The document outlines the AES (Advanced Encryption Standard) encryption and decryption process, detailing parameters such as the number of columns, 32-bit words in the key, and rounds. It describes the sequence of transformations (addroundkey, subbytes, shiftrows, mixcolumns) used in AES, including key expansion for unique round keys. The process is illustrated through both encryption and decryption operations, emphasizing the importance of the key in both processes.

1. AES Encryption &
Decryption

2. AES parameters
• Nb – Number of columns in the State
• For AES, Nb = 4
• Nk – Number of 32-bit words in the Key
• For AES, Nk = 4, 6, or 8
• Nr – Number of rounds (function of Nb and Nk)
• For AES, Nr = 10, 12, or 14

4. AES methods
• Convert to state array
• Transformations (and their inverses)
• AddRoundKey
• SubBytes
• ShiftRows
• MixColumns
• Key Expansion

5. Convert to State Array
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
Input block:
0 4 8 12
1 5 9 13
2 6 10 14
3 7 11 15
S0,0 S0,1 S0,2 S0,3
S1,0 S1,1 S1,2 S1,3
S2,0 S2,1 S2,2 S2,3
S3,0 S3,1 S3,2 S3,3
=

6. AddRoundKey
• XOR each byte of the round key with its corresponding byte in the
state array
S0,0 S0,1 S0,2 S0,3
S1,0 S1,1 S1,2 S1,3
S2,0 S2,1 S2,2 S2,3
S3,0 S3,1 S3,2 S3,3
S’0,0 S’0,1 S’0,2 S’0,3
S’1,0 S’1,1 S’1,2 S’1,3
S’2,0 S’2,1 S’2,2 S’2,3
S’3,0 S’3,1 S’3,2 S’3,3
S0,1
S1,1
S2,1
S3,1
S’0,1
S’1,1
S’2,1
S’3,1
R0,0 R0,1 R0,2 R0,3
R1,0 R1,1 R1,2 R1,3
R2,0 R2,1 R2,2 R2,3
R3,0 R3,1 R3,2 R3,3
R0,1
R1,1
R2,1
R3,1
XOR

7. SubBytes
• Replace each byte in the state array with its corresponding value from
the S-Box
00 44 88 CC
11 55 99 DD
22 66 AA EE
33 77 BB FF
55

8. ShiftRows
• Last three rows are cyclically shifted
S0,0 S0,1 S0,2 S0,3
S1,0 S1,1 S1,2 S1,3
S2,0 S2,1 S2,2 S2,3
S3,0 S3,1 S3,2 S3,3
S1,0
S3,0 S3,1 S3,2
S2,0 S2,1

9. MixColumns
• Apply MixColumn transformation to each column
S0,0 S0,1 S0,2 S0,3
S1,0 S1,1 S1,2 S1,3
S2,0 S2,1 S2,2 S2,3
S3,0 S3,1 S3,2 S3,3
S’0,0 S’0,1 S’0,2 S’0,3
S’1,0 S’1,1 S’1,2 S’1,3
S’2,0 S’2,1 S’2,2 S’2,3
S’3,0 S’3,1 S’3,2 S’3,3
S0,1
S1,1
S2,1
S3,1
S’0,1
S’1,1
S’2,1
S’3,1
MixColumns()
S’0,c = ({02}  S0,c)  ({03}  S1,c)  S2,c  S3,c
S’1,c = S0,c  ({02}  S1,c)  ({03}  S2,c)  S3,c
S’2,c = S0,c  S1,c  ({02}  S2,c )  ({03}  S3,c)
S’3,c = ({03}  S0,c)  S1,c  S2,c  ({02}  S3,c

10. Key Expansion
• Expands the key material so that each round uses a unique round key
• Generates Nb(Nr+1) words
Filled with just
the key
Filled with a combination of
the previous work and the
one Nk positions earlier

11. Encryption
byte state[4,Nb]
state = in
AddRoundKey(state, keySchedule[0, Nb-1])
for round = 1 step 1 to Nr–1 {
SubBytes(state)
ShiftRows(state)
MixColumns(state)
AddRoundKey(state, keySchedule[round*Nb, (round+1)*Nb-1])
}
SubBytes(state)
ShiftRows(state)
AddRoundKey(state, keySchedule[Nr*Nb, (Nr+1)*Nb-1])
out = state
First and last operations
involve the key
Prevents an attacker from
even beginning to encrypt or
decrypt without the key

12. Decryption
byte state[4,Nb]
state = in
AddRoundKey(state, keySchedule[Nr*Nb, (Nr+1)*Nb-1])
for round = Nr-1 step -1 downto 1 {
InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, keySchedule[round*Nb, (round+1)*Nb-1])
InvMixColumns(state)
}
InvShiftRows(state)
InvSubBytes(state)
AddRoundKey(state, keySchedule[0, Nb-1])
out = state

13. Encrypt and Decrypt
Encryption
AddRoundKey
SubBytes
ShiftRows
MixColumns
AddRoundKey
SubBytes
ShiftRows
AddRoundKey
Decryption
AddRoundKey
InvShiftRows
InvSubBytes
AddRoundKey
InvMixColumns
InvShiftRows
InvSubBytes
AddRoundKey