literature@26-03-11

8/7/2019 literature@26-03-11

http://slidepdf.com/reader/full/literature26-03-11 1/19

1. INTRODUCTION

Extensive research has been done in the areas of improving encryption standards, providing

better hardware as well as software architecture for implementing security and keeping the cost

sensitivity, low disk space and the energy constraints in check. This can be implemented using

hardware and software. The advantages of software implementation are portability and flexibility

but it offers only limited physical security, especially with respect to key storage and speed.

When data is integrated in the design, the hardware implementation is more physically secure

and performs in a high speed but has a limited flexibility. The Data Encryption Standard (DES)

which was used earlier for data encryption is being replaced with Advanced Encryption Standard

(AES), because DES uses only a very small 56 bit key length. The longer the key length, the

more secure is the key. Using larger key length makes more possible keys to search, which

makes the algorithm to be more secure. AES has larger key length and has been efficiently

implemented both in hardware and software. The National Institute of Standards and Technology

(NIST) on January 2, 1997 invited proposals for new algorithms for the AES, where both

hardware and software performance measures were also included in their efficiency testing. In

October 2000, NIST had chosen Rijndael as the Advanced Encryption Algorithm which was

designed by Joan Daemen and Vincent Rijmen. This project primarily focuses on AES

encryption algorithm of key length 128 bit, briefs its architecture, and evaluates the performance

of the algorithm using software models with slight modifications to improve the security level.

2. AES ALGORITHM

AES algorithm can be operated in four modes, Electronic Code Block mode (ECB), Cipher

Block chain mode (CBC), Cipher feedback (CFB), Output Feedback (OFB) . In ECB mode, data

block is directly encrypted to form the cipher text and other three modes belong to feedback.

ECB mode can be achieved with high speed as it can simultaneously process multiple blocks.

Based on this looping structure, the following architecture options were investigated so as to

yield optimization of AES algorithm as iterative looping.

The Rijndael AES algorithm uses a symmetric key block cipher both in encryption and

decryption. At the start of encryption, input is copied to the State array. State array is nothing but

a 4 x 4 matrix of bytes. The encryption algorithm encrypts one block of data at a time to produce

the encrypted data block with the use of a secret key. The decryption is simply the reverse of the

8/7/2019 literature@26-03-11


encryption, and each operation is the inverse of the corresponding one in encryption. The data

block length is fixed to 128 bits, while the key length can be 128, 192, or 256 bits. Each data

block is rearranged in a matrix form. AES algorithm is an iterative algorithm and each iteration

is called a round. The number of bytes in a row of key length is given by equation

N = L / (8 X Br)

where, N is the number of bytes, L is the block length in bits, and Br is the number of rows in a

state array matrix. Each round is iterated 10 times for a 128-bit length key, 12 times for a 192-bit

key and 14 times for 256 bit key with 4,6 and 8 bytes in a row of key lengths respectively. Each

round uses four transformations and inverses but finalround excludes MixColumn

transformations.

Figure1. Flowchart of AES Encryption algorithm

8/7/2019 literature@26-03-11


The flow of the AES encryption process is given with figure 1 in which the there will be

existence of variability in the round elements based on the round number Nr.

2.1 AES structure:

AES is an iterated block cipher where it a repeat set of transformations called a roundtransformation :

AES (State,CipherKey)

{

KeyExpansion(CipherKey,ExpandedKey);

AddRoundKey(State,ExpandedKey[0]);

For(i=1;i< ;i++)

Round (State,ExpandedKey[i]);

FinalRound (State,ExpandedKey[ ]);

}

The round transformation is consisting of four different transformations:

i) The ShiftRow transformation: the rows of the State are cyclically shifted over different

offsets.

ii) The MixColumn transformation: the columns of the State are considered as polynomials

over GF (2 8 ) and multiplied modulo x4 +1 with a fixed polynomial c( x ).

iii) The Round Key addition: a Round Key is applied to the State by a simple bitwise EXOR.

iv) The ByteSub transformation: is a non-linear byte substitution, operating on each of the

