Name:LuisMiguelCortsPea GTID:901676476 GTG:gtg683t

SeChat:AnAESEncryptedChat
Abstract
With the advancement in computer technology, it is now possible to break DES 56 bit key in a meaningfultimeperiod.Inordertosecureinformationwithtodaystechnology,encryptionalgorithms withlongerkeysareneeded.TheNationalInstituteofStandardsandTechnology(NIST)acceptedthe encryption/decryptionalgorithmknownasRijndaelastheAdvancedEncryptionStandard.Thisstandard allowsforencryptionof128bitblocksusing128,192,or256bitkeys.AdvantagesofAESincludelow memory requirement and fast in both software and hardware. In this paper, the operation of AES is explainedandanimplementationofanAESencryptedchat(calledSeChat)writteninJavaisgiven.

Introduction
AESoperatesona4x4arrayofbytes(referredtoasstate).Thealgorithmconsistsofperformingfour differentsimpleoperations.Theseoperationsare: SubBytes ShiftRows MixColumns AddRoundKey

SubBytes perform byte substitution which is derived from a multiplicative inverse of a finite field. ShiftRowsshiftselementsfromagivenrowbyanoffsetequaltotherownumber.TheMixColumnsstep transformseachcolumnusinganinvertiblelineartransformation.Finally,theAddRoundKeysteptakesa 4x4blockfromaexpandedkey(derivedfromthekey),andXORsitwiththestate. AESiscomposedoffourhighlevelsteps.Theseare: 1. 2. 3. 4. KeyExpansion InitialRound Rounds FinalRound

The Key Expansion step is performed using Rijndaels key schedule (see http://en.wikipedia.org/wiki/Rijndael_key_schedule ). The Initial Round consists only of an

AddRoundKey operation. The Rounds step consists of a SubBytes, ShiftRows, MixColumns, and an AddRoundKeyoperation.ThenumberofroundsintheRoundsstepvariesfrom10to14dependingon thekeysize.Finally,theFinalRoundperformsaSubBytes,ShiftRows,andanAddRoundKeyoperations. Decryption in AES is done by performing the inverse operations of the simple operations in reverse order.However,asshownlateroninthispaper,becauseoftheblockciphermodeofoperationused, decryptionwasimplementedbutneverused. MoreinformationonAEScanbefoundon:http://csrc.nist.gov/publications/fips/fips197/fips197.pdf andhttp://en.wikipedia.org/wiki/Advanced_Encryption_Standard

Implementation
TheAESalgorithmisimplementedfromscratchusingJava.First,thealgorithmistestedbyencrypting anddecryptingasingle128bitblock.Afterhavinganoperationalblockcipher,thenextstepistoembed this block cipher in a block cipher modes of operation. Cipher feedback (CFB) shown in Figure 1 and Figure2,ischosensincethemessagedoesnothavetobepaddedtoamultipleofthecipherblocksize whilepreventingsomemanipulationoftheciphertext.

Figure1:EncryptionusingCipherFeedback(CFB).


Figure2:DecryptionusingCipherFeedback(CFB).

As can be observed from Figure 1 and Figure 2, CFB only requires encrypting for both encrypting and decryptingmodesofoperation.TheInitialization Vector (IV)wasgeneratedfromaSHA256message digestofastringconcatenatedwithatimestamp.Onlythefirst128bitswereusedfortheInitialization Vector. The Initiation Vector is transmitted without encryption, and only on the first transmission. Subsequent transmissions use the previously transmitted block as an input to the block cipher encryption. SeChat provides two capabilities. The first, and most obvious, is the capability to chat using SeChat. Figure3showsSeChatinanongoingconversation.


Figure3:GraphicalUserInterfaceofSeChat.

TheinputtotheKeyshowninFigure3canbeanystring.ThisstringisthenusedtogenerateSHA256 message digest, which gets truncated depending on the number of bits selected for the key length. SeChatsupports128,192,and256asthestandardspecifies. ThesecondcapabilityofSeChatisthecapabilitytoencryptamessageandoutputthemessageinHex whichcanbecopiedandsentoveremail.Figure4belowshowsSeChatbeingusedforencryptingand decryptingaHexmessage.


Figure4:SeChatencryptingtoHex(left,HostOS)anddecryptingfromHex(right,GuestOS).

Inthecasethatthekeyismismatched,theoutputbecomesunreadable.Anexampleofthisisshownin Figure5wheretheHostOSuseruseskeyasharedsecretwhiletheGuestOSuseruseskeyanother sharedsecret.


Figure5:SeChatencryptingtoHex(left,HostOS)anddecryptingfromHex(right,GuestOS)withmismatchedsecretkeys.

IncludedintheSeChat.rararethefollowingfiles: AES.javaSourcecodefortheAESencrypting/decryptingalgorithm,runthisfilefor encrypting/decryptingdemo. SeChatPanel.javaSourcecodefortheJavaApplicationversionofSeChat(asshowninFigure3, Figure4,andFigure5) SeChat.javaSourcecodefortheJavaAppletversionofSeChat. SeChat.jarTheexecutablepackedversionofthewholepackage,itexecutesSeChatPanel.Run thisfiletoexecuteSeChat.

Conclusion
Inthispaper,aquickoverviewofAESwaspresented.Moreimportantly,SeChat,anAESencryptedchat written in Java was introduced. The two capabilities of SeChat, namely chat and encrypt/decrypt to/fromHex,werepresented.Thecaseofhavingdifferentkeysinthechat,whichresultsinillegibletext, wasalsoshown.AdisadvantageofusingSeChatisthatthesharedkeyhastobeagreedoninadvance. However,thiscanbeovercomebyusingpublickeyencryptionontopofAESfortoagreeonakeyto use.ImplementationofpublickeyencryptioninconjunctiontotheAESencryptionisleftasfuturework.