25-08-2017, 09:32 PM
Specification for the ADVANCED ENCRYPTION STANDARD (AES)
1Specification for the ADVANCED.pdf (Size: 272.91 KB / Downloads: 17)
Introduction
This standard specifies the Rijndael algorithm ([3] and [4]), a symmetric block cipher that can
process data blocks of 128 bits, using cipher keys with lengths of 128, 192, and 256 bits.
Rijndael was designed to handle additional block sizes and key lengths, however they are not
adopted in this standard.
Throughout the remainder of this standard, the algorithm specified herein will be referred to as
“the AES algorithm.” The algorithm may be used with the three different key lengths indicated
above, and therefore these different “flavors” may be referred to as “AES-128”, “AES-192”, and
“AES-256”.
This specification includes the following sections:
2. Definitions of terms, acronyms, and algorithm parameters, symbols, and functions;
3. Notation and conventions used in the algorithm specification, including the ordering and
numbering of bits, bytes, and words;
4. Mathematical properties that are useful in understanding the algorithm;
5. Algorithm specification, covering the key expansion, encryption, and decryption routines;
6. Implementation issues, such as key length support, keying restrictions, and additional
block/key/round sizes.
The standard concludes with several appendices that include step-by-step examples for Key
Expansion and the Cipher, example vectors for the Cipher and Inverse Cipher, and a list of
references.
Notation and Conventions
Inputs and Outputs
The input and output for the AES algorithm each consist of sequences of 128 bits (digits with
values of 0 or 1). These sequences will sometimes be referred to as blocks and the number of
bits they contain will be referred to as their length. The Cipher Key for the AES algorithm is a
sequence of 128, 192 or 256 bits. Other input, output and Cipher Key lengths are not permitted
by this standard.
Bytes
The basic unit for processing in the AES algorithm is a byte, a sequence of eight bits treated as a
single entity. The input, output and Cipher Key bit sequences described in Sec. 3.1 are processed
as arrays of bytes that are formed by dividing these sequences into groups of eight contiguous
bits to form arrays of bytes (see Sec. 3.3). For an input, output or Cipher Key denoted by a, the
bytes in the resulting array will be referenced using one of the two forms, an or a[n].
Mathematical Preliminaries
All bytes in the AES algorithm are interpreted as finite field elements using the notation
introduced in Sec. 3.2. Finite field elements can be added and multiplied, but these operations
are different from those used for numbers. The following subsections introduce the basic
mathematical concepts needed for Sec. 5.
Addition
The addition of two elements in a finite field is achieved by “adding” the coefficients for the
corresponding powers in the polynomials for the two elements. The addition is performed with
the XOR operation (denoted by Å) - i.e., modulo 2 - so that 1Å1 = 0 , 1Å0 = 1, and 0Å0 = 0 .
Consequently, subtraction of polynomials is identical to addition of polynomials.