The document provides information about the Advanced Encryption Standard (AES) encryption algorithm. It describes AES as a symmetric block cipher chosen by the U.S. government to protect classified information. The document outlines the development and selection process for AES, describing how it was intended to replace the aging Data Encryption Standard (DES). It also provides details about the AES algorithm, including that it uses 128, 192, or 256-bit keys and encryption is performed through 10-14 rounds of processing involving byte substitution, shifting rows of data, mixing columns, and combining with the encryption key.
AES (Advanced Encryption Standard) is a symmetric block cipher algorithm that was adopted as a replacement for the DES (Data Encryption Standard) algorithm. AES is considered more secure than DES due to using a larger key size and being more computationally difficult to break. While AES is fast and reliable for encrypting files and documents, it is not suitable for encrypting communications due to the key exchange problem - for that, an asymmetric algorithm like RSA is typically used to securely exchange the AES key.
The document discusses the Advanced Encryption Standard (AES). It describes AES as a symmetric block cipher selected by the U.S. National Institute of Standards and Technology (NIST) in 2001 to replace the Data Encryption Standard (DES). AES uses a variable block size of 128 bits and a key size of 128, 192, or 256 bits. The cipher operates on a 4x4 column-byte state and has 10, 12, or 14 rounds depending on the key size. Each round consists of byte substitution, shift rows, mix columns, and add round key transformations.
The document summarizes the Advanced Encryption Standard (AES). It describes how AES was selected by NIST as a replacement for DES. AES (Rijndael cipher) uses a block size of 128 bits, with key sizes of 128, 192, or 256 bits. It operates on data in rounds that include byte substitution, shifting rows, mixing columns, and adding the round key. The key is expanded into an array of words used for each round.
The document discusses stream ciphers and how they can be implemented in either hardware or software. It describes how stream ciphers work by generating a pseudorandom bitstream from a key and nonce that is XOR'd with the plaintext. Hardware-oriented stream ciphers were initially more efficient to implement than block ciphers using dedicated circuits like LFSRs. However, LFSR-based designs are insecure and modern software-oriented stream ciphers like Salsa20 are more efficient on CPUs. The document cautions that stream ciphers can be broken if the key and nonce are reused or if there are flaws in the implementation.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Project consists of individual modules of encryption and decryption units. Standard T-DES algorithm is implemented. Presently working on to integrate DES with AES to develop stronger crypto algorithm and test the same against Side Channel Attacks and compare different algorithms.
1. The document discusses network security and provides details about stream ciphers and block ciphers. It explains how each type of cipher works and provides examples of each.
2. Details are given about the Feistel cipher structure and how it provides diffusion and confusion through repeated rounds. The Data Encryption Standard (DES) algorithm is described as a prominent example of a Feistel cipher.
3. Principles of block cipher design are outlined, emphasizing the importance of number of rounds, design of the round function F, and the key schedule algorithm in providing security.
AES (Advanced Encryption Standard) is a symmetric block cipher algorithm that was adopted as a replacement for the DES (Data Encryption Standard) algorithm. AES is considered more secure than DES due to using a larger key size and being more computationally difficult to break. While AES is fast and reliable for encrypting files and documents, it is not suitable for encrypting communications due to the key exchange problem - for that, an asymmetric algorithm like RSA is typically used to securely exchange the AES key.
The document discusses the Advanced Encryption Standard (AES). It describes AES as a symmetric block cipher selected by the U.S. National Institute of Standards and Technology (NIST) in 2001 to replace the Data Encryption Standard (DES). AES uses a variable block size of 128 bits and a key size of 128, 192, or 256 bits. The cipher operates on a 4x4 column-byte state and has 10, 12, or 14 rounds depending on the key size. Each round consists of byte substitution, shift rows, mix columns, and add round key transformations.
The document summarizes the Advanced Encryption Standard (AES). It describes how AES was selected by NIST as a replacement for DES. AES (Rijndael cipher) uses a block size of 128 bits, with key sizes of 128, 192, or 256 bits. It operates on data in rounds that include byte substitution, shifting rows, mixing columns, and adding the round key. The key is expanded into an array of words used for each round.
The document discusses stream ciphers and how they can be implemented in either hardware or software. It describes how stream ciphers work by generating a pseudorandom bitstream from a key and nonce that is XOR'd with the plaintext. Hardware-oriented stream ciphers were initially more efficient to implement than block ciphers using dedicated circuits like LFSRs. However, LFSR-based designs are insecure and modern software-oriented stream ciphers like Salsa20 are more efficient on CPUs. The document cautions that stream ciphers can be broken if the key and nonce are reused or if there are flaws in the implementation.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
Project consists of individual modules of encryption and decryption units. Standard T-DES algorithm is implemented. Presently working on to integrate DES with AES to develop stronger crypto algorithm and test the same against Side Channel Attacks and compare different algorithms.
1. The document discusses network security and provides details about stream ciphers and block ciphers. It explains how each type of cipher works and provides examples of each.
2. Details are given about the Feistel cipher structure and how it provides diffusion and confusion through repeated rounds. The Data Encryption Standard (DES) algorithm is described as a prominent example of a Feistel cipher.
