Pages

Tuesday, December 27, 2011

AES Encryption


Ok guys, its been awhile since I last posted anything here but to avoid any nagging from admin I decided to up the ante for my next post. Here for all who is interested about encryption and computer security, a brief explanation about one of the basic encryption algorithm that all of them whom call themselves |-|4xx0|2 (if you don't what is this go learn about 1337). AES is simple in terms of implementation but complex in terms of production. Both simplicity and complexity is one the requirements for the AES when it was first proposed. I have to warn you th at this kind of stuff is not for the weak hearted and mind (seriously). This is a very complex thing but I know some people would have no trouble understanding.

The Advanced Encryption Standard (AES) is an encryption algorithm for securing sensitive but unclassified material by U.S. Government agencies and, as a likely consequence, may eventually become the de facto encryption standard for commercial transactions in the private sector. (Encryption for the US military and other classified communications is handled by separate, secret algorithms.)
In January of 1997, a process was initiated by the National Institute of Standards and Technology (NIST), a unit of the U.S. Commerce Department, to find a more robust replacement for the Data Encryption Standard (DES) and to a lesser degree Triple DES. The specification called for a symmetric algorithm (same key for encryption and decryption) using block encryption (see block cipher) of 128 bits in size, supporting key sizes of 128, 192 and 256 bits, as a minimum. The algorithm was required to be royalty-free for use worldwide and offer security of a sufficient level to protect data for the next 20 to 30 years. It was to be easy to implement in hardware and software, as well as in restricted environments (for example, in a smart card) and offer good defenses against various attack techniques.
The entire selection process was fully open to public scrutiny and comment, it being decided that full visibility would ensure the best possible analysis of the designs. In 1998, the NIST selected 15 candidates for the AES, which were then subject to preliminary analysis by the world cryptographic community, including the National Security Agency. On the basis of this, in August 1999, NIST selected five algorithms for more extensive analysis. These were:
  • MARS, submitted by a large team from IBM Research
  • RC6, submitted by RSA Security
  • Rijndael, submitted by two Belgian cryptographers, Joan Daemen and Vincent Rijmen
  • Serpent, submitted by Ross Andersen, Eli Biham and Lars Knudsen
  • Twofish, submitted by a large team of researchers including Counterpane's respected cryptographer, Bruce Schneier
Implementations of all of the above were tested extensively in ANSI C and Javalanguages for speed and reliability in such measures as encryption and decryption speeds, key and algorithm set-up time and resistance to various attacks, both in hardware- and software-centric systems. Once again, detailed analysis was provided by the global cryptographic community (including some teams trying to break their own submissions). The end result was that on October 2, 2000, NIST announced thatRijndael had been selected as the proposed standard. On December 6, 2001, the Secretary of Commerce officially approved Federal Information Processing Standard (FIPS) 197, which specifies that all sensitive, unclassified documents will use Rijndael as the Advanced Encryption Standard.
The Advanced Encryption Standard (Rijndael)
The block cipher Rijndael is designed to use only simple whole-byte operations. Also, it provides extra flexibility over that required of an AES candidate, in that both the key size and the block size may be chosen to be any of 128, 192, or 256 bits. (During an early stage of the AES process, a draft version of the requirements would have required each algorithm to have three versions, with both the key and block sizes equal to each of 128, 192, and 256 bits. This was later changed to make the three required versions have those three key sizes, but only a block size of 128 bits, which is more easily accomodated by many types of block cipher design.)
The original description of Rijndael is available at: http://www.esat.kuleuven.ac.be/~rijmen/rijndael/.

However, the variations of Rijndael which act on larger block sizes apparently will not be included in the actual standard, on the basis that the cryptanalytic study of Rijndael during the standards process primarily focused on the version with the 128-bit block size.
Rijndael is a relatively simple cipher in many respects.
Rijndael has a variable number of rounds. Not counting an extra round performed at the end of encipherment with one step omitted, the number of rounds in Rijndael is:
  • 9 if both the block and the key are 128 bits long.
  • 11 if either the block or the key is 192 bits long, and neither of them is longer than that.
  • 13 if either the block or the key is 256 bits long.
To encipher a block of data in Rijndael, you first perform an Add Round Key step (XORing a subkey with the block) by itself, the regular rounds noted above, and as already noted, the final round with the Mix Column step, as described below, omitted.

Now that you know a bit about this type of encryption, here is an example of what the encryption looks like kinda. You can download a pdf from:

1 comment:

  1. I am familiar with data encryption standard (DES) and triple DES but advanced encryption standard is a completely new topic. The above detail helped me to learn and know about this topic but I wanted to learn more about it.
    electronic signatures

    ReplyDelete