• ENCYRPTION TECHNIQUES
    AES FPE DES BLOWFISH TWOFISH SHA-1

    • Advanced Encryption Standard (AES)

    Description:

    The more popular and widely adopted symmetric algorithm encryption likely to be encountered is the advanced encryption standard.It is found at least six times faster than TDES. A replacement for DES was needed as its key size was too small.

    Features Of AES:-

    • Symmetric key symmetric block cipher
    • 128 bit data,128/192/256-bit keys
    • Stronger and faster than triple DES
    • Provide full specification and design details
    • Software implementable in C and Java
    • Security. Competing algorithms were to be judged on their ability to resist attack -- as compared to other submitted ciphers. Security strength was to be considered the most important factor in the competition.
    • Cost. Intended to be released on a global, nonexclusive and royalty-free basis, the candidate algorithms were to be evaluated on computational and memory efficiency
    • Implementation. Factors to be considered included the algorithm's flexibility, suitability for hardware or software implementation, and overall simplicity.

    Operation of AES:-

    AES is an iterative rather than Feistel cipher. It is based on the ‘substitution–permutation network’. It comprises a series of linked operations, some of which involve replacing inputs by specific outputs (substitutions) and others involve shuffling bits around (permutations). Interestingly, AES performs all its computations on bytes rather than bits. Hence, AES treats the 128 bits of a plaintext block as 16 bytes. These 16 bytes are arranged in four columns and four rows for processing as a matrix.

    Unlike DES, the number of rounds in AES is variable and depends on the length of the key. AES uses 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds uses a different 128-bit round key, which is calculated from the original AES key.

    Schematic of AES Structure

    Encryption Process:-

    Byte Substitution (SubBytes);-

    The 16 input bytes are substituted by looking up a fixed table (S-box) given in design. The result is in a matrix of four rows and four columns.

    Shift rows:-

    • First row is not shifted.
    • Second row is shifted one (byte) position to the left
    • Third row is shifted two positions to the left.
    • Fourth row is shifted three positions to the left.
    • The result is a new matrix consisting of the same 16 bytes but shifted with respect to each other.

    Mix Columns

    Each column of four bytes is now transformed using a special mathematical function. This function takes as input the four bytes of one column and outputs four completely new bytes, which replace the original column. The result is another new matrix consisting of 16 new bytes. It should be noted that this step is not performed in the last round.

    Add roundkey

    The 16 bytes of the matrix are now considered as 128 bits and are XORed to the 128 bits of the round key. If this is the last round then the output is the ciphertext. Otherwise, the resulting 128 bits are interpreted as 16 bytes and we begin another similar round.

    Decryption Process

    The process of decryption of an AES ciphertext is similar to the encryption process in the reverse order. Each round consists of the four processes conducted in the reverse order −

    • Add round key
    • Mix columns
    • Shift rows
    • Byte substitution
    • Since sub-processes in each round are in reverse manner, unlike for a Feistel Cipher, the encryption and decryption algorithms need to be separately implemented, although they are very closely related

    AES Analysis

    • In present day cryptography, AES is widely adopted and supported in both hardware and software. Till date, no practical cryptanalytic attacks against AES have been discovered. Additionally, AES has built-in flexibility of key length, which allows a degree of ‘future-proofing’ against progress in the ability to perform exhaustive key searches.
    • However, just as for DES, the AES security is assured only if it is correctly implemented and good key management is employed.
    • AES-128 uses a 128-bit key length to encrypt and decrypt a block of messages, while AES-192 uses a 192-bit key length and AES-256 a 256-bit key length to encrypt and decrypt messages. Each cipher encrypts and decrypts data in blocks of 128 bits using cryptographic keys of 128, 192 and 256 bits, respectively.
    • Symmetric, also known as secret key, ciphers use the same key for encrypting and decrypting, so the sender and the receiver must both know -- and use -- the same secret key. The government classifies information in three categories: Confidential, Secret or Top Secret. All key lengths can be used to protect the Confidential and Secret level. Top Secret information requires either 192- or 256-bit key lengths.
    • There are 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. A round consists of several processing steps that include substitution, transposition and mixing of the input plaintext to transform it into the final output of ciphertext