3. Principles of block cipher design are outlined, emphasizing the importance of number of rounds, design of the round function F, and the key schedule algorithm in providing security.
This document provides an overview of the Advanced Encryption Standard (AES). It discusses how AES was created through an encryption algorithm competition organized by the National Institute of Standards and Technology to replace the aging Triple DES standard. AES is a symmetric block cipher that encrypts 128-bit blocks using 128, 192, or 256-bit keys and 10, 12, or 14 rounds respectively. The AES encryption process takes the plaintext through several stages - substitution, shifting rows, mixing columns, and adding the round key - with the inverse being applied for decryption. Some potential security attacks on AES are also mentioned, such as related-key and XSL attacks, but it remains secure if implemented correctly.
This presentation introduces Feistel encryption and decryption. It discusses the Feistel cipher structure which partitions the input block into two halves and processes them through multiple rounds of substitution and permutation. It shows diagrams of the Feistel encryption and decryption processes. It also covers the design features of Feistel networks such as block size, key size, number of rounds, and sub-key generation. Finally, it provides an example of the round function that performs a bitwise XOR of the left half and output of a function applied to the right half and sub-key.
The document discusses various cipher techniques including polyalphabetic ciphers, the Vigenere cipher, homophonic substitution cipher, and the Polybius square. It provides examples of encrypting and decrypting messages using the Vigenere cipher and Polybius square. It also gives the formula for encrypting and decrypting messages using the Vigenere cipher algebraically by converting letters to numbers.
The document summarizes the SHA3 hash algorithm competition hosted by NIST. It provides details on the winning algorithm called Keccak, including its sponge construction, Keccak-f permutation, and the algorithms used in each round. Performance experiments show SHA3-512 is slower than SHA256 but provides stronger security guarantees. In conclusion, SHA3 will be the next hash standard and Keccak offers a secure design suited for hardware implementations.
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
This document discusses message authentication techniques including message encryption, message authentication codes (MACs), and hash functions. It describes how each technique can be used to authenticate messages and protect against various security threats. It also covers how symmetric and asymmetric encryption can provide authentication when used with MACs or digital signatures. Specific MAC and hash functions are examined like HMAC, SHA-1, and SHA-2. X.509 is introduced as a standard for digital certificates.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
SSL and TLS provide end-to-end security for applications using TCP. They operate at the transport layer and provide services like data encryption, message integrity, and client/server authentication. The key components are the handshake protocol for negotiating encryption parameters and exchanging keys, the record protocol for fragmenting and encrypting application data, and alert and change cipher spec protocols for signaling errors and key changes. Common algorithms include RSA and Diffie-Hellman for key exchange, RC4, 3DES and AES for encryption, and MD5 or SHA for hashing. Sessions define a connection's cryptographic settings while connections are the actual data streams.
This document provides an overview of Kerberos, including:
- Kerberos is an authentication protocol that uses symmetric encryption and timestamps to allow nodes communicating over an insecure network to verify each other's identity securely.
- It works by having a client first authenticate with an authentication server to obtain a ticket-granting ticket, then uses that ticket to obtain additional tickets for access to other services.
- Kerberos addresses the need for secure authentication in distributed network environments where the workstations themselves cannot be fully trusted.
This document summarizes key topics in cryptographic key management and distribution from Chapter 14 of William Stallings' book "Cryptography and Network Security". It discusses how symmetric encryption schemes require parties to share a secret key, and how public key schemes require parties to obtain valid public keys. It then covers various methods for key distribution, including using a key hierarchy with session keys and master keys, as well as alternatives like third party key distribution and the use of public key encryption to distribute secret keys. It also introduces the concept of using a key distribution center and X.509 certificates to facilitate secure key exchange through a public key infrastructure.
This document summarizes a chapter about the Data Encryption Standard (DES). It provides an overview of DES, describing it as a symmetric-key block cipher developed by IBM and adopted by the National Institute of Standards and Technology. The chapter then goes into details about the structure and design of DES, including its use of an initial and final permutation, 16 rounds of encryption using subkey values, and weaknesses like its short key length. It also discusses analyses of DES security, noting brute force, differential cryptanalysis, and linear cryptanalysis as potential attack methods.
This document discusses the design and implementation of the Blowfish encryption algorithm using Verilog HDL. Blowfish is a symmetric block cipher that uses a variable-length key from 32 to 448 bits, making it suitable for securing data. The algorithm consists of two parts - key expansion and a round structure involving 16 rounds of operations. The authors implemented Blowfish using Verilog HDL on a Xilinx FPGA for applications requiring encryption like IoT devices. Their design achieved high-speed encryption of up to 4 bits per clock cycle and operated at a maximum frequency of 50MHz.
This document summarizes key concepts about block ciphers and the Data Encryption Standard (DES) cipher. It introduces block ciphers and how they operate on message blocks, describes the Feistel cipher structure and its design principles, and provides details on the DES algorithm including its history, design, encryption process, key schedule, and analysis of its security strengths and weaknesses over time. Differential and linear cryptanalysis attacks on block ciphers are also summarized.
