release judgment logic. The output enable signal is used to control the transmission of the calculation result.

[0119] Furthermore, when the output enable signal (out_en) is in a valid state (out_en=1), the round function calculation unit writes the counter encryption result it generates into the output register, and at the same time resets the busy state of this level (Busy=0), so that it can receive the new counter encryption result output by the previous round function calculation unit, and realize the continuous advancement of the operation.

[0120] In this embodiment of the application, this step refines the specific execution process of the folding operation, clarifies the judgment rules and execution method of the preemptive release logic, completely eliminates the inter-level performance bubbles in the scalable computing data path, ensures the full cycle utilization of the computing path, and improves the key generation efficiency, which is the key to realizing high-performance computing in the scalable computing data path.

[0121] As an example of steps S1031A to S1031C, assuming that in an industrial control scenario, based on the requirements of real-time performance and resource balance, the scalable computing data path is configured with G=4 and S=8 (i.e., 8 round function calculation units are cascaded, and each round function calculation unit completes 4 rounds of SM4 encrypted computation), the specific execution process of the folding computation and preemptive release logic includes:

[0122] The scalable computing data path includes 8 round function computing units, labeled Stage 0 to Stage 7 (Stage 0 is the first stage, and Stage 7 is the last stage). Each round function computing unit has a built-in round counter (counting range 0 to 3, corresponding to folding factor G=4), complete SM4 round operation logic (S-box, linear transformation, round key addition module) and output register. The round key bus has 32 round keys generated in advance by the key expansion unit, waiting for each round function computing unit to retrieve them.

[0123] The 128-bit counter block data generated by the counter generator is first input to Stage 0 (the first round function calculation unit). Based on the initial counter block data and its corresponding four round keys (retrieved according to the indexing rules), Stage 0 completes four rounds of SM4 encryption operations within four clock cycles to obtain the counter encryption result. At the same time, the seven round function calculation units from Stage 1 to Stage 7 are synchronously in a waiting state, ready to receive the counter encryption result output from the previous stage.

[0124] After Stage 0 completes 4 rounds of encryption operations, it immediately checks the status of its own output register (valid_out) and the input ready signal (ready_in) of the next stage Stage 1. At this time, Stage 1 is in a waiting state, ready_in=1, and the output register of Stage 0 is empty, valid_out=1.

[0125] The output enable signal `out_en` is determined based on preemptive release logic. Its core rule is: "If the next stage's `ready_in` is 1 (downstream ready), `out_en` is generated as 1 regardless of whether the current stage's `valid_out` is 1; if the next stage's `ready_in` is 0 (downstream busy), `out_en` is generated as 1 only when the current stage's `valid_out` is 0 (output register empty)." In this embodiment, Stage 1's `ready_in` is 1, therefore Stage 0's `out_en` is 1 (valid).

[0126] When out_en=1 (valid), Stage 0 writes the generated counter encryption result to its own output register and resets the busy state of this stage (Busy=0) to prepare to receive the next counter block data; at the same time, the output register passes the counter encryption result to Stage 1, and Stage 1 immediately starts the encryption operation.

[0127] After receiving the counter encryption result from Stage 0, Stage 1 immediately starts 4 rounds of SM4 encryption operation. After the operation is completed, the above steps are repeated: the status of its own output register and the input ready signal of Stage 2 are checked, out_en is generated based on the preemptive release judgment logic, and the operation result is passed to Stage 2. In this way, Stage 2 to Stage 6 execute the same logic in sequence until Stage 7 (the final round function calculation unit) completes 4 rounds of encryption operation.

[0128] After Stage 7 completes 4 rounds of encryption operations, the output counter encryption result is the intermediate key data. Throughout the process, 8 round function calculation units run in parallel, and one intermediate key data is generated every 4 clock cycles. There are no waiting bubbles between any stages, and the cycle utilization rate of the operation path reaches 100%, which greatly improves the key generation efficiency.

[0129] In the above implementation example, the combination of folding operation and preemptive release logic completely eliminates the inter-stage performance bubbles of traditional pipelines, resulting in low encryption latency and fully meeting the real-time requirements of industrial control scenarios.