State bytes

independently depending on substitution table (or S-box ) which is invertible and is constructed

by the composition of two transformations:

a) First, taking the multiplicative inverse in GF(2 8).

b)Then, applying an affine (over GF(2) ) transformation.A round can be represented as follows:

Round(State , ExpandedKey[i])

{

SubBytes(State);

ShiftRows(State);

8/7/2019 literature@26-03-11


MixColumns(State);

AddRoundKey(State,ExpandedKey[i]);

}

The final round of the cipher is slightly different as below which misses the MixColumns stage:

Round(State,ExpandedKey[ ])

{

SubBytes(State);

ShiftRows(State);

AddRoundKey(State,ExpandedKey[ ]);

}

3. MATHEMATICAL BACK GROUND:

3.1. Finite Field Arithmetic’s:

The following section introduces the different representation forms of a byte and discusses the basic

arithmetic’s of finite fields.

A finite field, also called a Galois Field [3], [2], is a field with only finitely many elements. The finite

field GF(2 8) e. g. consists of the 2 8 = 256 different numbers (0 . . . 255) represented by one byte

(8 bits). Special xor- and modulo-operations, explained in detail in the following sections, make

sure that the sum and the product of two finite field elements remain within the range of the

original finite field.

The following sections convert an example through the usual representation forms of a finite field

element.

3.1.1 Binary Representation

A byte consists of 8 bits, leading to the binary representation of an arbitrarily chosen example :

10100011b

8/7/2019 literature@26-03-11


3.1.2 Decimal Representation

This example can be represented in decimal form by multiplying every bit by its corresponding

power of two:

1 · 2 7 + 0 · 2 6 + 1 · 2 5 + 0 · 2 4 + 0 · 2 3 + 0 · 2 2 + 1 · 2 1 + 1 · 2 0 = 27 + 25 + 21 + 20

= 128 + 32 + 2 + 1 = 163 d

3.1.3 Hexadecimal Representation

The numbers 0 . . . 15 can be expressed by a group of four bits called a nibble. The numbers

10 . . . 15 cannot be represented by a single decimal digit (0 . . . 9) and are

therefore”abbreviated” by the letters A . . . F in hexadecimal notation.

Binary presentation Decimal Equivalent Hexadecimal Equivalent0000 0 00001 1 10010 2 20011 3 30100 4 40101 5 50110 6 60111 7 71000 8 81001 9 91010 10 A1011 11 B1100 12 C1101 13 D1110 14 E1111 15 F

Table1. Usual representation forms of a finite field element

The conversion from binary to hexadecimal is now very straightforward. The byte is divided into

two nibbles and each nibble is represented by its hexadecimal digit:

Ex: (10100011) h = 1010 0011 = A3h

Ah 3h

For the conversion from hexadecimal back to decimal every hexadecimal digit is multiplied by its

valence: The left digit is multiplied by 16, while the right one is multiplied by 1 and is therefore

8/7/2019 literature@26-03-11


8/7/2019 literature@26-03-11


Figure4: Binary polynomial multiplication (curtsey: Wikipedia)

3.3 Polynomial Division

The manual algorithm to divide two polynomials is depicted in Figure 5.

Figure 5:”Classical” polynomial division (curtsey: Wikipedia)

The greatest power of the numerator (x 13) is divided by the greatest power of the denom-

inator (x 8) yielding the first resulting term (x 5). This term is multiplied by the complete

denominator (® x 13 + x 9 + x 8 + x 6 + x 5) and subtracted from the numerator, resulting in a new

numerator (-x 9 + x 7 - x 6 - x 5 + x 4 + x 3 + 1). This procedure is repeated until the greatest power of

the new numerator has become less than the greatest power of the denominator. The final numerator

(x7 - x 6 + 2x 4 + x 3 + x 2 + x + 1) is the remainder of this modulo operation. Applying

8/7/2019 literature@26-03-11


the”generalized xor-rules” to the remainder leaves the desired byte-conform polynomial:

x7 + x 6 + x 3 + x 2 + x + 1

The bit level operations illustrated in Figure 6 achieve the same result by bit-wise shift and xor

operations: The denominator is shifted to the left until its most significant bit (MSB) matches theMSB of the numerator. The subtraction is then performed via xor, resulting in a new, smaller

numerator. The shifting and xor-ing is repeated, until the resulting numerator (the remainder) fits

into one byte

Figure 6: Binary polynomial division (curtsey: Wikipedia)

8/7/2019 literature@26-03-11


4. DATA UNIT PRESENTATION & STRUCTURE OF AES :

The data to be encrypted is represented as matrix of bytes called State Matrix. As shown in fig.7

the presenation as a matrix, AES process will be initiated & each matrix value is byte valued.