The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to replace the Data Encryption Standard (DES) in 2001. AES supports 128-bit blocks and key lengths of 128, 192, and 256 bits. It performs encryption and decryption through a series of transformations including substitution, shifting, mixing, and adding round keys derived from the original key. The number of transformation rounds varies based on the key length, from 10 rounds for 128-bit keys up to 14 rounds for 256-bit keys. AES provides improved security over DES with higher computational efficiency.
Symmetric encryption uses the same key for both encryption and decryption. Common symmetric algorithms include DES, Triple DES, and AES. DES encrypts data in 64-bit blocks using a 56-bit key. Triple DES applies DES three times with three different keys to strengthen it against attacks. AES has a variable block size of 128 bits and key size of 128, 192, or 256 bits. It performs multiple rounds of substitution and permutation functions to encrypt the data securely.
This document provides an overview of the Advanced Encryption Standard (AES). It discusses how AES was created through an encryption algorithm competition organized by the National Institute of Standards and Technology to replace the aging Triple DES standard. AES is a symmetric block cipher that encrypts 128-bit blocks using 128, 192, or 256-bit keys and 10, 12, or 14 rounds respectively. The AES encryption process takes the plaintext through several stages - substitution, shifting rows, mixing columns, and adding the round key - with the inverse being applied for decryption. Some potential security attacks on AES are also mentioned, such as related-key and XSL attacks, but it remains secure if implemented correctly.
This presentation introduces Feistel encryption and decryption. It discusses the Feistel cipher structure which partitions the input block into two halves and processes them through multiple rounds of substitution and permutation. It shows diagrams of the Feistel encryption and decryption processes. It also covers the design features of Feistel networks such as block size, key size, number of rounds, and sub-key generation. Finally, it provides an example of the round function that performs a bitwise XOR of the left half and output of a function applied to the right half and sub-key.
The document discusses various cipher techniques including polyalphabetic ciphers, the Vigenere cipher, homophonic substitution cipher, and the Polybius square. It provides examples of encrypting and decrypting messages using the Vigenere cipher and Polybius square. It also gives the formula for encrypting and decrypting messages using the Vigenere cipher algebraically by converting letters to numbers.
The document summarizes the SHA3 hash algorithm competition hosted by NIST. It provides details on the winning algorithm called Keccak, including its sponge construction, Keccak-f permutation, and the algorithms used in each round. Performance experiments show SHA3-512 is slower than SHA256 but provides stronger security guarantees. In conclusion, SHA3 will be the next hash standard and Keccak offers a secure design suited for hardware implementations.
In cryptography, a block cipher is a deterministic algorithm operating on ... Systems as a means to effectively improve security by combining simple operations such as .... Finally, the cipher should be easily cryptanalyzable, such that it can be ...
This document discusses message authentication techniques including message encryption, message authentication codes (MACs), and hash functions. It describes how each technique can be used to authenticate messages and protect against various security threats. It also covers how symmetric and asymmetric encryption can provide authentication when used with MACs or digital signatures. Specific MAC and hash functions are examined like HMAC, SHA-1, and SHA-2. X.509 is introduced as a standard for digital certificates.
For a college course -- CNIT 141: Cryptography for Computer Networks, at City College San Francisco
Based on "Serious Cryptography: A Practical Introduction to Modern Encryption", by Jean-Philippe Aumasson, No Starch Press (November 6, 2017), ISBN-10: 1593278268 ISBN-13: 978-1593278267
Instructor: Sam Bowne
More info: https://samsclass.info/141/141_S19.shtml
SSL and TLS provide end-to-end security for applications using TCP. They operate at the transport layer and provide services like data encryption, message integrity, and client/server authentication. The key components are the handshake protocol for negotiating encryption parameters and exchanging keys, the record protocol for fragmenting and encrypting application data, and alert and change cipher spec protocols for signaling errors and key changes. Common algorithms include RSA and Diffie-Hellman for key exchange, RC4, 3DES and AES for encryption, and MD5 or SHA for hashing. Sessions define a connection's cryptographic settings while connections are the actual data streams.
This document provides an overview of Kerberos, including:
- Kerberos is an authentication protocol that uses symmetric encryption and timestamps to allow nodes communicating over an insecure network to verify each other's identity securely.
- It works by having a client first authenticate with an authentication server to obtain a ticket-granting ticket, then uses that ticket to obtain additional tickets for access to other services.
- Kerberos addresses the need for secure authentication in distributed network environments where the workstations themselves cannot be fully trusted.
This document summarizes key topics in cryptographic key management and distribution from Chapter 14 of William Stallings' book "Cryptography and Network Security". It discusses how symmetric encryption schemes require parties to share a secret key, and how public key schemes require parties to obtain valid public keys. It then covers various methods for key distribution, including using a key hierarchy with session keys and master keys, as well as alternatives like third party key distribution and the use of public key encryption to distribute secret keys. It also introduces the concept of using a key distribution center and X.509 certificates to facilitate secure key exchange through a public key infrastructure.
