Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Advanced Encryption Standard (AES) Simplified.

Published byFrank Blair Modified over 9 years ago

Similar presentations

Presentation on theme: "The Advanced Encryption Standard (AES) Simplified."— Presentation transcript:

1 The Advanced Encryption Standard (AES) Simplified

2 Cryptosystems and Secrecy With cryptosystems, we desire perfect secrecy: the probability that the contents of some intercepted data corresponds to some plaintext message is unaltered by knowledge of the ciphertext for that message. Measuring the strength for cryptosystem by what is known as its work factor: the amount of time needed to decipher a message without knowledge of the key. A cryptosystem is considered secure when its workfactor is exponential in the length of the key: 2. 2

3 Cryptosystem Design General goals for designing secure encryption algorithms: Confusion Diffusion A good encryption algorithm would satisfy the following two criteria: No output bit should be a linear function of the input bits. In other words, the algorithm must induce non-linearity. This ensures confusion. Avalanche Criteria: the probability of changing a given bit in the output is ½ when any subset of the input bits are complemented 3

4 Advanced Encryption Standard (AES) the US "standard" secret key cryptosystem, replacing DES (Data Encryption Standard, adopted in 1977)DES AES is the result of a three year competition. This competition was announced in September 1997 and had entries from 12 different countries The one submission that eventually won was called "Rijndael" and was invented by two Belgians, Joan Daemen and Vincent Rijmen. 4

5 A Brief History of DES In 1974, IBM proposed "Lucifer", an encryption algorithm that uses 64-bit keys. Two years later, NBS (in consultation with NSA) made a modified version of that algorithm into a standard. DES takes in 64 bits of data, employs a 56-bit key, and executes 16 cycles of substitution and permutation before outputting 64 bits of encrypted data. 5

6 A Brief History of DES 6

7 In the summer of 1998, the Electronic Frontier Foundation (EFF) built a DES cracker machine at a cost of $250,000Electronic Frontier FoundationDES cracker It had 1536 chips, worked at a rate of 88 billion keys per second, and was able to break a DES encrypted message in 56 hours One year later, with the cracker working in tandem with 100,000 PCs over the Internet, a DES encrypted message was cracked in only 22 hours. One common way to make DES more secure today is to encrypt three times using DES. triple-DES (3DES). 3DES is extremely slow, so a better algorithm was needed. 7

8 Requirements for AES AES had to be a private key algorithm. It had to use a shared secret key. It had to support the following key sizes: 128 bits ( = 3.4 x 10 keys, equivalent to 2560-bit RSA) 192 bits ( = 6.2 x 10 keys) 256 bits ( = 1.1 x 10 keys) DES uses only 56-bit keys, giving a key space of 7.2 x 10 keys If you were able to search half the DES key space in 1 second, then on average, it would take 149 trillion years to crack a 128-bit AES key. 38 57 77 16 8

9 Requirements for AES It had to satisfy certain engineering criteria: performance, efficiency, implementability, and flexibility. Rijndael can be implemented easily in both hardware and software, has realizations that require little memory (so the algorithm can be used in smartcards). 9

10 Requirements for AES It had to be a block cipher an encryption algorithm structured in terms of an internal function and runs that function repeatedly on the input. Each iteration is called a round; AES uses 10 rounds. 10

11 Requirements for AES AES is also an instance of a Feistel cipher, a special case of a block cipher. The input to such a cipher consists of 2t bits. The input is first divided into 2 parts: L and R The cipher then proceeds in rounds. In the i-th round, Li := Ri-1 Ri := Li-1 XOR f(Ri-1, ki), where f is some function, and k is some number derived from the key, to be used in round i. 00 i i 11

12 The AES Cipher Block length is limited to 128 bit The key size can be independently specified to 128, 192 or 256 bits Key size (words/bytes/bits)4/16/1286/24/1928/32/256 Number of rounds101214 Expanded key size (words/byte)44/17652/20860/240 12

13 The AES Cipher Key received as input array of 4 rows and Nk columns Nk = 4,6, or 8, parameter which depends key size Input key is expanded into an array of 44/52/60 words of 32 bits each 4 different words serve as a key for each round k0k4k8k12 k1 k2 k3 k5 k6 k7 k9 k10 k11 k13 k14 k15 w0w1w2 …… w42w43 13

