1 / 9

ICS 454 Principles of Cryptography

ICS 454 Principles of Cryptography. Advanced Encryption Standard (AES) Sultan Almuhammadi. Outline. Background AES Encryption and Decryption Security Issues Implementation Issues. Background. In 1977, the National Bureau of Standards (NBS) adopted DES.

paki-peters
Download Presentation

ICS 454 Principles of Cryptography

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. ICS 454Principles of Cryptography Advanced Encryption Standard (AES) Sultan Almuhammadi

  2. Outline • Background • AES Encryption and Decryption • Security Issues • Implementation Issues

  3. Background • In 1977, the National Bureau of Standards (NBS) adopted DES. • In 1994, the National Institute of Standards and Technology (NIST), reaffirmed DES for federal use for another 5 years. • In 1999, NIST adopted 3DES. • Pros: • 168-bit key  overcomes brute-force attack. • Cons: • Triple rounds  relatively slow in software. • 64-bit block size  larger is better. • 3DES is not a good candidate for long-term use.

  4. Background • In 1997, NIST called for a new Advanced Encryption Standard (AES) • AES Requirements: • Must have equal or better security than 3DES. • Must improve the efficiency. • Must be a 128-bit symmetric block cipher. • Must support 128/192/256 bit key lengths. • In 2001, NIST selected Rijndael (by Rijmen and Daemen) as the new AES. • AES will replace 3DES eventually. Until then, NIST approves 3DES for US government use.

  5. AES (Encryption) • Not a Feistel structure (data block is processed in parallel in each round) • Key Expansion provides 128-bit round keys (4 words each). • Each round has 4 stages: • Substitute bytes: using an S-box to perform a byte-by-byte substitution of the block • ShiftRows: a simple permutation • MixColumns: substitution using arithmetic over GF(28) • AddRoundKey: bitwise XOR of the current block with a round key

  6. byte-by-byte substitution using S-box Simple permutation Substitution using arithmetic over GF(28) XOR with round key

  7. AES (Decryption) • Each stage is easily reversible: • Inv. Sub bytes: An inverse S-box is used. • Inv. ShiftRows: Inverse permutation • Inv. MixColumns: Inverse substitution using arithmetic over GF(28) • AddRoundKey: XOR with a round key in reverse order (B RK)  RK = B

  8. AES Security Issues • Only the AddRoundKey stage makes use of the key. • Other stages are reversible without the key  add no security. • AddRoundKey stage by itself is just an XOR scheme  attackable. • Other three stages provide confusion/diffusion/ nonlinearity (i.e. scrambling the block), but no security. • The four stages together in each round make it both efficient and highly secure. • The S-box is designed such that: • It is resistant to known cryptanalytic attacks • It has no fixed point (S-box(n) = n) • it is not self-inverse. Eg. S-box(95) = 2A, but Inv.S-box(95) = AD

  9. AES Implementation Issues • Very efficient on 8-bit processor: • AddRoundKey: bytewise XOR operation • ShiftRows: simple byte shifting • SubBytes: operates at byte-level • MixColumns: multiplies matrices in GF(28) • On 32-bit processor, a more efficient implementation can be achieved with operations defined on 32-bit words.

More Related