Advanced Encryption Standard Simplified-AES Simplified-AES Example - - PDF document

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Advanced Encryption Standard

Cryptography

School of Engineering and Technology CQUniversity Australia

Prepared by Steven Gordon on 19 Feb 2020, aes.tex, r1789

1

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Contents

Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

2

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

History of AES

◮ 1977: DES (56-bit key). NIST published. ◮ 1991: IDEA, similar to DES, secure but patent issues ◮ 1999: 3DES (168-bit key). NIST recommended 3DES be used (DES only for legacy systems)

◮ 3DES was considered secure (apart from special case attacks) ◮ But 3DES is very slow, especially in software ◮ DES and 3DES use 64-bit blocks larger block sizes required for efficiency

◮ 1997: NIST called for proposals for new Advanced Encryption Standards

◮ Proposals made public and evaluations performed

◮ 2001: Selected Rijndael as the algorithm for AES

3

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Selecting a Winner

◮ Original NIST criteria:

◮ Security: effort to cryptoanalyse algorithm, randomness, . . . ◮ Cost: royalty-free license, computationally efficient, . . . ◮ Algorithm and implementation characteristics: flexibility (different keys/blocks, implement on different systems), simplicity, . . .

◮ 21 candidate algorithms reduced to 5 ◮ Updated NIST evaluation criteria for 5 algorithms:

◮ General Security ◮ Software and hardware implementations (needs to be efficient) ◮ Low RAM/ROM requirements (e.g. for smart cards) ◮ Ability to change keys quickly ◮ Potential to use parallel processors

4

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Selecting Rijndael for AES

◮ Security: good, no known attacks ◮ Software implementation: fast, can make use of parallel processors ◮ Hardware implementation: fastest of all candidates ◮ Low memory requirements: good, except encryption and decryption require separate space ◮ Timing and Power analysis attacks: easiest to defend against ◮ Key flexibility: supports on-the-fly change of keys and different size of keys/blocks

5

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Overview of Rijndael/AES

◮ Rijndael allows variety of block and key sizes

◮ 128, 160, 192, 224 and 256 bits ◮ Key can be different size to block

◮ AES standardises block size of 128 bits, key sizes of 128, 192 and 256 bits ◮ We will use S-AES to help understand

◮ Again, S-AES is not used in the real world, only an educational tool

◮ For details of AES (S-Boxes and other operations), see the Stallings textbook

6

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Contents

Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

7

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Simplified-AES

◮ Input: 16-bit block of plaintext; 16-bit key ◮ Output: 16-bit block of ciphertext ◮ Four operations:

◮ Add Key: XOR of a 16-bit key and 16-bit state matrix ◮ Nibble substitution: table lookup that swaps nibbles (4-bits) ◮ Shift Row: shift of nibbles in a row ◮ Mix Column: re-order columns

◮ 3 rounds:

◮ Round 0: Add key ◮ Round 1: All four operations ◮ Round 2: Three operations

8

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

S-AES Encryption and Decryption

9

The figure on slide 9 shows the overall steps for S-AES encryption, decryp- tion and key expansion. S-AES operates on 16-bit blocks of plaintext. To encrypt, there is an initial add round key, and then two rounds, where the 2nd round does not include the mix columns operation.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

S-AES State Operations

10

The figure on slide 10 shows that in S-AES the 16-bit blocks are represented as 4 4-bit nibbles. Operations are performed on nibbles. Together the 4 nibbles are referred to as the state matrix.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

S-AES Add Key and Shift Row

11

The figure on slide 11 shows the Add Key operation is an XOR between the current state matrix and a round key. The Shift Row operation simply swaps two nibbles.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

S-AES Nibble Substitution

12

The figure on slide 12 shows the Nibble Substitution operation, which uses S-Boxes. The left-most 2 bits in a nibble determine the row, and the right-most 2 bits in the nibble determine the column. The output is nibble based on the S-Box. The Inverse S-Box is used in decryption.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

S-AES Mix Column

13

The figure on slide 13 shows the Mix Column operation. This operation applies a matrix multiplication on the state matrix. Importantly, the result- ing addition and multiplication operations are in Galois Field GF(24). We do not cover (Galois) fields, however in Number Theory we saw modular arithmetic with mod n where all operations produced results within 0 to n. This is a simple case of a field, i.e. all operations produce answers within some finite range. GF(24) means all answers will be within range 0 to 15. The following tables show the exact values for addition and multiplication in GF(24) for S-AES.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

GF(24) Addition used in S-AES

14

The figure on slide 14 shows the GF(24) addition table.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

GF(24) Multiplication used in S-AES

15

The figure on slide 15 shows the GF(24) multiplication table.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

S-AES Key Expansion

16

The figure on slide 16 shows how the original 16-bit key is expanded to 3 16-bit round keys. Each round key is made up of 2 8-bit words.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Comparing S-AES and AES

17

The figure on slide 13 compares S-AES characteristics to that of real AES.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Contents

Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

18

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Encrypt with S-AES (exercise)

Show that when the plaintext 1101 0111 0010 1000 is encrypted using Simplified-AES with key 0100 1010 1111 0101 that the ciphertext obtained is 0010 0100 1110 1100.

19

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Contents

Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

20

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

AES Design Features

◮ Only the Add Key stage makes use of the key

◮ The other 3 stages (Shift Row, Mix Column, Nibble Substitution) provide confusion and diffusion of bits. On their own, they provide no security (do not use key)

◮ The four operations are easily reversible (for decryption) ◮ Encryption and decryption algorithms not identical ◮ Final round is only 3 operations, so algorithm is reversible ◮ S-Box design aims:

◮ Low correlation between input bits and output bits ◮ Cannot describe output as simple function of input ◮ No fixed or opposite points, for example S-box(a) = a

◮ Mix columns and shift rows ensure all output bits depend on all input bits after several rounds ◮ In Mix Columns, encryption more efficient than decryption ◮ Very efficient implementations for 8- and 32-bit processors

21

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

AES Parameters

22

The figure on slide 22 shows the parameters for three variations of AES: using key sizes of 128, 192 or 256 bits. The user can select the variant depending on their security/performance requirements.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

AES Encryption and Decryption

23

The figure on slide 23 gives an overview of the AES encrypt and decrypt

• process. For more details on AES see the Stalling’s textbook, AES on

Wikipedia or the AES standard from NIST.

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Contents

Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

24

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

AES Key Generation (exercise)

Generate a shared secret key to be used with AES and share it with another person.

25

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

AES Encryption (exercise)

Create a message in a plain text file and after using AES, send the ciphertext to the person you shared the key with.

26

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

AES Decryption (exercise)

Decrypt the ciphertext you received.

27

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

AES Performance Benchmarking (exercise)

Perform speed tests on AES using both the software and hardware implementations (if available). Compare and discuss the impact of the following on performance: key length; software vs hardware; different computers (e.g. compare the performance with another person).

28

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

Contents

Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

29

Cryptography Advanced Encryption Standard Overview of AES Simplified-AES Simplified-AES Example Details of AES AES in OpenSSL AES in Python

AES in Python Cryptography Library

◮ https://cryptography.io/en/latest/hazmat/ primitives/symmetric-encryption/

30