[0130] In one possible implementation of this application, step S1031 may include:

[0131] S10311. Each round function calculation unit, based on the current stage number and round counter value, retrieves the target round key corresponding to that round function calculation unit from the round keys according to the corresponding index through a multiplexer.

[0132] In this step, each round function calculation unit has a built-in multiplexer and round counter. The counting range of the round counter is 0 to G-1 (G is the folding factor). Based on its current stage number (i) and the current value of the round counter (g), each round function calculation unit retrieves the target round key corresponding to the current round of the round function calculation unit in the round key bus according to the unified indexing rule "i×G+g" through the multiplexer, ensuring that the round key and the operation round are accurately matched.

[0133] S10312. Based on the target round key and the counter encryption result output by the previous round function calculation unit, the time multiplexing of the encryption operation corresponding to the round number of the folding factor is performed by cyclic counting to obtain the counter encryption result output by the round function calculation unit.

[0134] In this step, based on the target round key and the counter encryption result output by the previous round function calculation unit (the first unit is based on the initial counter block data), the encryption operation corresponding to the number of rounds of the folding factor (G) is performed through the cyclic counting of the round counter, realizing the time reuse of the operation logic (that is, the same set of operation logic is used G times in a loop to complete G rounds of encryption operation), and finally the counter encryption result output by the round function calculation unit is obtained.

[0135] S10313. The counter encryption result output by the final round function calculation unit is determined as the intermediate key data.

[0136] In this step, after all round function calculation units work together to complete 32 rounds of encryption operations, the counter encryption result output by the last round function calculation unit is the intermediate key data, thus completing the generation of the intermediate key data.

[0137] In this embodiment of the application, the core purpose of this step is to refine the operation logic of the round function calculation unit, clarify the precise retrieval rules of the round key and the time reuse mechanism of the operation logic, ensure that the round key and the operation round are accurately matched, avoid the operation error caused by the misalignment of the round key index, and at the same time, through the time reuse mechanism, complete multiple rounds of encryption operation without increasing hardware resources, reduce hardware resource overhead, and improve the reliability and resource adaptability of the method.

[0138] As an example of steps S10311 to S10313, assuming a scalable computing data path configuration in a data center scenario is G=1, S=32 (32 round function computation units cascaded, each unit completes one round of SM4 encryption computation, in a fully pipelined mode), the specific implementation process of round key retrieval and time multiplexing includes:

[0139] The scalable computing data path consists of 32 cascaded round function computing units, labeled Stage 0 to Stage 31 (Stage 0 is the first stage, and Stage 31 is the last stage). Each round function computing unit has a built-in multiplexer, a round counter (since G=1, the round counter counts within the range of 0, i.e., a fixed count of 0), and complete SM4 round operation logic (S-box, linear transformation, round key addition module). Each unit is only responsible for completing one round of SM4 encryption operation, perfectly adapting to the requirements of a fully pipelined high-performance architecture.

[0140] The key expansion unit adopts a centralized expansion method (preferred for high-performance scenarios in data centers, pre-computes and stores all round keys to enable fast retrieval of round keys). Based on the 128-bit initial key data input from the outside, it expands and generates 32 32-bit round keys according to the SM4 specification, which are marked as round key 0 to round key 31. All round keys are stored in the round key bus and wait for each round function calculation unit to retrieve them according to the rules.

[0141] Each round function computation unit (Stage 0 to Stage 31) uses its own stage number i (0≤i≤31) and the current value g of the round counter (fixed to 0) to accurately retrieve the corresponding round key i in the round key bus according to the index rule "i×G+g = i×1+0 = i" through the built-in multiplexer (e.g., Stage 0 retrieves round key 0, Stage 1 retrieves round key 1, and so on, Stage 31 retrieves round key 31). This ensures that the computation round of each round function computation unit is accurately matched with the round key, without any index misalignment issues.

[0142] Since the folding factor G is 1, each round function calculation unit only needs to complete one round of SM4 encryption operation. The operation logic does not need to be reused cyclically. The time reuse mechanism is reflected in "fast execution of single round operation and parallel advancement of multiple units": After receiving the initial counter block data, Stage 0 completes one round of SM4 encryption operation within one clock cycle and passes the operation result to Stage 1 through preemptive release logic; Stage 1 synchronously receives the operation result and performs one round of encryption operation, which is then passed to subsequent units until Stage 31 completes the last round of encryption operation and outputs the intermediate key data.

