Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the...
Transcript of Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the...
![Page 1: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/1.jpg)
7.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Chapter 7
Advanced Encryption Standard (AES)
![Page 2: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/2.jpg)
7.2
Objectives
❏ To review a short history of AES
❏ To define the basic structure of AES
❏ To define the transformations used by AES
❏ To define the key expansion process
❏ To discuss different implementations
Chapter 7
![Page 3: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/3.jpg)
7.3
7-1 INTRODUCTION
The Advanced Encryption Standard (AES) is asymmetric-key block cipher published by the NationalInstitute of Standards and Technology (NIST) inDecember 2001.
7.1.1 History7.1.2 Criteria7.1.3 Rounds7.1.4 Data Units7.1.5 Structure of Each Round
Topics discussed in this section:
![Page 4: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/4.jpg)
7.4
7.1.1 History.
In February 2001, NIST announced that a draft of theFederal Information Processing Standard (FIPS) wasavailable for public review and comment. Finally, AESwas published as FIPS 197 in the Federal Register inDecember 2001.
![Page 5: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/5.jpg)
7.5
7.1.2 Criteria
The criteria defined by NIST for selecting AES fallinto three areas:1. Security2. Cost3. Implementation.
![Page 6: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/6.jpg)
7.6
7.1.3 Rounds.
AES is a non-Feistel cipher that encrypts and decryptsa data block of 128 bits. It uses 10, 12, or 14 rounds.The key size, which can be 128, 192, or 256 bits,depends on the number of rounds.
AES has defined three versions, with 10, 12, and 14 rounds.
Each version uses a different cipher key size (128, 192, or 256), but the round keys are
always 128 bits.
Note
![Page 7: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/7.jpg)
7.7
7.1.3 Continue
Figure 7.1 General design of AES encryption cipher
![Page 8: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/8.jpg)
7.8
7.1.4 Data Units.Figure 7.2 Data units used in AES
![Page 9: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/9.jpg)
7.9
7.1.4 Continue
Figure 7.3 Block-to-state and state-to-block transformation
![Page 10: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/10.jpg)
7.10
7.1.4 ContinueExample 7.1
Figure 7.4 Changing plaintext to state
Continue
![Page 11: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/11.jpg)
7.11
7.1.5 Structure of Each RoundFigure 7.5 Structure of each round at the encryption site
![Page 12: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/12.jpg)
7.12
7-2 TRANSFORMATIONS
To provide security, AES uses four types oftransformations: substitution, permutation, mixing,and key-adding.
7.2.1 Substitution7.2.2 Permutation7.2.3 Mixing7.2.4 Key Adding
Topics discussed in this section:
![Page 13: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/13.jpg)
7.13
7.2.1 Substitution
AES, like DES, uses substitution. AES uses twoinvertible transformations.
SubBytesThe first transformation, SubBytes, is used at theencryption site. To substitute a byte, we interpret the byteas two hexadecimal digits.
The SubBytes operation involves 16 independent byte-to-byte transformations.
Note
![Page 14: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/14.jpg)
7.14
7.2.1 Continue
Figure 7.6 SubBytes transformation
![Page 15: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/15.jpg)
7.15
7.2.1 Continue
![Page 16: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/16.jpg)
7.16
7.2.1 Continue
![Page 17: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/17.jpg)
7.17
7.2.1 Continue
InvSubBytes
![Page 18: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/18.jpg)
7.18
7.2.1 Continue
InvSubBytes (Continued)
![Page 19: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/19.jpg)
7.19
7.2.1 ContinueExample 7.2
Figure 7.7 shows how a state is transformed using theSubBytes transformation. The figure also shows that theInvSubBytes transformation creates the original one. Notethat if the two bytes have the same values, theirtransformation is also the same.
Figure 7.7 SubBytes transformation for Example 7.2
![Page 20: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/20.jpg)
7.20
7.2.1 Continue
Transformation Using the GF(28) FieldAES also defines the transformation algebraically usingthe GF(28) field with the irreducible polynomials(x8 + x4 + x3+ x + 1), as shown in Figure 7.8.
The SubBytes and InvSubBytes transformations are inverses of each other.
Note
![Page 21: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/21.jpg)
7.21
7.2.1 ContinueFigure 7.8 SubBytes and InvSubBytes processes
![Page 22: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/22.jpg)
7.22
7.2.1 ContinueExample 7.3
Let us show how the byte 0C is transformed to FE by subbyteroutine and transformed back to 0C by the invsubbyteroutine.
![Page 23: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/23.jpg)
7.23
7.2.1 Continue
![Page 24: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/24.jpg)
7.24
7.2.2 Permutation
Another transformation found in a round is shifting,which permutes the bytes.ShiftRowsIn the encryption, the transformation is called ShiftRows.
