Contents
The Paar Lectures on Introductory Cryptography
Slectures by Divya Agarwal and Katie Marsh
Link to video on youtube
Accompanying Notes
Overview of AES
- AES is a block cipher
- information is handled 128 bits at a time, divided into 16 bytes.
- key can be 128, 192, or 256 bits long
- number of rounds depends on the key length (can be 10/12/14 rounds respectively)
Rounds
Within each round of AES are different layers. The first iteration starts with a Key Addition Layer and then follows this pattern for the remaining rounds:
- Byte Substitution Layer
- ShiftRows Layer
- MixColumn Layer
- Key Addition Layer
The Byte Substitution layer acts as the confusion element, and the ShiftRows and MixColumn Layers act as the diffusion element. In the final round, the MixColumn layer is omitted.
We will now examine each layer separately.
Layers
*Byte Substitution Layer (S) This layer consists of 16 identical S-box which take in 8 bits and output 8 bits. Let $ A_i $ be one byte of input. Then $ S(A_i)=B_i $
But what is the function S? First, the $ A_i^{-1} \in GF(2^8) $ is calculated. Then, an affine transformation is applied.
In software, S-boxes are usually a look up table.
*ShiftRows Layer This transformation looks fairly random until we write it in a new way. First, we write the input bits in a four byte by four byte grid as follows.
$ B_0 $ | $ B_4 $ | $ B_8 $ | $ B_{12} $ |
$ B_1 $ | $ B_5 $ | $ B_9 $ | $ B_{13} $ |
$ B_2 $ | $ B_6 $ | $ B_{10} $ | $ B_{14} $ |
$ B_3 $ | $ B_7 $ | $ B_{11} $ | $ B_{15} $ |
Then we shift the second row 3 positions to the right, the third row 2 positions to the right and the fourth row 1 position to the right and achieve the following result:
$ B_0 $ | $ B_4 $ | $ B_8 $ | $ B_{12} $ |
$ B_5 $ | $ B_9 $ | $ B_{13} $ | $ B_1 $ |
$ B_{10} $ | $ B_{14} $ | $ B_2 $ | $ B_6 $ |
$ B_{15} $ | $ B_3 $ | $ B_7 $ | $ B_{11} $ |
Now $ B_0 $ remains in the same place, but $ B_1 $ goes to where $ B_13 $ was and so on.
*MixColumn Layer
The MixColumn layer takes each column in the above matrix and performs the following linear transformation.
The entries in this matrix represent hexadecimal notation of elements of $ GF(2^8) $. For example, 03 represents $ (00000011) $. Recall that his represents the polynomial $ x+1 $. All arithmetic is performed in $ GF(2^8) $ as was described in the section on Galois Fields.
*Key Addition Layer The key addition layer takes a 16 byte subkey (which is derived from the key schedule) and adds it to the input mod2.
References
- C. Paar. Understanding Cryptography. Lecture Notes. Dept. of Electr. Eng. and Information Sciences, Ruhr University.
- C. Paar and J. Pelzl. Understanding Cryptography. A textbook for Student and Practitioners. Springer 2010.
Questions and comments
If you have any questions, comments, etc. please post them here.
Back to 2015 Summer Cryptography Paar