[0143] Under this architecture, 32 round function computation units run in parallel at full speed, generating one intermediate key data every one clock cycle, achieving a key generation rate of 1 packet / cycle, perfectly matching the high throughput requirements of data centers. The round key retrieval latency is 0, and the retrieval accuracy reaches 100%, with no computational anomalies caused by round key misalignment. At the same time, the single-round computation logic is simple. Although the hardware resources are higher than those of the iterative architecture, the full pipelined parallel design maximizes performance, which is highly compatible with the high-performance, high-throughput PPA requirements of data centers. This fully verifies the feasibility and efficiency of the round key retrieval rules and time reuse mechanism.

[0144] In one possible implementation of this application, in specific implementation, the step S103 in which the data alignment module performs synchronous buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data may include:

[0145] S1032. The data alignment module determines the alignment depth value based on the pipeline number and sets the alignment depth value as the dwell clock cycle.

[0146] In this step, the data alignment module is essentially a data alignment FIFO (First-In-First-Out buffer). The core control logic is deeply bound to the pipeline number (S) of the scalable computing data path. First, the data alignment module obtains the pipeline number (S) configuration parameters issued by the core control unit in real time. Based on the preset alignment depth calculation formula "alignment depth value = S + 1", it determines the buffer depth required for plaintext data under the current architecture. The core basis of this formula is that "the pipeline number S determines the inherent latency of the computing path. One extra buffer bit is reserved to ensure complete compensation for latency and avoid timing deviations".

[0147] S1033. The plaintext data is continuously written to the data alignment module, and each plaintext data block in the plaintext data is retained according to the dwell clock cycle.

[0148] In this step, the data alignment module synchronously sets the calculated alignment depth value to the dwell clock period of the plaintext data. That is, after the externally input 128-bit plaintext data enters the data alignment FIFO, it needs to stay in the buffer for (S+1) clock cycles. During this period, no data output is performed, and only buffer storage is completed to compensate for the inherent delay of the scalable computing data path completing 32 rounds of folding operations.

[0149] S1034. In response to the folding operation performed on the scalable computing data path, the plaintext data is aligned and the aligned plaintext data is output.

[0150] In this step, the data alignment module synchronizes the operation status of the scalable computing data path in real time. When the scalable computing data path outputs the first set of intermediate key data, it immediately starts the output process of aligned plaintext data. In the first-in-first-out order, the plaintext data after buffering for (S+1) clock cycles is used as aligned plaintext data and output to the bitwise XOR encryption and decryption module.

[0151] Furthermore, the above steps are repeated for each subsequent set of plaintext data to ensure that each set of aligned plaintext data and its corresponding intermediate key data can arrive at the bitwise XOR encryption / decryption module synchronously, achieving complete timing synchronization. At the same time, the data alignment module detects the plaintext data input rate and the intermediate key data generation rate in real time. If a rate mismatch occurs, the buffering rhythm is automatically adjusted to avoid buffer overflow or data gaps.

[0152] In this embodiment of the application, the core purpose of this step is to refine the timing synchronization implementation logic of the data alignment module, clarify the calculation rules and buffer operation process of the alignment depth, and completely solve the timing misalignment problem between plaintext data and intermediate key data through precise delay compensation, ensure the correctness of subsequent bitwise XOR operations, improve the reliability of target key data generation, adapt to scalable operation data paths with different architecture forms (different S values), and improve the adaptability of the method.

[0153] S104. The bitwise XOR encryption / decryption module performs a bitwise XOR operation on the aligned plaintext data based on the intermediate key data to generate the target key data.

[0154] Here, the target key data is the final output, which is generated by the bitwise XOR encryption / decryption module based on the intermediate key data and the aligned plaintext data through a bitwise XOR operation. It can be directly used for subsequent encryption and decryption operations of various types of data, or transmitted and stored as encrypted ciphertext. Its security and effectiveness fully comply with the SM4 specification.

