AES Encryption 256 Bit
The encryption standard to rule them all
AES (Advanced Encryption Standard) is the most widely used symmetric encryption algorithm. AES is used in a wide array of applications that include the encryption of data at rest, and secure file transfer protocols like HTTPS.
AES is the successor to DES. The Data Encryption Standard (DES) is a symmetric encryption algorithm that was developed at IBM. Back in the day, DES used to be the de facto encryption algorithm. However, it used a 56-bit key, and as technology progressed attacks against it started to become more plausible. Eventually, DES was deemed too insecure for continued use. The community transitioned to triple DES (which is still around today). In essence, triple DES is DES performed 3 times consecutively. As one might expect, triple DES is 3 times more secure than just plain DES. However, it’s also 3 times slower.
The US government held a competition to come up with an alternative to triple DES. In the end, Rijndael, written by the two Belgian cryptologists Vincent Rijmen and Joan Daemen, was chosen for its performance and its ease of implementation on both hardware and software, as well as its level of security. Rijndael became the Advanced Encryption Standard for the US, and ultimately for the rest of the world as well.
AES Encryption Algorithm
Suppose Bob wanted to send a message to Alice. Bob’s unencrypted message is first broken down into 128-bit chunks. The bytes (16 in all) in a given chunk are then organized as a 4x4 matrix.
The block is passed through the following sequence of steps a total of x times, where x depends on the size of the cypher key.
- Substitute Bytes
- Shift Rows
- Mix Columns
- Add Round Key
Substitute Bytes
In this step, each element in the matrix is mapped to the corresponding byte in the Rijndael S-box.
For example, the element in the top left corner is mapped to d4
since the first hexadecimal is 1
and the other hexadecimal is 9
.
Repeating the process for every element, we obtain the following matrix:
Shift Rows
In the second step, we rotate each element x elements (bytes) to the left, where x is the index of the row.
- Row 0 — Shift left 0 bytes (i.e. don’t shift)
- Row 1 — Shift left 1 byte
- Row 2 — Shift left 2 bytes
- Row 3 — Shift left 3 bytes
We finish with the following matrix:
Mix Columns
We multiply every column by a predefined matrix.
It’s important to note that this is not regular matrix multiplication. If any term is greater than 2 to the power of 8, we divide the polynomial by the Galois irreducible polynomial:
Let’s walk through how we’d go about calculating the multiplication of d4
and 02
. We start off by converting every bit into its binary arithmetic equivalent (polynomial form).
We multiply the two.
Since the product is greater than 2 to the power of 8, we divide it by the irreducible polynomial.
We repeat the process for every element, and obtain the following matrix:
Add Round Key
In this step, we perform a bitwise XOR operation between the columns of the matrix we obtained in the preceding step and the Round Key. In the first iteration, the Round Key is the first 128 bits of the cypher key.
Repeating the process for the remaining columns gives us:
The preceding matrix is used as the input to the next round, and the process itself is repeated for another x rounds.
Note: The final round excludes the Mix Columns step.
AES Key Schedule
The process of computing a new key for the following rounds is known as the Key Schedule. As we mentioned previously, the number of rounds depends on the length of the initial cypher key.
- 128 bit key = 10 rounds
- 192 bit key = 12 rounds
- 256 bit key = 14 rounds
Note: In all other regards, the algorithm is exactly the same.
In the same manner as the 128-bit input block is arranged in the form of a state array, the algorithm arranges the first 16 bytes of the encryption key in the form of a 4 × 4 matrix of bytes. The following figure shows the four words of the original 128-bit key being expanded into a key schedule consisting of 4 x 11 = 44 words. The first four bytes of the encryption key constitute the word w0, the next four bytes the word w1, and so on up to w3.
Let’s say that we have the four words of the round key for the ith round.
We need to determine the words that will be used in the next round.
The first word in this sequence is computed as follows:
where the function g consists of the following three steps:
- Perform a one-byte circular rotation on the 4-byte word.
- Substitute each byte in the word using the 16 × 16 lookup table
- XOR the bytes obtained from the previous step with what is known as a round constant.
The **round constan**t for the jth round is denoted Rcon[j].
where
Note: The addition of round constants ruins any symmetries that may have been introduced by the other steps in the algorithm, thus making it harder to crack.
The first operation consists of rotating the bytes.
Then, we perform byte substitution using the lookup table.
After substituting the remaining bytes, we obtain the following vector.
Finally, we perform a bitwise XOR operation between the vector, the first word and Rcon[1] to obtain the new word.
We then proceed to compute the remaining words in the Round Key.
The new 4x4 matrix (Round Key) is used for the Add Key step of the proceeding round.
The process is repeated for each of the 10 rounds.