Scribd Logo
Upload

Welcome to Scribd!

  • Advanced Encryption Standard

    Uploaded by

    pathmakerpk
    8 views16 pages

    Original Title

    AES-Intro

    Copyright

    © Attribution Non-Commercial (BY-NC)

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    8 views16 pages

    Advanced Encryption Standard

    Uploaded by

    pathmakerpk

    Copyright:

    Attribution Non-Commercial (BY-NC)
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 16

    Advanced Encryption Standard

    This Lecture
    Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key Expansion Implementation Aspects AES Security and Strength

    Why AES?
    Symmetric block cipher, published in 2001 Intended to replace DES and 3DES
    DES is vulnerable to differential attacks 3DES has slow performances

    NIST Criteria to Evaluate Potential Candidates


    Security: The effort to crypt analyze an algorithm. Cost: The algorithm should be practical in a wide range of applications. Algorithm and Implementation Characteristics : Flexibility, simplicity etc.
    5 final candidates have been chosen out of 15

    NIST Criteria cont.


    General Security Software Implementations Hardware Implementations Restricted-Space Environments Attacks on Implementations Encryption vs. Decryption Key Agility Potential for Instruction-Level Parallelism Other versatility and Flexibility
    NIST selected Rijndael as the proposed AES algorithm

    The AES Cipher


    Block length is limited to 128 bit The key size can be independently specified to 128, 192 or 256 bits
    Key size (words/bytes/bits) Number of rounds Expanded key size (words/byte) 4/16/128 6/24/192 10 12 44/176 52/208 8/32/256 14 60/240

    The AES Cipher


    Key received as input array of 4 rows and Nk columns Nk = 4,6, or 8, parameter which depends key size Input key is expanded into an array of 44/52/60 words of 32 bits each 4 different words serve as a key for each round
    k0 k1 k2 k3 k4 k8 k12 w0 w1 w2 w42 w43

    k5 k9 k13 k6 k10 k14 k7 k11 k15

    The AES Cipher


    Single 128 bit block as input Copied to a State array with Nb columns (Nb=4)
    Input in0 in4 in8 in12 State array S00 S01 S02 S03 o0 o4 Output o8 o12

    in1 in5 in9 in13 in2 in6 in10 in14 in3 in7 in11 in15

    S10 S11 S12 S13 S20 S21 S22 S23 S30 S31 S32 S33

    o1 o5 o9 o13 o2 o6 o10 o14 o3 o7 o11 o15

    The AES Cipher


    Number of rounds, Nr, depends on key size Each round is a repetition of functions that perform a transformation over State array Consists of 4 main functions: one permutation and three substitutions
    Substitute bytes, Shift rows, Mix columns, Add round key

    The AES Cipher


    AddRoundKey() round key is added to the State using XOR operation MixColumns() takes all the columns of the State and mixes their data, independently of one another, making use of arithmetic over GF(2^8) ShiftRows() processes the State by cyclically shifting the last three rows of the State by different offsets SubBytes() uses S-box to perform a byte-bybyte substitution of State

    plaintext

    The AES Cipher

    Add round key

    Substitute bytes Shift rows Mix columns Add Round key


    W[4,7]

    Substitute bytes Round 1 Shift rows Mix columns Add round key
    W[36,39]

    Substitute bytes
    Shift rows Add round key Cipher text
    W[40,43]

    Round 9

    key

    The AES Cipher


    Cipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)]) Begin byte state[4,Nb] state = in AddRoundKey(state, w[0, Nb-1]) for round=1 to Nr-1 SubBytes(state) ShiftRows(state) MixColumns(state) AddRoundKey(state, w[round*Nb, round+1)*Nb-1]) end for SubBytes(state) ShiftRows(state) AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1) Out = state end

    The AES Cipher


    Only Add round key makes use of the key Other three functions are used for diffusion and confusion Final round consists of only three stages

    ciphertext

    The AES Inverse Cipher

    Add round key

    Inv. Shift rows Inv. Sub bytes Add round key Inv. Mix Columns
    W[36,39]

    Inv. Shift rows Round 1 Inv. Sub bytes Add round key Inv. Mix columns
    W[4,7]

    Inv. Shift rows


    Inv. Sub bytes Add round key plaintext
    W[0,3]

    Round 9

    key

    The AES Inverse Cipher


    InvCipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)]) Begin byte state[4,Nb] state = in AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1) for round=1 to Nr-1 InvShiftRows(state) InvSubBytes(state) AddRoundKey(state, w[round*Nb, round+1)*Nb-1]) InvMixColumns(state) end for InvShiftRows(state) InvSubBytes(state) AddRoundKey(state, w[0, Nb-1]) Out = state end

    The AES Inverse Cipher


    Decryption algorithm uses the expanded key in reverse order All functions are easily reversible and their inverse form is used in decryption Decryption algorithm is not identical to the encryption algorithm Again, final round consists of only three stages

    You might also like