Cryptographic Algorithms - AES

Similar documents
Cryptography and Network Security

Cryptography and Network Security. Sixth Edition by William Stallings

Computer and Data Security. Lecture 3 Block cipher and DES

Block Ciphers and Data Encryption Standard. CSS Security and Cryptography

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

ECE596C: Handout #7. Analysis of DES and the AES Standard. Electrical and Computer Engineering, University of Arizona, Loukas Lazos

Cryptography and Network Security Block Ciphers + DES. Lectured by Nguyễn Đức Thái

Understanding Cryptography by Christof Paar and Jan Pelzl. Chapter 4 The Advanced Encryption Standard (AES) ver. October 28, 2009

Data Encryption Standard (DES)

Content of this part

Introduction to Modern Symmetric-Key Ciphers

Secret Key Cryptography

Week 5: Advanced Encryption Standard. Click

Block Ciphers. Lucifer, DES, RC5, AES. CS 470 Introduction to Applied Cryptography. Ali Aydın Selçuk. CS470, A.A.Selçuk Block Ciphers 1

A SIMPLIFIED IDEA ALGORITHM

Modern Symmetric Block cipher

AES Advanced Encryption Standard

Implementation of Full -Parallelism AES Encryption and Decryption

Fundamentals of Cryptography

CPSC 467b: Cryptography and Computer Security

CPSC 467b: Cryptography and Computer Security

PGP: An Algorithmic Overview

Cryptography and Network Security. Sixth Edition by William Stallings

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 24

FPGA Can be Implemented Using Advanced Encryption Standard Algorithm

Computer Security 3/23/18

The Encryption Standards

Advanced Encryption Standard and Modes of Operation. Foundations of Cryptography - AES pp. 1 / 50

Chapter 6: Contemporary Symmetric Ciphers

CPSC 467: Cryptography and Computer Security

L3. An Introduction to Block Ciphers. Rocky K. C. Chang, 29 January 2015

CSc 466/566. Computer Security. 6 : Cryptography Symmetric Key

Winter 2011 Josh Benaloh Brian LaMacchia

ISSN: (Online) Volume 2, Issue 4, April 2014 International Journal of Advance Research in Computer Science and Management Studies

Introduction to Cryptology. Lecture 17

Symmetric Cryptography CS461/ECE422

CSCI 454/554 Computer and Network Security. Topic 3.1 Secret Key Cryptography Algorithms

Encryption and Decryption by AES algorithm using FPGA

Chapter 7 Advanced Encryption Standard (AES) 7.1

ENHANCED AES ALGORITHM FOR STRONG ENCRYPTION

Symmetric Cryptography

AIT 682: Network and Systems Security

Network Security Essentials Chapter 2

FAULT DETECTION IN THE ADVANCED ENCRYPTION STANDARD. G. Bertoni, L. Breveglieri, I. Koren and V. Piuri

Lecture 2: Secret Key Cryptography

International Journal of Advance Engineering and Research Development CRYPTOGRAPHY AND ENCRYPTION ALGORITHMS FOR INFORMATION SECURITY

Symmetric Cryptography. Chapter 6

6 Block Ciphers. 6.1 Block Ciphers CA642: CRYPTOGRAPHY AND NUMBER THEORY 1

Encryption Details COMP620

CENG 520 Lecture Note III

Design of an Efficient Architecture for Advanced Encryption Standard Algorithm Using Systolic Structures

Block Encryption and DES

Crypto Basics. Recent block cipher: AES Public Key Cryptography Public key exchange: Diffie-Hellmann Homework suggestion

Introduction to Network Security Missouri S&T University CPE 5420 Data Encryption Standard

Goals of Modern Cryptography

Area Optimization in Masked Advanced Encryption Standard

ENEE 459-C Computer Security. Symmetric key encryption in practice: DES and AES algorithms

3 Symmetric Cryptography

Optimized AES Algorithm Using FeedBack Architecture Chintan Raval 1, Maitrey Patel 2, Bhargav Tarpara 3 1, 2,

