Advanced Encryption Standard (AES)

In 1998 the National Institute of Standards and Technology (NIST/USA) announced a “competition” for a new blockcipher. The new blockcipher would, in time, replace DES. The relatively short key length of DES was the main problem that motivated the effort: with the advances in computing power, a key space of 256 keys was just too small. With the development of a new algorithm one could also take the opportunity to address the modest software speed of DES, making something substantially faster, and to increase the block size from 64 to 128 bits (the choice of 64 bits for the block size can lead to security difficulties, as we shall later see. Unlike the design of DES, the new algorithm would be designed in the open and by the public.

Terminology:

There are terms that are frequently used throughout this paper that need to be clarified.

Block: AES is a block cipher. This means that the number of bytes that it encrypts is fixed. AES can currently encrypt in blocks of 16 bytes at a time; no other block sizes are presently a part of the AES standard. If the bytes being encrypted are larger then the specified block then AES is executed concurrently. This also means that AES has to encrypt a minimum of 16 bytes. If the plain text is smaller then 16 bytes then it must be padded. Simply said the block is a reference to the bytes that are processed by the algorithm.

State: Defines the current condition (state) of the block. That is the block of bytes that are currently being worked on. The state starts off being equal to the block, however it changes as each round of the algorithms executes. Plainly said this is the block in progress.

XOR: Refers to the bitwise operator Exclusive Or. XOR operates on the individual bits in a byte in the following way:

0 XOR 0 = 0

1 XOR 0 = 1

1 XOR 1 = 0

0 XOR 1 = 1

For example the Hex digits D4 XOR FF

11010100

XOR 11111111

= 00101011 (Hex 2B)

Another interesting property of the XOR operator is that it is reversible. So Hex 2B XOR FF = D4

Most programming languages have the XOR operator built in

Programming Language

XOR Operator

C

^

C++

^

C#

^

Java

^

Visual Basic

XOR

HEX: Defines a notation of numbers in base 16. This simply means that; the highest number that can be represented in a single digit is 15, rather then the usual 9 in the decimal (base 10) system.

Hex to Decimal table:

0

1

2

3

4

5

6

7

8

9

A

B

C

D

E

F

0 0

1

2

3

4

5

6

7

8

9

10

11

12

13

14

15

1 16

17

18

19

20

21

22

23

24

25

26

27

28

29

30

31

2

32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47

3

48

49

50

51

52

53

54

55

56

57

58

59

60

61

62

63

4

64

65

66

67

68

69

70

71

72

73

74

75

76

77

78

79

5

80

81

82

83

84

85

86

87

88

89

90

91

92

93

94

95

6

96

97

98

99

100

101

102

103

104

105

106

107

108

109

110

111

7

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

8

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

9

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

A

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

B

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

C

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

D

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

E

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

F

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

How AES encryption works:

AES comprises three block ciphers: AES-128, AES-192 and AES-256. Each cipher encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 128-, 192- and 256-bits, respectively. The Rijndael cipher was designed to accept additional block sizes and key lengths, but for AES, those functions were not adopted.

Symmetric (also known as secret-key) ciphers use the same key for encrypting and decrypting, so the sender and the receiver must both know — and use — the same secret key. All key lengths are deemed sufficient to protect classified information up to the “Secret” level with “Top Secret” information requiring either 192- or 256-bit key lengths. There are 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys — a round consists of several processing steps that include substitution, transposition and mixing of the input plaintext and transform it into the final output of ciphertext.

The AES encryption algorithm defines a number of transformations that are to be performed on data stored in an array. The first step of the cipher is to put the data into an array; after which the cipher transformations are repeated over a number of encryption rounds. The number of rounds is determined by the key length, with 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys.

The first transformation in the AES encryption cipher is substitution of data using a substitution table; the second transformation shifts data rows, the third mixes columns. The last transformation is a simple exclusive or (XOR) operation performed on each column using a different part of the encryption key — longer keys need more rounds to complete.

AES crypto broken by ‘groundbreaking’ attack

Cryptographers have discovered a way to break the Advanced Encryption Standard used to protect everything from top-secret government documents to online banking transactions.

The technique, which was published in Crypto 2011 cryptology conference in Santa Barbara, California, allows attackers to recover AES secret keys up to five times faster than previously possible. It introduces a technique known as biclique cryptanalysis to remove about two bits from 128-, 192-, and 256-bit keys.

This research is groundbreaking because it is the first method of breaking single-key AES that is (slightly) faster than brute force,” Nate Lawson, a cryptographer and the principal of security consultancy Root Labs, wrote in an email. “However, it doesn’t compromise AES in any practical way.”

He said it would still take trillions of years to recover strong AES keys using the biclique technique, which is a variant of what’s known as a meet-in-the-middle cryptographic attack. This method works both from the inputs and outputs of AES towards the middle, reusing partial computation results to speed up the brute-force key search. The technique is designed to reduce the time it takes an attacker to recover the key.

This technique is a divide-and-conquer attack. To find an unknown key, they partition all the possible keys into a set of groups. This is possible because AES subkeys only have small differences between rounds. They can then perform a smaller search for the full key because they can reuse partial bits of the key in later phases of the computation.

It’s impressive work but there’s no better cipher to use than AES for now.

AES remains the favored cryptographic scheme of the US government. The National Institute of Standards and Technology commissioned AES in 2001 as a replacement for the DES, or Digital Encryption Standard, which was showing signs of its age.

The research is the work of Andrey Bogdanov of Katholieke Universiteit Leuven; Microsoft Research’s Dmitry Khovratovich; and Christian Rechberger of Ecole Normale Superieure in Paris. Bogdanov and Rechberger took leave from their positions to work on the project for Microsoft Research. ®

Citation:

1) Dan Goodin 19 Aug 2011 at 05:00 tweet_btn(). “AES crypto broken by ‘groundbreaking’ attack.”

The Register® – Biting the hand that feeds IT,

www.theregister.co.uk/2011/08/19/aes_crypto_attack/.

2) “Instituto de Matemática e Estatística | IME-USP – Instituto de Matemática e Estatística.”

Português (BR), www.ime.usp.br/.

3) “What is Advanced Encryption Standard (AES)? – Definition from WhatIs.Com.” SearchSecurity,

searchsecurity.techtarget.com/definition/Advanced-Encryption-Standard.

4) https://nyitonline.nyit.edu/bbcswebdav/pid-2194310-dt-content-rid-4061411_2/courses/CSCI440-IT-2017FA-S-0041XL/Introduction%20to%20Modern%20Cryptography.pdf