Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lect. 8 : Advanced Encryption Standard

Published byRory Solly Modified over 10 years ago

Similar presentations

Presentation on theme: "Lect. 8 : Advanced Encryption Standard"— Presentation transcript:

1 Lect. 8 : Advanced Encryption Standard

2 AES Contest AES Contest Calendar
1997 : Call For AES Candidate Algorithms by NIST 128-bit Block cipher 128/192/256-bit keys Worldwide-royalty free More secure than Triple DES More efficient than Triple DES 1998 : 1st Round Candidates – 15 Algorithms Mars, Twofish, RC6, SAFER+, HPC, CAST256, DEAL, Frog, Magenta, Rijndael, DFC, Serpent, Crypton, E2, LOKI97 1999 : 2nd Round Candidates – 5 Algorithms MARS, RC6, Rijndael, Serpent, and Twofish : Rijndael selected as the finalist : official publication as FIPS PUB 197 * National Institute of Standards and Technology

3 AES Contest 1st Round Candidates – 15 Algorithms

4 AES Contest 2nd Round Candidates – 5 Algorithms Cipher Submitter
Structure Nonlinear Component MARS IBM Feistel structure Sbox DD-Rotation RC6 RSA Lab. Rotation Rijndael Daemen, Rijmen SPN structure Serpent Anderson, Biham, Knudsen Twofish Schneier et. al

5 AES Contest Vincent Rijmen AES Contest
: Rijndael selected as the finalist : official publication as FIPS PUB 197 Joan Daemen and Vincent Rijmen, “The Design of Rijndael, AES – The Advanced Encryption Standard”, Springer, 2002, ISBN Vincent Rijmen

6 SPN- Structure Block Cipher
More constraints on the round function: must be invertible Relatively new architecture than Feistel-structure Faster than Feistel-structure Parallel computation Typically E  D

7 Advanced Encryption Standard (AES)
AES External Format Plaintext block 128 bits Ciphertext block 128 bits AES Key 128, 192, 256 bits

8 AES Architecture SPN-type block cipher Block size = 128 bits
Plaintext AddRoundKey SPN-type block cipher Block size = 128 bits Key size / No. round 128 bits  10 rounds 192 bits  12 rounds 256 bits  14 rounds Round transformation SubBytes ShiftRow MixColumn AddRoundKey Initial Key SubByte ShiftRow Repeat N-1 rounds MixColumn Round key AddRoundKey SubByte ShiftRow Final round Final round key AddRoundKey Ciphertext

9 Finite Field Every nonzero element has multiplicative inverse.
Prime number, Zp Gcd, Extended Euclidean Algorithm Representation of n-bit data Binary Hexadecimal Polynomial GF(p), GF(2n) over irreducible polynomial Ex) GF(23) /x3 + x + 1 Addition and multiplication AES uses GF(28) /f(x)= x8 + x4 + x3 + x +1

10 The input block is XOR-ed
Round Transformation S-box  c(x) b0j a00 a01 a0j a02 a03 b00 b01 b02 b03 a00 a02 a03 b00 b02 b03 a10 a11 a12 a13 b10 b11 b12 b13 a10 a1j a12 a13 b10 b1j b12 b13 aij bij a20 a21 a22 a23 b20 b21 b22 b23 a20 a2j a22 a23 b20 b2j b22 b23 a30 a31 a32 a33 b30 b31 b32 b33 a30 a3j a32 a33 b30 b3j b32 b33 SubBytes MixColumns No shift a00 a01 a02 a03 a00 a01 a02 a03 Cyclic shift by 1 byte a10 a11 The input block is XOR-ed with the round key a12 a13 a11 a12 a13 a10 Cyclic shift by 2 byte a20 a21 a22 a23 a22 a23 a20 a21 AddRoundKey Cyclic shift by 3 byte a30 a31 a32 a33 a33 a30 a31 a32 ShiftRows

11 AddRoundKey The input block is XOR-ed with the round key

12 Best Known Attack related-key attack can break 256-bit AES with a complexity of 2119, which is faster than brute force but is still infeasible. 192-bit AES can also be defeated in a similar manner, but at a complexity of bit AES is not affected by this attack. chosen-plaintext attack can break 8 rounds of 192- and 256-bit AES, and 7 rounds of 128-bit AES, although the workload is impractical at (Ferguson et al., 2000).

13 Feistel vs. SPN Structures
Feistel structure SPN structure 64-bit block 128-bit block 64-bit block 128-bit block DES/3DES BLOWFISH CAST128 RC5 SEED TWOFISH CAST256 RC6 MARS SAFER SAFER+ IDEA AES CRYPTON SERPENT Fewer constraints on the round function More cryptanalytic experience Serial in nature Typically E = D with round keys in reverse order More constraints on the round function: must be invertible Less cryptanalytic experience: relatively new architecture more parallel computation Typically E  D

Download ppt "Lect. 8 : Advanced Encryption Standard"

Similar presentations

Symmetric Encryption Prof. Ravi Sandhu.

Symmetric Encryption Prof. Ravi Sandhu.
Encryption.

Encryption.
DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.

DES The Data Encryption Standard (DES) is a classic symmetric block cipher algorithm. DES was developed in the 1970’s as a US government standard The block.
Anupam Saxena Associate Professor Indian Institute of Technology KANPUR 208016.

Anupam Saxena Associate Professor Indian Institute of Technology KANPUR
Computer Science 653 --- Lecture 7 Rijndael – Advanced Encryption Algorithm Professor Wayne Patterson Howard University Fall 2009.

Computer Science Lecture 7 Rijndael – Advanced Encryption Algorithm Professor Wayne Patterson Howard University Fall 2009.
Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.

Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.
Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.

Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.
Chapter 3  Symmetric Key Cryptosystems 1 Overview  Modern symmetric-key cryptosystems o Data Encryption Standard (DES)  Adopted in 1976  Block size.

Chapter 3  Symmetric Key Cryptosystems 1 Overview  Modern symmetric-key cryptosystems o Data Encryption Standard (DES)  Adopted in 1976  Block size.
1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.

1 CIS 5371 Cryptography 5b. Pseudorandom Objects in Practice Block Ciphers.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 5

Cryptography and Network Security Chapter 5
Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)

Computer Science CSC 405By Dr. Peng Ning1 CSC 405 Introduction to Computer Security Topic 2. Basic Cryptography (Part II)
Announcements: Quiz grades entered Quiz grades entered Homework 4 updated with more details. Homework 4 updated with more details. Discussion forum is.

Announcements: Quiz grades entered Quiz grades entered Homework 4 updated with more details. Homework 4 updated with more details. Discussion forum is.
History Applications Attacks Advantages & Disadvantages Conclusion.

History Applications Attacks Advantages & Disadvantages Conclusion.
Advanced Encryption Standard

Advanced Encryption Standard
Cryptography and Network Security

Cryptography and Network Security
Algorithm Scheme. AddRoundKey Each round uses four different words from the expanded key array. Each column in the state matrix is XORed with a different.

Algorithm Scheme. AddRoundKey Each round uses four different words from the expanded key array. Each column in the state matrix is XORed with a different.
Encryption CS 465 January 9, 2006 Tim van der Horst.

Encryption CS 465 January 9, 2006 Tim van der Horst.
1 A simple algebraic representation of Rijndael Niels Ferguson Richard Schroeppel Doug Whiting.

1 A simple algebraic representation of Rijndael Niels Ferguson Richard Schroeppel Doug Whiting.
Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.

Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.

Similar presentations

Ads by Google