Network Security Essentials

Modern Block Ciphers

Design and Implementation of Rijndael Encryption Algorithm Based on FPGA

COS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2018

U-II BLOCK CIPHER ALGORITHMS

CSC 474/574 Information Systems Security

Symmetric Encryption Algorithms

Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General considerations for cipher design:

Block Ciphers and the Data Encryption Standard (DES) Modified by: Dr. Ramzi Saifan

FPGA CAN BE IMPLEMENTED BY USING ADVANCED ENCRYPTION STANDARD ALGORITHM

P2_L6 Symmetric Encryption Page 1

CS6701- CRYPTOGRAPHY AND NETWORK SECURITY UNIT 2 NOTES

A New ShiftColumn Transformation: An Enhancement of Rijndael Key Scheduling

Block Ciphers Introduction

A Block Cipher using Feistal s Approach Involving Permutation and Mixing of the Plaintext and the Additive Inverse of Key Matrix

Symmetric Key Cryptography

ENGI 8868/9877 Computer and Communications Security III. BLOCK CIPHERS. Symmetric Key Cryptography. insecure channel

Block Ciphers. Secure Software Systems

Applied Cryptography Data Encryption Standard

Lecture 4. Encryption Continued... Data Encryption Standard (DES)

CIS 6930/4930 Computer and Network Security. Project requirements

Few Other Cryptanalytic Techniques

Stream Ciphers and Block Ciphers

Jordan University of Science and Technology

Information Security and Cryptography 資訊安全與密碼學. Lecture 6 April 8, 2015 洪國寶

Lecture 5. Encryption Continued... Why not 2-DES?

Key Separation in Twofish

Hill Cipher with Parallel Processing Involving Column, Row Shuffling, Permutation and Iteration on Plaintext and Key

Block Ciphers and Stream Ciphers. Block Ciphers. Stream Ciphers. Block Ciphers

IMPLEMENTATION OF EFFICIENT AND HIGH SPEED AES ALGORITHM FOR SECURED DATA TRANSMISSION

in a 4 4 matrix of bytes. Every round except for the last consists of 4 transformations: 1. ByteSubstitution - a single non-linear transformation is a

Secret Key Systems (block encoding) Encrypting a small block of text (say 64 bits) General Considerations:

UNIT - II Traditional Symmetric-Key Ciphers. Cryptography & Network Security - Behrouz A. Forouzan

Chapter 3 Block Ciphers and the Data Encryption Standard

Vortex: A New Family of One-way Hash Functions Based on AES Rounds and Carry-less Multiplication

Lecture 8: AES: The Advanced Encryption Standard. Lecture Notes on Computer and Network Security. by Avi Kak

Cryptography MIS

ICT 6541 Applied Cryptography. Hossen Asiful Mustafa

Implementation of the block cipher Rijndael using Altera FPGA

Stream Ciphers and Block Ciphers

Transcription:

Areas for Discussion Cryptographic Algorithms - AES CNPA - Network Security Joseph Spring Department of Computer Science Advanced Encryption Standard 1 Motivation Contenders Finalists AES Design Feistel v non-feistel Ciphers Key Size Block Size AES Algorithm AES Sub-Algorithms Advanced Encryption Standard 2 Motivation DES For legacy systems only 3DES A natural successor? Yes from a security perspective No from an efficiency perspective Des slow software implementation, 3DES even slower Advanced Encryption Standard 3 Contenders and Finalists 21 original contenders for the AES, This was narrowed down to 15, then to 5; the subsequent winner being Rijndael: Rijndael Mars Serpent Twofish RC5 Advanced Encryption Standard 4 Feistel Cipher Structure Advanced Encryption Standard 5 Design Feistel Cipher Structure Feistel Ciphers are algorithms such as DES (NOT AES) Input data of size 2m and a key K Plaintext block divided into 2 halves these: pass through n rounds are combined into the ciphertext block each round has inputs L i-1, R i-1 from previous round and subkey K i derived from key K. These are in general different from each other and from K Advanced Encryption Standard 6 1

