Friday, October 11, 2013

AES (Advanced Encryption Standard)

I'm not gonna teach you how to perform AES encryption or decryption. So if you are looking for that, then you can turn right around and go. But I will tell you some interesting things that I learned about AES. These may help you in conjunction with other tutorials.

1. Multiply is not multiply. You will need a function to perform gmul. It is multiply in a Galois field. I don't really know much about what a Galois field is, but it is an alternate universe when it comes to mathematics. So when they say multiply, this is what they mean.

2. Add and subtract are actually XOR. Wherever it says subtract it is the same operation as add. Realize that every step of AES (key generation, adding round keys, substitute bytes, shifting rown, and mixing columns) require Galois operations. Multiply, add / subtract.

3. Decryption is harder than encryption. Yes, that sounds weird, but it's true. What I mean is that to perform encryption you just need the key to begin with. You can actually generate the keys on the fly. To perform decryption, you MUST perform full key expansion to get the final key. They you can work backwards on the fly. Also decryption's inverse mix columns step requires 4 multiply look-up tables as opposed to 2 for encryption's mix columns step.

4. AES 256 is easier to implement than AES 192. The biggest difficulty is on the fly key generation. If you want to generate AES 128 on the fly, then it is the same sequence for each round of encryption. For 256, it is the same round every 2 times. For 192, it is different. B/c each round of key expansion produces 192 bits (24 bytes) and each round of encryption uses 16 bytes, you have to loop through 1.5 rounds of encryption before starting a new line of key expansion. Of course AES 256 requires more flops.