Aes 128 192_256_bits_project_report

1 | Department of Computer System Engineering, UET Peshawar

Project Report

Advanced Encryption

Standard

(AES-128, 192 and

256 bits)

Implementation in

Matlab


Table of Content

Chapter Page

1 Introduction 2-3

1.1 Definition 2-3

1.2 Motivation 3

1.3 Software Requirements 3

1.4 Functional Requirements 3

2 High Level Design 4-6

2.1 Advanced Encryption Standard 4

2.2 Overall Processes of AES Algorithm 4-6

3 Detailed Design 7-11

3.1 AES Encryption Operation 7-10

3.1.1 Sub Bytes 8

3.1.2 Shift Rows 9

3.1.3 Mix Columns 9

3.1.4 Add Round Key 10

3.2 AES Decryption Operation 10-11

3.2.1 Inverse Sub Bytes 11

3.2.2 Inverse Shift Rows 11

3.2.3 Inverse Add Round Key 11

3.2.4 Inverse Mix Columns 11

4 Key Expansion Operation 11

5 Results 13-19


Chapter: 01

Introduction

In today’s world most of communication is done using electronic media. Data Security plays

a vital role in the communication. Hence, there is a need to protect data from malicious

attacks. This can be achieved by Cryptography. The earlier encryption algorithm is Data

Encryption Standard (DES) which has several loopholes such as small key size and sensible

to Brute force attack etc, and it can’t provide high level, efficient and exportable security.

These loopholes overcome by a new algorithm called as Advanced Encryption Standard

(AES).

In this project work, the plain text, image of 128 bits is given as input to encryption block in

which encryption of data is made and the cipher text, image of 128 bits is throughout as

output. The Key length of 128, 192 or 256 bits is used in process of encryption. The AES

algorithm is a block cipher that uses same key for both encryption and decryption of data

blocks.

1.1) Definitions

Cryptography

Cryptography is the science of secret codes, enabling the confidentiality of

communication through an insecure channel. It protects against unauthorized parties

by preventing unauthorized alteration of use. Generally speaking, it uses a

cryptography system to transform a plaintext into a cipher text, using most of the time

a key. It has different Encryption and Decryption algorithms to do so.

Cipher Text

This is the scrambled message produced as output from Encryption algorithm.

It depends on the plaintext and the secret key. For a given message, two different keys

will produced two different cipher texts.

Encryption

Encryption is the process of converting data, in plaintext format into a meaningless

cipher text by means of suitable algorithm. The algorithm takes secret key and plain

text as input and produces cipher text.

Decryption

Decryption is converting the meaningless cipher text into the original information

using decryption algorithms. The Decryption algorithm is inverse of encryption

algorithm. This takes key and cipher text as input and produces original plain

plaintext.


Symmetric Key Cryptography

Symmetric cryptography uses the same secret (private) key to encrypt and decrypt its

data. It requires that the secret key be know by the party encrypting the data and party

decrypting the data.

Asymmetric Key cryptography

Asymmetric uses both a public and private key. This allows for distribution of your

public key to anyone with which they can encrypt the data they want to send securely

and then it can only be decoded by the person having the private key.

1.2) Motivation

The Advanced Encryption Standard, in the following referenced as AES, is the winner of the

contest, held in 1977 by US Government, after the Data Encryption Standard (DES) was

found too weak. Fifteen candidates were accepted in 1988 and based on public comments the

pool was reduced to five finalists in 1999. In October 2000, one of these five algorithms was

selected as the forthcoming standard: a slightly modified version of the Rijndael.

The Rijndael, whose name is based on the names of its two Belgian inventors, Joan Deamen

and Vicent Rijmen is a Block cipher which means that’s it works on fixed length group of

bits, which are called Blocks. It takes an input block of the same size. The transformation

requires a second input, which is secret key. It is important to know that the secret key can be

of any size (depending on the cipher used) and that AES uses three different key size: 128,

192 and 256 bits.

1.3) Software Requirements

Operation System

Windows

Software

Mat lab 2012

1.4) Functional Requirements

Input Specification

An input file which of .txt, .jpg, .png or .tif format and should contain some

data.

Textfile.txt file, which used for intermediate storage of input message.

Secret Key used for encryption should of 128 bits, 192 bits, or 256 bits.


Chapter: 02

High Level Design

2.1) Advanced Encryption Standard

Overview

Advanced Encryption Standard (AES) is a Symmetric key cryptography and it is an

iterated block cipher with a fixed block size of 128 bits and a variable key length i.e. it may

be 128, 192 or 256 bits. The different transformations operate on the intermediate result

called state. The state is rectangular array of bytes and since the block size is 128 bits, which

is 16 bytes, the rectangular array is of dimensions 4x4 (In the Rijindael version with variable

block size, the row size is fixed to four and the number of columns varies. The number of

columns is the block size divide by 32 and denoted Nb). The cipher key is similarly pictured

as a rectangular array with four rows. The number of columns of the cipher key denoted Nk,

is equal to the key length divided by 32.