This document summarizes a chapter about the Data Encryption Standard (DES). It provides an overview of DES, describing it as a symmetric-key block cipher developed by IBM and adopted by the National Institute of Standards and Technology. The chapter then goes into details about the structure and design of DES, including its use of an initial and final permutation, 16 rounds of encryption using subkey values, and weaknesses like its short key length. It also discusses analyses of DES security, noting brute force, differential cryptanalysis, and linear cryptanalysis as potential attack methods.
This document discusses the design and implementation of the Blowfish encryption algorithm using Verilog HDL. Blowfish is a symmetric block cipher that uses a variable-length key from 32 to 448 bits, making it suitable for securing data. The algorithm consists of two parts - key expansion and a round structure involving 16 rounds of operations. The authors implemented Blowfish using Verilog HDL on a Xilinx FPGA for applications requiring encryption like IoT devices. Their design achieved high-speed encryption of up to 4 bits per clock cycle and operated at a maximum frequency of 50MHz.
This document summarizes key concepts about block ciphers and the Data Encryption Standard (DES) cipher. It introduces block ciphers and how they operate on message blocks, describes the Feistel cipher structure and its design principles, and provides details on the DES algorithm including its history, design, encryption process, key schedule, and analysis of its security strengths and weaknesses over time. Differential and linear cryptanalysis attacks on block ciphers are also summarized.
The Advanced Encryption Standard (AES) is a symmetric block cipher chosen by the U.S. government to replace the Data Encryption Standard (DES) in 2001. AES supports 128-bit blocks and key lengths of 128, 192, and 256 bits. It performs encryption and decryption through a series of transformations including substitution, shifting, mixing, and adding round keys derived from the original key. The number of transformation rounds varies based on the key length, from 10 rounds for 128-bit keys up to 14 rounds for 256-bit keys. AES provides improved security over DES with higher computational efficiency.
Symmetric encryption uses the same key for both encryption and decryption. Common symmetric algorithms include DES, Triple DES, and AES. DES encrypts data in 64-bit blocks using a 56-bit key. Triple DES applies DES three times with three different keys to strengthen it against attacks. AES has a variable block size of 128 bits and key size of 128, 192, or 256 bits. It performs multiple rounds of substitution and permutation functions to encrypt the data securely.
The document describes the implementation of the Advanced Encryption Standard (AES) algorithm in Matlab. It includes:
1) An introduction to AES that describes its motivation, definitions, requirements and overall processes.
2) A high-level design section explaining the AES algorithm, its overall structure consisting of key expansion, encryption and decryption processes using operations like SubBytes, ShiftRows, MixColumns and AddRoundKey.
3) A detailed design section describing the individual operations for both encryption and decryption, including pseudo-code. It also provides illustrations of the operations.
4) Sections on key expansion and results from implementing the AES algorithm in Matlab.
Information and network security 26 aes decryption and implementational issuesVaibhav Khanna
To review the overall structure of AES and to focus particularly on the four steps used in each round of AES: (1) byte substitution, (2) shift rows, (3) mix columns, and (4) add round key
Information and network security 24 advanced encryption standard aesVaibhav Khanna
The Advanced Encryption Standard, also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology in 2001
The document discusses the Advanced Encryption Standard (AES) cipher. It describes the AES selection process, including the requirements for candidates and criteria for evaluation. Rijndael, designed by Rijmen and Daemen, was selected as the AES cipher. The summary describes the key components of Rijndael, including its round structure of byte substitution, shift rows, mix columns, and add round key steps. It also covers the AES key expansion process and efficient implementation approaches.
AES is an encryption standard chosen by the National Institute of Standards and Technology to protect classified information. It operates on 128-bit blocks using a variable key length of 128, 192, or 256 bits. AES became the replacement for the DES algorithm after it was cracked in 1997. The Rijndael cipher developed by two Belgian cryptographers was selected as the new AES algorithm due to its security, performance, and flexibility.
1. The document discusses the Advanced Encryption Standard (AES) cipher, which was selected from the Rijndael algorithm in 2000 to replace the Data Encryption Standard (DES).
2. AES has a block size of 128 bits, with key sizes of 128, 192, or 256 bits. It operates on a 4x4 column-byte state and consists of 10-14 rounds depending on the key size.
3. Each round performs byte substitution, shifting rows of the state, mixing columns using matrix multiplication, and adding the round key using XOR. The key is expanded using XOR and S-boxes to generate round keys.
Block ciphers and stream ciphers are the two main types of symmetric encryption algorithms. Block ciphers encrypt data in fixed-length blocks, while stream ciphers encrypt data one bit or byte at a time. The AES and DES algorithms are common block ciphers that use a feistel network structure with multiple rounds of processing. Modes of operation like ECB, CBC, CFB and OFB define how block ciphers can encrypt multiple blocks of data. Public key cryptography uses asymmetric algorithms like RSA that have separate public and private keys, allowing for both encryption and digital signatures. Key distribution and management are important aspects of deploying public key encryption at scale.
