Home > Computer science essays > AES Encryption

Essay: AES Encryption

Essay details and download:

  • Subject area(s): Computer science essays
  • Reading time: 4 minutes
  • Price: Free download
  • Published: 30 September 2015*
  • File format: Text
  • Words: 1,142 (approx)
  • Number of pages: 5 (approx)

Text preview of this essay:

This page of the essay has 1,142 words. Download the full version above.

1. Introduction
AES is a block of cipher algorithms originating from Rijndael algorithms (from the surnames of its inventors, two Belgian cryptographers: Joan Daemen and Vincent Rijmen). Rijndael is a family of ciphers with different key and block sizes. In June 2003, the US government announced that AES could be used to protect classified information, and it soon became the default encryption algorithm for protecting classified information as well as the first publicly accessible and open cipher approved by the NSA for top secret information. AES is one of the suite B cryptographic algorithms used by NSA’s Information Assurance Directorate in technology approved for protecting national security systems.
1.1 Choosing AES
After much enthusiastic feedback debate and analysis the Rijndael cipher (Belgian creators last names Daemen and Rijmen) was selected as the proposed algorithm for AES in October 2000 and was published by NIST as US FIPS PUB 197. The AES became effective as a federal government standard in 2002. It is also included in the ISO/IEC 18033-3 standard which specifies block ciphers for the purpose of data confidentiality.
2. Body of report
2.1 How AES encryption works
AES comprises three block ciphers, AES128, AES192 and AES256. Each cipher encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 128, 192 and 256 bits, respectively. Symmetric or secret key ciphers use the same key for encrypting and decrypting, hence both the sender and the receiver must know and use the same secret key. There are 10 rounds for 128 bit keys, 12 rounds for 192 bit keys, and 14 rounds for 256 bit keys; a round consists of several processing steps that include substitution, transposition and mixing of the input plaintext and transform it into the final output of cipher.
2.2 Rijandael
The input to the AES encryption and decryption algorithms is a single 128 bit block. This block is depicted as a square matrix of bytes. This block is copied into the State array, which is modified at each step of encryption and decryption. After the final stage, State is copied to an output matrix. Follow the figure below (William Stallings, 2006).
2.3 Byte substitution
The Substitute bytes stage uses an S-box to perform a byte-by-byte substitution of the block. There is a single 8 bit wide S-box used on every byte. This S-box is a permutation of all 256/8-bit values, constructed using a transformation which treats the values as polynomials in GF (2^8), however it is fixed, so really only need to know the table when implementing. See below figure (William Stallings, 2006).
2.4 Shift rows
The shift rows stage provides a simple permutation of the data, whereas the other steps involve substitutions. Further, since the state is treated as a block of columns, it is this step which provides for diffusion of values between columns. It performs a circular rotate on each row of 0, 1, 2 and 3 places for respective rows. This row shift moves an individual byte from one column to another, which is a linear distance of a multiple of 4 bytes, and ensures that the 4 bytes of one column are spread out to four different columns. See below figure (William Stallings, 2006).
2.5 Mix columns
The mix columns stage is a substitution that makes use of arithmetic over GF (2^8). Each byte of a column is mapped into a new value that is a function of all four bytes in that column. It is designed as a matrix multiplication where each byte is treated as a polynomial in GF (2^8). The inverse used for decryption involves a different set of constants. See below figure (William Stallings, 2006).
2.6 Add around key
Lastly is the Add Round Key stage which is a simple bitwise XOR of the current block with a portion of the expanded key. Note this is the only step which makes use of the key and obscures the result, hence must be used at start and end of each round, since otherwise could undo effect of other steps. But the other steps provide confusion; diffusion; non linearity. That us you can look at the cipher as a series of XOR with key then scramble/permute block repeated. See figure below (William Stallings, 2006).
AES round:
2.6 AES key expansion
The AES key expansion algorithm takes as input a 4 word (16 byte) key and produces a linear array of 44 words; 4-word round key for the initial Add Round Key stage and each of the 10/12/14 rounds of the cipher. It involves copying the key into the first group of 4 words, and then constructing subsequent groups of 4 based on the values of the previous and 4th back words. See figure below (William Stallings, 2006).
2.7 AES decryption
The AES decryption cipher is not identical to the encryption cipher (figure below). The sequence of transformations for decryption differs from that for encryption, although the form of the key schedules for encryption and decryption is the same. Two separate changes are needed to bring the decryption structure in line with the encryption structure. An encryption round has SubBytes, ShiftRows, MixColumns, AddRoundKey. The standard decryption round has InvSubBytes, InvShiftRows, InvMixColumns, AddRoundKey. Thus the first two stages of decryption round need to be interchanged ,and the second two stages of the decryption round need to be interchanged (William Stallings, 2006).
2.8 Implementation of AES
AES can be implemented very efficiently on an 8-bit processor.
Add Round Key is a byte wise XOR operation.
Shift Rows is a simple byte shifting operation.
Sub Bytes operates at the byte level and only requires a lookup of a 256 byte table S.
Mix Columns (matrix multiply) can be implemented as byte XOR’s and table lookups with a 2nd 256 byte.
AES can also be very efficiently implemented on a 32-bit processor, by rewriting the stage transformation to use 4 table lookups and XOR’s per column of state.
2.9 Evaluation regarding cryptanalysis and brute force attack
The Rijndael developers designed the expansion key algorithm to be resistant to known cryptanalytic attacks. It is designed to be simple to implement, but by using round constants break symmetries, and make it much harder to deduce other key bits if just some are known.
Assuming that one could build a machine that could recover a DES key in a second (try 2^55 keys per second), then it would take that machine approximately 149 trillion years to crack a 128 bit AES key. As of July 2009, no practical attacks have been successful on AES.
3. Conclusion
Security is no longer an afterthought in anyone’s software design and development process. AES is an important standard and using and understanding it will greatly increase the reliability and safety of your software systems. Choosing to use field GF (2^8) was a very good decision. The inverse of the addition operation was itself, making much of the algorithm easy to do. In fact, every operation is invertible by design. In addition, the block size and key size can vary making the algorithm versatile. AES was originally designed for non-classified U.S. government information, but, due to its success, AES 256 is usable for top secret government information.

...(download the rest of the essay above)

About this essay:

If you use part of this page in your own work, you need to provide a citation, as follows:

Essay Sauce, AES Encryption. Available from:<https://www.essaysauce.com/computer-science-essays/essay-aes-encryption/> [Accessed 13-04-24].

These Computer science essays have been submitted to us by students in order to help you with your studies.

* This essay may have been previously published on Essay.uk.com at an earlier date.