[0155] In this step, after the intermediate key data and aligned plaintext data are generated, the bitwise XOR encryption / decryption module receives these two data and performs a bitwise XOR operation on the intermediate key data and aligned plaintext data according to the SM4-CTR mode specification to complete the generation of the final target key data. The generated target key data can be directly output for subsequent data encryption / decryption operations.

[0156] Here, the core objective of this step is to follow the SM4-CTR mode specification, complete the core operations between the intermediate key data and the aligned plaintext data, generate the final usable target key data, and achieve a closed loop in the entire key generation process. Simultaneously, by leveraging the characteristics of XOR operations, encryption and decryption logic can be reused (encryption and decryption use the same XOR logic, requiring only key switching), reducing hardware resource overhead and improving the method's resource adaptability.

[0157] Optional, please refer to Figure 2 , Figure 2 This is a second flowchart illustrating a key generation method based on a scalable computing data path provided in this application embodiment. The cryptographic processing core system also includes a slip buffer, which can be optionally equipped with a bus adaptation module according to scenario requirements. The slip buffer is primarily used to achieve high-inertia output of the scalable computing data path and adapt to the external standard data transmission bus. Internally, it integrates reserved storage space and a preset water level. Its core function is to absorb the inertial key data output by the computing core, avoiding data loss and system deadlock when the external bus is congested. Simultaneously, it completes the conversion between the computing core output logic and the external bus protocol, improving the system's bus compatibility.

[0158] like Figure 2 As shown in the figure, the key generation method based on a scalable computing data path provided in this application embodiment includes steps S105 to S109 in addition to steps S101 to S104:

[0159] S105. The slip buffer receives the intermediate key data generated by the scalable computing data path and the receive ready signal of the external data transmission bus, and detects in real time whether the amount of data corresponding to the intermediate key data is lower than the preset water level.

[0160] S106. In response to the data volume reaching the preset water level, an unready signal is output to the external data transmission bus, and the remaining inertial data output by the scalable encryption and decryption core module is received using the reserved space.

[0161] Here, the data volume reaching the preset water level indicates that the cache space is about to be exhausted; the remaining inertial data continuously output by the scalable encryption and decryption core module indicates that the scalable computing path is still generating data when the bus is congested.

[0162] S107. In response to the data volume being lower than the preset water level and the receiving ready signal being high, the target key data is output to the external data transmission bus.

[0163] Here, the amount of data in the slip buffer is lower than the preset water level, indicating that the buffer space is sufficient. The detection of a high level of the receive ready signal of the external data transmission bus indicates that the external bus is ready to receive data. The slip buffer immediately outputs the target key data to the external data transmission bus, realizing seamless data transmission.

[0164] For example, suppose a large data center needs to encrypt massive amounts of data transmitted across the backbone network of different data centers in real time. To ensure that key data can be transmitted quickly and securely to the encryption terminal, the core cryptographic processing system is equipped with a slippage buffer. The specific implementation process includes:

[0165] After the system starts up, the scalable computing data path continuously generates intermediate key data at a rate of 1GHz, the bitwise XOR encryption and decryption module synchronously generates target key data, the slip buffer receives target key data in real time, and continuously detects the receive ready signal (bus_ready) sent by the external AXI4-Stream bus, while monitoring the amount of data in its own buffer.

[0166] When the external AXI4-Stream bus is working normally (bus_ready=1, meaning the external bus is ready to receive data), and the amount of target key data in the slip buffer is ≤6 (below the preset water level, with sufficient buffer space), the slip buffer directly outputs the target key data to the outside through the AXI4-Stream bus without any buffering delay. The output rate is completely consistent with the key generation rate, reaching 12.8 Gbps (1GHz×128bit), which meets the high-speed transmission requirements of the data center.

[0167] When data congestion occurs in the cross-data center backbone network, causing a brief congestion on the external AXI4-Stream bus (bus_ready=0, meaning the external bus cannot receive data), the amount of target key data in the slip buffer will increase rapidly. When the data amount reaches 6 (the preset water level), the slip buffer immediately outputs a Not Ready signal to the external bus, informing the external bus that it cannot receive data temporarily. At the same time, it uses the two reserved storage bits to receive two inertial target key data continuously output by the scalable encryption and decryption core module (the "in-transit data" of the 32-level full pipeline can be emptied in just one clock cycle, and the two reserved storage bits fully meet the inertial data absorption requirements).

