AES (Advanced Encryption Standard)
AES (Advanced Encryption Standard) is a cryptographic algorithm used to secure data. AES (Advanced Encryption Standard) is a replacement for the DES (Data Encryption Standard) algorithm which has expired due to security factors. The selection criteria for AES are based on 3 main criteria, namely: security, price, and algorithm characteristics. Security is the most important factor in the evaluation, which includes resistance to all known password analyzes and being able to encounter unknown password analyzes. In addition, AES can also be used freely without having to pay royalties, and is cheap to implement on smart cards with small memory sizes. AES can run on a variety of software and machines from 8 bit to 64 bit machines.
AES operations are performed on a two-dimensional byte array commonly referred to as state. State has the size NROWS × NCOLS. At the start of encryption, the input data in the form of in0, in2, in3, in4, in5, in6, in7, in8, in9, in10, in11, in12, in13, in14, in15 are copied into the state array. This state is then encrypted or decrypted. Then the output will be accommodated into the array out.
The AES algorithm supports 3 cryptographic key sizes including 128 bits, 192 bits, and 256 bits. AES type grouping based on the length of the key used. The numbers behind the word AES represent the length of the key used in AES. Each AES can be distinguished from the block size (Nb), the number of rounds (Nr), and the number of keys (Nk) used. AES-128 has block sizes of 4, 10 rounds, and 4 keys. AES-192 has block sizes of 4, 12 rounds, and 6 keys. While AES-256 has block sizes of 4, 14 rounds, and 8 keys.
In the encryption process, AES uses 4 basic transformations with the following transformation sequence:
- Subbytes : Bytes transformation where each element in the state will be mapped using a substitution table ( S-Box ).
- Shiftrows : The process of shifting each block / table element is carried out per row. Each element is shifted to the left depending on how many bytes it is, every 1 byte shift means that it is shifted to the left once (for the first row there is no shift).
- Mixcolumns : Multiply each element of the cipher block by the matrix. Multiplication is done like ordinary matrix multiplication by using the dot product and then the multiplication of the two is entered into a new cipher block.
- Addroundkey : The round key is added to the state by an XOR operation. Each round key consists of Nb words, each word is added up with the corresponding word or column of state.
While in the decryption process, AES uses the inverse of all basic encryption transformations except addroundkey. Here is the order of the transformations:
- Invshiftrows : In contrast to the Shiftrows transformation. In the Invshiftrows transformation, a bits shift is performed to the right, while in Shiftrows a bits shift is performed to the left.
- Invsubbytes : Each element in the state is mapped using the Inverse S-Box table.
- Addroundkey : The round key is added to the state by XOR operation.
- Invmixcolumns : Each element in the state is multiplied by the multiplication matrix in AES.