Scribd
Upload
171 views4 pages

AES Key Generation

The document describes the AES key expansion algorithm. It takes a 16-byte (128-bit) key as input and produces a linear array of 44 words (176 bytes) to provide the round keys for the initial AddRoundKey stage and 10 rounds of the AES cipher. The key expansion algorithm uses byte substitution, rotations, and round constants to generate each subsequent round key from the previous one. It has several advantages including that knowledge of part of a key or round key does not enable calculation of other bits, the expanded key can be regenerated from any number of consecutive words, and it provides diffusion of key differences across round keys.

Uploaded by

mortezanova3
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
171 views4 pages

AES Key Generation

The document describes the AES key expansion algorithm. It takes a 16-byte (128-bit) key as input and produces a linear array of 44 words (176 bytes) to provide the round keys for the initial AddRoundKey stage and 10 rounds of the AES cipher. The key expansion algorithm uses byte substitution, rotations, and round constants to generate each subsequent round key from the previous one. It has several advantages including that knowledge of part of a key or round key does not enable calculation of other bits, the expanded key can be regenerated from any number of consecutive words, and it provides diffusion of key differences across round keys.

Uploaded by

mortezanova3
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

Mustansiriyah University Block Cipher Class: Third Stage

Engineering College AES Block Cipher Course name: Data Encryption


Computer Engineering Dep. Key Generation Algorithm Lecturer: Dr. Fatimah Al-Ubaidy

AES Key Expansion (for key length of 128 bits)


The AES key expansion algorithm takes as input a 4-word (16-byte)
key and produces a linear array of 44 words (176 bytes). This is
sufficient to provide a 4-word round key for the initial
AddRoundKey stage and each of the 10 rounds of the cipher.
The following pseudocode describes the expansion:
for (i = 0 ; i < 4 ; i++)
[key[4*i] , key[4*i+1] , key[4*i+2] , key[4*i+3]]
for (i = 4; i < 44 ; i++)
temp = w[i – 1];
if (i mod 4 = 0)
temp = SubWord ( RotWord ( temp ) ) ⊕ Rcon[i / 4];
w[i] = w[i – 4] ⊕ temp
Where
*RotWord performs a one-byte circular left shift on a word.
*SubWord performs a byte substitution on each byte of its input
word using the S-box.
*Rcon[j] is a round constant.
1
Mustansiriyah University Block Cipher Class: Third Stage
Engineering College AES Block Cipher Course name: Data Encryption
Computer Engineering Dep. Key Generation Algorithm Lecturer: Dr. Fatimah Al-Ubaidy

AES Key Expansion


The round constant is different for each round and is defined as
Rcon[j] = (RC[j], 0, 0, 0), with RC[1] = 1, RC[j] = 2 · RC[j - 1].
The values of RC[j] in hexadecimal are:

For example: Suppose that the round key for round 8 is


EA D2 73 21 B5 8D BA D2 31 2B F5 60 7F 8D 29 2F
Then the first 4 bytes (first column) of the round key for round 9
are calculated as follows:

2
Mustansiriyah University Block Cipher Class: Third Stage
Engineering College AES Block Cipher Course name: Data Encryption
Computer Engineering Dep. Key Generation Algorithm Lecturer: Dr. Fatimah Al-Ubaidy

The powerful of the expansion key algorithm:


• Knowledge of a part of the cipher key or round key does not enable calculation of
many other round-key bits.
• An invertible transformation [i.e., knowledge of any N consecutive words of the
expanded key enables regeneration the entire expanded key] (N is key size in words).
• Speed on a wide range of processors.
• Usage of round constants to eliminate symmetries.
• Diffusion of cipher key differences into the round keys; that is, each key bit affects
many round key bits.
• Enough nonlinearity to prohibit the full determination of round key differences from
cipher key differences only.
• Simplicity of description.

3
Mustansiriyah University Block Cipher Class: Third Stage
Engineering College AES Block Cipher Course name: Data Encryption
Computer Engineering Dep. Key Generation Algorithm Lecturer: Dr. Fatimah Al-Ubaidy

You might also like