Advanced Encryption Standard (AES)

Advanced Encryption Standard (AES) is a specification for the

encryption of electronic data established by the U.S National
Institute of Standards and Technology (NIST) in 2001. AES is
widely used today as it is a much stronger than DES and triple DES
despite being harder to implement.
Points to remember
• AES is a block cipher.
• The key size can be 128/192/256 bits.

• Encrypts data in blocks of 128 bits each.

That means it takes 128 bits as input and outputs 128 bits of
encrypted cipher text as output. AES relies on substitution-
permutation network principle which means it is performed using a
series of linked operations which involves replacing and shuffling of
the input data.
Working of the cipher :
AES performs operations on bytes of data rather than in bits. Since
the block size is 128 bits, the cipher processes 128 bits (or 16 bytes)
of the input data at a time.

Operation of AES

AES is an iterative rather than Feistel cipher. It is based on

‘substitution–permutation network’. It comprises of a series of linked
operations, some of which involve replacing inputs by specific
outputs (substitutions) and others involve shuffling bits around
(permutations).

Interestingly, AES performs all its computations on bytes rather than

bits. Hence, AES treats the 128 bits of a plaintext block as 16 bytes.
These 16 bytes are arranged in four columns and four rows for
processing as a matrix −
Unlike DES, the number of rounds in AES is variable and depends on
the length of the key. AES uses 10 rounds for 128-bit keys, 12 rounds
for 192-bit keys and 14 rounds for 256-bit keys. Each of these rounds
uses a different 128-bit round key, which is calculated from the
original AES key.

The schematic of AES structure is given in the following illustration −

Encryption Process

Here, we restrict to description of a typical round of AES

encryption. Each round comprise of four sub-processes. The first
round process is depicted below −
Each round comprises of 4 steps :
• SubBytes
• ShiftRows

• MixColumns

• Add Round Key

The last round doesn’t have the MixColumns round.

The SubBytes does the substitution and ShiftRows and MixColumns
performs the permutation in the algorithm.
SubBytes :
This step implements the substitution.
In this step each byte is substituted by another byte. Its performed
using a lookup table also called the S-box. This substitution is done
in a way that a byte is never substituted by itself and also not
substituted by another byte which is a compliment of the current
byte. The result of this step is a 16 byte (4 x 4 ) matrix like before.
The next two steps implement the permutation.
ShiftRows :
This step is just as it sounds. Each row is shifted a particular number
of times.
• The first row is not shifted

• The second row is shifted once to the left.

• The third row is shifted twice to the left.

• The fourth row is shifted thrice to the left

(A left circular shift is performed.)

MixColumns :
This step is basically a matrix multiplication. Each column is
multiplied with a specific matrix and thus the position of each byte
in the column is changed as a result.
 Add roundkey

The 16 bytes of the matrix are now considered as 128 bits and are
XORed to the 128 bits of the round key. If this is the last round then
the output is the ciphertext. Otherwise, the resulting 128 bits are
interpreted as 16 bytes and we begin another similar round.
• Key Expansion Algorithm. The AES key expansion
algorithm takes as input a four-word (16-byte) key and
produces a linear array of 44 words (176 bytes). This is
sufficient to provide a four-word round key for the initial
AddRoundKey stage and each of the 10 rounds of the
cipher. The pseudocode on the next page describes the
expansion. The key is copied into the first four words of
the expanded key.