State State 1 2 3 in0 in4 in8 in12 1 in1 in5 in9 in13 2 in2 in6 in10 in14 3 in3

State state 1 2 3 in0 in4 in8 in12 1 in1 in5 in9 in13

This preview shows page 41 - 48 out of 51 pages.

State State 0 1 2 3 0 in[0] in[4] in[8] in[12] 1 in[1] in[5] in[9] in[13] 2 in[2] in[6] in[10] in[14] 3 in[3] in[7] in[11] in[15] State is a 4 by 4 array of bytes, initialised (col-by-col) with the 16-byte plaintext block (see below) Final value of state is returned as ciphertext
Image of page 41
Network Security (N. Dulay & M. Huth) Symmetric Key Cryptography (3.42) AffineTransformation is a function that performs a matrix multiplication followed by a vector addition. See Stallings or Huth for specifics of matrix and vector used in AES. SubBytes Transformation Change each byte of State with corresponding byte from SBOX matrix: State [Row, Col] = SBOX [X, Y] where X = State[Row, Col] div 16, Y = State [Row, Col] mod 16 For example if State [3,6]= 4F we would lookup SBOX[4,F] SBOX is 16x16 byte array (indexed by hex digits 0..F, 0..F) defined as follows: SBOX [X, Y] = AffineTransformation ( {XY} -1 ) For example: if {95} -1 = 8A then SBOX[9,5] = AffineTransformation (8A) = 2A
Image of page 42
Network Security (N. Dulay & M. Huth) Symmetric Key Cryptography (3.43) ShiftRows Transformation Cyclically rotate LEFT last 3 ROWS of state matrix by 1, 2 and 3 bytes resp. a b c d a b c d e f g h Rotate left 1 Byte f g h e i j k l Rotate left 2 Bytes k l i j m n o p Rotate left 3 Bytes p m n o
Image of page 43
Network Security (N. Dulay & M. Huth) Symmetric Key Cryptography (3.44) m {02} m {03} n p q n m {02} n {03} p q p m n {02} p {03} q q {03} m n p {02} q MixColumns Transformation Multiply each column by {03}x 3 + {01}x 2 + {01}x + {02} mod (x 4 + 1) i.e. columns are word-polynomials This is equivalent to replacing the 4 bytes (m,n,p,q) in a column as follows:
Image of page 44
Network Security (N. Dulay & M. Huth) Symmetric Key Cryptography (3.45) 128 [1] AddRoundKey Transformation XOR round key with state. The cipher key (either 128/192/256 bits) is “expanded” into round keys (1 for each round, plus 1 for the initial AddRoundKey transformation). Note: each Round key is, say, 128-bit treated as a 2-dim. byte array. The cipher key words occupy the start of these round key words, the remaining ones are calculated from it. See Stallings or Huth for details of the key “expansion” function used. 128 [0] 128 [1] AES-128 128 [0] AES-192 128 [11] 128 [12] 128 [0] 128 [1] AES-256 128 [13] 128 [14] 128 [10] 11 round keys 13 round keys 15 round keys
Image of page 45
Network Security (N. Dulay & M. Huth) Symmetric Key Cryptography (3.46) decrypt (ciphertext, roundkey) state = ciphertext // note cipher is 1-dim., state 2-dim. state = AddRoundKey (state, roundkey[ROUNDS]) for round = ROUNDS-1 to 0 state = InvShiftRows (state) // ShiftRows inverse mode state = InvSubBytes (state) // SubBytes inverse mode state = AddRoundKey (state, roundkey[round]) if round > 0 then state = InvMixColumns (state) end return state // convert to 1D and return as plaintext Decrypt Block (Inverse Cipher) // simpl.
Image of page 46
Network Security (N. Dulay & M. Huth) Symmetric Key Cryptography (3.47) Inverse Transformations InvShiftRows Rotate Right last 3 rows of state InvSubBytes Inverse SBOX uses inverse of AffineTranformation & then takes multiplicative inverse in GF(2 8 ) InvMixColumns Multiply columns by inverse of a(x), i.e by a -1 (x) = {0B}x 3 + {0D}x 2 + {09}x + {0E} AddKeyRound Is its own inverse!
Image of page 47
Image of page 48

You've reached the end of your free preview.

Want to read all 51 pages?

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture

  • Left Quote Icon

    Student Picture