14 The AES Cipher Single 128 bit block as input Copied to a State array with Nb columns (Nb=4) in0in4in8in12 in1 in2 in3 in5 in6 in7 in9 in10 in11 in13 in14 in15 S 00 S 01 S 02 S 03 S 10 S 20 S 30 S 11 S 21 S 31 S 12 S 22 S 32 S 13 S 23 S 33 o0o4o8o12 o1 o2 o3 o5 o6 o7 o9 o10 o11 o13 o14 o15 Input State array Output 14

15 The AES Cipher Number of rounds, Nr, depends on key size Each round is a repetition of functions that perform a transformation over State array Consists of 4 main functions: one permutation and three substitutions Substitute bytes, Shift rows, Mix columns, Add round key 15

16 The AES Cipher AddRoundKey() – round key is added to the State using XOR operation MixColumns() – takes all the columns of the State and mixes their data, independently of one another, making use of arithmetic over GF(2^8) ShiftRows() – processes the State by cyclically shifting the last three rows of the State by different offsets SubBytes() – uses S-box to perform a byte-by- byte substitution of State 16

17 The AES Cipher Add round key Substitute bytes Shift rows Mix columns Add Round key Substitute bytes Shift rows Mix columns Add round key Substitute bytes Shift rows Add round key plaintext Cipher text key W[4,7]W[36,39 ] W[40,43] Round 1 Round 9 17

18 The AES Cipher Cipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)]) Begin byte state[4,Nb] state = in AddRoundKey(state, w[0, Nb-1]) for round=1 to Nr-1 SubBytes(state) ShiftRows(state) MixColumns(state) AddRoundKey(state, w[round*Nb, round+1)*Nb-1]) end for SubBytes(state) ShiftRows(state) AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1) Out = state end 18

19 The AES Cipher Only Add round key makes use of the key Other three functions are used for diffusion and confusion Final round consists of only three stages 19

20 The AES Inverse Cipher Add round key Inv. Shift rows Inv. Sub bytes Add round key Inv. Mix Columns Inv. Shift rows Inv. Sub bytes Add round key Inv. Mix columns Inv. Shift rows Inv. Sub bytes Add round key ciphertext plaintext key W[36,39 ] W[4,7]W[0,3] Round 1 Round 9 20

21 The AES Inverse Cipher InvCipher(byte in[4*Nb], byte out[4*Nb], word w[Nb*(Nr+1)]) Begin byte state[4,Nb] state = in AddRoundKey(state, w[Nr*Nb, (Nr+1)*Nb-1) for round=1 to Nr-1 InvShiftRows(state) InvSubBytes(state) AddRoundKey(state, w[round*Nb, round+1)*Nb-1]) InvMixColumns(state) end for InvShiftRows(state) InvSubBytes(state) AddRoundKey(state, w[0, Nb-1]) Out = state end 21

22 The AES Inverse Cipher Decryption algorithm uses the expanded key in reverse order All functions are easily reversible and their inverse form is used in decryption Decryption algorithm is not identical to the encryption algorithm Again, final round consists of only three stages 22

Download ppt "The Advanced Encryption Standard (AES) Simplified."

Similar presentations

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.

Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.
Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.

Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 5

Cryptography and Network Security Chapter 5
Cryptography and Network Security Chapter 3

Cryptography and Network Security Chapter 3
Advanced Encryption Standard

Advanced Encryption Standard
Cryptography and Network Security

Cryptography and Network Security
1 The AES block cipher Niels Ferguson. 2 What is it? Block cipher: encrypts fixed-size blocks. Design by two Belgians. Chosen from 15 entries in a competition.

1 The AES block cipher Niels Ferguson. 2 What is it? Block cipher: encrypts fixed-size blocks. Design by two Belgians. Chosen from 15 entries in a competition.
Encryption CS 465 January 9, 2006 Tim van der Horst.

Encryption CS 465 January 9, 2006 Tim van der Horst.
Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.

Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.
AES clear a replacement for DES was needed

AES clear a replacement for DES was needed
Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.

Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.

1 Chapter 3 – Block Ciphers and the Data Encryption Standard Modern Block Ciphers  now look at modern block ciphers  one of the most widely used types.
Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.

Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.
RIJNDAEL Arta Doci University Of Colorado.

RIJNDAEL Arta Doci University Of Colorado.
Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard.

Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard.
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard It seems very simple. It is very simple. But if you don't know.

Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.

Similar presentations

Ads by Google