Advanced Encryption Standard (AES)#
The Advanced Encryption Standard (AES), (original name Rijndael) is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.
AES operates on block sizes of \(32 \times 32\) bits.
|Key-length||Number of Rounds|
AES 128 High Level Overview
Key Expansion: Create individual 128bit round keys from the cipher key
AddRoundKey: each byte of the block is combined with a block of the round key using bitwise xor.
- SubBytes: substitutes every byte of the state with an S-box entry
- ShiftRows: cyclically left shift every row
- MixColumns: takes the four bytes of each column as input and outputs four new bytes, where each input byte affects all four output bytes. Each column is transformed by multiplication with a fixed \(4 \times 4\) Matrix.
- AddRoundKey: XOR of the 128bit round key and the 128bit block.
Final Round: (no MixColumns)
Modes of Operation#
Electronic Codebook (ECB)
The message is divided into blocks, and each block is encrypted separately.
Electronic Codebook (ECB) Encryption Electronic Codebook (ECB) Decryption
Cipher Block Chaining (CBC)
Each block of plaintext is XORed with the previous ciphertext block before being encrypted.
Cipher Feedback (CFB)
A close relative of CBC. Transforms a block cipher into a self-synchronizing stream cipher.
Output Feedback (OFB)
Transforms a block cipher into a synchronous stream cipher. It generates keystream blocks, which are then XORed with the plaintext blocks to get the ciphertext.
Counter mode turns a block cipher into a stream cipher. It generates the next keystream block by encrypting successive values of a "counter".
mode = ECB-AES128.Encrypt in = 6bc1bee22e409f96e93d7e117393172a key = 2b7e151628aed2a6abf7158809cf4f3c out = 3ad77bb40d7a3660a89ecaf32466ef97 mode = CBC-AES128.Encrypt in = 6bc1bee22e409f96e93d7e117393172a key = 2b7e151628aed2a6abf7158809cf4f3c iv = 000102030405060708090a0b0c0d0e0f out = 7649abac8119b246cee98e9b12e9197d