An Advanced Encryption Standard Computer Science
Advanced Encryption Standard (AES) is a symmetric-key encryption algorithm designed by Vincent Rijmen and Joan Daemen. AES has three blocks ciphers, which are AES-128, AES-192 and AES-256. It is originally published as Rijndael. For AES has 128-bits of block size, AES-128 has a 128bits key size, AES-192 has a 192bits key size and AES-256 has a 256-bits of key size. The Data Encryption Standard (DES) is predecessor of the AES ciphers, and the AES ciphers are now used worldwide.
AES takes 5 years standardization process which has fifteen competitors with competing designs presented before Rijndael, and it is selected as the most suitable ciphers. Then it was announced by National Institute of Standards and Technology (NIST) as United States encryption standard defined in Federal Information Processing Standard (FIPS) 197 to become Advanced Encryption Standard (AES). It is published in November 26th, 2001. It became effective as a Federal government standard on May 26th, 2002 after approved by the Secretary of Commerce. The first publicly accessible and open cipher which approved by the NSA is AES ciphers.
In 1997 the United States NIST gathered candidates for a replacement of Data Encryption Standard (DES). Fifteen candidates were approved for further consideration. The cost of a given algorithm, its license, its memory requirements and efficiency on various platforms such as different operating system or software was the main consideration given to the candidates. The number of candidates was reduced to five after a fully public process and three open international conferences, and one of the candidates was AES. The final candidate was published and comments were solicited in February 2001. Comments were submitted by twenty-one organizations and individuals. None had any reservations about the suggested algorithm.Encryption Algorithm
Advanced Encryption Standard (AES), Rijndael is a 128-bit block cipher that only accepts a key of 128 bits, 192 bits, and 256 bits. It is not violate the rule of the National Institute of Standards and Technology (NIST) AES competition, which the encryption must be able to accept key length of 128 bits key, 192 bits key and 256 bits keys. AES is a symmetric key block cipher, which means it uses a single key for encryption and decryption. Only value zero and one is accepted by each of the bits in the AES cipher block, and each of the binary digits zero and one can have two possible values as opposed to decimal digits, and it can take one of 10 values. After encryptions, it transforms into a new block of the same size in a unique way. Since it is a symmetric key block cipher, which encrypt and decrypt data with a same key, the key is the only secret which needed to keep for security. The AES may use different key-lengths as configuration, indicated by the length in bits 128, 192, 256 of the key which results algorithms are named AES-128, AES-192 and AES-256 respectively. When the attacker to stage a brute force attack, each of the additional bit in the key causes twice the strength of the algorithm, therefore, to find the right combinations out of all possible key combinations is very exhaustive.
AES is different with its predecessor, Data Encryption Standard (DES), it does not use a Feistel network. AES is based on a design principle which known as a Substitution permutation network and it is performance fast in both software and hardware.
The key size of Rijndael is specifying with any block and any multiple of 32 bits of key sizes and block sizes. Rijndael only accept block size of minimum of 128 bits and maximum of 256 bits. For the key size of Rijndael theoretically has no maximum. But AES only allow fixed block size of 128 bits and its key sizes must be 128 bits, 192 bits or 256 bits.
AES works on a 4x4 matrix of bytes; it is term as the state. It is slightly simpler compared to Rijndeal. Rijndealâ€™s state is depending on the block size of cipher, a larger block size will have extra columns in the state. The AES cipher has a specified transformation round number, it decides the number of repetition of transformation rounds throughout the conversion of a input plaintext to the final output of ciphertext. Several processing step is in each of the round of transformation, and the combination of process is all depends on the encryption key. To decrypt a ciphertext to plaintext, the same encryption key is needed to apply a set of reverse rounds to transform it back to the original plaintext.
