You should know First
Polynomial calculation
1.Overview
DES is unsecure because of short length of key.3-DES is secure with 3*56-bit key, but too slow.
AES is considered good security with 128-bit block size, 128, 192, 256-bit key coordinating with 10,12,14 rounds encryption respectively.
1.Key addition at start.
2.Enter rounds of encryption. Each rounds include Byte Substitution Layer, Confusion Layer( Shift Row and Mix Column) and Key Addition Layer. We should be careful that there is no Mix Column Layer in last round.
3.get ciphertext by overall 10 rounds of step 2 .
2.Block structure
AES uses substitution-permutation network(rather than Feistel Network) and arranges plaintext block with 4×4 matrix filling it downwards and then right. Each elements is 8-bit string.So we can conclude that the block size is 4×4×8=128 bit.
3.Detailed description for one round
1.Byte Substitution
Each byte in the current 4×4 state matrix is used as an index to the S-box, obtaining a new byte for that position.
For example, the input byte is 10010100 which is 94 in hex. We can find the result 22 from the S table according to the coordinate.
We also can illustrate the Substitution in terms of polynomial calculation. The substitution operation for a byte B is defined as follows.
1.First compute the multiplicative inverse (known to have good non-linearity properties) of B in the AES field(GF()) , to obtain B'=[x7,...,x0]. In this step, the zero element is mapped to [0,...,0].
2.Then compute a new bit vector B''=[y7,...,y0] with the following transformation in F2(observe that the vector addition is the same as an xor ):
This transformation avoid any fixed points(input and output is different,so is a derangement),also any opposite fixed point (
)
The result of substitution is B''.
Significance: Operating on every single byte independently. This gives the non-linearity and confusion in AES.
2.Shift Rows
Shift Rows perform cyclic shift on the state matrix just as the figure below.
Significance: This is a kind of Byte permutation(the elements for operation is Byte), which provide diffusion for AES. In this way, each column of the output state of the ShiftRows step is composed of bytes from each column of the input state. The importance of this step is to avoid the columns being encrypted independently, in which case AES degenerates into four independent block ciphers.
3.Mix Column
Mixing each column separately.This operation is achieved by multiplying with matrix.
Significance: The MixColumns function takes four bytes as input and outputs four bytes, where each input byte affects all four output bytes. Together with ShiftRows, MixColumns provides diffusion in the cipher.
4.Key addition
The key is 128 bits. And we compute 10× 128-bit subkeys for each round. Those keys can also be represented as 4×4 matrix because of the same size(128-bit) as plaintext blocks.
Just simple xor with state matrix.
5.Overall
4 Rijndael's Key schedule
Derive round keys K i as follows. Split K into four words W0 , W1 , W2 and W3 of 32 bits each.
SubBytes is an application of the AES S-box to each of the four bytes of the word.