After the representation of the input data as a matrix the individula column elements formWORD which is of value 4 bytes. This word representation will be very helpful while going for

the key generation which is essential for symetric cryptography.

word

W 0

(4 bytes)

Fig7. State Matrix

The individual bytes of the state table are processed for the encryption using keys and the

process of encryption is classified as modules and can be depicted by means of following fig8.

S00 S01 S02 S03

S10 S11 S12 S13

S20 S21 S22 S23

S30 S31 S32 S33S00

S10

S20

S30

8/7/2019 literature@26-03-11


Fig 8 . AES round Discription (curtasy : Google images)

8/7/2019 literature@26-03-11


AES is a cipher that encrypts & decrypts a data block of 128 bits. It uses 10, 12, or 14 rounds.

The key size, which can be 128,192,256 bits, depends on number of rounds. The

generalized design of the AES encryption is shown in fig.9. The Design for the

decryption is similar to that of encryption but round keys are applied in reverse order.

Fig.9. ENCRYPTION & DECRYPTION PROCESS

8/7/2019 literature@26-03-11


4.1. AddRoundKey

During each round of an AES process, a separate 128-bit round key is used. The round keys are

derived from the cipherkey using a key expansion routine. The AddRoundKey operation is a

simple bit-by-bit XOR operation between the state and the round key. An AES process requires a

total of Nr+1 AddRoundKey operations, as an additional 'initial' AddRoundKey operation is

performed prior to the round operations. For an AES encryption process this initial

AddRoundKey operation XORs the plaintext with the cipherkey.

There is a need for an additional AddRoundKey operation during an AES process, as there are Nr

rounds and Nr+1 subkeys.

4.2. SubBytes and InvSubBytes

The Substitution mechanism in AES is done for each byte & only one table is used for everybyte, which means that if two bytes are same, their transformation is also same. The

transformation is defined by either a table look-up process or mathematical calculation in the

GF(2 8) field. The substitution box for SubBytes transformation is derived from GF(2 8) field by

taking predefined irreducable polynomial ( polynomial which will have no factors). The contents

of the state box are substituted with reference to the SubBytes transformation table & can be

shown in fig.10.

8/7/2019 literature@26-03-11


Fig.10 SubByte Transformation

The irreducible polynomial to derive the elements of the substitution table by GF(2 8) field

defined as X8 + X 4 +X 3 + X +1 and as steps the process is discribed for SubByte process.

• Finding the Multiplicative Invers of the Byte value.

• Byte to Matrix conversion.

• Matrix multiplication with constant square matrix X

• Matrix Addition of above result with the column matrix y, which cosists the initial value

for combination 00, the 1X1 element in subByte transformation table.

Ex: 63, the 1X1 element

• Matrix to byte conversion.

For the InvSubBytes process steps will be carries in reverse manner with inverse value of the

constant matrix X. by modifying 1X1 element or the constant matrix, the respective table

byte value will changes. This gives more security in a simple manner for the entire AES

process.

