Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rijndael Advanced Encryption Standard. Overview Definitions Definitions Who created Rijndael and the reason behind it Who created Rijndael and the reason.

Published byClemence Pitts Modified over 9 years ago

Similar presentations

Presentation on theme: "Rijndael Advanced Encryption Standard. Overview Definitions Definitions Who created Rijndael and the reason behind it Who created Rijndael and the reason."— Presentation transcript:

1 Rijndael Advanced Encryption Standard

2 Overview Definitions Definitions Who created Rijndael and the reason behind it Who created Rijndael and the reason behind it Algorithm breakdown Algorithm breakdown Attacks on AES/Rijndael Attacks on AES/Rijndael

3 Definitions Block cipher Block cipher Consists of two paired algorithms, one for encryption, E, and another for decryption, E-1. Both algorithms accept two inputs: an Nb-bit input block and a Nk-bit key. Consists of two paired algorithms, one for encryption, E, and another for decryption, E-1. Both algorithms accept two inputs: an Nb-bit input block and a Nk-bit key. Iterated block cipher Iterated block cipher Constructed by composing several simpler functions. Each iteration is termed a round, and there are rarely less than 4 or more than 64 of them. Constructed by composing several simpler functions. Each iteration is termed a round, and there are rarely less than 4 or more than 64 of them. The Galois Fields (GF) The Galois Fields (GF) A field that contains only finitely many elements. The order of a finite field is always a prime or a power of a prime A field that contains only finitely many elements. The order of a finite field is always a prime or a power of a prime

4 Who created Rijndael and why? Designed by Joan Daemen and Vincent Rijmen as a candidate for the Advanced Encryption Standard. Designed by Joan Daemen and Vincent Rijmen as a candidate for the Advanced Encryption Standard. Joan Daemen and Vincent Rijmen also designed block cipher. Joan Daemen and Vincent Rijmen also designed block cipher. The algorithm must implement symmetric key cryptography as a block cipher and (at a minimum) support block sizes of 128 bits and key sizes of 128, 192, and 256 bits. The algorithm must implement symmetric key cryptography as a block cipher and (at a minimum) support block sizes of 128 bits and key sizes of 128, 192, and 256 bits.

5 Who created Rijndael and why? (cont.) 3 design goals 3 design goals Resistance against know attacks Resistance against know attacks Speed and code compactness on a variety of platforms Speed and code compactness on a variety of platforms Design simplicity Design simplicity

6 Algorithm breakdown Description Variable block lengths and key lengths supported Variable block lengths and key lengths supported 128, 192, 256 128, 192, 256 Number of columns in the state and round key arrays depend on the sizes Number of columns in the state and round key arrays depend on the sizes

7 Algorithm breakdown Round transformation Step 1: ByteSub Transformation Step 1: ByteSub Transformation Step 2: ShiftRow Transformation Step 2: ShiftRow Transformation Step 3: MixColumn Transformation Step 3: MixColumn Transformation Step 4: Round Key Addition Step 4: Round Key Addition Final round is a little different because it removes the MixColumns step. Final round is a little different because it removes the MixColumns step.

8 Algorithm breakdown

9 Algorithm breakdown Step 1: ByteSub Transformation Each byte of the block is replaced by its substitute in an S-box. Each byte of the block is replaced by its substitute in an S-box. Each byte is treated independently Each byte is treated independently Single S-box is used for the entire state Single S-box is used for the entire state

10 Algorithm breakdown Step 2: ShiftRow Transformation Each row of the state is shifted cyclically a certain number of steps. Each row of the state is shifted cyclically a certain number of steps. The number a row is shifted can’t be the same. The number a row is shifted can’t be the same.

11 Algorithm breakdown Step 3: MixColumn Transformation State columns are treated as polynomials over GF(2 8 ) State columns are treated as polynomials over GF(2 8 ) Each column is multiplied by modulo x 4 + 1 by a fixed polynomial c(x) = `03` x 3 + `01` x 2 + `01`x + `02` Each column is multiplied by modulo x 4 + 1 by a fixed polynomial c(x) = `03` x 3 + `01` x 2 + `01`x + `02`

12 Algorithm breakdown Step 4: Round Key Addition XOR round key with state XOR round key with state

13 Attacks on AES/Rijndael Algebraic attacks Algebraic attacks People have shown Rijndael can be written as an over defined system of multivariate quadratic equations People have shown Rijndael can be written as an over defined system of multivariate quadratic equations Paper published at Eurocrypt 2000 Shamir describe an algorithm called XL able to solve efficiently many such systems of equations. Paper published at Eurocrypt 2000 Shamir describe an algorithm called XL able to solve efficiently many such systems of equations. However this fails miserably However this fails miserably 128-bit Rijndael, the problem of recovering the secret key from one single plaintext can be written as a system of 8000 quadratic equations with 1600 binary unknowns. 128-bit Rijndael, the problem of recovering the secret key from one single plaintext can be written as a system of 8000 quadratic equations with 1600 binary unknowns.

