AES Encryption

Bob wants to ask his new girlfriend, Alicia, out to dinner but is afraid that his old girlfriend, Eve (short for eavesdropper), will find out about it, and will come to the restaurant and cause a scene.  Bob and Alicia agree on encrypting all of their email communication with each other since Alicia also has an ex-boyfriend, who can be extremely jealous and even violent.

Bob and Alicia decide to use Advanced Encryption Standard (AES) encryption with a 128-bit key that they will generate using the Pseudo Random Number Generator (PRNG) that is part of Cryptool available at .  Bob’s Plaintext message then looks like the plaintext message in Red below.

Bob enters the 128 bit encryption key (also known by Alicia) into the application he is using to encrypt the message. The key is shown above in two different number bases. It is shown as a Hexadecimal number in Blue and a Decimal number in Red.

The AES algorithm places each 16 byte (128 bit) block of text/data, whether upper case characters, lower case characters, numbers, or punctuation marks into 4 BY 4 matrices for processing. This is true whether the text/data is a short message like Bob’s plaintext message above or a larger selection of text/data like the 200 page epic poem Bob is working on, expressing his undying love for Alicia.

The AES Encryption Process is summarized in the diagram below, and described in more detail below that.

S-Box. The Rijndael (Pronounced: Rain-Doll) Sbox (also called the SubBytes step) is a matrix (square array of numbers) used in the Rijndael cipher, which the Advanced Encryption Standard (AES) cryptographic algorithm was based on.  The S-box (substitution box) serves as a lookup table and is based on a Galois Field (or Finite Field) multiplier. In the this step, each byte ai,ja_{i,j} in the state matrix is replaced with a SubByte S(ai,j)S(a_{i,j})using an 8-bit substitution box, the Rijndael S-box. This operation provides the non-linearity in the cipher.

ShiftRows. The ShiftRows step operates on the rows of the state; it cyclically shifts the bytes in each row by a certain offset. For AES, the first row is left unchanged. Each byte of the second row is shifted one to the left. Similarly, the third and fourth rows are shifted by offsets of two and three respectively.

MixColumns. In the MixColumns step, the four bytes of each column of the state are combined using an invertible linear transformation. The MixColumns function takes four bytes as input and outputs four bytes, where each input byte affects all four output bytes. Together with ShiftRows, MixColumns provides diffusion in the cipher.

AddRoundKey. In the AddRoundKey step, the subkey is combined with the state. For each round, a subkey is derived from the main key using Rijndael’s key schedule; each subkey is the same size as the state. The subkey is added by combining each byte of the state with the corresponding byte of the subkey using bitwise XOR.