Network Security

(Lec 7)
(Advanced Encryption Standard)

M.N.Siraj
 AES
Published by NIST , in 2001.
Symmetric block cipher intended to replace
DES.
Compared to public key ciphers as RSA, is
complex and not easily explained.
 Evaluation criterion for DES
Origin of AES:
In 1999 , NIST issue new version of DES standard ,
3DES.
It has two attraction, first with 168-bit key length,
overcomes vulnerabilities to brute force.
Secondly, 3DES was based on DES , the algorithm was
under scrutiny over long period of time , no effective
attacks were found other than brute force.
High level of confidence, if security was only
consideration 3DES can be standard for more than
decades.
 Draw backs of 3DES
3DES relatively sluggish in software.
The original DES was designed for mid 1970s
hardware and does not produce efficient software
code.
3DES has three times as many rounds as DES,
correspondingly slower.
A secondary drawback is that both DES and 3DES
use a 64-bit block , where more size is desirable.
 3DES not a candidate
Because of drawbacks , not a reasonable
candidate for long term use.
As replacement , NIST in 1997 issue proposal
for AES.
Equal security and efficiency.
In addition requirements, NIST specifies that
AES must be symmetric with block length of 128-
bit and support key length of 128, 192 and 256-
bits
 Evaluation
In first round of evaluation , 15 algorithms were accepted
A second round narrowed to 5.
NIST completed its evalution and propose a final
standard (FIPS PUB 197) in Nov 2001.
NIST selected Rinjdeal as proposed AES algorithms.
The two researchers, cryptographers from Belgium , Dr.
Joan Deamen and Dr. Vincent Rijmen, submit Rijndael for
AES.
AES intended to replace 3DES , but process will take
years. NIST anticipated that 3DES will remain an approved
algo( for US ) for the foreseeable future.
 NIST Evaluation criterion for AES
(September 12, 1997)
Security : this refer to the effort require to
cryptanalyze an algorithm. because key size
was 128-bit, refer to attacks other then brute
force.
Cost: intends in wide range of application,
must have high computational efficiency , use
in high-speed applications.
Algorithms and implementation
characteristics: including flexibility, suitability
for hardware and software and simplicity.
 Final NIST Evaluation of Rijndeal
(October 2, 2000)
Using the criterion , the initial field of 21
candidate algorithm was reduced to 15 and then
5 candidates.
General security: no known security attacks,
uses S-boxes as non-linear components , has
adequate security margin , but received criticism
that mathematics structure may lead to attacks.
Software implementation: execution speed,
performance across variety of platforms.
Restricted-space Environment: in some , such
as smart cards , where ROM and RAM are small ,
AES work well.
 Final NIST Evaluation of Rijndeal
(October 2, 2000)
Hardware implementation: hardware
implementation can be optimized for speed and
size.
Attacks on implementation: the class of attack
that uses physical measurement conducted during
algorithm execution , Timing and power attacks,
power attack( in which power consumed during
execution and data being processed) for example
multiply consumes more power than addition , and
writing 1s consumes more power than 0s.
 Final NIST Evaluation of Rijndeal
(October 2, 2000)
 Encryption versus decryption: timing difference for
encryption and decryption process.
 Key agility: refers to the ability to change keys
quickly with minimum of resources.
 Other versatility and flexibility: ease for keys , block
sizes and ease of increasing number of rounds in
order to cope with newly discovered attacks,
flexibility is optimizing cipher for particular
environment.
 Potential for instruction-level parallelism: should
have potential for parallelism for a single block
encryption.
“Introduction to GF(2n)”
ADVANCED ENCRYPTION STAND
ARD
END OF LECTURE