1. AES : Advanced encryption algorithm
AES was to be based on 128 bit block with 128 bit
keys
Steps are:
2. One time initialization process:
Expand the 16 byte key to get the actual key block
to be used.
Do one time initialization of the 16 byte plain text
block(state)
XOR the state with the key block
For each round do the following:
Apply S-box to each of the plain text bytes.
Rotate row k of the plain text block by k bytes
Perform a mix column operation
XOR the state with the key block.
3. One time initialization process:
Expand the 16 byte key to get the actual key block
to be used:
Inputs to the algo are the key and the plain text
The key size is 16 bytes this step expands this 16
byte key into 11 arrays .each array contains 4 rows
and 4 columns
4. In other words , the original 16 byte key array is
expanded into a key containing 11*4*4=176 bytes
One of these 11 arrays is used in the initialization
process and other 10 arrays are used in the 10
rounds , one array per round.
In the context of AES a word uses 4 bytes.
Therefore in the current context our 16 byte initial
key will be expanded into 176 byte key
i.e. 44 words
5. firstly , the original 16 byte key is copied into the first
4 words of the expanded key
The remaining 10 arrays are depends on the
immediately preceding block and the block 4 position
earlier to it
That is every added word w[i] depends on w[i-1] and
w[i-4]
This fills four words at a time.
6. For filling these four words at a time the following
logic is used.
A if the word in the W array is a multiple of four
(w[4],w[8],w[12] and so on) than we perform three
function Titled Substitution , Rotate ,Constant
B if the current word in the output key block is not a
multiple of four we simply perform XOR operation
of the previous word and the word four places
earlier and store it as the output word
For example for w[5] we perform XOR between
w[4] and w[1] and store there output as w[5]
7.
8. For example: for this we need to take one byte at a
time
Suppose our first byte is 0d.looking it up in the s
box with x=0 and y=D produces D7
In the function constant , the output of the above
step is XORed with a constant. This constant is a
word ,consting of 4 bytes
The value of the constant is depends on the round
number
The last three bytes of a constant word always
contain 0
9. These constant values are:
round
number 1 2 3 4 5 6 7 8 9 10
CON
ST.
01 02 04 08 10 20 40 80 1B 36
10. lets take an example
Suppose that our original unexpanded 4 word key
is as shown:
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
11. in the first four round , the original 4 word input key would be copied
into the first 4- word output key, as per our algo
To populate w[4] the following algo is used:
For(i=4;i<44;i++)
{
Tmp=w[i-1];
If ( i mod 4==0)
Tmp=substitute(rotate(tmp)) XOR constant[i/4];
W[i]=w[i-4] XOR tmp;
}
Based on this ,we will have the following
Tmp=w[i-1]=w[4-1]=w[3]= 0C 0D 0E 0F
Since i=4 , I mod 4 is 0 . Therefore , we will now have the following
step;
12. Tmp=substitute(rotate(tmp)) XOR constant[i/4];
Rotate (temp) =rotate(0C 0D 0E 0F)
=0D 0E 0F 0C
now we do substitution(Rotate (temp) )
For this we will take one byte at a time and look up in S
box for substitution.
For example our first byte is 0D
We will see in s box where x=0 and y=D and produces
D7
Thus at the end of substitution(Rotate (temp) ) we will
get D7 AB 76 FE.
We now XOR this value with constant[i/4]
i.e. constant[1] which is 01(as per our table of constant)
13. Now D7 AB 76 FE
XOR 01 00 00 00
thus our new temp value is D6 AB 76 FE
Finally we XOR this temp value with w[i-4] i.e. w[4-
4] =w[0]
D6 AB 76 FE
XOR 00 01 02 03
= D6 AA 74 FD
thus w[4]= D6 AA 74 FD
We will use the same logic to derive the remaining
expanded key blocks w[5] to w[44].
14. Do one time initialization of the 16 byte plain text
block(state)
the 16 byte plain text block is copied into a two
dimensional 4 * 4 array called as state.
The order of the copying is in the column order.
15.
16. XOR the state with the key block:
Now the first 16 bytes of the expanded
key(w[0],w[1],w[2],w[3]) are XORed into the 16-byte
state array.
Thus every byte in the state array is replaced by
the xor of itself and the corresponding byte in the
expanded key.
at this stage , the initialization is complete and we
are ready for rounds.
17. Process in each rounds:
The following steps are executed 10 times , one per
round
A ) apply S-box to each of the plain text bytes:
The content of the state array are looked up into the
s box .
21. 7.21
7.2.1 Continue
Example 7.2
Figure 7.7 shows how a state is transformed using the SubBytes
transformation. The figure also shows that the InvSubBytes
transformation creates the original one. Note that if the two bytes
have the same values, their transformation is also the same.
Figure 7.7 SubBytes transformation for Example 7.2
22. B) rotate row k of the plain text block by k bytes:
Each of the four rows of the state array are rotated
to the left. Row 0 is rotated 0 bytes , row 1 is
rotated by 1 byte ,
Row 2 is rotated by 2 byte and row 3 is rotated by
3 byte
Example:
24. 7.24
7.2.2 Continue
Example 7.4
Figure 7.10 shows how a state is transformed using ShiftRows
transformation. The figure also shows that InvShiftRows
transformation creates the original state.
Figure 7.10 ShiftRows transformation in Example 7.4
25. C) perform a mix column operation:
Output of this step is the matrix multiplication of
the old value and a constant matrix.