Symmetric Key Encryption Algorithms can be categorized as stream ciphers or block ciphers. Block ciphers like the Data Encryption Standard (DES) operate on fixed-length blocks of bits, while stream ciphers process messages bit-by-bit. DES is an example of a block cipher that encrypts 64-bit blocks using a 56-bit key. International Data Encryption Algorithm (IDEA) is another block cipher that uses a 128-bit key and 64-bit blocks, employing addition and multiplication instead of XOR like DES. IDEA consists of 8 encryption rounds followed by an output transformation to generate the ciphertext from the plaintext and key.
There is great research in the field of data security these days. Storing information digitally in the cloud and transferring it over the internet proposes risks of disclosure and unauthorized access, thus users, organizations and businesses are adapting new technology and methods to protect their data from breaches. In this paper, we introduce a method to provide higher security for data transferred over the internet, or information based in the cloud. The introduced method for the most part depends on the Advanced Encryption Standard (AES) algorithm. Which is currently the standard for secret key encryption. A standardized version of the algorithm was used by The Federal Information Processing Standard 197 called Rijndael for the Advanced Encryption Standard. The AES algorithm processes data through a combination of Exclusive-OR operations (XOR), octet substitution with an S-box, row and column rotations, and a MixColumn operations. The fact that the algorithm could be easily implemented and run on a regular computer in a reasonable amount of time made it highly favorable and successful.
In this paper, the proposed method provides a new dimension of security to the AES algorithm by securing the key itself such that even when the key is disclosed, the text cannot be deciphered. This is done by enciphering the key using Output Feedback Block Mode Operation. This introduces a new level of security to the key in a way in which deciphering the data requires prior knowledge of the key and the algorithm used to encipher the key for the purpose of deciphering the transferred text.
Keywords: Keywords: Keywords: Keywords: Keywords: Keywords: Keywords:
Data encryption techniques and standardSarika Jadhav
The document discusses various data encryption techniques and standards. It describes the Data Encryption Standard (DES) algorithm which uses a 64-bit block size and 56-bit key. It became the federal standard in 1976 but was replaced by the Advanced Encryption Standard (AES) in 2002. AES is a symmetric-key algorithm that operates on 128-bit blocks and has key sizes of 128, 192, or 256 bits. The document also briefly discusses steganography techniques for hiding messages in images, audio, video and text files.
Implementation of Various Cryptosystem Using ChaosIOSR Journals
The document discusses implementing various cryptosystems using chaos. It first summarizes AES, IDEA, RC5, RSA, and ElGamal cryptographic algorithms. It then explains how chaos is applied to improve the security and speed of each algorithm. Chaos is used to generate new S-boxes for AES and mix the plaintext for IDEA, RC5 and ElGamal. The document claims that applying chaos in this way increases both security against attacks and encryption/decryption speeds compared to the original cryptographic algorithms.
- The document discusses the Advanced Encryption Standard (AES) and its selection as a replacement for the Data Encryption Standard (DES). It describes the selection process conducted by the National Institute of Standards and Technology (NIST).
- Rijndael, designed by Vincent Rijmen and Joan Daemen, was selected as the AES after evaluation of 15 candidate algorithms. It uses 128/192/256-bit keys and 128-bit blocks.
- The AES cipher, based on Rijndael, consists of 10-14 rounds depending on key size. Each round performs byte substitution, shift rows, mix columns, and adds a round key. It can be efficiently implemented in both software and hardware.
The document discusses the Advanced Encryption Standard (AES) which was selected by the U.S. government to encrypt sensitive data. It describes the requirements for AES, the evaluation criteria used in selecting it, and the five algorithm finalists. Rijndael, designed by Belgian cryptographers, was ultimately chosen as the AES cipher due to its security, performance, and simplicity. The summary provides an overview of the AES selection process and key aspects of the Rijndael cipher, including its round structure and efficient software implementations.
Modified aes algorithm using multiple s boxeschuxuantinh
The document proposes a modified AES algorithm using multiple substitution boxes (S-Boxes) to improve performance. It describes the standard AES algorithm and then proposes modifications. Specifically, it suggests using two S-Boxes - the original Rijndael S-Box along with a new S-Box constructed by XORing each value of the original S-Box with 7F and applying an affine transformation. Evaluation results showed that the modified algorithm with two S-Boxes improved speed performance compared to standard AES, while slightly weakening security. The modified algorithm is also more efficient to implement using low-cost processors and minimal memory.
modified aes algorithm using multiple s-boxeschutinhha
The document proposes a modified AES algorithm using multiple substitution boxes (S-Boxes) to improve performance. It describes the standard AES algorithm and then proposes modifications. Specifically, it suggests using two S-Boxes - the original Rijndael S-Box along with a new S-Box constructed by XORing each value of the original S-Box with 7F and applying an affine transformation. The evaluation results show that the modified algorithm with two S-Boxes increases speed compared to standard AES while slightly decreasing security. It is concluded that the modified algorithm is more efficient to implement with low memory requirements on simple processors.
Honeypots Unveiled: Proactive Defense Tactics for Cyber Security, Phoenix Sum...APNIC
Adli Wahid, Senior Internet Security Specialist at APNIC, delivered a presentation titled 'Honeypots Unveiled: Proactive Defense Tactics for Cyber Security' at the Phoenix Summit held in Dhaka, Bangladesh from 23 to 24 May 2024.
