Rijndae algo

7/28/2019 Rijndae algo

1/23


2/23


3/23

Rijndael, the Advanced Encryption Standard, is a

symmetric block cipher.

It uses the same key between sender and receiver to

encrypt and decrypt the message.

Speed and cost make symmetric algorithms as the

algorithm of choice for encrypting large amounts of data.

Rijndael = Rijmen & Daemen


4/23

Characteristics of Rijndael:Iterated block cipher

Parallel structure (based on the S-PNetwork model structure)

Byte Oriented

Predecessor: SQUARE.


5/23

Block Cipher:Two Principles of a good block cipher,

as defined by Claude Shannon, are:

1. Confusion which stands forsubstitution operations.

2. Diffusion which stands fortransposition or permutationoperations.


6/23

S-P Network Model

(Shannon)

Divide each Block of Data into smaller

manageable pieces of the same length.

In parallel each piece goes through:Confusion (substitution): S-Box

Diffusion (Permutation): P-Box


7/23

INPUT(Block of Plaintext, Key):Divide plaintext into blocks of length 1(byte) * 16, thus creating

a 4 X 4 matrix, i.e. the STATE matrix.State[Row,Column]=Byte[Row+4Column]

Byte0 Byte4 Byte8 Byte12




State[0,0] State[0,1] State[0,2] State[0,3]




EXAMPLE: Create State Matrix from a given

block


8/23

Pseudo Code:

Rijndael_Cipher (byte [] block_of_data, byte []KEY)

{

Expand_Key(KEY, Expanded_KEY);

Add_Key(State[], Expanded_KEY[0]);

DO (Nr1 times)

ROUND(State, Expanded_KEY[i]);

Last_Round (State, Expanded_KEY[Nr]);}


9/23

Pseudo Code (continued):Round(State, Expanded_KEY[i])

{Substitute_Bytes(State);

Shift_Rows(State);

Mix_Columns(State);Add_Key(State[],Expanded_KEY[i]);

}

Last_Round (State,

Expanded_KEY[Nr])

{

Substitute_Bytes(State);

Shift_Rows(State);

Add_Key(State[],Expanded_KEY[i]);

}


10/23

ROUND 1

Last_ROUND

Nr

ROUND Nr - 1

EXTENDED_KEY

KEY ROUND 0

KEY ROUND 1SUB_BYTES

ADD_ROUND

KEY

MIX_COLUMN

S

SHIFT_ROWS

INPUT

PLAINTEXT

ENCRYPTED DATA

Encryption

KEY ROUND

Nr-1 ROUNDKEY

OUTPUT

SECRET KEY

Round

ROUND 0

KEY ROUND

Nr


11/23

Number of RoundsBlock size is fixed at 128 bits; key can be 128,192, or 256.

Nr is the number of rounds which is a function of

Nk(Block length divided by 32 ), andNb(Key length divided by 32 )

Nr Nk4 6 8

Nb 10 12 14


12/23

Expand_KeyThis procedure will1.Expand the key From a cipher Key of bytes

[4][Nk] to another array of (4) * (Nb*(Nr +1)) = 4* (10 + 1) = 44 bytes .

2.Select a round key for each round.This procedure avoids:

1. Weak Keys by introducing asymmetry.

2. Key-related attacks(Biham)

3. Cipher keys that are partially known or that canbe chosen by an imposter.


13/23

Add_Key

Add_Key will be called1. Once in the beginning of rounds

2. Nr-1 times in the Round

3. Once in the final round.

It just XOR-s the 16 bytes of the state with the

16 bytes of key (for the 128 bit key).

EXAMPLE: Add_Key illustrated.


14/23

Substitute_Bytes (Non-Linear step)

Substitutes each byte of the State with a byte

from the S-Box as follows:State [row, column] = S-Box [state [row, column]].

S-Box ---- MORE LATER


15/23

Shift_Rows

It will not change the values, but will just change their

order.

It does a left circular shift to each row as below:

Row 0 Shift 0; Row 1 Shift 1; Row 2 Shift 2; Row3 Shift 3;

State[

0,0]

State[

0,1]

State[

0,2]

State[

0,3]

State[1,0]

State[1,1]

State[1,2]

State[1,3]

State[

2,0]

State[

2,1]

State[

2,2]

State[

2,3]

State[

3,0]

State[

3,1]

State[

3,2]

State[

3,3]

State[

0,0]

State[

0,1]

State[

0,2]

State[

0,3]

State[

1,1]

State[

1,2]

State[

1,3]

State[

1,0]

State[

2,2]

State[

2,3]

State[

2,0]

State[

2,1]

State[

3,3]

State[

3,0]

State[

3,1]

State[

3,2]

Shift_Rows(..)

h i hi d ij d l


16/23

Mathematics Behind Rijndael

Field

Finite Field

Inverses


17/23

Rijndael operates on the:

Binary Finite Field, GF(28).FIELD. Definition and Example .FINITE FIELD. The field with a finite number of elements.

Rijndael uses polynomial basis. Rijndael is byte oriented.Each byte, which will be stored in Hex and it willrepresent a polynomial of at most degree 7:

b7X7 + b6X

6 + b5X5 + b4X

4 + b3X3 + b2X

2 + b1X1 + bo.

Example: { 1 1 0 1 01 0 0} = 0Xd4 = X7 + X6 + X4 + X2


18/23

Fi di h l i li i


19/23

Finding the multiplicative

inverse

Multiplicative inverses in GF(256) using Look UpTables:

1. Example: Building Log Table.

2. Building Anti Log Table. Reverse the Log process{03}(06) ={55}; {06} = {03}(55) .

3. Building Inverse Table(using Log/Antilog).

g (x) has as inverse g(ff ) ( x)

. Example:{12}= {03}(e0), so the inverse will be g (ff )( e0) = g 1f = {aa}


20/23

S-BOX

The only non-linear step

S-Box is based on the mapping: X -> X1 ; where X1

represents multiplicative inverse in thefield.

1. Replaces each byte with its inverse GF (28), g (a);beside 00 mapped to itself.

2. Applies an affine transformation (a bitwisemodulo-two matrix, XOR-ed with the hexadecimalnumber 63.

EXAMPLE: Lets find SRD [12]. ??


21/23


22/23


23/23

Q & A

Rijndae algo

Documents

Transcript of Rijndae algo