AES uses variable number rounds, which are key fixed, A key of size 128 bits has 10

rounds. A key of size 192 bits has 12 rounds. A key of size 256 bits has 14 rounds. An

algorithm start with a random number in which the key and data encrypted with it are

scrambled though four mathematical operation processes. The key that is used to encrypt the

number must also be used to decrypt it. For Encryption each round has four operations

SubBytes, SiftRows, MixColumns and AddRoundKey respectively and for decryption its

use inverse of these function. All these functions are described in detail later on. Below figure

(1) shows the structure of AES algorithm.

2.2) Overall Process of AES algorithm 1. AES does not use a Fesitel structure but processes the entire data block in parallel

during each round using substitution and permutation.

2. The key that is provided as input is expanded into an array of forty four 32-bits words.

Four distinct words (128 bits) serve as a round key for each round.

3. Four different stages are used, one for permutation and three of substitution.

Substitute Bytes: Uses a tale, referred to as an S-box, to perform a byte-by-

byte substitution of block.

Shift Rows: A simple permutation that is performed row by row.

Mix Columns: A substitution that alters each byte in a column as a function of

all of the bytes in the column.

Add Round Key: A simple bitwise XOR of the current block with a portion

the expanded key.

4. The structure is quite simple, for both encryption and decryption; the cipher begins

with an Add Round Key stage, followed by (9, 11 or 13) rounds that each includes all

four stages, followed by (10th, 11th or 13th) round of three stages.


5. Only the Add Round Key stage makes use the key. For the reason, the cipher begins

and ends with an Add Round Key stage. Any other stage, applied at the beginning or

end, is reversible without knowledge of the key and so would add no security.

6. The Add Round key stage by itself would not be formable. The other three stages

together scramble the bits, but by themselves, they would provide no security because

they do not use the key. We can view the cipher as alternating operation of XOR

encryption (Add Round Key) of a block, followed by scrambling of the block (the

other three stages) and followed by XOR encryption and so on. This scheme is both

efficient and highly secure.

7. Each stage is easily reversible, for the substitute byte, Shift row and Mix Columns

stages, an inverse functions is used in the decryption algorithm. For the Add Round

Key stage, the inverse is achieved by XORing the same round key to block, using the

result that A+B+B=A.

8. As with most block ciphers, the decryption algorithm makes use of the expanded key

in reverse order. However the decryption algorithm is not identical to the encryption

algorithm. This is a consequence of the particular structure of AES.

9. Once it is established that all four stages are reversible, it is easy to verify that

decryption does recover the plaintext or image.

10. The final round of both encryption and decryption consists of only three stages. Again

this is a consequence of the particular structure of AES and is required to make the

cipher reversible.

Figure (1) shows AES Structure


Figure (2) AES Flow Chart


Chapter: 03

Detailed Design

3.1) AES Encryption Operation

Here is the AES algorithm is outline form, using matlab syntax for the pseudo code

and much more of the AES Standard notation.

This pseudo code is taken from Internet Just for Explanation in Report.

Constants: int Nb = 4; // but it might change someday int Nr = 10, 12, or 14; // rounds, for Nk = 4, 6, or 8 Inputs: array in of 4*Nb bytes // input plaintext array out of 4*Nb bytes // output ciphertext array w of 4*Nb*(Nr+1) bytes // expanded key Internal work array: state, 2-dim array of 4*Nb bytes, 4 rows and Nb cols Algorithm:

void Cipher(byte[] in, byte[] out, byte[] w) { byte[][] state = new byte[4][Nb]; state = in; // actual component-wise copy AddRoundKey(state, w, 0, Nb - 1); // see Section 4 below for (int round = 1; round < Nr; round++) { SubBytes(state); // see Section 3 below ShiftRows(state); // see Section 5 below MixColumns(state); // see Section 5 below AddRoundKey(state, w, round*Nb, (round+1)*Nb - 1); // Section 4 } SubBytes(state); // see Section 3 below ShiftRows(state); // see Section 5 below AddRoundKey(state, w, Nr*Nb, (Nr+1)*Nb - 1); // Section 4 out = state; // component-wise copy }

There are four operations in AES Encryption as used in pseudo code. They are

1. Sub Bytes 2. Shift Rows 3. Mix Columns 4. Add Round Key


3.1.1) Sub Bytes Many different block cipher use a special substitution called “S-box”. The AES also has these S-boxes, which it terms the “Sub Bytes Transformation”. S-box provides an invertible (reversible) transformation of segments of plaintext during encryption, with the reverse during decryption. With the AES it is a single simple function applied over and over again to each byte during stages of the encryption, returning a byte. Each of the 256 possible byte values is transformed to another byte value with the SubBytes transformation, which is a full permutation, meaning that every element gets changed and all 256 possible elements are represented as the result of a change, so that no two different bytes are changed to the same byte. function bytes_out = sub_bytes (bytes_in, s_box) bytes_out = s_box (bytes_in + 1); Below figure(3) shows the S-box values and figure (4) Shows Sub Bytes operation.