| 0 1 2 3 4 5 6 7 8 9 a b c d e f

---|--|--|--|--|--|--|--|--|--|--|--|--|--|--|--|--|

0 |63 7c 77 7b f2 6b 6f c5 30 01 67 2b fe d7 ab 76

1 |ca 82 c9 7d fa 59 47 f0 ad d4 a2 af 9c a4 72 c0

2 |b7 fd 93 26 36 3f f7 cc 34 a5 e5 f1 71 d8 31 15

3 |04 c7 23 c3 18 96 05 9a 07 12 80 e2 eb 27 b2 75

4 |09 83 2c 1a 1b 6e 5a a0 52 3b d6 b3 29 e3 2f 84

5 |53 d1 00 ed 20 fc b1 5b 6a cb be 39 4a 4c 58 cf

6 |d0 ef aa fb 43 4d 33 85 45 f9 02 7f 50 3c 9f a8

7 |51 a3 40 8f 92 9d 38 f5 bc b6 da 21 10 ff f3 d2

8 |cd 0c 13 ec 5f 97 44 17 c4 a7 7e 3d 64 5d 19 73

9 |60 81 4f dc 22 2a 90 88 46 ee b8 14 de 5e 0b dba |e0 32 3a 0a 49 06 24 5c c2 d3 ac 62 91 95 e4 79

b |e7 c8 37 6d 8d d5 4e a9 6c 56 f4 ea 65 7a ae 08

c |ba 78 25 2e 1c a6 b4 c6 e8 dd 74 1f 4b bd 8b 8a

d |70 3e b5 66 48 03 f6 0e 61 35 57 b9 86 c1 1d 9e

e |e1 f8 98 11 69 d9 8e 94 9b 1e 87 e9 ce 55 28 df

f |8c a1 89 0d bf e6 42 68 41 99 2d 0f b0 54 bb 16

8/7/2019 literature@26-03-11


S-Box for Encryption Process (curtsey : http://en.wikipedia.org/wiki/Rijndael_S-box )

| 0 1 2 3 4 5 6 7 8 9 a b c d e f

---|--|--|--|--|--|--|--|--|--|--|--|--|--|--|--|--|

0 |52 09 6a d5 30 36 a5 38 bf 40 a3 9e 81 f3 d7 fb

1 |7c e3 39 82 9b 2f ff 87 34 8e 43 44 c4 de e9 cb

2 |54 7b 94 32 a6 c2 23 3d ee 4c 95 0b 42 fa c3 4e

3 |08 2e a1 66 28 d9 24 b2 76 5b a2 49 6d 8b d1 25

4 |72 f8 f6 64 86 68 98 16 d4 a4 5c cc 5d 65 b6 92

5 |6c 70 48 50 fd ed b9 da 5e 15 46 57 a7 8d 9d 84

6 |90 d8 ab 00 8c bc d3 0a f7 e4 58 05 b8 b3 45 06

7 |d0 2c 1e 8f ca 3f 0f 02 c1 af bd 03 01 13 8a 6b

8 |3a 91 11 41 4f 67 dc ea 97 f2 cf ce f0 b4 e6 73

9 |96 ac 74 22 e7 ad 35 85 e2 f9 37 e8 1c 75 df 6e

a |47 f1 1a 71 1d 29 c5 89 6f b7 62 0e aa 18 be 1b

b |fc 56 3e 4b c6 d2 79 20 9a db c0 fe 78 cd 5a f4

c |1f dd a8 33 88 07 c7 31 b1 12 10 59 27 80 ec 5f

d |60 51 7f a9 19 b5 4a 0d 2d e5 7a 9f 93 c9 9c ef

e |a0 e0 3b 4d ae 2a f5 b0 c8 eb bb 3c 83 53 99 61

f |17 2b 04 7e ba 77 d6 26 e1 69 14 63 55 21 0c 7d

S-Box for Decryption Process (curtsey : http://en.wikipedia.org/wiki/Rijndael_S-box )

4.3 ShiftRows and InvShiftRows

The Shift Rows operation changes the order of bytes in each row of the state. The first row is not

affected by this transformation. The second row is shifted cyclically to left by one byte, the third

row by two and the fourth row by three bytes as seen in figure 11. The inverse operation

InvShiftRows is quite similar in style, with only the cyclic shifts made to the right.

http://en.wikipedia.org/wiki/Rijndael_S-box





8/7/2019 literature@26-03-11


Fig. 11 : Shift and inverse Shift row transformation

Courtasy : http://www.iis.ee.ethz.ch/~kgf/acacia

4.4 MixColumns and InvMixColumns

MixColumns is a 32-bit operation that transforms four bytes of each column in the state. The new

bytes of the column S’ r,c are obtained by the given constant matrix multiplication in GF(2 8). If the

polynomial representation of binary numbers is used, the multiplication process is carried as

shown in fig13. where Snc (n=0 to 3) represent the original byte column in the state matrix and

S’nc(n=0 to 3) represent corresponding modified state matrix column values.

