Advanced Encryption Standard (AES)
Advanced Encryption Standard (AES) is a symmetric block cipher that encrypts data in 128-bit blocks.
- aka Rijndael block cipher
- developed as the official replacement to DES
- designated as FIPS 197
- has 3 different ciphers of different key sizes
- AES 128, AES 192, AES 256
- each uses a 128-bit block size
- not based on Feistel Function
- instead uses a substitution-permutation matrix
- uses a 4 x 4 column matrix of bytes
- called the state
- uses a 4 x 4 column matrix of bytes
- instead uses a substitution-permutation matrix
- an encryption round is a set of operations that are consecutively applied to a block during the encryption process
- number of encryption rounds is determined by the key length
- longer key → higher number of rounds and larger keyspace
- both make cipher more resistant to brute force attacks
AES Versions
Version Key length
(bits)Encryption rounds Keyspace
(number of possible keys)AES-128 128 10 AES-192 192 12 AES-256 256 14
How It Works
- general steps:
- Key expansion
- round keys are derived from the cipher key using Rijndael’s key schedule
- generates a different key in each round, based on the original key
- uses a set of round constants to generate a unique 128-bit round key block for each round
- along with one extra round key block
- round keys are derived from the cipher key using Rijndael’s key schedule
- Initial round
- AddRoundKey
- each byte of the state is combined with the round key using bitwise XOR
- i.e., the plaintext is arrayed bit by bit in a matrix that is XOR’d with the key
- each byte of the state is combined with the round key using bitwise XOR
- AddRoundKey
- Rounds
- SubBytes
- a nonlinear substitution step where each byte is replaced with another according to a lookup table
- each bytes in the matrix is then fed into a substitution box
- also transposes the bits as well as substituting them
- so it is called a permutation box
- ShiftRows
- a transposition step where each row of the state is shifted cyclically a certain number of steps
- MixColumns
- a mixing operation that operates on the columns of the state, combining the 4 bytes in each column
- AddRoundKey
- a step where the key is XOR’d with the matrix again
- SubBytes
- Final round (no MixColumns)
- Repeat
- SubBytes
- ShiftRows
- AddRoundKey
- Repeat
- Key expansion
- details
- SubBytes step
- each byte in the matrix is substituted for another byte using an 8-bit substitution box
- called the Rijndael S-box
- each byte in the matrix is substituted for another byte using an 8-bit substitution box
- ShiftRows step
- works by shifting the bytes in each row by a certain amount
- first row is left unchanged
- second row is shifted one to the left
- the third row is shifted by two, and so on
- MixColumns step
- columns are mixed, similar to shifting rows
- but rather than just shifting them, they are mixed together
- AddRoundKey step
- subkey is XOR’d with the state
- for each round key, a subkey is derived from the main key using Rijndael’s key schedule
- each subkey is the same size as the state
- SubBytes step