(a). Field of the Invention
The present invention relates to a speed-up hardware architecture used in wireless encryption/decryption operation, more particularly, to a speed-up hardware architecture that is able to reduce the happening of idle condition.
(b). Description of the Prior Arts
Nowadays, along with the progress of wireless telecommunication technology, all kinds of products, such as cellular phone, notebook computer, personal digital assistant (PDA), etc., have fulfilled humans' desire for wireless communication that not only enables users to be able to free from the constraint of corded phone, but also gives users more freedom and, the same time, shortens the distance between people.
Ever since the Institute of Electrical and Electronic Engineers (IEEE) launched the wireless standard, there have been fears about its security. Broadcasting data packets over a 1,500 m radius is different from sending them over cables. The problem with broadcasting data over a relatively wide area is that smart people with the right equipment can intercept the signal and further uses the intercepted signal to hack the network, such as forging, tampering, etc. Security experts are concerned at the disparity between the amount of wireless network activity in the corporate community and the low level of awareness of the vulnerability of radio local area networks (LANs). In order to enhance the security features provided in a wireless LAN (WLAN) system, the IEEE has established an encryption standard protocol adopting advance encryption standard (AES), that is, the IEEE 802.11i counter mode with CBC-MAC protocol (CCMP), wherein the 802.11i specification defines a new encryption method based on the advanced encryption standard (AES). AES based encryption can be used in a number of different modes or algorithms. The mode that has been chosen for 802.11i is the counter mode with CBC-MAC (CCM). The counter mode delivers data privacy while the CBC-MAC delivers data integrity and authentication, moreover, AES is a symmetric iterated block cipher meaning that the same key is used for both encryption and decryption, multiple passes are made over the data for encryption, and the clear text is encrypted in discrete fixed length blocks. The AES standard uses 128-bit blocks for encryption, and for 802.11i the encryption key length is also fixed at 128 bits.
As seen in FIG. 1, which is a diagram showing a CCMP apparatus, wherein a signal is received by a CCM control logic according to a standard encryption steps to accomplish a message integrity check (MIC) and an encryption/decryption operation using AES encryptor. In order to increase the speed of the foregoing operations, traditional hardware design use two AES encryptors respectively for processing the MIC calculation and the encryption/decryption operation. Now please refer to FIG. 2, which is a subdivision diagram depicting the MIC calculation and the encryption/decryption operation of a packet. In wireless transmission, packet is employed as a transmission unit and can be divided into two portions, wherein the first portion comprises an initial zone and a zone of headers, and the second portion is a zone of payloads. In the first portion, the initial zone occupying 16 bytes is used for notification and initialization, and the zone of headers occupying 32 bytes is used for storing the data necessitated for transmission and the control code. Moreover, the payload zone is the actual portion used for data transmission in that the amount of payloads, which is referred as N, normally will not be too large for reducing error rate during wireless transmission. For the sake of message integrity, since the purpose of message integrity check is to avoid the message to be tampered or partially deleted, therefore, an integrity input signal 70 should comprise the two aforementioned portions including the initial zone, the headers and the payloads to ensure the message integrity. On the other hand, for the sake of preventing the transmitted data from spying by an unauthorized person, since the headers do not contain any transmitted data, therefore, the encryption/decryption input signal 72 will only need to comprise the payloads and the MIC calculation result.
To sum up, a conventional apparatus feeds the integrity input signal 70 into a first AES encryptor 1a for calculating and acquiring a MIC value thereafter, and subsequently the encryption/decryption input signal 72 comprising the acquired MIC value and the payloads are then fed into a second AES encryptor 1b to finish the encryption process. The process usually uses a 16 bytes block (i.e. 128 bits) as a unit which is fed into the AES encryptor successively and orderly. However, the two AES encryptors are not always operating, An idle AES encryptor is sometimes happened and will cause the waste of resource. During an encryption/decryption process, since the relating calculations are very complex that the bottleneck of the process is usually happened in the encryption/decryption operation. Hence, in order to accelerate the process speed, the idling of AES encryptor must be avoided.