Aiming at the excessively long time consumption of round function in block cipher implementation, a new software pipelining realization method of Advanced Encryption Standard (AES) algorithm based on Reconfigurable Cipher Stream Processor (RCSP) was proposed. The operations of round function were divided into several pipelining segments. The different pipelining segments corresponded to different cipher resources. The instruction level parallelism was developed to accelerate the execution speed of round function by executing different pipelining segments of multiple round functions in parallel. The execution efficiency of block cipher algorithm was improved. The separation processes of pipelining segments and software pipelining mapping methods of AES algorithm were analyzed with the computing resources of single cluster, two clusters and four clusters of RCSP. The experimental results show that, the proposed software pipelining realization method, which makes different data fragments of one block or multiple blocks processed in parallel, can not only improve the performance of a block serial execution, but also improve the performance of multiple blocks parallel execution by developing the parallelism between the blocks.

Unlike block cipher, stream ciphers are relatively simple and widely use linear operation, so there is often a strong correlation between the power of attack point and other power components, making it difficult to implement power analysis attacks. For the aforementioned situation, a chosen-Initial Vector (IV) correlation power analysis attack on synchronous stream cipher Grain-128 was proposed. First, the attack point and its power consumption model were gotten by analyzing the property of Grain-128's output function h(x). Then the correlation between the power of attack point and other power components was eliminated by choosing specific initial vectors, and the key problem facing the energy attacks was solved. Finally, a verification experiment was conducted based on power analysis tool PrimeTimePX. The results show that the scheme can implement 23 rounds attack and recover 46 bits key with only 736 initial vectors.