Design Feistel Cipher Structure All rounds have the same structure Substitution performed on left half of data, by applying a round function F to the right half of the data and then taking XOR of the output with the left half of the data Followed by a Permutation consisting of the interchange of the two halves of data The above is a particular form of the Substitution- Permutation Network proposed by C. Shannon At each round: One half operated on by a cipher function (Confusion) Design Feistel Cipher Structure So at each round: One half operated on by a cipher function (Confusion) Other half untouched Each half is then swapped over and the round process repeats but with the cipher function acting on the other half (permutation + function = Diffusion) Decryption is the reverse of encryption with keys in reverse order Advanced Encryption Standard 7 Advanced Encryption Standard 8 Other half untouched Design Feistel Cipher Structure Exact realisation of Feistel cipher dependent upon: Block size Key size Number of rounds Subkey generation algorithm Round function Fast software encryption/decryption Ease of analysis (See W. Stallings: Cryptography and Network Security) Advanced Encryption Standard 9 Design Standard Feistel Cipher L 0 R 0 Plaintext (2m bits) L 1 R 1 F F Round 1 K i Round i L i R i F K n Round n L n R n L n + 1 R n + 1 Ciphertext (2m bits) Advanced Encryption Standard 10 K 1 Design Rijndael Advanced Encryption Standard Design Requirements: Security strength equal to or better than 3DES with significantly improved efficiency Resistant against all known attacks Speed and code compactness on a wide range of platforms Design simplicity Symmetric block cipher, block length 128 bits Key size: 128, 192, 256 bits Advanced Encryption Standard 11 Advanced Encryption Standard 12 2

NOT a Feistel Structure acts on the complete block doesn t split the block into halves, (or fractions of any sort) for different treatment Key Sizes accommodated are 128, 192 or 256 bit. (128 likely to be the most common implementation) We assume a key size of 128 bits as input. This is expanded into 44 32 bit words, w[i]. 4 words used at a time (128 bit), used once only at initial Add round key in each of the 10 rounds Block size = 128 bit The AES Algorithm - Overview Encryption Plaintext Key w[0,3] Expand Key Round 1 w[4,7] Round 9 w[36,39] Round 10 w[40,43] Ciphertext Plaintext Round 10 Round 9 Round 1 Ciphertext Decryption Advanced Encryption Standard 13 Advanced Encryption Standard 14 Rounds 1 9 consist of 4 different stages: Rounds 10 consists of 3 different stages: Substitute Bytes Substitute Bytes Shift Rows Mix Columns Rounds 1 9 in Encryption w[40, 43] Shift Rows Rounds 10 of Encryption w[4i, 4i+3] Ciphertext Advanced Encryption Standard 15 Advanced Encryption Standard 16 The 4 stages used in the rounds consist of three substitutions and one permutation Substitution Bytes (Substitution) S Boxes in byte to byte substitution of block Shift Rows (Simple Permutation) Mix Columns (Substitution) Uses Finite field arithmetic on GF(2 8 ) (Substitution) Simple bitwise XOR of current block with portion of expanded key This is the only stage that uses the key Advanced Encryption Standard 17 Advanced Decryption Algorithm Decryption makes use of keys in reverse order just as with DES Decryption algorithm is not the same as the Encryption algorithm unlike DES The 4 stages used in the rounds consist of three substitutions and one permutation Inverse Shift Rows (Simple Permutation) Inverse Substitution Bytes (Substitution) (Substitution) Inverse Mix Columns (Substitution) 10 th round involves 3 stages as in encryption Advanced Encryption Standard 18 3

Rounds 1 9 consist of 4 different stages: Inverse Mix Columns Rounds 10 consists of 3 different stages: Plaintext Inverse Substitute Bytes Rounds 1 9 in Decryption w[0, 3] Inverse Substitute Bytes Round 10 of Decryption Inverse Shift Rows Inverse Shift Rows w[4(10 - i), 4(10 - i) + 3] Advanced Encryption Standard 19 Advanced Encryption Standard 20 For comparison of encryption and decryption stages and how they relate key wise see: Figure 5.1AES Encryption and Decryption diagram in W. Stallings Cryptography and Network Security 3 rd Ed. P146 (Handout) See also figure 5.3 for more detail regarding encryption round (Handout) Algorithm The 128 bit input block is initially copied into an input matrix and then into the state array (See Figure 5.2 Handout) The state array is modified after each stage of encryption/decryption (See Figure 5.3) After Round 10 the final state is copied to an output matrix (See Figure 5.2 Handout) Advanced Encryption Standard 21 Advanced Encryption Standard 22 Advanced Encryption Standard Subalgorithms Input A 4 word (16 byte) key 128 bits in all! Output 44 word (156 bytes) as linear array 4 words used in Initial stage Each of the 10 AES rounds Advanced Encryption Standard 23 Advanced Encryption Standard 24 4

