Aes Encrypt
Advanced Encryption Standard
(AES)
Most of lecture slides by Lawrie Brown
Origins clear a replacement for DES was needed
have theoretical attacks that can break it have demonstrated exhaustive key search attacks
can use Triple-DES – but slow, has small blocks US NIST issued call for ciphers in 1997 15 candidates accepted in Jun 98 5 were shortlisted in Aug-99 Rijndael was selected as the AES in Oct-2000 issued as FIPS PUB 197 standard in Nov-2001
AES Requirements private key symmetric block cipher 128-bit data, 128/192/256-bit keys stronger & faster than Triple-DES active life of 20-30 years (+ archival use) provide full specification & design details both C & Java implementations NIST have released all submissions & unclassified analyses
AES Evaluation Criteria initial criteria:
security – effort for practical cryptanalysis cost – in terms of computational efficiency algorithm & implementation characteristics general security ease of software & hardware implementation implementation attacks flexibility (in en/decrypt, keying, other factors)
final criteria
AES Shortlist after testing and evaluation, shortlist in Aug-99:
MARS (IBM) - complex, fast, high security margin RC6 (USA) - v. simple, v. fast, low security margin Rijndael (Belgium) - clean, fast, good security margin Serpent (Euro) - slow, clean, v. high security margin Twofish (USA) - complex, v. fast, high security margin
then subject to further analysis & comment saw contrast between algorithms with
few complex rounds verses many simple rounds which refined existing ciphers verses new proposals
The AES Cipher - Rijndael designed by Rijmen-Daemen in Belgium has 128/192/256 bit keys, 128 bit data an iterative rather than feistel cipher
processes data as block of 4 columns of 4 bytes operates on entire data block in every round resistant against known attacks speed and code compactness on many CPUs
(AES)
Most of lecture slides by Lawrie Brown
Origins clear a replacement for DES was needed
have theoretical attacks that can break it have demonstrated exhaustive key search attacks
can use Triple-DES – but slow, has small blocks US NIST issued call for ciphers in 1997 15 candidates accepted in Jun 98 5 were shortlisted in Aug-99 Rijndael was selected as the AES in Oct-2000 issued as FIPS PUB 197 standard in Nov-2001
AES Requirements private key symmetric block cipher 128-bit data, 128/192/256-bit keys stronger & faster than Triple-DES active life of 20-30 years (+ archival use) provide full specification & design details both C & Java implementations NIST have released all submissions & unclassified analyses
AES Evaluation Criteria initial criteria:
security – effort for practical cryptanalysis cost – in terms of computational efficiency algorithm & implementation characteristics general security ease of software & hardware implementation implementation attacks flexibility (in en/decrypt, keying, other factors)
final criteria
AES Shortlist after testing and evaluation, shortlist in Aug-99:
MARS (IBM) - complex, fast, high security margin RC6 (USA) - v. simple, v. fast, low security margin Rijndael (Belgium) - clean, fast, good security margin Serpent (Euro) - slow, clean, v. high security margin Twofish (USA) - complex, v. fast, high security margin
then subject to further analysis & comment saw contrast between algorithms with
few complex rounds verses many simple rounds which refined existing ciphers verses new proposals
The AES Cipher - Rijndael designed by Rijmen-Daemen in Belgium has 128/192/256 bit keys, 128 bit data an iterative rather than feistel cipher
processes data as block of 4 columns of 4 bytes operates on entire data block in every round resistant against known attacks speed and code compactness on many CPUs