Decentralized Justice in Gaming and EsportsFederico Ast
Discover how Kleros is transforming the landscape of dispute resolution in the gaming and eSports industry through the power of decentralized justice.
This presentation, delivered by Federico Ast, CEO of Kleros, explores the innovative application of blockchain technology, crowdsourcing, and incentivized mechanisms to create fair and efficient arbitration processes.
Key Highlights:
- Introduction to Decentralized Justice: Learn about the foundational principles of Kleros and how it combines blockchain with crowdsourcing to develop a novel justice system.
- Challenges in Traditional Arbitration: Understand the limitations of conventional arbitration methods, such as high costs and long resolution times, particularly for small claims in the gaming sector.
- How Kleros Works: A step-by-step guide on the functioning of Kleros, from the initiation of a smart contract to the final decision by a jury of peers.
- Case Studies in eSports: Explore real-world scenarios where Kleros has been applied to resolve disputes in eSports, including issues like cheating, governance, player behavior, and contractual disagreements.
- Practical Implementation: Detailed walkthroughs of how disputes are handled in eSports tournaments, emphasizing speed, cost-efficiency, and fairness.
- Enhanced Transparency: The role of blockchain in providing an immutable and transparent record of proceedings, ensuring trust in the resolution process.
- Future Prospects: The potential expansion of decentralized justice mechanisms across various sectors within the gaming industry.
For more information, visit kleros.io or follow Federico Ast and Kleros on social media:
• Twitter: @federicoast
• Twitter: @kleros_io
Securing BGP: Operational Strategies and Best Practices for Network Defenders...APNIC
Md. Zobair Khan,
Network Analyst and Technical Trainer at APNIC, presented 'Securing BGP: Operational Strategies and Best Practices for Network Defenders' at the Phoenix Summit held in Dhaka, Bangladesh from 23 to 24 May 2024.
2. AES - Advanced Encryption Standard.
• Published by NIST in Nov 2001: FIPS PUB 197
• Based on a competition won by Rijmen and Daemen (Rijndael) from Belgium
• 22 submissions,
• 7 did not satisfy all requirements
• 15 submissions 5 finalists:
• Mars,
• RC6,
• Rijndael,
• Serpent,
• Twofish.
• Winner: Rijndael.
• Rijndael allows many block sizes and key sizes
• AES restricts it to:
• Block Size: 128 bits
• Key sizes: 128, 192, 256 (AES-128, AES-192, AES-256)
• An iterative rather than Feistel cipher
• operates on entire data block in every round
• Byte operations: Easy to implement in software
3. AES – Advance Encryption Standard.
• The Advanced Encryption Standard (AES) is a symmetric block
cipher chosen by the U.S. government to protect classified
information.
• AES is implemented in software and hardware throughout the world
to encrypt sensitive data. It is essential for government computer
security, cybersecurity and electronic data protection.
• The National Institute of Standards and Technology (NIST) started
development of AES in 1997 when it announced the need for an
alternative to the Data Encryption Standard (DES), which was starting
to become vulnerable to brute-force attacks.
4. • NIST stated that the newer, advanced encryption algorithm would be
unclassified and must be "capable of protecting sensitive government
information well into the [21st] century." It was intended to be easy to
implement in hardware and software, as well as in restricted
environments -- such as a smart card -- and offer decent defenses
against various attack techniques.
• AES was created for the U.S. government with additional voluntary,
free use in public or private, commercial or noncommercial programs
that provide encryption services. However, nongovernmental
organizations choosing to use AES are subject to limitations created by
U.S. export control.
5. What is the AES algorithm?
• The AES algorithm (also known
as the Rijndael algorithm) is a
symmetrical block cipher
algorithm that takes plain text in
blocks of 128 bits and converts
them to ciphertext using keys of
128, 192, and 256 bits. Since the
AES algorithm is considered
secure, it is in the worldwide
standard.
6. How AES encryption works
• AES-128 uses a 128-bit key length
to encrypt and decrypt a block of
messages.
• AES-192 uses a 192-bit key length
to encrypt and decrypt a block of
messages.
• AES-256 uses a 256-bit key length
to encrypt and decrypt a block of
messages.
• Each cipher encrypts and decrypts
data in blocks of 128 bits using
cryptographic keys of 128, 192 and
256 bits, respectively.
7. • Symmetric, also known as secret key, ciphers use the same key for
encrypting and decrypting. The sender and the receiver must both
know -- and use -- the same secret key.
• The government classifies information in three categories:
• Confidential,
• Secret
• Top Secret.
• All key lengths can be used to protect the Confidential and Secret
level. Top Secret information requires either 192- or 256-bit key
lengths.
8. • There are 10 rounds for 128-bit
keys, 12 rounds for 192-bit keys
and 14 rounds for 256-bit keys. A
round consists of several
processing steps that include
substitution, transposition and
mixing of the input plaintext to
transform it into the final output
of ciphertext.