Fig13. : Mix Columns Representation

4.5 Key generation:

S0C

S1C

S2C

S3C

X X+1 1 1

1 X X+1 1

1 1 X X+1

X+1 1 1 X

S’0C

S’1C

S’2C

S’3C

8/7/2019 literature@26-03-11


The key expansion routine is used to generate the roundkeys from the cipherkey. The AES

standard defines the key expansion operations on four byte words called w i. A subkey is

composed of four such words. The key expansion for AES-128 is relatively straightforward:

1. The first subkey (w 3,w2,w 1,w 0) corresponds to the cipher key itself.

2. The following words w i are calculated recursively from this initial set of words using a

simple XOR function:

for all values of i that are not multiples of 4 i.e. if(I mod 4) ≠ 0 then

W i = W i-1 W i-4

3. For the words with indices that are a multiple of 4 (w 4k ), a special transformation is

used. First, the byte ordering of w 4k-1 is changed by cyclic left shift, and then the

SubBytes function is applied to all four bytes. In the AES standard these operations are

named RotWord and SubWord respectively. The result is XOR'ed with W i-4 and a round

constant Rcon i/4 applied within a constant ‘t’.

If (I mod 4) =0, W I = t W i-4 , Here ‘t’ is a temporary word is a result of applying

mentioned two routines, SubWord & RotWord on W i-1 & XORing the result with a Round

Constants Rcon. The final value of the temporary word ‘t’ is given to be :

T= SubWord(RotWord(W i-1)) Rcon i/4

For AES-128 version with 10 rounds there are total 44 Words and as a schematic the key

expansion can be shown in fig. 14.

8/7/2019 literature@26-03-11


Fig14. Key Expansion

Where t i temporary words for i=4 Nr, where Nr is Number of rounds, i is round value and is

carried as shown in fig15.

Fig15. Temporary word generation

Wi-1 RotWord SubWord

RCon(i/4)

t

i

8/7/2019 literature@26-03-11


5. DESIGN PRINCIPLES OF THE PROPOSED OF MAES

In the process of image security using AES cryptographic method, there exist some challengingissues viz. statistical and brute force attacks, memory space requirements and execution speed. to

improve the efficiency of the algorithm in the view of security as well as not effecting the speed

and the memory space requirements various modifications are carried. The major modifications

are at the modules viz. the substitution box (S-BOX) design which is required at Sub Bytes stage,

choosing various Constant matrix at the stage of matrix multiplication and shift row processing

stage. Among all these stage modifications in shift row transformation is effective in the sense of

fast execution and complexity when compared to the modifications that are carried with other

modules. Even though the modifications in other modules rather than shift rows give reasonable

performance, they lag at the point of memory requirements and circuit complexity.

5.1 Modifications in the algorithm

In regular AES algorithms shift row transformation stage, the bytes in the last three rows shifted

over 1, 2 & 3 respectively. In the case of MAES, the modified version of Advanced Encryption

Standard, following procedure is followed for transformation.

Step 1: Examine the value of the first Row & first Column, State [0][0] value is even or odd.

Step 2: If it is odd, The Shift Rows step operates on the rows of the state matrix; it cyclically

shifts the bytes in each row by a certain offset. For MAES, the first & third rows are unchanged

& each byte of second row is shifted one to left. Similarly, the fourth row is shifted three to the

left respectively.

Step 3: If it is even, the Shift rows step operates on the rows of the stage; it cyclically shifts the

bytes in each row by a certain offset. The first & fourth are unchanged and each byte of second

row is shifted three to the right. Similarly, the third row is shifted by two respectively on to the

right.

8/7/2019 literature@26-03-11


Documents

literature@26-03-11