The operation of the algorithm can be split into two parts or different processes, being the encryption process, the first one and the second corresponds to the sub-key generation process, Figure # 1 shows the interaction of both processes.
Figure # 1: Encryption with AES.
The block to be encrypt has a length of 128 bit, while the key can vary from 128, 192 or 256 bits, depending on the amount of standard rounds that apply to text 10, 12 and 14 respectively [2]. Generally, the AES encryption is described by four basic features or so-called transformations, these are:
- ByteSub
- ShiftRow
- MixColumns
- AddRoundKey
The rounds, in which the text is subjected, can be divided into three categories: initial round, standard rounds and final round. These rounds consist in one or various combinations of the above transformations (see Figure # 1). The different types of rounds differ by the combination of the transformations that are applied to the block to be encrypted.
AES interprets the input block of 128 bits, as a 4x4 matrix with input of bytes [3], if the block is 192 bits 2 columns are added, if four columns 256 are added, theses matrices are called state matrices and their shape is shown below:
S-Box
Essentially, an S-Box (substitution box) is a matrix of substitution values used by algorithms symmetric-key cryptography. The S-Boxes are carefully selected to be resistant to cryptanalysis. For AES, S-Box is the result of applying two functions to the state matrix, [aij], firstly its multiplicative inverse [aij] to aij-1 E GF(28) and then a linear transformation:
- Any byte can be seen as an element of the finite field GF(28), as every element has a multiplicative inverse, multiplicative inverse is associated to GF(28), i.e. [aij] to aij-1 E GF(28), the zero element is associated with the same zero.
- The linear transformation is applied bit by bit with the following rule: linear transformation in GF(28)→GF(28).
in bits is:
This is the most expensive operation in terms of time for the AES algorithm, therefore, this operation is precalculated. Finally, this process can be summarized in the following table, known as S-boxes [3] which can be used for any xy byte.
Table # 1: S-Box for encryption.
Furthermore, for the decryption process an inverse table to the one used in the encryption process is calculated, said table is:
Table # 2: S-Box for decryption.
References
- Joan Daemen VR. AES Proposal: Rijndael. NIST AES Proposal (1998)
- J A. AES - Advanced Encryption Standard. (2005) Versión 2005
- A M. Seguridad Europea para EEUU Algoritmo criptográfico Rijndael. Madrid (2004)
- http://www.formaestudio.com/rijndaelinspector/
- http://www.cryptosystem.net/aes/
- http://www.criptored.upm.es
- http://www.kriptopolis.es
