Cryptography and its application, Lecture notes of Cryptography and System Security

Cryptography Cryptography and its application

Typology: Lecture notes

2019/2020

Uploaded on 03/05/2020

azni-halim
azni-halim 🇲🇺

1 document

1 / 27

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
INTRODUCTION TO CRYPTOGRAPHY
Lecture 4: Week 5
Dr. Azni Haslizan bt Ab Halim
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b

Partial preview of the text

Download Cryptography and its application and more Lecture notes Cryptography and System Security in PDF only on Docsity!

INTRODUCTION TO CRYPTOGRAPHY

Lecture 4: Week 5

Dr. Azni Haslizan bt Ab Halim

CONTENT OF THIS CHAPTER Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 2 / 28

  • (^) Overview of the AES algorithm
  • (^) Internal structure of AES
    • (^) Byte Substitution layer
    • (^) Diffusion layer
    • (^) Key Addition layer
    • (^) Key schedule
  • (^) Decryption
  • (^) Practical issues

Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 4 / 28  (^) Some Basic Facts

  • (^) AES is the most widely used symmetric cipher today
  • The algorithm for AES was chosen by the US National Institute of Standards and Technology (NIST) in a multi-year selection process
  • The requirements for all AES candidate submissions were:
    • (^) Block cipher with 128-bit block size
    • Three^ supported^ key^ lengths :^ 128, 192 and 256^ bit
    • Security relative to other submitted algorithms
    • Efficiency in software and hardware

Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 5 / 28  (^) Chronology of the AES Selection

  • (^) The need for a new block cipher announced by NIST in January, 1997
  • 15 candidates algorithms accepted in August, 1998
  • 5 finalists announced in August, 1999:
    • Mars^ – IBM^ Corporation
    • RC6RSA Laboratories
    • Rijndael – J. Daemen & V. Rijmen
    • Serpent – Eli Biham et al.
    • Twofish – B. Schneier et al.
  • In^ October 2000,^ Rijndael^ was^ chosen^ as^ the^ AES
  • AES was formally approved as a US federal standard in November 2001

 (^) AES: Overview

  • (^) Iterated cipher with 10/12/14 rounds
  • Each round consists of “Layers” Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 7 / 28

CONTENT OF THIS CHAPTER Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 8 / 28

  • (^) Overview of the AES algorithm
  • Internal structure^ of^ AES
    • (^) Byte Substitution layer
    • (^) Diffusion layer
    • (^) Key Addition layer
    • (^) Key schedule
  • Decryption
  • Practical^ issues

 (^) Internal Structure of AES

  • (^) Round function for rounds 1,2,…, nr -1: Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 10 / 28
  • (^) Note: In the last round, the MixColumn tansformation is omitted

 (^) Byte Substitution Layer

  • (^) The Byte Substitution layer consists of 16 S-Boxes with the following properties: The S-Boxes are - identical - the only nonlinear elements of AES, i.e., ByteSub( Ai ) + ByteSub( Aj ) ≠ ByteSub( Ai + Aj ), for i,j = 0,…, - bijective , i.e., there exists a one-to-one mapping of input and output bytes  S-Box can be uniquely reversed
  • (^) In software implementations, the S-Box is usually realized as a lookup table Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 11 / 28

 (^) ShiftRows Sublayer

  • (^) Rows of the state matrix are shifted cyclically: Input matrix Output matrix

B 0 B 4 B 8 B 12

B 1 B 5 B 9 B 13

B 2 B 6 B 10 B 14

B 3 B 7 B 11 B 15

Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 13 / 28

B 0 B 4 B 8 B 12

B 5 B 9 B 13 B 1

B 10 B 14 B

2 B 6

B 15 B

3 B 7

B 11 no shift ← one position left shift ← two positions left shift ← three positions left shift

 (^) MixColumn Sublayer

  • (^) Linear transformation which mixes each column of the state matrix
  • Each 4-byte column is considered as a vector and multiplied by a fixed 4x4 matrix, e.g., where 01, 02 and 03 are given in hexadecimal notation
  • (^) All arithmetic is done in the Galois field GF (2^8 ) (for more information see Chapter 4.3 in Understanding Cryptography )

 ^ 

Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 14 / 28

 3  ^ ^  15 

03 ^ ^ B 10 

(^01)    B 5 

 02 03 01 01  ^ B 0 

03 01 01 02 B

C

 C

2

C 1    01

 C 0 

Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 16 / 28  (^) Key Schedule

  • (^) Subkeys are derived recursively from the original 128/192/256-bit input key
  • Each round has 1 subkey, plus 1 subkey at the beginning of AES
  • (^) Key whitening: Subkey is used both at the input and output of AES  # subkeys = # rounds + 1
  • (^) There are different key schedules for the different key sizes Key length (bits) Number of subkeys 128 11 192 13 256 15

 (^) Key Schedule Example: Key schedule for 128-bit key AES

  • (^) Word-oriented: 1 word = 32 bits
  • 11 subkeys are stored in W[0]…W[3], W[4]…W[7], … , W[40]…W[43]
  • First subkey W[0]W[3] is the original AES key Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 17 / 28

CONTENT OF THIS CHAPTER Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 19 / 28

  • (^) Overview of the AES algorithm
  • (^) Internal structure of AES
    • (^) Byte Substitution layer
    • (^) Diffusion layer
    • (^) Key Addition layer
    • (^) Key schedule
  • Decryption
  • Practical^ issues

 (^) Decryption

  • (^) AES is not based on a Feistel network  All layers must be inverted for decryption:
    • (^) MixColumn layer → Inv MixColumn layer
    • ShiftRows layer→^ Inv ShiftRows^ layer
    • Byte Substitution^ layer^ →^ Inv^ Byte Substitution layer
    • Key Addition layer is its own inverse Chapter 4 of Understanding Cryptography by Christof Paar and Jan Pelzl 20 / 28