Advanced Encryption Standard
Advanced Encryption Standard
Advanced Encryption Standard
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Galois Field GF(2 8 )<br />
We need some information about the field GF(2 8 ) = Z 2 [X]/X 8 + X 4 +<br />
X 3 + X + 1, which is the set of all polynomials with coefficients in Z 2 and<br />
degree < 8. We will associate each polynomial with a byte containing its<br />
coefficients (just as we did for a CRC). Addition of 2 such bytes becomes<br />
the XOR of the bytes; multiplication is defined by a process much like the<br />
shift-and-add algorithm for binary integers.<br />
r = 0<br />
repeat 8 times<br />
if (bottom bit of b2 is 1)<br />
r += b1<br />
right shift b2<br />
left shift b1 (possibly into 9 bits)<br />
if (9th bit of b1 is 1)<br />
b1 = b1 XOR 100011011<br />
end repeat<br />
return r<br />
It turns out (although I don’t need it here) that GF(2 8 ) is a field, so that we<br />
can find multiplicative inverses and hence we can define division.
AES algorithm<br />
We will look only at a 128 bit key and a 16 byte (= 128 bit) text. We will<br />
look at the text (and the keys) as 4 × 4 arrays:<br />
⎛<br />
⎜<br />
⎝<br />
⎞<br />
t 0 t 4 t 8 t 12<br />
t 1 t 5 t 9 t 13<br />
⎟<br />
t 2 t 6 t 10 t 14 ⎠<br />
t 3 t 7 t 11 t 15<br />
The algorithm starts with AddRoundKey 0 .<br />
Then we repeat 9 times:<br />
ByteSub, ShiftRows, MixColumns, and AddRoundKey i<br />
Finally we do:<br />
ByteSub, ShiftRows, and AddRoundKey 10 .<br />
ByteSub is a table lookup. The 2 nibbles are indices into an array [the<br />
“S-box”]; the value found replaces the original byte.<br />
ShiftRows leftshifts the values in each row of the array; row 0 by 0 positions,<br />
row 1 by 1 position, row 2 by 2 positions, row 3 by 3 positions.<br />
AddRoundKey adds 2 arrays together in GF(2 8 ).<br />
MixColumns is a matrix multiplication (element multiplication in GF(2 8 )):<br />
⎛<br />
⎜<br />
⎝<br />
0x02 0x03 0x01 0x01<br />
0x01 0x02 0x03 0x01<br />
0x01 0x01 0x02 0x03<br />
0x03 0x01 0x01 0x02<br />
⎞ ⎛<br />
⎟ ⎜<br />
⎠ ⎝<br />
⎞<br />
i 0 i 4 i 8 i 12<br />
i 1 i 5 i 9 i 13<br />
⎟<br />
i 2 i 6 i 10 i 14<br />
i 3 i 7 i 11 i 15<br />
⎛<br />
⎠ = ⎜<br />
⎝<br />
⎞<br />
r 0 r 4 r 8 r 12<br />
r 1 r 5 r 9 r 13<br />
⎟<br />
r 2 r 6 r 10 r 14 ⎠<br />
r 3 r 7 r 11 r 15
The S-box is the array:<br />
n u \n l 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15<br />
0 99 124 119 123 242 197 111 197 48 1 103 43 254 215 171 118<br />
1 202 130 201 125 250 89 71 240 173 212 162 175 156 164 114 192<br />
2 183 253 147 338 54 63 247 204 52 165 229 241 113 216 49 21<br />
3 4 199 35 195 24 150 5 154 7 18 128 226 235 39 178 117<br />
4 9 131 44 26 27 110 90 160 82 59 214 179 41 227 47 12<br />
5 83 209 0 237 32 252 177 91 106 203 190 57 74 76 88 207<br />
6 208 239 170 251 67 77 51 133 69 249 2 127 80 60 159 168<br />
7 81 063 64 143 46 157 56 245 188 182 218 33 16 255 243 210<br />
8 205 12 19 26 95 151 68 23 196 167 126 61 100 93 25 15<br />
9 96 129 49 220 4 42 144 136 70 238 184 20 222 94 11 219<br />
10 224 50 58 10 73 6 36 92 194 211 172 98 145 149 228 121<br />
11 231 200 55 109 141 213 78 169 108 86 244 234 101 122 174 8<br />
12 186 120 37 46 28 166 180 198 232 221 116 31 75 189 139 138<br />
13 112 62 181 102 72 3 246 14 97 53 7 185 134 193 29 158<br />
14 225 248 152 17 105 217 142 148 155 30 135 233 206 85 40 223<br />
15 140 161 137 13 191 230 66 104 65 153 45 15 76 84 187 22
Change language