In Part I of the Overview of AES (Advanced Encryption Standard) the most relevant aspects of AES and S-Box was described. Now, we discuss some details of the so-called transformations (ByteSub, ShiftRow, MixColumns and AddRoundKey) and the subkey generation process. To see more details in a more dynamic way the Rijndael Animation application is recommended.
This transformation performs a byte-by-byte substitution in each of the state matrix elements, ie, the state matrix [aij] is replaced by the matrix [Sij], Figure # 1 shows this process. Using Rijndael Animation  application, it can be seen as the first byte of the state matrix ([a00]) is divided into two groups of four bits each one and they are used as pointers to the S-Box rows and columns, respectively, for replacement, in Figure # 1 is shown how the value 19 will be replaced by d4.
Figure # 1: S-Box use .
ShiftRow applies circular left shifts, to each state matrix rows as follows: first row zero shifts, second row one shift, third row two shifts and fourth row three shifts, thus, the resultant matrix can be seen in Figure # 2.
Figure # 2: ShiftRow transformation .
This transformation allows mixing the bytes of the columns, considering the bytes of each column as polynomials whose coefficients belong to GF(28). This function consists in multiplying the columns modulus x4+1 by the polynomial c(x) where:
or, in matrix form,
By using Rijndael Animation application , we can check the result of applying the above procedure, to the first column in the state matrix (see Figure # 3), which is going to be replaced in the first column of the new matrix .
Figure # 3: MixColumns transformation .
Let [aij] be the state matrix and [kij] the key matrix corresponding to that round. The AddRoundKey function, consists in performing a xor between state and key matriz (Figure # 4), and then, replace it with the appropriate value.
Figure # 4: AddRoundKey transformation .
This process permits to generate sub-keys from the system key. The key is extended to a list of 4-byte words called W, and containing Nb(Nr+1) words, where,
Nr=Max(Nk,Nb)+6=Número de rondas
The firsts Nk elements of W correspond to the key. The rest of the W elements are defined recursively, using SubByte function, cyclic shifts and xor operations. The Figure # 5 shows it.
Figure # 5: Expansion of keys .
Now the RotByte function is used, which returns a word whose bytes are cyclically shifted one position to the left.
being RC[i] an GF element, defined by:
Now, for Nk<=6 and for all i that is not a multiple of Nk, the keywords are calculated:
W(i)=W(i-Nk) xor W(i-1)
and for all i multiple of Nk, the keywords are calculated:
W(i)=W(i-Nk) xor [ByteSub(RotByte[W(i-1)]) xor Rcon(i/Nk)]
In the case of Nk>6 the operation is the same used for Nk<=6, except when i satisfies i mod Nk=4 the sub-keys are calculated:
W(i)=W(i-Nk) xor ByteSub(W[i-1])
- J A. AES - Advanced Encryption Standard. (2005) Versión 2005: .
- A M. Seguridad Europea para EEUU Algoritmo criptográfico Rijndael. Madrid (2004) : .
- Joan Daemen VR. AES Proposal: Rijndael. NIST AES Proposal (1998) : .
Luis Sequeira is an IT professional with experience in cloud environments, quality of service and network traffic analysis, who loves looking for solutions to engineering challenges, share knowledge. At work, the main challenge is to integrate different network and software technologies to provide solution in a wide range of areas, e.g., virtual network functions, machine learning, autonomous driving, robotics and augmented reality.Website: https://www.luissequeira.com
Latest from Luis Sequeira
her story Sunday, 27 April 2014 22:42 Comment Link
I reckon something genuinely interesting about your blog so I saved to fav.