[0168] When the congestion in the cross-data center backbone network is relieved and the receive ready signal of the external AXI4-Stream bus returns to a high level (bus_ready=1), the amount of data in the slip buffer will be lower than the preset water level. At this time, the slip buffer immediately outputs the two temporarily stored target key data to the external bus, and seamlessly connects to the newly generated target key data. The whole process is free of data loss and data out of order, ensuring the continuity and security of key transmission.

[0169] Thus, in the above embodiments, the slip buffer perfectly adapts and connects the scalable computing data path with the AXI4-Stream bus, with no packet loss or deadlock in the bus backpressure scenario, and the target key data output has high continuity, fully meeting the needs of high-speed key transmission in data centers.

[0170] S108. In response to the detection of bus congestion on the external data transmission bus, the slippage buffer initiates the inertial data absorption mechanism, and the scalable computing data path maintains normal operation to avoid pipeline blockage.

[0171] In this step, the core control unit monitors the operating status of the external data transmission bus in real time. In response to the detection of bus congestion on the external data transmission bus (i.e., bus_ready is continuously low for a duration exceeding a preset threshold), it immediately triggers the slip buffer to start the inertial data absorption mechanism. At the same time, it controls the scalable computing data path to maintain normal folding operations, avoiding pipeline blockage due to data backlog.

[0172] S109. In response to detecting that the receive ready signal of the external data transmission bus is high, the temporary data is quickly emptied by the slip buffer so that the cryptographic processing core system can resume operation.

[0173] In this step, in response to the detection that the receive ready signal of the external data transmission bus has returned to a high level (i.e., the bus congestion has been cleared), the slippage buffer initiates a fast emptying mechanism to quickly output the temporarily stored target key data in a first-in-first-out (FIFO) order. After the emptying is completed, the cryptographic processing core system returns to normal operation, realizing rapid recovery from abnormal scenarios.

[0174] Optional, please refer to Figure 3 , Figure 3 This is the third flowchart of a key generation method based on a scalable computing data path provided in an embodiment of this application. Figure 3 As shown in the figure, the key generation method based on a scalable computing data path provided in this application embodiment, in addition to steps S101 to S109, also includes steps S201 to S204:

[0175] S201. In response to an externally triggered key update signal, acquire the initial update key data input from the outside and lock the input channel of the cryptographic processing core system.

[0176] Here, the key update signal is a single-cycle pulse signal sent by an external device (such as an MCU or key management system) to trigger the key update process. After the signal is triggered, the system will start the uninterrupted key update process to achieve seamless switching between the old and new keys. The entire process does not interrupt the key generation business and ensures business continuity.

[0177] S202. The key expansion unit generates multiple update round keys corresponding to the scalable computing data path based on the initial update key data.

[0178] S203. The scalable computing data path performs multi-level folding operations based on the counter block data and the update round key under the preemptive release logic, according to the folding factor and the pipeline number, to generate intermediate update key data, and ensures that the pipeline of the scalable computing data path is empty.

[0179] S204. The bitwise XOR encryption / decryption module performs a bitwise XOR operation on the aligned plaintext data based on the intermediate update key data to generate the target update key data.

[0180] Here, the core purpose of the above steps is to solve the business interruption problem caused by the traditional key update "downtime-reload". Through the parallel logic of "background expansion of new keys and front-end emptying of existing data", the seamless switching between old and new keys is achieved. Key updates are completed without interrupting key generation business, improving system security and operational continuity, and adapting to scenarios that require continuous key generation.

[0181] The key generation method based on a scalable computing data path provided in this application adopts a scalable computing data path as its core, combining key steps such as preemptive release logic, count generation, key expansion, data alignment, and bitwise XOR. It also incorporates a slippage buffer to achieve bus compatibility, optimizes round key retrieval rules, and designs an uninterrupted key update process. This achieves the following technical effects: the computing path architecture can flexibly adapt to different PPA requirements; it eliminates inter-level performance bubbles to improve generation efficiency; it solves bus compatibility issues to avoid data loss and deadlock; it achieves uninterrupted key updates to ensure business continuity; and it improves data synchronization and round key matching accuracy to reduce error rates. Ultimately, this method achieves high performance, resource adaptation, accurate synchronization, and continuous reliability in key generation.

