Advanced Encryption Standards

  • AES is a block cipher intended to replace DES for commercial applications. It uses a 128-bit block size and a key size of 128, 192, or 256 bits.
  • AES does not use a Feistel structure. Instead, each full round consists of four separate functions:
    • Byte substitution.
    • Permutation.
    • Arithmetic operations over a finite field.
    • XOR with a key.
  • Advantages of 3DES:
    • Its 168-bit key length overcomes the vulnerability to brute-force attack of DES.
    • Scrutiny on its encryption algorithm.
  • Disadvantages of 3DES:
    • No support for efficient code and have slow performance.
    • Uses 64-key bit size. For reasons of both efficiency and security, a larger block size is desirable.
  • Initial criteria of evaluating candidate security algorithms:
    • Security:
      • Refers to effort required to cryptanalyze an algorithm.
      • Aspects:
        • Actual security: compared to other algorithms (at the same key and block size).
        • Randomness: the extent of randomness in the algorithm output.
        • Soundness: of the math basis of the algorithm’s security.
    • Cost:
      • The algorithm should have high computational efficiency; so as to be usable is high speed applications.
      • Aspects:
        • Licensing requirements: the used sub-algorithms should be world-wide and non-exclusive.
        • Computational efficiency: speed of the algorithm from software hardware wise.
        • Memory requirements: memory required to implement the algorithm from software and hardware wise.
    • Algorithm and implementation characteristics:
      • Flexibility: flexibility can be evaluated from following:
        • Ability to accommodate additional key and block sizes.
        • Range platforms that the algorithm is acceptable.
        • The algorithm can be implemented as stream cipher, message authentication code generator, pseudorandom number generator, hashing algorithm etc…
      • Hardwar and software suitability: ability to be implemented efficiency on hardware and software.
      • Simplicity: relative simplicity of its design.
  • Advanced criteria of evaluating candidate algorithms:
    • General security:
      • Strength duo to known cryptographic (from math perspective) attacks such as differential and linear cryptanalysis.
    • Software implementations:
      • Execution speed, performance across variety of platforms, variation of speed with key-size.
    • Restricted-space environments.
    • Hardware implementations:
      • The amount of required hardware to implement the algorithm efficiency.
    • Attacks on implementations:
      • Strength duo to physical attacks during algorithm execution to gather information about quantities such as keys.
      • Examples of such algorithms are:
        • Time attacks.
        • Power analysis:
          • Observation that the power consumed by a smart card at any particular time during the cryptographic operation is related to the instruction being executed and to the data being processed.
          • For example, multiplication consumes more power than addition.
          • Writing 1s consumes more power than writing 0s.
    • Encryption versus decryption:
      • If the encryption and decryption differs, then extra space is needed for decryption.
    • Key agility:
      • Ability to change keys quickly and with a minimum of resources.
    • Other versatility and flexibility:
      • Parameter flexibility: ease of support for another key and block sizes and ease of increasing the number of rounds in order to cope with newly discovered attacks.
      • Implementation flexibility: possibility of optimizing cipher elements for particular environments.
    • Potential for instruction-level parallelism.

The AES Cipher

  • Block and key lengths can be independently specified to be: 128 (most common used), 192 or 256 bits.
  • Characteristics of AES Cipher:
    • Resistance against all known attacks.
    • Speed and code compactness over wide range of platforms.
    • Design simplicity.
  • Notes about AES structure
    • Not Feistel cipher and entire process data block in parallel during each round.
    • The provided key is expanded into an array of forty-four 32-bit words, w[i]. Four distinct words (128 bits) serve as a round key for each round.
    • Four different stages are used, one of permutation and three of substitution:
      • Substitute bytes: Uses an S-box to perform a byte-by-byte substitution of the block.
      • ShiftRows: A simple permutation.
      • MixColumns: A substitution that makes use of arithmetic GF(28)
      • AddRoundKey: A simple bitwise XOR of the current block with a portion of the expanded key.
    • Cipher Stages:
      • Initial round with AddRoundKeyStage
      • Followed by 9 rounds each one includes four stages.
      • Tenth round that uses three stages only.


  • Each stage is easily reversible.
  • The decryption algorithm is not similar to the encryption algorithm. This is a consequence of the particular structures of AES.
  • AES uses arithmetic in the finite field of GF(28), with irreversible polynomial
  • The MixColumns step along with the ShiftRows step is the primary source of diffusion in Rijndael cipher.
  • The expanded key can be seen as an array of 32-bit words (columns) numbered from 0 to 43.
  • For details about AES working mechanism see this video.
  • One of the prerequisites of the MixColumn stage is to know how to apply multiplication in arithmetic field GF(28).

One thought on “Advanced Encryption Standards

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s