Figure 7.9 ShiftRows transformation
![Page 25: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/25.jpg)
7.25
InvShiftRowsIn the decryption, the transformation is calledInvShiftRows and the shifting is to the right.
7.2.2 Continue
![Page 26: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/26.jpg)
7.26
7.2.2 ContinueExample 7.4
Figure 7.10 shows how a state is transformed using ShiftRowstransformation. The figure also shows that InvShiftRowstransformation creates the original state.
Figure 7.10 ShiftRows transformation in Example 7.4
![Page 27: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/27.jpg)
7.27
7.2.3 Mixing
We need an interbyte transformation that changes thebits inside a byte, based on the bits inside theneighboring bytes. We need to mix bytes to providediffusion at the bit level.
Figure 7.11 Mixing bytes using matrix multiplication
![Page 28: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/28.jpg)
7.28
7.2.3 Continue
Figure 7.12 Constant matrices used by MixColumns and InvMixColumns
![Page 29: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/29.jpg)
7.29
MixColumnsThe MixColumns transformation operates at the columnlevel; it transforms each column of the state to a newcolumn.
7.2.3 Continue
Figure 7.13 MixColumns transformation
![Page 30: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/30.jpg)
7.30
InvMixColumnsThe InvMixColumns transformation is basically the sameas the MixColumns transformation.
7.2.3 Continue
The MixColumns and InvMixColumns transformations are inverses of each other.
Note
![Page 31: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/31.jpg)
7.31
7.2.3 Continue
![Page 32: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/32.jpg)
7.32
7.2.3 ContinueExample 7.5
Figure 7.14 shows how a state is transformed using theMixColumns transformation. The figure also shows that theInvMixColumns transformation creates the original one.
Figure 7.14 The MixColumns transformation in Example 7.5
![Page 33: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/33.jpg)
7.33
7.2.4 Key Adding
AddRoundKeyAddRoundKey proceeds one column at a time.AddRoundKey adds a round key word with each statecolumn matrix; the operation in AddRoundKey is matrixaddition.
The AddRoundKey transformation is the inverse of itself.
Note
![Page 34: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/34.jpg)
7.34
7.2.4 ContinueFigure 7.15 AddRoundKey transformation
![Page 35: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/35.jpg)
7.35
7-3 KEY EXPANSION
To create round keys for each round, AES uses a key-expansion process. If the number of rounds is Nr , thekey-expansion routine creates Nr + 1 128-bit roundkeys from one single 128-bit cipher key.
7.3.1 Key Expansion in AES-1287.3.2 Key Expansion in AES-192 and AES-2567.3.3 Key-Expansion Analysis
Topics discussed in this section:
![Page 36: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/36.jpg)
7.36
7-3 Continued
![Page 37: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/37.jpg)
7.37
7.3.1 Key Expansion in AES-128Figure 7.16 Key expansion in AES
![Page 38: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/38.jpg)
7.38
7.3.1 Continue
![Page 39: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/39.jpg)
7.39
7.3.1 Continue
The key-expansion routine can either use the abovetable when calculating the words or use the GF(28)field to calculate the leftmost byte dynamically, asshown below (prime is the irreducible polynomial):
![Page 40: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/40.jpg)
7.40
7.3.1 Continue
![Page 41: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/41.jpg)
7.41
7.3.1 ContinueExample 7.6
Table 7.5 shows how the keys for each round are calculatedassuming that the 128-bit cipher key agreed upon by Aliceand Bob is (24 75 A2 B3 34 75 56 88 31 E2 12 00 13 AA 5487)16.
![Page 42: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/42.jpg)
7.42
7.3.1 ContinueExample 7.7
Each round key in AES depends on the previous round key.The dependency, however, is nonlinear because of SubWordtransformation. The addition of the round constants alsoguarantees that each round key will be different from theprevious one.
Example 7.8
The two sets of round keys can be created from two cipherkeys that are different only in one bit.
![Page 43: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/43.jpg)
7.43
7.3.1 ContinueExample 7.8 Continue
![Page 44: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/44.jpg)
7.44
7.3.1 ContinueExample 7.9
The concept of weak keys, as we discussed for DES inChapter 6, does not apply to AES. Assume that all bits in thecipher key are 0s. The following shows the words for somerounds:
The words in the pre-round and the first round are all thesame. In the second round, the first word matches with thethird; the second word matches with the fourth. However,after the second round the pattern disappears; every word isdifferent.
