Scribd Logo
Upload

Welcome to Scribd!

  • Advanced Encryption Standard

    Uploaded by

    Neha Verma
    3 views16 pages
    iuhiii

    Original Title

    AES-Intro

    Copyright

    © © All Rights Reserved

    Available Formats

    PPT, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    iuhiii

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    3 views16 pages

    Advanced Encryption Standard

    Uploaded by

    Neha Verma
    iuhiii

    Copyright:

    © All Rights Reserved
    Download as PPT, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 16

    Advanced Encryption Standard

    This Lecture
    Why AES?
    NIST Criteria for potential candidates
    The AES Cipher
    AES Functions and Inverse Functions
    AES Key Expansion
    Implementation Aspects
    AES Security and Strength
    Why AES?
    Symmetric block cipher, published in 2001
    Intended to replace DES and 3DES
    DES is vulnerable to differential attacks
    3DES has slow performances

    NIST Criteria to Evaluate
    Potential Candidates
    Security: The effort to crypt analyze an
    algorithm.
    Cost: The algorithm should be practical in a
    wide range of applications.
    Algorithm and Implementation
    Characteristics : Flexibility, simplicity etc.
    5 final candidates have been chosen out of 15
    NIST Criteria cont.
    General Security
    Software Implementations
    Hardware Implementations
    Restricted-Space Environments
    Attacks on Implementations
    Encryption vs. Decryption
    Key Agility
    Potential for Instruction-Level Parallelism
    Other versatility and Flexibility
    NIST selected Rijndael as the proposed AES algorithm
    The AES Cipher
    Block length is limited to 128 bit
    The key size can be independently specified
    to 128, 192 or 256 bits


    Key size (words/bytes/bits) 4/16/128 6/24/192 8/32/256
    Number of rounds 10 12 14
    Expanded key size (words/byte) 44/176 52/208 60/240
    The AES Cipher
    Key received as input array of 4 rows and Nk
    columns
    Nk = 4,6, or 8, parameter which depends key size
    Input key is expanded into an array of 44/52/60
    words of 32 bits each
    4 different words serve as a key for each round
    k0 k4 k8 k12
    k1
    k2
    k3
    k5
    k6
    k7
    k9
    k10
    k11
    k13
    k14
    k15
    w0 w1 w2

    w42 w43
    The AES Cipher
    Single 128 bit block as input
    Copied to a State array with Nb columns (Nb=4)

    in0 in4 in8 in12
    in1
    in2
    in3
    in5
    in6
    in7
    in9
    in10
    in11
    in13
    in14
    in15
    S00 S01 S02 S03
    S10
    S20
    S30
    S11
    S21
    S31
    S12
    S22
    S32
    S13
    S23
    S33
    o0 o4 o8 o12
    o1
    o2
    o3
    o5
    o6
    o7
    o9
    o10
    o11
    o13
    o14
    o15
    Input
    State array
    Output
    The AES Cipher
    Number of rounds, Nr, depends on key size
    Each round is a repetition of functions that
    perform a transformation over State array
    Consists of 4 main functions: one
    permutation and three substitutions
    Substitute bytes, Shift rows, Mix columns, Add round key

    The AES Cipher
    AddRoundKey() round key is added to the State
    using XOR operation
    MixColumns() takes all the columns of the State
    and mixes their data, independently of one
    another, making use of arithmetic over GF(2^8)
    ShiftRows() processes the State by cyclically
    shifting the last three rows of the State by different
    offsets
    SubBytes() uses S-box to perform a byte-by-
    byte substitution of State
    The AES Cipher
    Add round key
    Substitute bytes
    Shift rows
    Mix columns
    Add Round key
    Substitute bytes
    Shift rows
    Mix columns
    Add round key
    Substitute bytes
    Shift rows
    Add round key
    plaintext
    Cipher text
    key
    W[4,7] W[36,39] W[40,43]
    R
    o
    u
    n
    d

    1

    R
    o
    u
    n
    d

    9

    The AES Cipher
    Cipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)])
    Begin
    byte state[4,Nb]
    state = in
    AddRoundKey(state, w[0, Nb-1])

    for round=1 to Nr-1
    SubBytes(state)
    ShiftRows(state)
    MixColumns(state)
    AddRoundKey(state, w[round*Nb, round+1)*Nb-1])
    end for

    SubBytes(state)
    ShiftRows(state)
    AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1)

    Out = state
    end



    The AES Cipher
    Only Add round key makes use of the key
    Other three functions are used for diffusion
    and confusion
    Final round consists of only three stages
    The AES Inverse Cipher
    Add round key
    Inv. Shift rows
    Inv. Sub bytes
    Add round key
    Inv. Mix Columns
    Inv. Shift rows
    Inv. Sub bytes
    Add round key
    Inv. Mix columns
    Inv. Shift rows
    Inv. Sub bytes
    Add round key
    ciphertext
    plaintext
    key
    W[36,39] W[4,7] W[0,3]
    R
    o
    u
    n
    d

    1

    R
    o
    u
    n
    d

    9

    The AES Inverse Cipher
    InvCipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)])
    Begin
    byte state[4,Nb]
    state = in
    AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1)

    for round=1 to Nr-1
    InvShiftRows(state)
    InvSubBytes(state)
    AddRoundKey(state, w[round*Nb, round+1)*Nb-1])
    InvMixColumns(state)
    end for

    InvShiftRows(state)
    InvSubBytes(state)
    AddRoundKey(state, w[0, Nb-1])

    Out = state
    end



    The AES Inverse Cipher
    Decryption algorithm uses the expanded
    key in reverse order
    All functions are easily reversible and their
    inverse form is used in decryption
    Decryption algorithm is not identical to the
    encryption algorithm
    Again, final round consists of only three
    stages

    You might also like