Embed Size (px)
DESCRIPTION
Advanced Encryption Standard(AES). Presented by: Venkata Marella. Contents. History Drawbacks of DES Algorithm Feature of AES Algorithm. Substitution-Permutation Network Key Expansion Description of the AES Advantages of AES Security of the AES Comparison b/w AES and DES - PowerPoint PPT Presentation
Citation preview
Advanced Encryption Standard(AES)
Presented by: Venkata Marella
Slide #9-1
Contents
• History • Drawbacks of DES Algorithm• Feature of AES Algorithm.• Substitution-Permutation Network• Key Expansion• Description of the AES• Advantages of AES• Security of the AES• Comparison b/w AES and DES• Conclusion
Slide #9-2
History
• The National Security Agency took over responsibility for all U.S. Government encryption systems when it was formed in 1952
• In 1976 National Institute of Standards and Technology (NIST), published the DES algorithm
• And later IDEA, Blowfish, RC5 and Triple DES algorithms are published.
• And these algorithms survived as part-time algorithms
Slide #9-3
History Continues…
• AES was announced by National Institute of Standards and Technology(NIST ) in 2002
• AES was first published as Rijndael in the year 1998, portmanteau of the names of the two inventors Joan Daemen and Vincent Rijmen .
• As of 2009 ,AES is one of the most popular algorithms used in symmetric key cryptography. It is available in many different encryption packages. AES is the first publicly accessible and open cipher approved by the NSA for top secret information.
Slide #9-4
Drawbacks of DES Algorithm
• DES is considered to be insecure for many applications .
• The main reason the insecurity of DES is it’s Key length. The Key length of DES is 56 bits. NSA claimed that the key length is too small.
• In January, 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutesw considered to be insecure for many applications
Slide #9-5
Features of AES
•Symmetric Cipher• Fixed Block length• Variable Key length • Variable Number of Rounds.• Uses Substitution-Permutation Network.• Available in three different Version(AES-128, AES192, AES 256)• Certified by CRYPTREC, NESSIE, NSA, AES Winner
Slide #9-6
Substitution-Permutation Network
• AIM: to provide Diffusion and Confusion.
•S-boxes substitute or transform input bits into output bits.
• A good S-box will have the property that changing one input bit will change about half of the output bits.
•No output bit of S-Box should match the I/P bits
•S-Boxes should show Non linearity
Slide #9-7
SP Network (Continue..)
• P-boxes take the S-box outputs of one round, permute or transpose bits, and feed them into the S-box inputs of the next round.
• A single S-box produces a limited amount of confusion and the single P-box produces a limited amount of diffusion
• A well-designed SP network has enough rounds that every input bit is fully diffused across every output bit of the entire message.
Slide #9-8
Description of Algorithm
• Key Expansion •Initial Round 1.Add RoundKey• Rounds 1. SubBytes 2. Shift Rows 3. Mix Columns 4. Add RoundKey• Final Round 1.SubBytes 2.ShiftRows 3.AddRoundKey
Slide #9-9
Key Expansion
• AES key is either 128 bits, 192 bits or 256 bits
• 128bits=4 words
• 192bits=6 words
• 256bits=8words
• Number of Rounds=Key length + 6 (in words)
• Expanded Key length= 4*(Number of Rounds+1)
(in words)
Slide #9-10
Key Expansion(continues)
Slide #9-11
Key length
Expanded key length
Block Size
Number of Rounds
AES-128 4 44 4 10
AES-192 6 52 4 12
AES-256 8 60 4 14
Encryption
CIPHER TEXTSlide #9-12
Add RoundKey
• The subkey, which is generated from the key Expansion is added by combining each byte of the state with the corresponding byte of the subkey using bitwise XOR
Slide #9-13
Add Roundkey
Slide #9-14
SUB-BYTE
• In the SubBytes step, each byte in the array is updated using an 8-bit substitution box, the Rijndael S-box. This operation provides the non-linearity in the cipher. . The S-box is also chosen to avoid any fixed points also any opposite fixed points.
Slide #9-15
SubBytes
Slide #9-16
MixColumns
• In the MixColumns step, the four bytes of each column of the state are combined using an invertible linear transformation. The MixColumns function takes four bytes as input and outputs four bytes, where each input byte affects all four output bytes. Together with ShiftRows, MixColumns provides diffusion in the
cipher.
Slide #9-17
MixColumns
Slide #9-18
Shift Rows
• ShiftRows step operates on the rows of the state; it cyclically shifts the bytes in each row by a certain offset. For AES, the first row is left unchanged. Each byte of the second row is shifted one to the left. Similarly, the third and fourth rows are shifted by offsets of two and three respectively
Slide #9-19
Shift Row
Slide #9-20
Key Expansion
Slide #9-21
• One word among the key is taken usually the last word is taken.
• It is rotated by one bit.
• The sub-byte operation is performed on it
• Now the result is EXOR with first word and Rcon.
• The result gives the first column of the expansion key
Advantages
• Fast in it’s execution
• Requires less Memory
• Use Substitution –Permutation Network.
Slide #9-22
Security
• Assuming that one could build a machine that could recover a DES key in a second (i.e., try 255 keys per second), then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old
• So, AES is safe for another 109 year ( with assumption that the speed of the processor double for every 18 months)
Slide #9-23
Security(Continues..)
• As of 2006, the only successful attacks against AES implementations have been side-channel attacks. The National Security Agency (NSA) reviewed all the AES finalists, including Rijndael, and stated that all of them were secure enough for US Government non-classified data. In June 2003, the US Government announced that AES may be used to protect classified information:
Slide #9-24
Side Channel Attack
• A side channel attack is any attack based on information gained from the physical implementation of a cryptosystem, rather than brute force or theoretical weaknesses in the algorithms (compare cryptanalysis).
Slide #9-25
Comparison b/w DES &AESSubject DES AES
Year 1976 1998
Block 64 bits 128 bits
Structure Feistal Cipher SP-Network
Encryption Principle Substitution, Permutation
Shift, Bit Mixing, Substitution
Cryptography Primitive
Confusion, Diffusion Confusion, Diffusion
Design Open Open
Design Rationale Closed Open
Source IBM, enhanced by NSA
Independent Belgian Cryptography
Conclusion
• No Algorithm is secure from Brute force attack. But, the main goal of the modern encryption algorithms is to make it difficult for the Brute force Attack to break the encryption. But, the Brute force Attack can be executed fast with the help of Cluster and Grid Computing Technologies. So, Modern Encryption Algorithms should compete with the challenges posed by Cluster and Grid Computing Technologies.
Slide #9-27
![Der Advanced Encryption Standard [AES]Der Advanced Encryption Standard [AES] Autoren: Christof Paar Jan Pelzl Ruhr - Universität Bochum Der Advanced Encryption Stan-dard [AES] Autoren:](https://img.pdfslide.us/doc/110x75/5f94f8f21b26e621c24ffacc/der-advanced-encryption-standard-aes-der-advanced-encryption-standard-aes-autoren.jpg)