[0182] Please see Figure 4 , Figure 5 , Figure 4 This is one of the structural schematic diagrams of a cryptographic processing core system provided in an embodiment of this application. Figure 5 This is a second schematic diagram of the structure of a cryptographic processing core system provided in an embodiment of this application.

[0183] like Figure 4 As shown, the cryptographic processing core system 400 is provided with a scalable encryption and decryption core module 410, a counter generator 420, a data alignment module 430, and a bitwise XOR encryption and decryption module 440; wherein, the scalable encryption and decryption core module 410 is provided with a core control unit 411, a key expansion unit 412, and a scalable operation data path 413;

[0184] The core control unit 411 is used to respond to received key generation requirement information and determine the encryption configuration parameters corresponding to the cryptographic processing core system based on the key generation requirement information; wherein, the encryption configuration parameters include plaintext data, initial key data, counter configuration parameters, and encryption operation parameters;

[0185] The counter generator 420 is used to generate automatically incrementing counter block data based on the counter configuration parameters.

[0186] The key expansion unit 412 is used to generate multiple round keys corresponding to the scalable computing data path based on the initial key data;

[0187] The scalable computing data path 413 is used to perform multi-level folding operations based on the counter block data and the round key, under the preemptive release logic, according to the folding factor and pipeline number in the encryption operation parameters, to generate intermediate key data.

[0188] The data alignment module 430 is used to perform synchronous buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data;

[0189] The bitwise XOR encryption / decryption module 440 is used to perform a bitwise XOR operation on the aligned plaintext data based on the intermediate key data to generate target key data.

[0190] Furthermore, such as Figure 5 As shown, the cryptographic processing core system 400 is further provided with a slippage buffer 450; the slippage buffer 450 is used for:

[0191] The system receives the intermediate key data generated by the scalable computing data path and the receive ready signal of the external data transmission bus, and detects in real time whether the amount of data corresponding to the intermediate key data is lower than a preset water level.

[0192] In response to the data volume reaching the preset water level, an unready signal is output to the external data transmission bus, and the remaining inertial data output by the scalable encryption and decryption core module is received using the reserved space;

[0193] In response to the data volume being lower than the preset water level and the receive ready signal being high, the target key data is output to the external data transmission bus.

[0194] Furthermore, such as Figure 5 As shown, the slippage buffer 450 is also used for:

[0195] In response to the detection of bus congestion on the external data transmission bus, the slippage buffer initiates an inertial data absorption mechanism, and the scalable computing data path maintains normal operation to avoid pipeline blockage.

[0196] In response to the detection that the receive ready signal of the external data transmission bus is high, the slip buffer quickly empties the temporary data so that the cryptographic processing core system can resume operation.

[0197] The cryptographic processing core system provided in this application adopts a scalable computing data path as its core, combining key steps such as preemptive release logic, count generation, key expansion, data alignment, and bitwise XOR. It also incorporates slippage buffers to achieve bus compatibility, optimizes round key retrieval rules, and designs an uninterrupted key update process. This achieves the following technical effects: the computing path architecture can flexibly adapt to different PPA requirements; it eliminates inter-level performance bubbles to improve generation efficiency; it solves bus compatibility issues to avoid data loss and deadlock; it enables uninterrupted key updates to ensure business continuity; and it improves data synchronization and round key matching accuracy to reduce error rates. Ultimately, this results in high performance, resource adaptation, accurate synchronization, and continuous reliability during key generation.

[0198] Please see Figure 6 , Figure 6 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. Figure 6 As shown, the electronic device 600 includes a processor 610, a memory 620, and a bus 630.

[0199] The memory 620 stores machine-readable instructions executable by the processor 610. When the electronic device 600 is running, the processor 610 and the memory 620 communicate via the bus 630. When the machine-readable instructions are executed by the processor 610, they can perform the operations described above. Figure 1 , Figure 2 as well as Figure 3 The specific implementation of the key generation method based on scalable computing data paths in the method embodiment shown can be found in the method embodiment, and will not be repeated here.

