You are on page 1of 23

Topics Covered

Introduction Characteristics of Rijndael Algorithm and its building blocks Mathematics behind Rijndael Conclusion

Rijndael = Rijmen & Daemen

Rijndael, the Advanced Encryption Standard, is a symmetric block cipher. It uses the same key between sender and receiver to encrypt and decrypt the message.

Speed and cost make symmetric algorithms as the algorithm of choice for encrypting large amounts of data.

Characteristics of Rijndael:
Iterated block cipher
Parallel structure (based on the S-P

Network model structure) Byte Oriented Predecessor: SQUARE.

Block Cipher:
Two Principles of a good block cipher, as defined by Claude Shannon, are: 1. Confusion which stands for substitution operations. 2. Diffusion which stands for transposition or permutation operations.

S-P Network Model (Shannon)


Divide each Block of Data into smaller manageable pieces of the same length. In parallel each piece goes through: Confusion (substitution): S-Box Diffusion (Permutation): P-Box

INPUT(Block of Plaintext, Key):

Divide plaintext into blocks of length 1(byte) * 16, thus creating a 4 X 4 matrix, i.e. the STATE matrix. State[Row,Column]=Byte[Row+4Column]
Byte0 Byte1 Byte4 Byte5 Byte8 Byte9 Byte12 Byte13 State[0,0] State[0,1] State[0,2] State[0,3] State[1,0] State[1,1] State[1,2] State[1,3]

Byte2

Byte6

Byte10

Byte14

State[2,0] State[2,1] State[2,2] State[2,3]

Byte3

Byte7

Byte11

Byte15

State[3,0] State[3,1] State[3,2] State[3,3]

EXAMPLE: Create State Matrix from a given block

Pseudo Code:

Rijndael_Cipher (byte [] block_of_data, byte [] KEY) { Expand_Key(KEY, Expanded_KEY); Add_Key(State[], Expanded_KEY[0]); DO (Nr 1 times) ROUND(State, Expanded_KEY[i]); Last_Round (State, Expanded_KEY[Nr]); }

Pseudo Code (continued):


Round(State, Expanded_KEY[i])
{ Substitute_Bytes(State);

Last_Round (State, Expanded_KEY[Nr])


{ Substitute_Bytes(State); Shift_Rows(State);
Add_Key(State[],Expanded_KEY[i]);

Shift_Rows(State);
Mix_Columns(State);
Add_Key(State[],Expanded_KEY[i]);

Encryption
PLAINTEXT SECRET KEY ROUND 0 KEY ROUND 0

Round

INPUT

SUB_BYTES
ROUND 1

KEY ROUND 1
SHIFT_ROWS EXTENDED_KEY KEY ROUND Nr-1 KEY ROUND Nr MIX_COLUMN S ROUND KEY ADD_ROUND KEY

ROUND Nr - 1

Last_ROUND Nr

OUTPUT ENCRYPTED DATA

Number of Rounds
Block size is fixed at 128 bits; key can be 128,192, or 256. Nr is the number of rounds which is a function of Nk(Block length divided by 32 ), and Nb(Key length divided by 32 )
Nr Nk

4
Nb

6 12

8 14

10

This procedure will 1.Expand the key From a cipher Key of bytes [4][Nk] to another array of (4) * (Nb*(Nr + 1)) = 4* (10 + 1) = 44 bytes . 2.Select a round key for each round. This procedure avoids: 1. Weak Keys by introducing asymmetry. 2. Key-related attacks(Biham) 3. Cipher keys that are partially known or that can be chosen by an imposter.

Expand_Key

Add_Key
Add_Key will be called 1. Once in the beginning of rounds 2. Nr-1 times in the Round 3. Once in the final round. It just XOR-s the 16 bytes of the state with the 16 bytes of key (for the 128 bit key).

EXAMPLE: Add_Key illustrated.

Substitute_Bytes (Non-Linear step)


Substitutes each byte of the State with a byte from the S-Box as follows:
State [row, column] = S-Box [state [row, column]].

S-Box ---- MORE LATER

Shift_Rows
It will not change the values, but will just change their order. It does a left circular shift to each row as below: Row 0 Shift 0; Row 1 Shift 1; Row 2 Shift 2; Row 3 Shift 3;
State[ 0,0] State[ 1,0] State[ 2,0] State[ 0,1] State[ 1,1] State[ 2,1] State[ 0,2] State[ 1,2] State[ 2,2] State[ 0,3] State[ 1,3] State[ 2,3] State[ 0,0] State[ 1,1] State[ 0,1] State[ 1,2] State[ 2,3] State[ 0,2] State[ 1,3] State[ 2,0] State[ 0,3] State[ 1,0] State[ 2,1]

Shift_Rows(..)

State[ 2,2]

State[ 3,0]

State[ 3,1]

State[ 3,2]

State[ 3,3]

State[ 3,3]

State[ 3,0]

State[ 3,1]

State[ 3,2]

Mathematics Behind Rijndael

Field Finite Field

Inverses

Rijndael operates on the: Binary Finite Field, GF(28).


FIELD. Definition and Example . FINITE FIELD. The field with a finite number of elements. Rijndael uses polynomial basis. Rijndael is byte oriented. Each byte, which will be stored in Hex and it will represent a polynomial of at most degree 7: b7X7 + b6X6 + b5X5 + b4X4 + b3X3 + b2X2 + b1X1 + bo. Example: { 1 1 0 1 01 0 0} = 0Xd4 = X7 + X6 + X4 + X2

FINITE FIELD GF(2 ^ 8)


The set of all polynomials of degree at most 7 with coefficients GF(2) and with the two defined operations: Addition: Just XOR-in Multiplication: Shift to the left. and modulo an irreducible polynomial. Galois Theorem: For any prime p and integer n, there exists a field of order pn and it is unique. Cyclic Group Theorem: GF (pn)*, i.e. multiplicative Group, is cyclic; The nonzero elements are powers of some primitive root . Example: HOW do we construct such a field? Irreducible? Primitive Root?

Finding the multiplicative inverse


Multiplicative inverses in GF(256) using Look Up Tables: 1. Example: Building Log Table. 2. Building Anti Log Table. Reverse the Log process {03}(06) ={55}; {06} = {03}(55) . 3. Building Inverse Table(using Log/Antilog). g (x) has as inverse g (ff ) ( x) . Example:{12}= {03} (e0), so the inverse will be g (ff ) ( e0) = g 1f = {aa}

S-BOX
The only non-linear step S-Box is based on the mapping: X -> X 1 ; where X 1 represents multiplicative inverse in the field. 1. Replaces each byte with its inverse GF (28), g (a); beside 00 mapped to itself. 2. Applies an affine transformation (a bitwise modulo-two matrix, XOR-ed with the hexadecimal number 63. EXAMPLE: Lets find SRD [12]. ??

Mix_Columns
Mix_Columns multiplies two numbers: (A column that is considered as a polynomial) * (A mixing polynomial (modulo x4 + 1)) . Mixing polynomial is {03}*x3 + {01} * x2 + {01} * x + {02}. It should be relatively prime with the polynomial x4 + 1={11}=(x+1)4, Thus, the fixed polynomial will have an inverse (mod x4 + 1) and we can decrypt..

Conclusion
Secure
Excellent resistance to known attacks.

Elegant mathematical structure


Efficient

Q&A

You might also like