Professional Documents
Culture Documents
Network Security Lec 7
Network Security Lec 7
(Lec 7)
(Advanced Encryption Standard)
M.N.Siraj
AES
Published by NIST , in 2001.
Symmetric block cipher intended to replace
DES.
Compared to public key ciphers as RSA, is
complex and not easily explained.
Evaluation criterion for DES
Origin of AES:
In 1999 , NIST issue new version of DES standard ,
3DES.
It has two attraction, first with 168-bit key length,
overcomes vulnerabilities to brute force.
Secondly, 3DES was based on DES , the algorithm was
under scrutiny over long period of time , no effective
attacks were found other than brute force.
High level of confidence, if security was only
consideration 3DES can be standard for more than
decades.
Draw backs of 3DES
3DES relatively sluggish in software.
The original DES was designed for mid 1970s
hardware and does not produce efficient software
code.
3DES has three times as many rounds as DES,
correspondingly slower.
A secondary drawback is that both DES and 3DES
use a 64-bit block , where more size is desirable.
3DES not a candidate
Because of drawbacks , not a reasonable
candidate for long term use.
As replacement , NIST in 1997 issue proposal
for AES.
Equal security and efficiency.
In addition requirements, NIST specifies that
AES must be symmetric with block length of 128-
bit and support key length of 128, 192 and 256-
bits
Evaluation
In first round of evaluation , 15 algorithms were accepted
A second round narrowed to 5.
NIST completed its evalution and propose a final
standard (FIPS PUB 197) in Nov 2001.
NIST selected Rinjdeal as proposed AES algorithms.
The two researchers, cryptographers from Belgium , Dr.
Joan Deamen and Dr. Vincent Rijmen, submit Rijndael for
AES.
AES intended to replace 3DES , but process will take
years. NIST anticipated that 3DES will remain an approved
algo( for US ) for the foreseeable future.
NIST Evaluation criterion for AES
(September 12, 1997)
Security : this refer to the effort require to
cryptanalyze an algorithm. because key size
was 128-bit, refer to attacks other then brute
force.
Cost: intends in wide range of application,
must have high computational efficiency , use
in high-speed applications.
Algorithms and implementation
characteristics: including flexibility, suitability
for hardware and software and simplicity.
Final NIST Evaluation of Rijndeal
(October 2, 2000)
Using the criterion , the initial field of 21
candidate algorithm was reduced to 15 and then
5 candidates.
General security: no known security attacks,
uses S-boxes as non-linear components , has
adequate security margin , but received criticism
that mathematics structure may lead to attacks.
Software implementation: execution speed,
performance across variety of platforms.
Restricted-space Environment: in some , such
as smart cards , where ROM and RAM are small ,
AES work well.
Final NIST Evaluation of Rijndeal
(October 2, 2000)
Hardware implementation: hardware
implementation can be optimized for speed and
size.
Attacks on implementation: the class of attack
that uses physical measurement conducted during
algorithm execution , Timing and power attacks,
power attack( in which power consumed during
execution and data being processed) for example
multiply consumes more power than addition , and
writing 1s consumes more power than 0s.
Final NIST Evaluation of Rijndeal
(October 2, 2000)
Encryption versus decryption: timing difference for
encryption and decryption process.
Key agility: refers to the ability to change keys
quickly with minimum of resources.
Other versatility and flexibility: ease for keys , block
sizes and ease of increasing number of rounds in
order to cope with newly discovered attacks,
flexibility is optimizing cipher for particular
environment.
Potential for instruction-level parallelism: should
have potential for parallelism for a single block
encryption.
“Introduction to GF(2n)”
ADVANCED ENCRYPTION STAND
ARD
END OF LECTURE