Cryptography & System

Security
 Unit - 2

Symmetric and Asymmetric key

Cryptograph y and key
Management
 Advanced Encryption Standard (AES)
• Advanced Encryption Standard (AES) is a highly
trusted encryption algorithm used to secure data by
converting it into an unreadable format.

• It is developed by the National Institute of Standards

and Technology (NIST) in 2001.

• It is is widely used today as it is much stronger than

DES and triple DES despite being harder to
implement.
 Advanced Encryption Standard (AES)
• AES is a simple design, a high speed algorithm,
with low memory costs.

• AES is a symmetric block cipher.

• The same key is used to encrypt and decrypt the

message.

• The plain text and the cipher text are the same
size.
 Advanced Encryption Standard (AES)
Key Features of AES

➢ Block Size: AES operates on blocks of 128 bits.

➢ Key Lengths: It supports key lengths of 128, 192, and 256 bits.

➢ Rounds: The number of rounds depends on the key length:

10 rounds for 128-bit keys,
12 rounds for 192-bit keys, and
14 rounds for 256-bit keys
Advanced Encryption Standard (AES)
The structure of AES structure is given,
 The structure of AES is given,
Here, we restrict to description of a typical round of AES encryption.

Each round comprise of four sub-processes. The first round process is

depicted below −
How Does AES works
The structure of AES is given -
How Does AES works
Shift Rows
3.MixColumns :
This step is basically a matrix multiplication. Each column is multiplied with a
specific matrix and thus the position of each byte in the column is changed as a result.
Key Generation / Expansion in AES
 Key Generation / Expansion in AES

For use in AES encryption, a single initial key can be expanded into a series of
round keys using the AES (Advanced Encryption Standard) key expansion
technique.

These round keys are needed for each round of AES encryption and decryption.

The AES key expansion method receives a four-word (16-byte) key and returns a
linear array of 44 words (176 bytes).

This is sufficient to provide both the initial AddRoundKey step and a four-word
round key for each of the cipher's ten rounds.
Key
Expansion
Round Key in AES
How algorithm works?

The AES key expansion method

receives a four-word (16-byte) key
and returns a linear array of 44
words (176 bytes).

This is sufficient to provide both

the initial AddRoundKey step and
a four-word round key for each of
the cipher's ten rounds.
How algorithm works?

In simple terms, the AES key expansion algorithm functions as follows −

● Initial Key − The algorithm makes use of an initial key. Depending on the level of security needed, this key's length
can range from 128 to 256 bits.

● Round Constants − The approach makes use of a set of round constants, which are predefined values used in the
key expansion process.

● Word Size − The key divides words into individual blocks. A word typically has 32 bits in it.

For example, four 32-bit words are created from a 128-bit key.

● Key Schedule − The term "key schedule" refers to a set of round keys generated using the key expansion process.
The initial round key and the extra round keys that were derived from it are both included in this schedule.
How algorithm works?

In simple terms, the AES key expansion algorithm functions

as follows −

● Expansion Rounds − The algorithm performs several tasks in each expansion round,
such as −
a. RotWord − This function rotates the bytes in a word.
b. SubWord − Applyes a substitution operation using a predetermined S-box.
c. Rcon − XORs the word using a round constant.

● Round Keys − Each round key is used in the corresponding round of AES encryption
or decryption.
Overall, the key expansion method increases security and prevents cryptographic attacks
by ensuring that each AES encryption and decryption round has a unique round key.
Round Constant in AES - 128
 AES Decryption :

The stages in the rounds can be easily undone as these stages have an opposite to it
which
when performed reverts the changes.Each 128 blocks goes through the 10,12 or 14
rounds
depending on the key size.
The stages of each round in decryption is as follows :

● Add round key

● Inverse MixColumns
● ShiftRows
● Inverse SubByte
● Wireless Security (Wi-Fi): AES is commonly used in Wi-Fi security
protocols, such as WPA2 and WPA3, to encrypt data transmitted over
wireless networks. This ensures that sensitive information, like
passwords and personal data, remains protected from unauthorized
access.
● Encrypted Browsing (HTTPS): Websites use AES encryption within
HTTPS protocols to secure data transmitted between browsers and
servers. This encryption helps protect user information, such as login
credentials and payment details, from interception by malicious actors.
● Mobile Applications: Many mobile apps, especially those dealing
with financial transactions or personal data, use AES encryption to
secure data on devices and in transit. This includes banking apps,
social media platforms, and messaging apps, providing users with
peace of mind that their data is protected.
● Cloud Storage: AES encryption is essential for securing files stored in
cloud environments. Services like Google Drive, Dropbox, and others
use AES to ensure that uploaded files remain confidential and
protected against unauthorized access.
● File and Disk Encryption: Operating systems like Windows and
macOS offer AES-based encryption options (such as BitLocker and
FileVault) for securing entire hard drives or individual files. This is
particularly useful for safeguarding personal or sensitive business
information stored on physical devices.
● Government and Military Communications: AES is a trusted
encryption standard for secure communication within government
agencies and military operations. Its high security and resistance
to attack make it suitable for protecting classified and sensitive
information.
● Secure Messaging: Many encrypted messaging applications, like
Signal and WhatsApp, use AES to secure messages end-to-end,
ensuring that only the sender and recipient can read the contents
of their conversations.