8 ADVANCED ENCRYPTION STANDARD(AES) AES(ADVANCED ENCRYPTION STANDARD) cipher – Rijndael

Hiteishi Diwanji

epgp books
  • ADVANCED ENCRYPTION STANDARD(AES)   AES(ADVANCED ENCRYPTION STANDARD) cipher – Rijndael
  • ¨ Symmetric block cipher
  • ¨ Works on data in block length of 128-bit, Key length is 128 bits or 192 bits or 256-bits keys
  • ¨ designed by Rijmen-Daemen in Belgium
  • ¨ Has an iterative kind of structure in place of feistel.
  • ¤ Data is divided into blocks and processed as 4 octet columns
  • ¤ The operations are performed on the whole data block in each round

Basic structure :

  • ¨ The block length is Nb. This indicates total words of 32 bit size.(columns having 4 octets).
  • ¨ AES has 128 bit block size so Nb=4
  • ¨ The key length is N This indicates the total 32 bit words formed from encryption key. For AES-128 Nk = 4, For AES-192 Nk = 6, For AES-256 Nk = 8.

The total rounds performed are Nr. Nr= 6+max(Nb, Nk). AES-128 has 10 rounds. AES-192 has 12 rounds. AES-256 performs 14 rounds

 

 

 

Rijndael is based on four primitive operations:

 

  • ¨ Exclusive OR
  • ¨ Octet to octet substitution, with S-Box.(Substitute Bytes)

This is Rijndael S-box. In case input is 52, visit the row of 5 and column of 2, the cell contains 00 so 52 will be substituted by 00.

 

  • ¨ Perform rotation in row or column to rearrange the octets.

ShiftRows indicates circular byteshift. First row stays unchanged. 2nd row performs circular shift to left by 1 byte. 3rd row performs circular shift to left by 2 bytes. 4th row performs circular shift to left by 3 bytes.

  • ¨ MixColumn operation, where 4 octet column is replaced by another 4 octet column.

 

This operation replaces a 4 octet column with another 4-octet column. This operation involves above table. This table contains 256 – 4 octet columns.

 

Each octet is input to the MixColumn table. Left nibble will identify the row, right nibble will identify the column.

 

4 octet input column will retrieve set of four columns.

 

Rotation is performed on retrieved table columns and rotation is performed in vertical direction, to get top octet in the same row as the input octet.

To generate the ith set of Nk columns, (i-1)st set is required. The above diagram is for Nk

  • ≤ Supplied key takes 0th set. Column 0 of the newly defined set is generated by performing rotation of the last column of the (i-1)st set in up direction by one cell. S-box is applied to each

octet and Ex-OR is performed with a constant depends on i.

 

For the rest of the columns in the set are generated by Ex-OR the previous column with the corresponding column from the previous (i-1)st set.

 

Rounds :

 

Each round has 3 identical operations.

 

  1. Each octet of the state has S-Box applied t it.
  2. Row 1 of the state is rotated left 1 column.

Row 2 of the state is rotated left 2+└Nb/8 ┘ columns. Row 3 of the state is rotated left 3+└Nb/7 ┘ columns.

  1. Each column of the state has MixColumn applied to it. For round number Nr, this operation is not performed.
you can view video on AES(ADVANCED ENCRYPTION STANDARD) cipher

Suggested Reading:

 

  1. Cryptography and Network Security Principles and Practice by William Stallings, sixth Edition, PEARSON.
  2. Security in Computing by Charles Pfleeger & Shari Lawrence Pfleeger, fourth Edition, PEARSON.
  3. Network Security by Charlie Kaufman, Radia Perlman, Mike Speciner, second Edition, PHI.
  4. The Complete Reference – Network Security by Roberta Bragg, Mark Rhodes-Ousley & Keith Strassberg, Tata McGraw Hill
  5. Network Security Bible by Eric Cole, Ronald Krutz, James Conley, Wiley
  6. Hacking 6 Exposed by Stuart McClure, Joel Scambray & George Kurtz , Tata McGraw Hill .
  7. www.snort.org
  8. https://nmap.org