AES specifications and DES Algorithm Mira Nasiri
[email protected] University of Science and Culture , Tehran, Iran
The Advanced Encryption Standard (AES) is a new U. S. government standard. Instead of designing or commissioning a cipher, NIST asked for proposals from the cryptographic community. A total of 15 proposals were submitted [1]. Five ciphers were selected as finalists [2], after which Rijndael was selected to become AES. AES uses a different structure than DES. It is not a Feistel cipher. Figure 2.1 shows a single round of AES. The subsequent rounds are similar [3]. The plaintext comes in as 16 bytes at the very top. The first operation is to XOR the plaintext with 16 bytes (128 bits) of round key. This is shown by the operators; the key bytes come into the side of the XORs. Each of the 16 bytes is then used as an index into an S-box table that maps 8-bit inputs to 8-bit outputs. The S-boxes are all identical [4]. The bytes are then rearranged in a specific order that looks a bit messy but has a simple structure. Finally, the bytes are mixed in groups of four using a linear mixing function. The term linear just means that each output bit of the mixing function is the XOR of several of the input bits [6].
Figure1. Structure of a single round of AES This completes a single round. A full encryption consists of 10-14 rounds, depending on the key size. Like DES, there is a key schedule that generates the necessary round keys, but the key schedule uses a very different structure. The AES structure has advantages and disadvantages. Each step consists of a number of operations that can be performed in parallel. This parallelism makes high-speed implementations easy. On the other hand, the decryption operation is significantly different from the encryption operation. We need the inverse lookup table of the S-box, and the inverse mixing operation is different from the original mixing operation [5]. We can recognize some of the same functional blocks as in DES. The XORs add key material to the data, the S-boxes provide nonlinearity, and the byte shuffle and mixing functions provide diffusion.
2
References: [1] Courtois, N. T., Klimov, A., Patarin, J., Shamir, A., Efficient Algorithms for Solving Overdefined Systems of Multivariate Polynomial Equations, Proceedings of Advances in Cryptology, EUROCRYPT 2000, Springer-Verlag, 2002; 1807: 392–407. [2] Rezaeipour, D. , Management Security & Quality of Experience in Multimedia Cloud Computing, Journal of Metaheuristics , 2017. [3] Courtois, N. T., Pieprzyk, J., Cryptanalysis of block ciphers with overdefined systems of equations, in Advances in Cryptology, ASIACRYPT 2002, Springer-Verlag, 2002; 2501: 267– 287. [4] Rezaeipour, D. , Lightweight cryptography algorithms for IoT devices, Journal of Mathematics in Industry , 2018. [5] Kipnis, A., Shamir, A., Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization, Proceedings of Advances in Cryptology –CRYPTO’99, Springer-Verlag, 1999; 1666: 19–30. [6] Rezaeipour, D., Rushdan Md Said, M., Some Statistical Simulation Results over the 128-bit Block Cipher CLEFIA, Int. J. Contemp. Math. Sciences, 4(10): 497 – 504 , 2009.
3