9. • The AES encryption algorithm defines numerous transformations that
are to be performed on data stored in an array. The first step of the
cipher is to put the data into an array, after which the cipher
transformations are repeated over multiple encryption rounds.
• The first transformation in the AES encryption cipher is substitution of
data using a substitution table. The second transformation shifts data
rows. The third mixes columns. The last transformation is performed
on each column using a different part of the encryption key. Longer
keys need more rounds to complete.
10. What are the features of AES?
• NIST specified the new AES algorithm must be a block cipher capable of
handling 128-bit blocks, using keys sized at 128, 192 and 256 bits.
• Other criteria for being chosen as the next AES algorithm included the
following:
• Security. Competing algorithms were to be judged on their ability to resist
attack as compared to other submitted ciphers. Security strength was to be
considered the most important factor in the competition.
• Cost. Intended to be released on a global, nonexclusive and royalty-free
basis, the candidate algorithms were to be evaluated on computational and
memory efficiency.
• Implementation. Factors to be considered included the algorithm's
flexibility, suitability for hardware or software implementation, and overall
simplicity.
11. Creation of Round keys :
• A Key Schedule algorithm is used
to calculate all the round keys
from the key. So the initial key is
used to create many different
round keys which will be used in
the corresponding round of the
encryption.
12. Encryption :
• AES considers each block as a 16 byte (4 byte
x 4 byte = 128 ) grid in a column major
arrangement.
• Each round comprises of 4 steps :
• SubBytes
• ShiftRows
• MixColumns
• Add Round Key
• The last round doesn’t have the MixColumns
round.
• The SubBytes does the substitution and
ShiftRows and MixColumns performs the
permutation in the algorithm.
13. SubBytes :
• This step implements the
substitution.
• In this step each byte is substituted
by another byte.(Its performed
using a lookup table also called the
S-box. This substitution is done in a
way that a byte is never substituted
by itself and also not substituted by
another byte which is a
compliment of the current byte.
The result of this step is a 16 byte
(4 x 4 ) matrix like before.
• The next two steps implement the
permutation.
14. ShiftRows :
• This step is just as it sounds. Each
row is shifted a particular number
of times.
• The first row is not shifted
• The second row is shifted once to
the left.
• The third row is shifted twice to the
left.
• The fourth row is shifted thrice to
the left.
• (A left circular shift is performed.)
15. MixColumns :
• This step is basically a matrix
multiplication. Each column is
multiplied with a specific matrix
and thus the position of each byte
in the column is changed as a
result.
• Or In the third step, the Hill
cipher is used to jumble up the
message more by mixing the
block’s columns.
• This step is skipped in the last
round.
16. Add Round Keys :
• Now the resultant output of the
previous stage is XOR-ed with the
corresponding round key. Here, the
16 bytes is not considered as a grid
but just as 128 bits of data.
• After all these rounds 128 bits of
encrypted data is given back as
output. This process is repeated
until all the data to be encrypted
undergoes this process.
• In the final step, the message is
XORed with the respective round
key.
17. Decryption :
• The stages in the rounds can be easily undone as these stages have an
opposite to it which when performed reverts the changes.Each 128 blocks
goes through the 10,12 or 14 rounds depending on the key size.
• The stages of each round in decryption is as follows :
• Add round key
• Inverse MixColumns
• ShiftRows
• Inverse SubByte
• The decryption process is the encryption process done in reverse so i will
explain the steps with notable differences.
18. Inverse MixColumns :
• This step is similar to the
MixColumns step in encryption,
but differs in the matrix used to
carry out the operation.
19. Inverse SubBytes :
• Inverse S-box is used as a lookup table and using which the bytes are
substituted during decryption.
20. Detailed Structure
1. One noteworthy feature of this structure is
that it is not a Feistel structure. Recall that, in
the classic Feistel structure, half of the data
block is used to
modify the other half of the data block and t
hen the halves are swapped. AES instead
processes the entire data block as a single
matrix during each round using substitutions
and permutation.
2. The key that is provided as input is expand
ed into an array of forty-four 32-
bit words, w[i]. Four distinct words (128 bits)
serve as a round key for each round;
21. • 3. Four different stages are used, one of permutation and three of sub
stitution:
• Substitute bytes: Uses an S-box to perform a byte-by-
byte substitution of the block.
• ShiftRows: A simple permutation.
• MixColumns: A substitution that makes use of arithmetic over GF(28).
• AddRoundKey: A simple bitwise XOR of the current block with a porti
on of the expanded key.
22. • 4. The structure is quite simple. For both encryption and decryption,
the
cipher begins with an AddRoundKey stage, followed by nine rounds th
at each includes all four stages, followed by a tenth
round of three stages. Picture depicts the
structure of a full encryption round.
24. • 5. Only the AddRoundKey stage makes use of the key. For this reason, the c
ipher begins and ends with an AddRoundKey stage. Any other stage, applie
d at the beginning or end, is reversible without knowledge of the key and so
would add no security.