![Page 45: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/45.jpg)
7.45
7.3.2 Key Expansion in AES-192 and AES-256
Key-expansion algorithms in the AES-192 and AES-256versions are very similar to the key expansion algorithm inAES-128, with the following differences:
![Page 46: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/46.jpg)
7.46
7.3.3 Key-Expansion Analysis
The key-expansion mechanism in AES has beendesigned to provide several features that thwart thecryptanalyst.
![Page 47: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/47.jpg)
7.47
7-4 CIPHERS
AES uses four types of transformations for encryptionand decryption. In the standard, the encryptionalgorithm is referred to as the cipher and thedecryption algorithm as the inverse cipher.
7.4.1 Original Design7.4.2 Alternative Design
Topics discussed in this section:
![Page 48: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/48.jpg)
7.48
7.4.1 Original DesignFigure 7.17 Ciphers and inverse ciphers of the original design
![Page 49: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/49.jpg)
7.49
AlgorithmThe code for the AES-128 version of this design is shownin Algorithm 7.6.
7.4.1 Continue
![Page 50: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/50.jpg)
7.50
7.4.2 Alternative Design
Figure 7.18 Invertibility of SubBytes and ShiftRows combinations
![Page 51: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/51.jpg)
7.51
7.4.2 Continue
Figure 7.19 Invertibility of MixColumns and AddRoundKey combination
![Page 52: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/52.jpg)
7.52
7.4.2 ContinueFigure 7.20 Cipher and reverse cipher in alternate design
![Page 53: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/53.jpg)
7.53
Changing Key-Expansion AlgorithmInstead of using InvRoundKey transformation in thereverse cipher, the key-expansion algorithm can bechanged to create a different set of round keys for theinverse cipher.
7.4.2 Continue
![Page 54: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/54.jpg)
7.54
7-5 Examples
In this section, some examples of encryption/decryption and key generation are given to emphasizesome points discussed in the two previous sections.
Example 7.10
The following shows the ciphertext block created from aplaintext block using a randomly selected cipher key.
![Page 55: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/55.jpg)
7.55
7-5 ContinuedExample 7.10 Continued
![Page 56: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/56.jpg)
7.56
7-5 ContinuedExample 7.10 Continued
![Page 57: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/57.jpg)
7.57
7-5 ContinuedExample 7.10 Continued
![Page 58: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/58.jpg)
7.58
7-5 Continued
Example 7.11
Figure 7.21 shows the state entries in one round, round 7, inExample 7.10.
Figure 7.21 States in a single round
![Page 59: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/59.jpg)
7.59
7-5 Continued
Example 7.12One may be curious to see the result of encryption when theplaintext is made of all 0s. Using the cipher key in Example7.10 yields the ciphertext.
![Page 60: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/60.jpg)
7.60
7-5 Continued
Example 7.13
Let us check the avalanche effect that we discussed inChapter 6. Let us change only one bit in the plaintext andcompare the results. We changed only one bit in the last byte.The result clearly shows the effect of diffusion and confusion.Changing a single bit in the plaintext has affected many bitsin the ciphertext.
![Page 61: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/61.jpg)
7.61
7-5 Continued
Example 7.14
The following shows the effect of using a cipher key in whichall bits are 0s.
![Page 62: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/62.jpg)
7.62
7-6 ANALYSIS OF AES
This section is a brief review of the threecharacteristics of AES.
7.6.1 Security7.6.2 Implementation7.6.3 Simplicity and Cost
Topics discussed in this section:
![Page 63: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/63.jpg)
7.63
7.6.1 Security
AES was designed after DES. Most of the knownattacks on DES were already tested on AES.
Brute-Force AttackAES is definitely more secure than DES due to thelarger-size key.
Statistical AttacksNumerous tests have failed to do statistical analysis ofthe ciphertext.
Differential and Linear AttacksThere are no differential and linear attacks on AES asyet.
![Page 64: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/64.jpg)
7.64
7.6.1 Continue
Statistical AttacksNumerous tests have failed to do statistical analysis ofthe ciphertext.
Differential and Linear AttacksThere are no differential and linear attacks on AES asyet.
![Page 65: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/65.jpg)
7.65
7.6.2 Implementation
AES can be implemented in software, hardware, andfirmware. The implementation can use table lookupprocess or routines that use a well-defined algebraicstructure.
![Page 66: Chapter 7 Advanced Encryption Standard (AES)tgamage/old_site/S17/CS490/L/WK05.pdfTo define the transformations used by AES ... AddRoundKey adds a round key word with each state column](https://reader030.fdocuments.in/reader030/viewer/2022040107/5e6e1a39daf8ba0f6733c461/html5/thumbnails/66.jpg)
7.66
7.6.3 Simplicity and Cost
The algorithms used in AES are so simple that theycan be easily implemented using cheap processors anda minimum amount of memory.