State
State
0
1
2
3
0
in[0]
in[4]
in[8]
in[12]
1
in[1]
in[5]
in[9]
in[13]
2
in[2]
in[6]
in[10]
in[14]
3
in[3]
in[7]
in[11]
in[15]
State is a 4 by 4 array of bytes,
initialised (col-by-col) with the 16-byte
plaintext block (see below)
Final value of state is returned as ciphertext

Network Security (N. Dulay & M.
Huth)
Symmetric Key Cryptography (3.42)
AffineTransformation is a function that performs a matrix multiplication
followed by a vector addition. See Stallings or Huth for specifics of matrix
and vector used in AES.
SubBytes Transformation
Change each byte of State with corresponding byte from SBOX matrix:
State [Row, Col] = SBOX [X, Y]
where X = State[Row, Col] div 16,
Y = State [Row, Col] mod 16
For example if State [3,6]= 4F we would lookup SBOX[4,F]
SBOX is 16x16 byte array (indexed by hex digits 0..F, 0..F) defined as follows:
SBOX [X, Y] = AffineTransformation ( {XY}
-1
)
For example: if {95}
-1
= 8A then
SBOX[9,5] = AffineTransformation (8A) = 2A

Network Security (N. Dulay & M.
Huth)
Symmetric Key Cryptography (3.43)
ShiftRows Transformation
Cyclically
rotate LEFT last 3 ROWS of state matrix by 1, 2 and 3 bytes resp.
a
b c d
a
b
c
d
e
f g h
Rotate left 1 Byte
f
g
h
e
i j
k
l
Rotate left 2 Bytes
k
l
i
j
m n o
p
Rotate left 3 Bytes
p
m n o

Network Security (N. Dulay & M.
Huth)
Symmetric Key Cryptography (3.44)
m
{02}
•
m
⊕
{03}
•
n
⊕
p
⊕
q
n
m
⊕
{02}
•
n
⊕
{03}
•
p
⊕
q
p
m
⊕
n
⊕
{02}
•
p
⊕
{03}
•
q
q
{03}
•
m
⊕
n
⊕
p
⊕
{02}
•
q
MixColumns Transformation
Multiply each column by
{03}x
3
+ {01}x
2
+ {01}x
+ {02}
mod
(x
4
+ 1)
i.e. columns are word-polynomials
This is equivalent to replacing the 4 bytes (m,n,p,q) in a column as follows:

Network Security (N. Dulay & M.
Huth)
Symmetric Key Cryptography (3.45)
128
[1]
AddRoundKey Transformation
XOR round key with state.
The cipher key
(either 128/192/256 bits) is “expanded” into round keys (1 for each
round, plus 1 for the initial AddRoundKey transformation). Note: each Round key is, say,
128-bit treated as a 2-dim. byte array. The cipher key words occupy the start of these
round key words, the remaining ones are calculated from it.
See Stallings or Huth for details of the key “expansion” function used.
128
[0]
128
[1]
AES-128
128
[0]
AES-192
128
[11]
128
[12]
128
[0]
128
[1]
AES-256
128
[13]
128
[14]
128
[10]
11 round keys
13 round keys
15 round keys

Network Security (N. Dulay & M.
Huth)
Symmetric Key Cryptography (3.46)
decrypt
(ciphertext, roundkey)
state = ciphertext
// note cipher is 1-dim., state 2-dim.
state = AddRoundKey (state, roundkey[ROUNDS])
for
round = ROUNDS-1
to
0
state = InvShiftRows (state) // ShiftRows inverse mode
state = InvSubBytes (state)
// SubBytes inverse mode
state = AddRoundKey (state, roundkey[round])
if
round > 0
then
state = InvMixColumns (state)
end
return
state
// convert to 1D and return as plaintext
Decrypt Block (Inverse Cipher) // simpl.

Network Security (N. Dulay & M.
Huth)
Symmetric Key Cryptography (3.47)
Inverse Transformations
InvShiftRows
Rotate Right last 3 rows of state
InvSubBytes
Inverse SBOX uses inverse of AffineTranformation & then
takes multiplicative inverse in GF(2
8
)
InvMixColumns
Multiply columns by inverse of a(x), i.e by
a
-1
(x)
=
{0B}x
3
+ {0D}x
2
+ {09}x
+ {0E}
AddKeyRound
Is its own inverse!

#### You've reached the end of your free preview.

Want to read all 51 pages?

- Summer '15
- Information Security, Cryptography, Advanced Encryption Standard, Block cipher, Symmetric Key Cryptography, Data Encryption Standard