bl_iot_sdk/docs/html/Examples/benchmark_security_aes/benchmark_security_aes_gcm.html

<!DOCTYPE html>
<html class="writer-html5" lang="zh" >
<head>
  <meta charset="utf-8">

  <meta name="viewport" content="width=device-width, initial-scale=1.0">

  <title>AES-GCM &mdash; BL602 IoT SDK release_bl_iot_sdk_1.6.11-1-g66bb28da 文档</title>



  <link rel="stylesheet" href="../../_static/css/theme.css" type="text/css" />
  <link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
  <link rel="stylesheet" href="../../_static/style.css" type="text/css" />
  <link rel="stylesheet" href="../../_static/css/custom.css" type="text/css" />







  <!--[if lt IE 9]>
    <script src="../../_static/js/html5shiv.min.js"></script>
  <![endif]-->


      <script type="text/javascript" id="documentation_options" data-url_root="../../" src="../../_static/documentation_options.js"></script>
        <script src="../../_static/jquery.js"></script>
        <script src="../../_static/underscore.js"></script>
        <script src="../../_static/doctools.js"></script>
        <script src="../../_static/language_data.js"></script>

    <script type="text/javascript" src="../../_static/js/theme.js"></script>


    <link rel="index" title="索引" href="../../genindex.html" />
    <link rel="search" title="搜索" href="../../search.html" />
</head>

<body class="wy-body-for-nav">


  <div class="wy-grid-for-nav">

    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
      <div class="wy-side-scroll">
        <div class="wy-side-nav-search" >



            <a href="../../index.html" class="icon icon-home" alt="Documentation Home"> BL602 IoT SDK



          </a>




              <div class="version">
                release_bl_iot_sdk_1.6.11-1-g66bb28da
              </div>




<div role="search">
  <form id="rtd-search-form" class="wy-form" action="../../search.html" method="get">
    <input type="text" name="q" placeholder="在文档中搜索" />
    <input type="hidden" name="check_keywords" value="yes" />
    <input type="hidden" name="area" value="default" />
  </form>
</div>


        </div>


        <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">






              <p class="caption"><span class="caption-text">Developer_Environment</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../../Developer_Environment/Developer_Environment.html">1. Developer Environment</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Developer_Environment/BLFlashEnv/BLFlashEnv.html">2. BLFlashEnv</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Developer_Environment/freedom_studio/freedom_studio.html">3. Freedom Studio</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Developer_Environment/eclipse/eclipse.html">4. Eclipse</a></li>
</ul>
<p class="caption"><span class="caption-text">Examples</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../helloworld/helloworld.html">1. Helloword</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_aws/aws.html">2. aws</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_peripherals_gpio/GPIO.html">3. GPIO</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_peripherals_uart_echo/uart_echo.html">4. UART_echo</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_peripherals_uart_ioctl/uart_ioctl.html">5. UART_ioctl</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_protocols_http/http.html">6. Http client</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_protocols_httpc/httpc.html">7. Httpc client</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_storage_psm/psm.html">8. PSM</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_storage_romfs/romfs.html">9. Romfs</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_system_cli/cli.html">10. cli</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_system_fdt/fdt.html">11. FDT</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_wifi/wifi.html">12. WiFi</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_ble/ble.html">13. BLE</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_mesh/mesh.html">14. Mesh</a></li>
<li class="toctree-l1"><a class="reference internal" href="../demo_blsync_ble/blsync_ble.html">15. BLSYNC-BLE</a></li>
<li class="toctree-l1"><a class="reference internal" href="../sdk_app_easyflash_boottimes/easyflash_boottimes.html">16. Easyflash4 boot times</a></li>
</ul>
<p class="caption"><span class="caption-text">Components</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../../Components/arch.html">1. arch</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Command_line/helper.html">2. helper</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Command_line/aos_cli.html">3. cli</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Hal_drv/gpio.html">4. GPIO</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/bloop/bloop.html">5. BLOOP</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/blsync/blsync.html">6. BLSYNC</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/dts/devicetree.html">7. device tree</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/log/blog.html">8. blog</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/security/security.html">9. Security</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/vfs/vfs.html">10. AOS VFS</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Middleware/yloop/yloop.html">11. yloop</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Network/httpc/httpc.html">12. HTTPC</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Network/https/https.html">13. HTTPS</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/Network/tls/tls.html">14. TLS</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/BLE/provision_WiFi/provision_WiFi.html">15. Provision_WiFi</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/BLE/mesh/mesh.html">16. Mesh</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../Components/BLE/ble_stack/ble_stack.html">17. BLE</a></li>
</ul>
<p class="caption"><span class="caption-text">API</span></p>
<ul>
<li class="toctree-l1"><a class="reference internal" href="../../API/sys/cronalarms.html">1. cronalarms</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../API/wifi/wifi_mgmr.html">2. Wi-Fi Manager</a></li>
</ul>



        </div>

      </div>
    </nav>

    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">


      <nav class="wy-nav-top" aria-label="top navigation">

          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
          <a href="../../index.html">BL602 IoT SDK</a>

