MODULE-4

Advance Private Key Cryptography

What Is AES Encryption and How Does It
Work?

1.Why Was the AES Encryption Algorithm necessary?

2. What is the Advanced Encryption Standard?
3. What are the Features of AES?
4. How Does AES Work?
5. Steps to be followed in AES
Advance Private Key Cryptography

• Advanced Encryption Standard (AES),

• modern stream ciphers,
• RC4 and A5/1stream ciphers.
Why Was the AES Encryption Algorithm necessary?

When the Data Encryption Standard algorithm, also known as the DES
algorithm, was formed and standardized, it made sense for that
generation of computers.
Going by today’s computational standards, breaking into the
DES algorithm became easier and faster with every year, as seen in the
image below.
In Real time
Why Was the AES Encryption Algorithm necessary?

A more robust algorithm was the need of the hour, with longer key sizes
and stronger ciphers to break into.

They created the triple DES to fix this problem, but it never became
mainstream because of its relatively slower pace.

Thus, the Advanced Encryption Standard came into existence to

overcome this drawback.
What is the Advanced Encryption Standard?

• The AES Encryption algorithm (also known as the Rijndael algorithm)

is a symmetric block cipher algorithm with a block/chunk size of 128
bits. It converts these individual blocks using keys of 128, 192, and 256
bits. Once it encrypts these blocks, it joins them together to form the
ciphertext.
• It is based on a substitution-permutation network, also known as an SP
network. It consists of a series of linked operations, including replacing
inputs with specific outputs (substitutions) and others involving bit
shuffling (permutations).
• In this tutorial, you will go through some of the standout features that
AES offers as a globally standardized encryption algorithm.
What are the Features of AES?

1.SP Network: It works on an SP network structure rather than a Feistel

cipher structure, as seen in the case of the DES algorithm.
2.Key Expansion: It takes a single key up during the first stage, which is
later expanded to multiple keys used in individual rounds.
3.Byte Data: The AES encryption algorithm does operations on byte data
instead of bit data. So, it treats the 128-bit block size as 16 bytes during
the encryption procedure.
4.Key Length: The number of rounds to be carried out depends on the
length of the key being used to encrypt data. The 128-bit key size has ten
rounds, the 192-bit key size has 12 rounds, and the 256-bit key size has
14 rounds.
Points to remember

AES is a block cipher.

• The key size can be 128/192/256 bits.
• Encrypts data in blocks of 128 bits each.
• That means it takes 128 bits as input and outputs 128 bits of encrypted
cipher text as output. AES relies on substitution-permutation network
principle which means it is performed using a series of linked
operations which involves replacing and shuffling of the input data.
Working of the cipher :
AES performs operations on bytes of data rather than in bits. Since the
block size is 128 bits, the cipher processes 128 bits (or 16 bytes) of the
input data at a time.

The number of rounds depends on the key length as follows :

• 128 bit key – 10 rounds
• 192 bit key – 12 rounds
• 256 bit key – 14 rounds
How Does AES Work?

• The matrix shown in the image above is known as a state array.

Similarly, the key being used initially is expanded into (n+1) keys,
with n being the number of rounds to be followed in the encryption
process. So, for a 128-bit key, the number of rounds is 16, with no. of
keys to be generated being 10+1, which is a total of 11 keys.
Steps to be followed in AES
Creation of Round keys :
• A Key Schedule algorithm is used to calculate all the round keys from
the key. So, the initial key is used to create many different round keys
which will be used in the corresponding round of the encryption.
Steps to be followed in AES

The mentioned steps are to be followed for every block sequentially.

Upon successfully encrypting the individual blocks, it joins them
together to form the final ciphertext. The steps are as follows:

Add Round Key: You pass the block data stored in the state array
through an XOR function with the first key generated (K0). It passes the
resultant state array on as input to the next step.
Add Round Key:
Sub-Bytes:
In this step, it converts each byte of the state array into hexadecimal,
divided into two equal parts. These parts are the rows and columns,
mapped with a substitution box (S-Box) to generate new values for the
final state array.
Shift Rows:
• It swaps the row elements among each other. It skips the first row. It
shifts the elements in the second row, one position to the left. It also
shifts the elements from the third row two consecutive positions to the
left, and it shifts the last row three positions to the left.
Mix Columns:
• It multiplies a constant matrix with each column in the state array to
get a new column for the subsequent state array. Once all the columns
are multiplied with the same constant matrix, you get your state array
for the next step. This particular step is not to be done in the last
round.
Add Round Key:
• The respective key for the round is XOR’d with the state array is
obtained in the previous step. If this is the last round, the resultant
state array becomes the ciphertext for the specific block; else, it passes
as the new state array input for the next round.
Example
Now that you understand the basic steps needed to go through the
encryption procedure, understand this example to follow along.
Example
• As you can see in the image above, the plaintext and encryption
convert keys to hex format before the operations begin. Accordingly,
you can generate the keys for the next ten rounds, as you can see
below.
Key Generated For Every Round