320 likes | 666 Vues
Advanced Encryption Standard(AES). Presented by: Venkata Marella. Contents. History Drawbacks of DES Algorithm Feature of AES Algorithm. Substitution-Permutation Network Key Expansion Description of the AES Advantages of AES Security of the AES Comparison b/w AES and DES
E N D
Advanced Encryption Standard(AES) Presented by: Venkata Marella
Contents • History • Drawbacks of DES Algorithm • Feature of AES Algorithm. • Substitution-Permutation Network • Key Expansion • Description of the AES • Advantages of AES • Security of the AES • Comparison b/w AES and DES • Conclusion
History • The National Security Agency took over responsibility for all U.S. Government encryption systems when it was formed in 1952 • In 1976 National Institute of Standards and Technology (NIST), published the DES algorithm • And later IDEA, Blowfish, RC5 and Triple DES algorithms are published. • And these algorithms survived as part-time algorithms
History Continues… • AES was announced by National Institute of Standards and Technology(NIST ) in 2002 • AES was first published as Rijndael in the year 1998, portmanteau of the names of the two inventors Joan Daemen and Vincent Rijmen . • As of 2009 ,AES is one of the most popular algorithms used in symmetric key cryptography. It is available in many different encryption packages. AES is the first publicly accessible and open cipher approved by the NSA for top secret information.
Drawbacks of DES Algorithm • DES is considered to be insecure for many applications . • The main reason the insecurity of DES is it’s Key length. The Key length of DES is 56 bits. NSA claimed that the key length is too small. • In January, 1999, distributed.net and the Electronic Frontier Foundation collaborated to publicly break a DES key in 22 hours and 15 minutes • w considered to be insecure for many applications
Features of AES • Symmetric Cipher • Fixed Block length • Variable Key length • Variable Number of Rounds. • Uses Substitution-Permutation Network. • Available in three different Version(AES-128, AES192, AES 256) • Certified by CRYPTREC, NESSIE, NSA, AES Winner
Substitution-Permutation Network • AIM: to provide Diffusion and Confusion. • S-boxes substitute or transform input bits into output bits. • A good S-box will have the property that changing one input bit will change about half of the output bits. • No output bit of S-Box should match the I/P bits • S-Boxes should show Non linearity
SP Network (Continue..) • P-boxes take the S-box outputs of one round, permute or transpose bits, and feed them into the S-box inputs of the next round. • A single S-box produces a limited amount of confusion and the single P-box produces a limited amount of diffusion • A well-designed SP network has enough rounds that every input bit is fully diffused across every output bit of the entire message.
Description of Algorithm • Key Expansion • Initial Round • 1.Add RoundKey • Rounds • 1. SubBytes • 2. Shift Rows • 3. Mix Columns • 4. Add RoundKey • Final Round • 1.SubBytes • 2.ShiftRows • 3.AddRoundKey
Key Expansion • AES key is either 128 bits, 192 bits or 256 bits • 128bits=4 words • 192bits=6 words • 256bits=8words • Number of Rounds=Key length + 6 (in words) • Expanded Key length= 4*(Number of Rounds+1) (in words)
Encryption CIPHER TEXT
Add RoundKey • The subkey, which is generated from the key Expansion is added by combining each byte of the state with the corresponding byte of the subkey using bitwise XOR
SUB-BYTE • In the SubBytes step, each byte in the array is updated using an 8-bit substitution box, the Rijndael S-box. This operation provides the non-linearity in the cipher. . The S-box is also chosen to avoid any fixed points also any opposite fixed points.
MixColumns • In the MixColumns step, the four bytes of each column of the state are combined using an invertible linear transformation. The MixColumns function takes four bytes as input and outputs four bytes, where each input byte affects all four output bytes. Together with ShiftRows, MixColumns provides diffusion in the cipher.
Shift Rows • ShiftRows step operates on the rows of the state; it cyclically shifts the bytes in each row by a certain offset. For AES, the first row is left unchanged. Each byte of the second row is shifted one to the left. Similarly, the third and fourth rows are shifted by offsets of two and three respectively
Key Expansion • One word among the key is taken usually the last word is taken. • It is rotated by one bit. • The sub-byte operation is performed on it • Now the result is EXOR with first word and Rcon. • The result gives the first column of the expansion key
Advantages • Fast in it’s execution • Requires less Memory • Use Substitution –Permutation Network.
Security • Assuming that one could build a machine that could recover a DES key in a second (i.e., try 255 keys per second), then it would take that machine approximately 149 thousand-billion (149 trillion) years to crack a 128-bit AES key. To put that into perspective, the universe is believed to be less than 20 billion years old • So, AES is safe for another 109 year ( with assumption that the speed of the processor double for every 18 months)
Security(Continues..) • As of 2006, the only successful attacks against AES implementations have been side-channel attacks. The National Security Agency (NSA) reviewed all the AES finalists, including Rijndael, and stated that all of them were secure enough for US Government non-classified data. In June 2003, the US Government announced that AES may be used to protect classified information:
Side Channel Attack • A side channel attack is any attack based on information gained from the physical implementation of a cryptosystem, rather than brute force or theoretical weaknesses in the algorithms (compare cryptanalysis).
Conclusion • No Algorithm is secure from Brute force attack. But, the main goal of the modern encryption algorithms is to make it difficult for the Brute force Attack to break the encryption. But, the Brute force Attack can be executed fast with the help of Cluster and Grid Computing Technologies. So, Modern Encryption Algorithms should compete with the challenges posed by Cluster and Grid Computing Technologies.