14 Attacks on AES/Rijndael (cont.) Nicolas Courtois and Josef Pieprzyk investigate how to improve XL and adapt it to such special systems. They propose a new class of attacks, attack, called XSL attacks. Nicolas Courtois and Josef Pieprzyk investigate how to improve XL and adapt it to such special systems. They propose a new class of attacks, attack, called XSL attacks. Ciphers like Rijndael were referred to as XSL ciphers, because their rounds are composed of the XOR of key material, a nonlinear substitution provided by an S-box, and a linear diffusion stage. Ciphers like Rijndael were referred to as XSL ciphers, because their rounds are composed of the XOR of key material, a nonlinear substitution provided by an S-box, and a linear diffusion stage.

15 Attacks on AES/Rijndael (cont.) Assuming that one could build a machine that could recover a DES key in a second (i.e., try 2 55 keys per second), then it would take that machine approximately 149 trillion years to crack a 128-bit AES key. Assuming that one could build a machine that could recover a DES key in a second (i.e., try 2 55 keys per second), then it would take that machine approximately 149 trillion years to crack a 128-bit AES key.

Download ppt "Rijndael Advanced Encryption Standard. Overview Definitions Definitions Who created Rijndael and the reason behind it Who created Rijndael and the reason."

Similar presentations

Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.

Origins  clear a replacement for DES was needed Key size is too small Key size is too small The variants are just patches The variants are just patches.
Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.

Chap. 5: Advanced Encryption Standard (AES) Jen-Chang Liu, 2005 Adapted from lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 5 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Cryptography and Network Security Chapter 5

Cryptography and Network Security Chapter 5
The Advanced Encryption Standard (AES) Simplified.

The Advanced Encryption Standard (AES) Simplified.
Announcements: Quiz grades entered Quiz grades entered Homework 4 updated with more details. Homework 4 updated with more details. Discussion forum is.

Announcements: Quiz grades entered Quiz grades entered Homework 4 updated with more details. Homework 4 updated with more details. Discussion forum is.
Advanced Encryption Standard

Advanced Encryption Standard
Cryptography and Network Security

Cryptography and Network Security
Algorithm Scheme. AddRoundKey Each round uses four different words from the expanded key array. Each column in the state matrix is XORed with a different.

Algorithm Scheme. AddRoundKey Each round uses four different words from the expanded key array. Each column in the state matrix is XORed with a different.
Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.

Advanced Encryption Standard(AES) Presented by: Venkata Marella Slide #9-1.
AES clear a replacement for DES was needed

AES clear a replacement for DES was needed
Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.

Advanced Encryption Standard. This Lecture Why AES? NIST Criteria for potential candidates The AES Cipher AES Functions and Inverse Functions AES Key.
1 AES Proposal : Rijndael Joan Daeman Vincent Rijmen.

1 AES Proposal : Rijndael Joan Daeman Vincent Rijmen.
Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.

Cryptography and Network Security (AES) Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 10/18/2009 INCS 741: Cryptography 10/18/20091Dr.
RIJNDAEL Arta Doci University Of Colorado.

RIJNDAEL Arta Doci University Of Colorado.
The Design of Improved Dynamic AES and Hardware Implementation Using FPGA 89321032 游精允.

The Design of Improved Dynamic AES and Hardware Implementation Using FPGA 游精允.
Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard.

Introduction to Modern Cryptography Lecture 3 (1) Finite Groups, Rings and Fields (2) AES - Advanced Encryption Standard.
Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard It seems very simple. It is very simple. But if you don't know.

Cryptography and Network Security Chapter 5. Chapter 5 –Advanced Encryption Standard "It seems very simple." "It is very simple. But if you don't know.
Cryptography and Network Security Chapter 5 Fourth Edition by William Stallings.

Cryptography and Network Security Chapter 5 Fourth Edition by William Stallings.
ICS 454 Principles of Cryptography Advanced Encryption Standard (AES) (AES) Sultan Almuhammadi.

ICS 454 Principles of Cryptography Advanced Encryption Standard (AES) (AES) Sultan Almuhammadi.

Similar presentations

Ads by Google