[0200] This application also provides a computer-readable storage medium storing a computer program, which, when executed by a processor, can perform the above-described actions. Figure 1 , Figure 2 as well as Figure 3 The specific implementation of the key generation method based on scalable computing data paths in the method embodiment shown can be found in the method embodiment, and will not be repeated here.

[0201] Those skilled in the art will understand that, for the sake of convenience and brevity, the specific working processes of the systems, devices, and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here.

[0202] In the several embodiments provided in this application, it should be understood that the disclosed systems, apparatuses, and methods can be implemented in other ways. The apparatus embodiments described above are merely illustrative. For example, the division of units is only a logical functional division, and in actual implementation, there may be other division methods. Furthermore, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Additionally, the shown or discussed mutual couplings, direct couplings, or communication connections may be through some communication interfaces; indirect couplings or communication connections between devices or units may be electrical, mechanical, or other forms.

[0203] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.

[0204] In addition, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit.

[0205] If the aforementioned functions are implemented as software functional units and sold or used as independent products, they can be stored in a processor-executable, non-volatile, computer-readable storage medium. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, or a portion of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of this application. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.

[0206] Finally, it should be noted that the above-described embodiments are merely specific implementations of this application, used to illustrate the technical solutions of this application, and not to limit them. The scope of protection of this application is not limited thereto. Although this application has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that any person skilled in the art can still modify or easily conceive of changes to the technical solutions described in the foregoing embodiments, or make equivalent substitutions for some of the technical features, within the scope of the technology disclosed in this application. Such modifications, changes, or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of this application, and should all be covered within the scope of protection of this application. Therefore, the scope of protection of this application should be determined by the scope of the claims.

Claims

1. A method of key generation based on a scalable arithmetic data path, characterized by, The key generation method is applied to a cryptographic processing core system, which includes a scalable encryption / decryption core module, a counter generator, a data alignment module, and a bitwise XOR encryption / decryption module. The scalable encryption / decryption core module includes a core control unit, a key expansion unit, and a scalable computation data path. The key generation method includes: In response to receiving input key generation requirement information, the core control unit determines the encryption configuration parameters corresponding to the cryptographic processing core system based on the key generation requirement information; wherein, the encryption configuration parameters include plaintext data, initial key data, counter configuration parameters, and encryption operation parameters; The counter generator generates automatically incrementing counter block data based on the counter configuration parameters, and the key expansion unit generates multiple round keys corresponding to the scalable computing data path based on the initial key data. The scalable computing data path performs multi-level folding operations based on the counter block data and the round key under the preemptive release logic, according to the folding factor and pipeline number in the encryption operation parameters, to generate intermediate key data. The data alignment module then performs synchronous buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data. The bitwise XOR encryption / decryption module performs a bitwise XOR operation on the aligned plaintext data based on the intermediate key data to generate the target key data.

2. The method of claim 1, wherein, The cryptographic processing core system is also equipped with a slippage buffer; the key generation method further includes: The slip buffer receives the intermediate key data generated by the scalable computing data path and the receive ready signal of the external data transmission bus, and detects in real time whether the amount of data corresponding to the intermediate key data is lower than the preset water level line. In response to the data volume reaching the preset water level, an unready signal is output to the external data transmission bus, and the remaining inertial data output by the scalable encryption and decryption core module is received using the reserved space; In response to the data volume being lower than the preset water level and the receive ready signal being high, the target key data is output to the external data transmission bus.

3. The method of claim 2, wherein, The key generation method further includes: In response to the detection of bus congestion on the external data transmission bus, the slippage buffer initiates an inertial data absorption mechanism, and the scalable computing data path maintains normal operation to avoid pipeline blockage. In response to the detection that the receive ready signal of the external data transmission bus is high, the slip buffer quickly empties the temporary data so that the cryptographic processing core system can resume operation.

