Documente Academic
Documente Profesional
Documente Cultură
AES Structure
data block of 4 columns of 4 bytes is state
key is expanded to array of words
has 9/11/13 rounds in which state undergoes:
byte substitution (1 S-box used on every
byte)
shift rows (permute bytes between
groups/columns)
mix columns (subs using matrix multiply of
groups)
add round key (XOR state with key material)
view as alternating XOR key & scramble data
bytes
initial XOR key material & incomplete last
AES Structure
Some Comments on
an iterative rather
than Feistel cipher
AES
key expanded into array of 32-bit words
AES
Encrypti
on
Process
AES
Encrypti
on
Process
AES
Encrypti
on
Process
Substitute Bytes
a simple substitution of each byte
uses one table of 16x16 bytes containing a
Substitute Bytes
Shift Rows
Shift Rows
Mix Columns
each column is processed separately
each byte is replaced by a value dependent
Mix Columns
Mix Columns
Example
AES Arithmetic
uses arithmetic in the finite field GF(28)
with irreducible polynomial
m(x) = x8 + x4 + x3 + x + 1
which is (100011011) or {11b}
e.g.
{02} {87} mod {11b} = (1 0000 1110) mod
{11b}
= (1 0000 1110) xor (1 0001 1011) = (0001
0101)
Mix Columns
Key Expansion
Rationale
designed to
resist known attacks
design criteria included
knowing part key insufficient to find many
more
invertible transformation
fast on wide range of CPUs
use round constants to break symmetry
diffuse key bits into round keys
enough non-linearity to hinder analysis
simplicity of description
AES Decryption
Each 4X4 encrypted data matrix is decrypted
separately.
In first round, add round key is performed
between state matrix and last key matrix.
matrix.
AES Decryption
AES Decryption
Processing each
4X4 data matrix
29
Cipher
Data
124 212
70
21
123
215
70
20
140
2081st 40
126
4X4 174
matrix
Round 1
29
223
Add
RoundKey
223
124 212
Key
11
15 7
70
10
13
220
64
13
21
20
140
123
208
40
215
174
70
126
31 208 123
5
31
67
208
121
45 163
25
INPUT
INPUTS
Data to be encrypted such as text, image, file
etc. of any size. Data is treated as matrix and is
encrypted block by block.
User defined Key of any length can be used to
encrypt the data matrix.
INTERNALLY GENERATED
A Predefined Key is used to encrypt the User
defined Key.
Substitution Box & Inverse Substitution Box for
Sub Bytes algorithm.
Polymat & Inverse Polymat matrices for Mix
Column algorithm.
28
OUTPUT
OUTPUT
The result of AES encryption is an encrypted
data matrix of size 128 bit larger than the input
data matrix.
The result of AES decryption is a decrypted
data matrix of size same as input data matrix.
29
Summary
have considered:
the AES selection process
the details of Rijndael the AES cipher
looked at the steps in each round
the key expansion
implementation aspects
References
High throughput and secure advanced