      </nav>


      <div class="wy-nav-content">

        <div class="rst-content">

















<div role="navigation" aria-label="breadcrumbs navigation">

  <ul class="wy-breadcrumbs">

      <li><a href="../../index.html" class="icon icon-home"></a> &raquo;</li>

      <li>AES-GCM</li>


      <li class="wy-breadcrumbs-aside">


            <a href="../../_sources/Examples/benchmark_security_aes/benchmark_security_aes_gcm.rst.txt" rel="nofollow"> 查看页面源码</a>


      </li>

  </ul>


  <hr/>
</div>
          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
           <div itemprop="articleBody">

  <div class="section" id="aes-gcm">
<span id="aes-gcm-index"></span><h1>AES-GCM<a class="headerlink" href="#aes-gcm" title="永久链接至标题">¶</a></h1>
<div class="section" id="id1">
<h2>总览<a class="headerlink" href="#id1" title="永久链接至标题">¶</a></h2>
<p>AES是一种对称加密算法，它的相关概念在此不赘述，本文档主要介绍AES-GCM的原理和实现。</p>
<p>GCM ( Galois/Counter Mode) 指的是该对称加密采用Counter模式，并带有GMAC消息认证码。
在详细介绍AES-GCM之前，我们先了解一些相关概念。</p>
</div>
<div class="section" id="ctr-counter">
<h2>CTR（CounTeR）<a class="headerlink" href="#ctr-counter" title="永久链接至标题">¶</a></h2>
<blockquote>
<div><p>在CTR模式下，我们对一个逐次累加的计数器进行加密，用加密后的比特序列与明文分组进行异或得到密文。过程如下图：</p>
<blockquote>
<div><div class="figure align-default">
<img alt="" src="../../_images/image12.png" />
</div>
</div></blockquote>
</div></blockquote>
<p>其中， IV为初始化向量，Ek表示ECB文本加密，PT表示输入的明文，CT表示输出的密文。</p>
<p>在BL602中，我们可以直接使用硬件完成CTR算法，即设置key密钥后，输入IV以及需要加密的明文，硬件会自动完成累加计数加密并输出密文。</p>
<p>CTR模式的优点是：
1）支持加解密并行计算，可事先进行加解密准备；
2）错误密文中的对应比特只会影响明文中的对应比特。
但是它不能提供密文消息完整性校验的功能。</p>
</div>
<div class="section" id="mac-message-authentication-code">
<h2>MAC（Message Authentication Code）<a class="headerlink" href="#mac-message-authentication-code" title="永久链接至标题">¶</a></h2>
<p>想要校验消息的完整性，必须引入另一个概念：消息验证码。消息验证码是一种与秘钥相关的单项散列函数，过程如下图所示：</p>
<blockquote>
<div><div class="figure align-default">
<img alt="" src="../../_images/image21.png" />
</div>
</div></blockquote>
<p>密文的收发双发需要提前共享一个秘钥。密文发送者将密文的MAC值随密文一起发送，密文接收者通过共享秘钥计算收到密文的MAC值，
这样就可以对收到的密文做完整性校验。当篡改者篡改密文后，没有共享秘钥，就无法计算出篡改后的密文的MAC值。</p>
</div>
<div class="section" id="gmac-galois-message-authentication-code-mode">
<h2>GMAC（Galois message authentication code mode）<a class="headerlink" href="#gmac-galois-message-authentication-code-mode" title="永久链接至标题">¶</a></h2>
<p>对应到上图中的消息认证码，GMAC就是利用伽罗华域(Galois Field，GF，有限域)乘法运算来计算消息的MAC值。
假设秘钥长度为128bits, 当密文大于128bits时，需要将密文按128bits进行分组。应用流程如下图：</p>
<blockquote>
<div><div class="figure align-default">
<img alt="" src="../../_images/image3.png" />
</div>
</div></blockquote>
<p>其中，msg为需要验证的消息，Mh表示在有限域上做乘法运算，MAC即为生成的验证码。</p>
<p>在BL602中，我们可以直接使用硬件完成GMAC验证。</p>
</div>
<div class="section" id="gcm-galois-counter-mode">
<h2>GCM（ Galois/Counter Mode )<a class="headerlink" href="#gcm-galois-counter-mode" title="永久链接至标题">¶</a></h2>
<p>GCM中的G就是指GMAC，C就是指CTR。于是将CTR算法加上GMAC验证就是AES-GCM模式了。过程如下图所示：</p>
<blockquote>
<div><div class="figure align-default">
<img alt="" src="../../_images/image4.png" />
</div>
</div></blockquote>
</div>
<div class="section" id="id2">
<h2>具体实现<a class="headerlink" href="#id2" title="永久链接至标题">¶</a></h2>
<p>具体代码实现大体如下图所示：</p>
<blockquote>
<div><div class="figure align-default">
<img alt="" src="../../_images/image5.png" />
</div>
</div></blockquote>
</div>
</div>


           </div>

          </div>
          <footer>


  <hr/>

  <div role="contentinfo">
    <p>

        &copy; 版权所有 2020, Bouffalo Lab

    </p>
  </div>



    利用 <a href="http://sphinx-doc.org/">Sphinx</a> 构建，使用了

    <a href="https://github.com/rtfd/sphinx_rtd_theme">主题</a>

    由 <a href="https://readthedocs.org">Read the Docs</a>开发.

</footer>

        </div>
      </div>

    </section>

  </div>


  <script type="text/javascript">
      jQuery(function () {
          SphinxRtdTheme.Navigation.enable(true);
      });
  </script>






</body>
</html>