• 6. The AddRoundKey stage is, in effect, a form of Vernam cipher and by
itself would not be formidable. The other three stages together provide
confusion, diffusion, and nonlinearity, but by themselves would provide no
security because
they do not use the key.We can view the cipher as alternating operations of
XOR
encryption (AddRoundKey) of a block, followed by scrambling of the block
(the
other three stages), followed by XOR encryption, and so on. This scheme is
both efficient and highly secure.
25. • 7. Each stage is easily
reversible. For the Substitute Byte, ShiftRows,
and MixColumns stages, an inverse function is used in the decryption
algorithm. For the AddRoundKey stage, the inverse is achieved by XO
Ring the same round key to the block, using the result
that A Ⓧ B Ⓧ B = A.
• 8. As with
most block ciphers, the decryption algorithm
makes use of the expanded key in reverse order. However, the decrypti
on algorithm is not identical to the encryption algorithm. This is a
consequence of the particular structure of AES.
26. • 9. Once it is established t
hat all four stages are reversible, it is easy to verify that decryption
does recover the plaintext. Figure
5.3 lays out encryption and decryption going in opposite
vertical directions. At each
horizontal point (e.g., the dashed line in the figure), State is the same
for both encryption and decryption.
• 10. The final round of both
encryption and decryption consists of only three stages. Again, this is
a consequence of the particular structure of AES and is required to
make the cipher reversible.
27. What's the difference between AES vs. DES?
• The U.S. government developed DES
algorithms more than 40 years ago to
ensure government systems all used
the same, secure standard to facilitate
interconnectivity.
• DES served as the linchpin of
government cryptography for years
until 1999, when researchers broke
the algorithm's 56-bit key using a
distributed computer system. In 2000,
the U.S. government chose to use AES
to protect classified information. DES
is still used in some instances for
backward compatibility.
28. • The two standards are both symmetric block ciphers, but AES is more
mathematically efficient. The main benefit of AES lies in its key length
options. The time required to crack an encryption algorithm is directly
related to the length of the key used to secure the communication --
128-bit, 192-bit or 256-bit keys. Therefore, AES is exponentially
stronger than the 56-bit key of DES. AES encryption is also
significantly faster, so it is ideal for applications, firmware and
hardware that require low latency or high throughput.
29.
30. Key Expansion
• That mean we convert
• Key into hexa.
• Now
• N = 73
• A = 61
• D = 74
• E = 69
• E = 68
• And so on.
36. In G we substitute
subkey with constant
table.
37. • We got here G Function output that is f8 9f 85 40.
• Now we perform XOR the output with Word 0 (W0).
• Now we can’t perform G Function,
• we derived w5 from XOR operation between W1 and W4.
38. • To find out the next key, as per rule we
perform XOR W1 with the result of W4.
• G function perform once only.
• The output showing in the picture.
• First convert both into Binary.
• Perform XOR.
• Convert into Hexa.
• Than this procedure is continue till we got 43
Keys.
• If we findout next key W8. First we put W7 in
Function G, than output XOR with W4.
Output is W8, now XOR with W5 and so on.
• In each router we use 4 words for every next
round we perform full function.
39. Suppose this is our function / algorithm. In key section, each
key is 128 bit mean 32 word. In each round we perform full G
function. Than the output of subkey1 is used for next key
expansion and so on
40. • This the complete structure of
AES, Encryption and Decryption.
• Here first step is Add round key.
• What is this.
41. Add Round Key.
• Supposed we have a message.
• The message is
“secretmessagenow”
• This is 128 bit message.
• We convert it into bytes.
• 73 65 63 72 65 74 6d 65 73 73
61 67 65 6e 6f 77
• Now we put this valued in a
State Array into 4 x 4 matrix.
42. • Now we understand the Add
round key.
• That output put into round 1.
• And what happened in round 1.
• This is the next target we will
understand.
43. Steps in Round
• As per picture,
• There are found steps.
• 1. Substitute Bytes.
• 2. Shift Rows.
• 3. Mix Columns.
• 4. Add Round Key.
44. Byte Substitution.
• There we have an output that we
get from Add round Key. We did
byte substitution.
• First we took first byte that is “0
0”. We look this into table. First “ 0
“ define row number and 2nd byte
define Column. What the value you
get, replace it with “0 0”.
• Same step with 2nd byte and so on.
45. Shift Row.
• Shift Rows simply byte shifts the
rows.
• First row: NO change.
• Second Row: One byte cyclical
left shift.
• Third Row: Two byte Cyclical left
Shift.
• Fourth Row: Three byte cyclical
left shift.
46. MIX Column.
• After shift rows we got an
output.
• We simply multiply this output
with a standard matrix.
48. • In upper slide we perform only
one section of r1, rest we have
three more.
• The value of r1 = (02 * 63) + (03
+ 9c) + (01 * 7b) + (01 * ca)
• We simply multiply 02 x 63
• What is rest value and “ r1”
value
50. • From that way you get all the value of r1, r2, r3 and so on.
• The final step is to add round key.
• And we know how should we add the key.
• But here our message is r1, r2, r3, . . . . . R16 and the key is subkey of
round 2.
• We already discuss how to extract the key.
• We did all these step in all round except or last round.
• In last round we didn’t perform Mix column action.