0:00

In the previous lesson,

Â we looked at improving DES by using

Â the same DES functions multiple times with different keys.

Â Such approach can make the brute force attacking feasible by increasing the key length.

Â While triple DES provides greater security than DES,

Â it requires three times as much as computation for Alice and Bob and therefore slower.

Â An alternative approach is to design a completely new algorithm.

Â And we will look at a prominent example of that in Advanced Encryption Standard or AES.

Â By the time that DES brute force demonstrations were occurring,

Â the US National Institute of Standards and Technology or NIST sensing this insecurity

Â of DES requested call for proposals for a cipher standard that is supersede DES.

Â The call for proposal was posted in

Â 1997 and the result of the call was Advanced Encryption Standard or AES.

Â AES was invented by the Belgian researchers,

Â Vincent Rijmen and Joan Daemen.

Â AES was standardized in 2001. AES has been designed for

Â simplicity to ease the implementation and to resist known attacks on block ciphers.

Â Also it is designed for speed and

Â code compactness and it's designed to be faster than triple DES.

Â AES processes the data on bytes which are eight bits.

Â The block length is 16 bytes in the form of four columns of

Â four bytes or in four by four matrix with each element being a byte.

Â This format is also called a state array.

Â This data is also called a state array in AES and

Â each row or column in a state array is called a ward.

Â So that word is four bytes or 32 bits long.

Â AES supports keys of 128 bits,

Â 192 bits and 256 bits.

Â Because AES processes data on a four by four matrix blocks,

Â it is not based on Feistel Cipher structure,

Â which operates data by splitting them into left half and right half.

Â Rather, AES is based on

Â substitution permutation network structure which alternates substitution and permutation.

Â AES is comprised of multiple alternative rounds.

Â Before the rounds, there's an XOR operation that adds a round key.

Â This requires an additional round key that serves as the zeroth

Â round key and it's in addition to the other rounds.

Â The number of rounds vary with the key length.

Â There are 10 rounds if the key is 128 bits,

Â 12 rounds if the key is 192 bits and 14 rounds if the key is 256 bits.

Â Except for the final round,

Â which excludes mixed columns set step and has three steps,

Â the rounds have the following four steps in that order for encryption.

Â First is the soft bytes operation which is a lookup table based substitution.

Â The second is shift roles step which takes the four

Â by four data block and perform role based transposition.

Â The next is the MixColumns step in which

Â each column is processed separately using

Â multiplications over Galois field or Finite field.

Â The last block is the AddRoundKey step which XORs the data with the round key.

Â Because the inputs for XOR need to be the same,

Â the round keys are the same 16 byte long as,

Â it's the same length as data block.

Â There's also a round key generation algorithm that

Â expands the key and generate round keys.

Â As mentioned previously, because there is an AddRoundKey

Â that uses the round key before round one,

Â there needs to be one more round key generated in addition to the number of rounds.

Â While AES by design is simple,

Â the actual mapping sort of transformations within these blocks,

Â within these steps, can be best described using finite field.

Â Finite field is a mathematical concept that

Â defines arithmetic operations such as addition,

Â multiplications and inverse operations which are computer implementation friendly.

Â More specifically in AES,

Â finite field based arithmetic is used for MixColumns,

Â key expansion for round key generation and

Â the substitution table construction in soft bytes.

Â The mathematical discussion about finite field is out of

Â scope for this module and we will leave

Â this AES description at a higher level with

Â the descriptions of the steps and their roles in data processing.

Â Among the steps only AddRoundKey

Â uses the round key and therefore provide

Â security by presenting randomness against an attacker who does not know the key.

Â If AddRoundKey steps were not there,

Â AES will merely produce a non-key permutation

Â whose mapping or transformation is known to the attacker.

Â This is why the AES cipher starts and ends with

Â an AddRoundKey step and includes the additional step of AddRoundKey before the rounds.

Â Each step within the rounds are reversible.

Â The decryption process reverses the encryption process one step at a time.

Â That is the last step for encryption will be

Â the first step to be reversed in the decryption.

Â For the reverse operation of each step,

Â the decryption uses the inverse function of each steps.

Â That is, it has inverse shift rules step,

Â inverse of bytes and the inverse MixColumn step.

Â The inverse of the AddRoundKey is AddRoundKey

Â itself because the inverse of XOR is the XOR itself.

Â If you take an input and apply the XOR twice

Â consecutively then the result is the same as the original input.

Â The AddRound key algorithm may be the same for the inverse,

Â but the round key order that the decryption uses is to be reversed from the encryption

Â because it reverses each of the steps in the reverse order.

Â Because these algorithms are different,

Â AES decryption implementation is different from AES encryption implementation.

Â This is in contrast to DES which has the same implementation for encryption and

Â decryption and thus can use the same hardware and

Â software for both encryption and decryption as we discussed in the last module.

Â