4. The method of claim 1, wherein, The key generation method further includes: In response to an externally triggered key update signal, the system acquires the initial update key data input from the external source and locks the input channel of the cryptographic processing core system. The key expansion unit generates multiple update round keys corresponding to the scalable computing data path based on the initial update key data; The scalable computing data path performs multi-level folding operations based on the counter block data and the update round key under preemptive release logic, according to the folding factor and the pipeline number, to generate intermediate update key data and ensure that the pipeline of the scalable computing data path is empty. The bitwise XOR encryption / decryption module performs a bitwise XOR operation on the aligned plaintext data based on the intermediate update key data to generate the target update key data.

5. The method of claim 1, wherein, The process involves the scalable computing data path performing multi-level folding operations based on the counter block data and the round key, under preemptive release logic, according to the folding factor and pipeline number in the encryption operation parameters, to generate intermediate key data, including: Each round function calculation unit in the scalable computing data path performs an encryption operation on the number of rounds corresponding to the folding factor based on the counter block data and the corresponding round key, to obtain the counter encryption result output by each round function calculation unit, so as to generate intermediate key data; the scalable computing data path includes a pipeline of round function calculation units; In response to each round function calculation unit completing the encryption operation for the corresponding number of rounds, the output register state of the round function calculation unit is detected, and the input ready signal of the next-level round function calculation unit is detected. Based on the output register state and the input ready signal, the output enable signal corresponding to the round function calculation unit is determined by the preemptive release judgment logic; When the output enable signal is active, the round function calculation unit writes the encryption result into the output register and resets the busy state of this level to receive the counter encryption result from the previous round function calculation unit.

6. The method of claim 5, wherein, The process involves each round function calculation unit in the scalable computational data path performing an encryption operation on the round number corresponding to the folding factor, based on the counter block data and the corresponding round key, to obtain the counter encryption result output by each round function calculation unit, thereby generating intermediate key data, including: Each round function calculation unit retrieves the target round key corresponding to that round function calculation unit from the round keys according to the corresponding index, based on the current stage sequence number and round counter value, through a multiplexer. Based on the target round key and the counter encryption result output by the previous round function calculation unit, the time multiplexing of the encryption operation corresponding to the round number of the folding factor is performed by loop counting to obtain the counter encryption result output by the round function calculation unit. The counter encryption result output by the final round function calculation unit is used as the intermediate key data.

7. The method of claim 1, wherein, The step of the data alignment module performing synchronous buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data includes: The data alignment module determines the alignment depth value based on the pipeline number and sets the alignment depth value as the dwell clock cycle. The plaintext data is continuously written to the data alignment module, and each plaintext data block in the plaintext data is retained according to the dwell clock cycle; In response to the folding operation performed on the scalable computing data path, the plaintext data is aligned, and aligned plaintext data is output.

8. A cryptographic processing core system, characterized in that, The cryptographic processing core system is equipped with a scalable encryption / decryption core module, a counter generator, a data alignment module, and a bitwise XOR encryption / decryption module; wherein, the scalable encryption / decryption core module is equipped with a core control unit, a key expansion unit, and a scalable computation data path; The core control unit is used to respond to received key generation requirement information, and determine the encryption configuration parameters corresponding to the cryptographic processing core system based on the key generation requirement information; wherein, the encryption configuration parameters include plaintext data, initial key data, counter configuration parameters, and encryption operation parameters; The counter generator is used to generate automatically incrementing counter block data based on the counter configuration parameters. The key expansion unit is used to generate multiple round keys corresponding to the scalable computing data path based on the initial key data; The scalable computing data path is used to perform multi-level folding operations based on the counter block data and the round key, under the preemptive release logic, according to the folding factor and pipeline number in the encryption operation parameters, to generate intermediate key data. The data alignment module is used to perform synchronous buffer alignment processing on the plaintext data based on the pipeline number to obtain aligned plaintext data. The bitwise XOR encryption / decryption module is used to perform a bitwise XOR operation on the aligned plaintext data based on the intermediate key data to generate the target key data.

9. An electronic device, comprising: include: The device includes a processor, a memory, and a bus. The memory stores machine-readable instructions executable by the processor. When the electronic device is running, the processor communicates with the memory via the bus. The machine-readable instructions are executed by the processor to perform the steps of the key generation method based on a scalable computing data path as described in any one of claims 1 to 7.

10. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a computer program that, when executed by a processor, performs the steps of the key generation method based on a scalable computing data path as described in any one of claims 1 to 7.