Advanced Encryption Standard(AES)

1
Advanced Encryption Standard(AES)
Presented by Venkata Marella
2
Contents

• History
• Drawbacks of DES Algorithm
• Feature of AES Algorithm.
• Substitution-Permutation Network
• Key Expansion
• Description of the AES
• Advantages of AES
• Security of the AES
• Comparison b/w AES and DES
• Conclusion

3
History

• The National Security Agency took over
  responsibility for all U.S. Government encryption
  systems when it was formed in 1952
• In 1976 National Institute of Standards and
  Technology (NIST), published the DES algorithm
• And later IDEA, Blowfish, RC5 and Triple DES
  algorithms are published.
• And these algorithms survived as part-time
  algorithms

4
History Continues

• AES was announced by National Institute of
  Standards and Technology(NIST ) in 2002
• AES was first published as Rijndael in the year
  1998, portmanteau of the names of the two
  inventors Joan Daemen and Vincent Rijmen .
• As of 2009 ,AES is one of the most popular
  algorithms used in symmetric key cryptography. It
  is available in many different encryption
  packages. AES is the first publicly accessible
  and open cipher approved by the NSA for top
  secret information.

5
Drawbacks of DES Algorithm

• DES is considered to be insecure for many
  applications .
• The main reason the insecurity of DES is its
  Key length. The Key length of DES is 56
  bits. NSA claimed that the key length is too
  small.
• In January, 1999, distributed.net and the
  Electronic Frontier Foundation collaborated
  to publicly break a DES key in 22 hours and 15
  minutes
• w considered to be insecure for many applications

6
Features of AES

• Symmetric Cipher
• Fixed Block length
• Variable Key length
• Variable Number of Rounds.
• Uses Substitution-Permutation Network.
• Available in three different Version(AES-128,
  AES192, AES 256)
• Certified by CRYPTREC, NESSIE, NSA, AES Winner

7
Substitution-Permutation Network

• AIM to provide Diffusion and Confusion.
• S-boxes substitute or transform input bits into
  output bits.
• A good S-box will have the property that
  changing one input bit will change about half
  of the output bits.
• No output bit of S-Box should match the I/P bits
• S-Boxes should show Non linearity

8
SP Network (Continue..)

• P-boxes take the S-box outputs of one round,
  permute or transpose bits, and feed them into
  the S-box inputs of the next round.
• A single S-box produces a limited amount of
  confusion and the single P-box produces a limited
  amount of diffusion
• A well-designed SP network has enough rounds
  that every input bit is fully diffused across
  every output bit of the entire message.

9
Description of Algorithm

• Key Expansion
• Initial Round
• 1.Add RoundKey
• Rounds
• 1. SubBytes
• 2. Shift Rows
• 3. Mix Columns
• 4. Add RoundKey
• Final Round
• 1.SubBytes
• 2.ShiftRows
• 3.AddRoundKey

10
Key Expansion

• AES key is either 128 bits, 192 bits or 256
  bits
• 128bits4 words
• 192bits6 words
• 256bits8words
• Number of RoundsKey length 6 (in words)
• Expanded Key length 4(Number of Rounds1)
• 
  (in words)

11
Key Expansion(continues)
Key length Expanded key length Block Size Number of Rounds
AES-128 4 44 4 10
AES-192 6 52 4 12
AES-256 8 60 4 14

12
Encryption
CIPHER TEXT
13
Add RoundKey

• The subkey, which is generated from the key
  Expansion is added by combining each byte of the
  state with the corresponding byte of the subkey
  using bitwise XOR

14
Add Roundkey
15
SUB-BYTE

• In the SubBytes step, each byte in the array is
  updated using an 8-bit substitution box, the
  Rijndael S-box. This operation provides the
  non-linearity in the cipher. . The S-box is also
  chosen to avoid any fixed points also any
  opposite fixed points.

16
SubBytes
17
MixColumns

• In the MixColumns step, the four bytes of each
  column of the state are combined using an
  invertible linear transformation. The MixColumns
  function takes four bytes as input and outputs
  four bytes, where each input byte affects all
  four output bytes. Together with ShiftRows,
  MixColumns provides diffusion in the cipher.

18
MixColumns
19
Shift Rows

• ShiftRows step operates on the rows of the state
  it cyclically shifts the bytes in each row by a
  certain offset. For AES, the first row is left
  unchanged. Each byte of the second row is shifted
  one to the left. Similarly, the third and fourth
  rows are shifted by offsets of two and three
  respectively

20
Shift Row
21
Key Expansion

• One word among the key is taken usually the last
  word is taken.
• It is rotated by one bit.
• The sub-byte operation is performed on it
• Now the result is EXOR with first word and Rcon.
• The result gives the first column of the
  expansion key

22
Advantages

• Fast in its execution
• Requires less Memory
• Use Substitution Permutation Network.

23
Security

• Assuming that one could build a machine that
  could recover a DES key in a second (i.e., try
  255 keys per second), then it would take that
  machine approximately 149 thousand-billion (149
  trillion) years to crack a 128-bit AES key. To
  put that into perspective, the universe is
  believed to be less than 20 billion years old
• So, AES is safe for another 109 year ( with
  assumption that the speed of the processor double
  for every 18 months)

24
Security(Continues..)

• As of 2006, the only successful attacks against
  AES implementations have been side-channel
  attacks. The National Security Agency (NSA)
  reviewed all the AES finalists, including
  Rijndael, and stated that all of them were secure
  enough for US Government non-classified data. In
  June 2003, the US Government announced that AES
  may be used to protect classified information

25
Side Channel Attack

• A side channel attack is any attack based on
  information gained from the physical
  implementation of a cryptosystem, rather than
  brute force or theoretical weaknesses in the
  algorithms (compare cryptanalysis).

26
Comparison b/w DES AES
Subject DES AES
Year 1976 1998
Block 64 bits 128 bits
Structure Feistal Cipher SP-Network
Encryption Principle Substitution, Permutation Shift, Bit Mixing, Substitution
Cryptography Primitive Confusion, Diffusion Confusion, Diffusion
Design Open Open
Design Rationale Closed Open
Source IBM, enhanced by NSA Independent Belgian Cryptography

27
Conclusion

• No Algorithm is secure from Brute force attack.
  But, the main goal of the modern encryption
  algorithms is to make it difficult for the Brute
  force Attack to break the encryption. But, the
  Brute force Attack can be executed fast with the
  help of Cluster and Grid Computing Technologies.
  So, Modern Encryption Algorithms should compete
  with the challenges posed by Cluster and Grid
  Computing Technologies.