Field of the Invention
The present invention relates to information processing of performing cipher processing.
Description of the Related Art
IEEE (The Institute of Electrical and Electronics Engineers, Inc.) standardizes XEX (Xor-encrypt-xor)-based tweaked-codebook mode with ciphertext stealing-Advanced Encryption Standard (XTS-AES) as an encryption algorithm for a storage device such as a hard disk. Furthermore, NIST (National Institute of Standards and Technology) recommends XTS-AES as storage encryption.
XTS-AES is an algorithm of individually performing cipher processing for each 128-bit block, and can perform cipher processing at higher speed by causing cipher processors to operate in parallel.
In XTS-AES, it is necessary to generate an initial mask value from a tweak value before the start of cypher processing of a 128-bit block (to be simply referred to as a “block” hereinafter). Therefore, it is impossible to start the cipher processing of the block while the initial mask value is generated. Since cipher processing is also required to generate the initial mask value, there is proposed a method of preventing the start of the cipher processing of the block from being delayed by additionally preparing a cipher processing circuit for generating the initial mask value.
Adding the cipher processing circuit for generating the initial mask value increases the circuit scale. If the circuit scale is limited, it is difficult to increase the speed.