Advanced Encryption Standard

5.1. Evaluation Criteria For AES

The Origins of AES
AES Evaluation

5.2. The AES Cipher

14-10-2012

Origins
Replacement for DES was needed
Theoretical attacks that can break it
Demonstrated exhaustive key search attacks
Can use Triple DES but slow, small block size

14-10-2012

NIST issued a call for a new AES in 1997

15 candidates accepted in Jun 1998
5 candidates were short-listed in Aug 1999
Rijndael was selected as the AES in Oct 2000
Published as FIPS PUB 197 standard in Dec 2001

14-10-2012

AES Requirements
Symmetric block cipher
128-bit data, 128/192/256-bit keys

14-10-2012

AES Evaluation Criteria

Initial criteria:
Security effort for practical cryptanalysis
Cost in terms of computational efficiency (speed, memory)
Algorithm & implementation characteristics - flexibility,
algorithm simplicity

14-10-2012

Final criteria:
General security
Ease of software & hardware implementation
Flexibility (in en/decrypt, keying, other factors)

14-10-2012

Advanced Encryption Standard

5.1. Evaluation Criteria For AES

The Origins of AES
AES Evaluation

5.2. The AES Cipher

14-10-2012

The AES Cipher - Rijndael

Designed by Rijmen-Daemen in Belgium

Block length: 128 bits

Key length: 128/192/256 bits

Number of Rounds: 10/12/14 rounds

14-10-2012

An iterated cipher:
Processes data as block of 4 columns of 4 bytes
Operates on entire data block in every round

14-10-2012

Rijndael was designed to have the

following characteristics:
Resistance against all known attacks
Speed and code compactness on a wide range of

platforms
Design simplicity

14-10-2012

10

AES Structure

Key Scheduling

Message Encoding

14-10-2012

11

Example:

14-10-2012

12

AES Structure
Add Round Key : Initial Round Key
Transformation (For 9 Rounds)
1. Sub Bytes
2. Shift Rows

3. Mix Columns
4. Add Round Keys
Transformation (10th Round Key)

1. Sub Bytes
2. Shift Rows
3. Add Round Keys
14-10-2012

13

AES Structure

14-10-2012

14

14-10-2012

15

14-10-2012

16

14-10-2012

17

Example:

14-10-2012

18

14-10-2012

19

14-10-2012

20

14-10-2012

21

Sub Bytes Table

14-10-2012

22

Inverse Sub Bytes Table

14-10-2012

23

Example:

14-10-2012

24

14-10-2012

25

Example:

14-10-2012

26

14-10-2012

27

14-10-2012

28

14-10-2012

29

Example:

14-10-2012

30

14-10-2012

31

Key Expansion

14-10-2012

32

Firstly, the original 16-byte key is copied into the first 4 words of the expanded
key (i.e, the first 4x4 array of our diagram) as shown below:

14-10-2012

33

14-10-2012

34

14-10-2012

35

14-10-2012

36

14-10-2012

37

14-10-2012

38

Given:

14-10-2012

39

14-10-2012

40

14-10-2012

41

14-10-2012

42

Circular Shift column 1

14-10-2012

43

14-10-2012

44

Sub Bytes Table

14-10-2012

45

14-10-2012

46

Fill rest of the column

14-10-2012

47

14-10-2012

48

14-10-2012

49

14-10-2012

50

14-10-2012

51

14-10-2012

52

14-10-2012

53

14-10-2012

54

14-10-2012

55

14-10-2012

56

14-10-2012

57

14-10-2012

58

14-10-2012

59

14-10-2012

60

14-10-2012

61

14-10-2012

62

14-10-2012

63

14-10-2012

64

14-10-2012

65

14-10-2012

66

14-10-2012

67

14-10-2012

68

14-10-2012

69

14-10-2012

70

14-10-2012

71

14-10-2012

72

Message Encoding
Step: 1 : Initial Round: Add Round Key

X- OR

14-10-2012

73

Message Encoding
Step 2 : Transformation

14-10-2012

74

Message Encoding
Transformation : Step 1 : Sub Bytes

Input:

Check Each cell of the table in S-BOX table

14-10-2012

75

Sub Byte Table

14-10-2012

76

14-10-2012

77

14-10-2012

78

14-10-2012

79

Check all the cells and fill as above said manner

14-10-2012

80

Message Encoding
Transformation : Step 2 : Shift Rows
Input:

14-10-2012

81

14-10-2012

82

14-10-2012

83

14-10-2012

84

14-10-2012

85

Message Encoding
Transformation : Step 3 : Mix Columns
Input:

Constant Matrix:

14-10-2012

86

14-10-2012

87

14-10-2012

88

(d4* 02)+(bf*03)+(5d*01)+(30*01)

14-10-2012

89

Message Encoding
Transformation : Step 4 : Add Round Key
Input:
O/p from step 3 of Trans. =

Round 1 Key =

14-10-2012

90

X-OR

14-10-2012

91

14-10-2012

92

X-OR

X-OR

X-OR

14-10-2012

93

14-10-2012

94

14-10-2012

95

14-10-2012

96

14-10-2012

97

 Link for animated AES

http://www.cs.bc.edu/~straubin/cs38105/blockciphers/rijndaelingles 2004.swf
Otherwise in google type
animated AES and open first link

14-10-2012

98