Figure 1: AES Structure
(source: Figure 1 [online image] Available http://www.codeproject.com/KB/security/SecuringData.aspx?msg=3617379 October 28 , 2007 )
Figure 1 shows encryption and decryption process by using AES with specified 10rounds number of transform. The AES Cipher began with copying input. Then AES Key Expansion is generates from the Cipher Key. It decides the round keys which derived from the cipher key by using Rijndaelâ€™s key schedule. The round keys will be 10 rounds, 12 rounds or 14 rounds, which is depending on the key size. Then process AddRoundKey is take part, which to add Round Key into the initial round, and it starts encrypt the plaintext by using processes which are SubBytes, ShiftRows, MixColumns. Before current round end, Round Key is added again and the Round process is repeating until the Final Round. Process for the Final Round is slightly different with the initial round and normal round, it has no MixColumns process. In the Final Round, only SubBytes, ShiftRows and AddRoundKey process are take part.AES Transformation Process step:
Figure 2: The SubBytes Step
(source: Figure 2 [online image] Available http://www.saylor.org/site/wp-content/uploads/2011/03/Advanced-Encryption-Standard.pdf)The SubBytes Step
Figure2 shows a structure of how SubBytes operates. In the SubBytes step, the Rijndael S-box, an 8-bit substitution box is used to update each byte in the matrix. The non-linearity in the cipher is provided by this operation. The S-box used is derived from the multiplicative inverse over GF (28), known to have good non-linearity properties. The S-box is constructed by combining the inverse function with an invertible affine transformation, so that it can avoid attacks that based on simple algebraic properties. The S-box is also selected to avoid any opposite fixed points, and also any fixed points.
Figure 3: The ShiftRows Step
(source: Figure3 [online image] Available http://www.saylor.org/site/wp-content/uploads/2011/03/Advanced-Encryption-Standard.pdf)The ShiftRows Step
Figure 3 shows the pattern of the bytes shifted within the row. In The ShiftRows step, it works on the rows of the state. In each row, it cyclically shifts the bytes by a certain offset. For AES, the first row of the state is remains unchanged. For second row of the state, each of the byte shift one to the left. The number of shift is increase by one for the next upcoming row, which mean for the third and forth rows, each byte from it rows are shifted by two and three respectively. The shift pattern is different except for the block size of 128 bits and 192 bits. In the case of the 256 bit block, the first row is same, remain unchanged. The shifting is increase by 1byte, 3 bytes and 4bytes for shifting of second, third and fourth row respectively. But this is only applied on Rijndael, and it is not applicable in AES, because AES only accept block size of 128 bits.
Figure 4: The MixColumns Step
(source: Figure4 [online image] Available http://www.saylor.org/site/wp-content/uploads/2011/03/Advanced-Encryption-Standard.pdf)The MixColumns Step
Figure 4 shows an example of MixColumns Step. In the MixColumns Step, the four bytes of each column of the state are combined using an invertible linear transformation. The MixColumns function takes four bytes as input and four bytes as output. Each of the input byte is affected by the ShiftRows and MixColumns. Diffusion in the cipher is provided by ShiftRows and MixColumns. For the four bytes of input, if 1 mean remains unchanged, shifting byte to the left if the multiplication is by 2, and shifting to the left and then performing xor with initial unshifted value if the multiplication is by 3. After shifting, if the shifted value is larger than 0xFF, a conditional xor with 0x11B should be performed. In conclusion, each column is treated as a polynomial over GF (28) and is then multiplied modulo x4+1 with a fixed polynomial c(x) = 0x03 . x3 + x2 + x + 0x02. The binary representation of bit polynomials from GF(2)[x] are equivalent to the coefficients which are displayed in hexadecimal. The MixColumns step known as a multiplication by a particular MDS matrix in a finite field.
Figure 5: The AddRoundKey Step
(source: Figure5 [online image] Available http://www.saylor.org/site/wp-content/uploads/2011/03/Advanced-Encryption-Standard.pdf)The AddRoundKey Step
Figure5 describes the AddRoundKey step of the AES Cipher. The subkey is combined with the state in the AddRoundKey step. By using Rijndaelâ€™s key schedule, the main key produces a subkey in each round. In the same state, the size of subkey is the same. The subkey is added by combining each byte of the state with the corresponding byte of the subkey using bitwise XOR.Performance
The designer of Rijndael, Advanced Encryption Standard (AES) is not emphasize on it performance, the speed of encrypting data, therefore, the designed algorithm is slower compared to other encryption method. But the design principle is to be fast in both hardware and software, although it is not the fastest encryption method, but it is a much better encryption method compared to the other encryption method.
The AES is compatible with most of the processor or RAM, such as Intel and AMD processors are using The AES encryption method too. But due to the large block size, it requires slightly more power and the time taken to encrypt data is longer.
Article name: An Advanced Encryption Standard Computer Science essay, research paper, dissertation