AES Key Expansion Pseudocode KeyExpansion(byte key[16], word w[44]) { word temp for(i = 0; i < 4; i + +) } w[i] = (key[4*i], key[4*i + 1], key[4*i + 2], key[4*i + 3]); for(i = 4; i < 44; i + +) { temp = w[i 1]; if ( i mod 4 = 0) temp = SubWord(RotWord(temp)) Rcon[i/4]; w[i] = w[i-4] temp } Advanced Encryption Standard 25 The key is copied into the first 4 words of the expanded key Each subsequent word w[i] depends upon w[i-1] and w[i-4] For words whose positions are NOT a multiple of 4 w[i] = w[i-4] w[i-1] Otherwise w[i] = w[i-4] SubWord(RotWord(temp)) Rcon[i/4] Advanced Encryption Standard 26 k 0 k 4 K 8 k 12 k 1 k 5 K 9 k 6 k 10 k 3 k 11 k 2 k 13 k 7 k 14 k 15 Key Expansion for first 8 words RotWord This function performs a one byte circular left shift on a word (compare to DES) So RotWord([a 0, a 1, a 2, a 3 ] = [a 1, a 2, a 3, a 0 ] w 0 w[0,3] w 1 w 2 w 3 g w 4 w 5 w 6 w 7 w[4,7] SubWord This function performs a byte substitution on each of its input words using the S-Box Advanced Encryption Standard 27 Advanced Encryption Standard 28 Rcon This function is referred to as the round constant It is a word in which only the leftmost byte is nonzero. The other3 bytes are zero By XOR ing a word with Rcon you only XOR the leftmost byte of that word The values for Rcon are different for each round Rcon[j] = (RC[j], 0, 0, 0) such that RC[1] = 1, and RC[j] = 2*Rcon[j 1] multiplication being evaluated in GF(2 8 ) Rcon The values of RC[j] in hexadecimal are: j RC[j] 1 1 2 2 3 4 4 8 5 10 6 20 7 40 8 80 9 1B 10 36 Advanced Encryption Standard 29 Advanced Encryption Standard 30 5

AES Transformations Substitute Bytes Transformation A simple table lookup 16x16 matrix of byte values This is the S-Box containing a permutation of all possible 256 8-bit values Designed to be resistant against all known cryptanalytic attacks To have a low correlation between input and output bits To have no simple mathematical function that can be used to relate the output to the input To be invertible for decryption purposes Advanced Encryption Standard 31 AES Transformations Shift Row Transformation Incorporates a variety of circular shifts No shift for first row of state 1 shift for second row of state 2 shifts for third row of state 3 shifts for fourth row of state More substantial than it first appears since input is arranged according to columns and shift row then mixes these together Clearly invertible Advanced Encryption Standard 32 AES Transformations Mix Column Transformation Operates on each column individually Matrix multiplication is applied so that each output in a column is a linear combination of the input from the same column Matrix entries are based on linear code that ensures a good mixing among the bytes of a column These sums and products are performed in GF(2 8 ) After a few rounds the mix column and shift row transformations ensure all output bits depend upon all input bits Advanced Encryption Standard 33 Summary Motivation Contenders Finalists AES Design Feistel v non-feistel Ciphers Key Size Block Size AES Algorithm AES Sub-Algorithms Advanced Encryption Standard 34 References J. Daemen and V. Rijmen: The Design of Rijndael, Information Security and Cryptography, Springer- Verlag, 2002 W. Stallings: Cryptography and Network Security, Principles and Practices, Prentice Hall, 3 rd Ed. 2003 M. Welschenbach: Cryptography in C and C++, Apress, Springer-Verlag, 2001 Advanced Encryption Standard 35 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback