Scribd
Upload
95 views16 pages

Aesss

The document discusses the Advanced Encryption Standard (AES) algorithm. AES is a symmetric block cipher intended to replace DES and 3DES. It has a block size of 128 bits and supports key sizes of 128, 192, or 256 bits. The AES algorithm performs encryption through the use of rounds that apply four functions - Substitute Bytes, Shift Rows, Mix Columns, and Add Round Key. Decryption uses the inverse of these functions in reverse order with the expanded key.

Uploaded by

Balagovind Balu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
95 views16 pages

Aesss

The document discusses the Advanced Encryption Standard (AES) algorithm. AES is a symmetric block cipher intended to replace DES and 3DES. It has a block size of 128 bits and supports key sizes of 128, 192, or 256 bits. The AES algorithm performs encryption through the use of rounds that apply four functions - Substitute Bytes, Shift Rows, Mix Columns, and Add Round Key. Decryption uses the inverse of these functions in reverse order with the expanded key.

Uploaded by

Balagovind Balu
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 16

Advanced Encryption Standard

This Lecture

Why AES?
NIST Criteria for potential candidates
The AES Cipher
AES Functions and Inverse Functions
AES Key Expansion
Implementation Aspects
AES Security and Strength

Why AES?
Symmetric block cipher, published in 2001
Intended to replace DES and 3DES
DES is vulnerable to differential attacks
3DES has slow performances

NIST Criteria to Evaluate


Potential Candidates
Security: The effort to crypt analyze an
algorithm.
Cost: The algorithm should be practical in a
wide range of applications.
Algorithm and Implementation
Characteristics : Flexibility, simplicity etc.
5 final candidates have been chosen out of 15

NIST Criteria cont.

General Security
Software Implementations
Hardware Implementations
Restricted-Space Environments
Attacks on Implementations
Encryption vs. Decryption
Key Agility
Potential for Instruction-Level Parallelism
Other versatility and Flexibility
NIST selected Rijndael as the proposed AES algorithm

The AES Cipher


Block length is limited to 128 bit
The key size can be independently specified
to 128, 192 or 256 bits
Key size (words/bytes/bits)
Number of rounds

4/16/128 6/24/192
10
12

8/32/256
14

Expanded key size (words/byte)

44/176

60/240

52/208

The AES Cipher


Key received as input array of 4 rows and Nk columns
Nk = 4,6, or 8, parameter which depends key size
Input key is expanded into an array of 44/52/60 words
of 32 bits each
4 different words serve as a key for each round

k0

k4 k8

k12

k1
k2
k3

k5 k9 k13
k6 k10 k14
k7 k11 k15

w0 w1 w2

w42 w43

The AES Cipher


Single 128 bit block as input
Copied to a State array with Nb columns (Nb=4)
Input

State array

Output

in0 in4 in8 in12

S00 S01 S02 S03

o0

o4 o8

o12

in1 in5 in9 in13


in2 in6 in10 in14
in3 in7 in11 in15

S10 S11 S12 S13


S20 S21 S22 S23
S30 S31 S32 S33

o1
o2
o3

o5 o9 o13
o6 o10 o14
o7 o11 o15

The AES Cipher


Number of rounds, Nr, depends on key size
Each round is a repetition of functions that
perform a transformation over State array
Consists of 4 main functions: one
permutation and three substitutions
Substitute bytes, Shift rows, Mix columns, Add round key

The AES Cipher


AddRoundKey() round key is added to the State
using XOR operation
MixColumns() takes all the columns of the State
and mixes their data, independently of one another,
making use of arithmetic over GF(2^8)
ShiftRows() processes the State by cyclically
shifting the last three rows of the State by different
offsets
SubBytes() uses S-box to perform a byte-by-byte
substitution of State

plaintext

The AES Cipher

Add round key

Shift rows

Shift rows

Shift rows

Mix columns

Add round key

Add round key

Cipher
text

Mix columns
Add Round key
W[4,7]

key

Round 9

Substitute bytes

Round 1

Substitute bytes

W[36,39]

Substitute bytes

W[40,43]

The AES Cipher


Cipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)])
Begin
byte state[4,Nb]
state = in
AddRoundKey(state, w[0, Nb-1])
for round=1 to Nr-1
SubBytes(state)
ShiftRows(state)
MixColumns(state)
AddRoundKey(state, w[round*Nb, round+1)*Nb-1])
end for
SubBytes(state)
ShiftRows(state)
AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1)
Out = state
end

The AES Cipher


Only Add round key makes use of the key
Other three functions are used for diffusion
and confusion
Final round consists of only three stages

The AES Inverse Cipher

ciphertext

Add round key

Inv. Sub bytes

Inv. Sub bytes

Inv. Sub bytes

Add round key

Add round key

Add round key


Inv. Mix Columns
W[36,39]

key

Round 9

Inv. Shift rows

Round 1

Inv. Shift rows

Inv. Mix columns


W[4,7]

Inv. Shift rows

plaintext
W[0,3]

The AES Inverse Cipher


InvCipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)])
Begin
byte state[4,Nb]
state = in
AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1)
for round=1 to Nr-1
InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, w[round*Nb, round+1)*Nb-1])
InvMixColumns(state)
end for
InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, w[0, Nb-1])
Out = state
end

The AES Inverse Cipher


Decryption algorithm uses the expanded
key in reverse order
All functions are easily reversible and their
inverse form is used in decryption
Decryption algorithm is not identical to the
encryption algorithm
Again, final round consists of only three
stages

You might also like