Data Protection and Security

I

Secret Key Cryptography

I.I

Symmetric Encryption

Advanced Encryption Standard (AES)

The problem with 3DES is its speed. 3DES is too slow. That is why NIST (National Institute of Standards and Technology) thought that DES has finally outlived its usefulness and decided to change it with a new standard. Instead of designing or commissioning a cipher, NIST asked for proposals from the cryptographic community in 1997. By this way, speculations about the security of the new standard could be minimized.

After lots of investigations and discussion in the cryptography community about the security and performance of candidates, NIST chose the algorithm called Rijndael and standardized it as AES as of 26 November 2001.

Description of AES

AES uses a different structure than DES. It is not a Feistel construction. AES is a substitution-permutation network cipher with 128-bit block and allowing key sizes of 128/192/256 with 10/12/14 rounds respectively. The encyption operation in AES is summarized, below:

• The first operation is to XOR the 16-bytes plaintext with 16 bytes of round key.
• Each of the 16 bytes is then used as an index into an S-box table that maps 8-bit inputs to 8-bit outputs.
• This is followed by a permutation of the byte positions.
• Finally, the bytes are mixed in groups of four using a linear mixing function.

In AES, we can recognize some of the same functional blocks as in DES. (The XORs add key material to data, the S-boxes provides nonlinearity, and the byte shuffle and mixing functions provide diffusion). AES is a very clean design with clearly separated tasks for each part of the cipher. No real security vulnerability was found in AES so far, but no one can certainly say it will remain to be so in the future.

I.I.Q