Figure (3) Show S-box Values

Figure (4) Show Sub Bytes operation


3.1.2) Shift Rows The action of shifting rows is particularly simple, just performing left circular shift of rows 1, 2 and 3 by amounts of 1, 2, and 3 bytes. Row 0 is not changed. The actual Mat lab code below does this. function state_out = shift_rows (state_in) state_outt = state_in ([1 6 11 16 5 10 15 4 9 14 3 8 13 2 7 12]); state_out = reshape (state_outt, 4, 4);

Figure (5) Shows Shift Rows operation.

3.1.3) Mix Columns The action of mixing columns works on the columns of the state array, but it is much more complicated that the shift columns actions. As described in the AES specification, it treats each column as a four term polynomial with coefficients in the field GF (2^8). All this is similar to the description of the filed itself, expect with extra layer of complexity. These polynomials are added and multiplied just using the operations of the failed GF (2^8) on the coefficients, expect that the result of a multiplication, which is a polynomial of degree up to 6. The columns are each multiplied by the fixed polynomial.

Figure (6) shows the mix column operation


3.1.4) Add Round Key As described before portions of the expanded key ‘w’ are XOR onto the state matrix Nr+2 times (once for each round plus one more time). There are 4*Nb bytes of state, and since each byte of the expanded key is used exactly once, the expanded key size of 4*Nb*(Nr+1) bytes is just right. The expanded key is used, byte by byte, from lowest to highest index, so there is no need to count the bytes as they are used from ‘w’, but just use them up and move on, as the following Matlab code shows. function state_out = add_round_key (state_in, round_key) state_out = bitxor (state_in, round_key);

3.2) AES Decryption Operation

Here is pseudo code for the inverse cipher. The various steps must be carried out in reverse order. These are arranged into rounds as with encryption, but the functions in each round are in a slightly different order than the order used in encryption. The AES specification has also supplied an equivalent inverse cipher in which the individual parts of each rounds are in the same order as with encryption. The might make a hardware implementation easier, but I have not used it here. There are four operations in AES Decryption. These are exact reverse of operation of Encryption. They are,

1. Inverse Sub Bytes

2. Inverse Shift Rows

3. Inverse Add Round Key

4. Inverse Mix Columns


3.2.1) Inverse Sub Bytes The table of inverse Sub Bytes transformation generated using a string array. The code for this part is now very simple, using the inverse S-box array defined above. function bytes_out = sub_bytes (bytes_in, s_box) bytes_out = s_box (bytes_in + 1);

Figure (7) show inverse s box 3.2.2) Inverse Shift Rows This just does the inverse of Shift Rows, doing a left circular shift of rows 1, 2 and 3 by amounts of 1, 2 and 3 bytes. The actual Matlab Code below does this. function state_out = inv_shift_rows (state_in) state_outt = state_in ([1 14 11 8 5 2 15 12 9 6 3 16 13 10 7 4]); state_out = reshape (state_outt, 4, 4); 3.2.3) Inverse Add Round Key Since the using specification uses a parameterized Add Round Key () function, it is its own inverse using the parameters in the opposite order. In implementation just lets AddRoundKey() XOR in another 16 bytes every time it is called, so it need a slightly different function, where ‘w’ count is initialized to 4*Nb*(Nr+1). 3.2.4) Inverse Mix Columns The Mix Columns function was carefully constructed so that it has an inverse. I will add in the theory of this here or elsewhere later. For now it suffices to say that the function multiplied each column by the inverse polynomial matrix.


Chapter: 04 Key Expansion Operation

In a simple cipher, one might XOR the key with plaintext. Such a step is easily reversed by another XOR of the same key with the cipher text. In the case of the AES, there are a number of rounds, each needing its own key, so the actual key is ‘stretched out’ and transformed to give portion of key for each round. The key expansion routine, as part of the overall AES algorithm, takes an input key (denoted key below) of 4*Nk bytes, or Nk 32-bit words. Nk has value either 4,6, or 8. The output is an expanded key (denoted ‘w’ below) of 4*Nb*(Nr+1) bytes, where Nb is always 4 and Nr is the number of rounds in the algorithm, with Nr equal 10 in case Nk is 4, Nr equal 12 in case Nk is 6, and Nr equal 14 in case Nk is 8. Expanded Key Size in Words: Key length number of rounds exp. Key Size (Nk words) (Nr) (Nb(Nr+1)words)

Expanded Key size in Words Key Length (Nk words)

Number of Rounds (Nr)

Exp. Key size (Nb(Nr+1)words)

4 10 44 6 12 52 8 14 60

Table (1) function w = key_expansion (key, s_box, rcon, vargin) w = (reshape (key, 4, 6))'; for i = 7 : 52 temp = w(i - 1, :); if mod (i, 6) == 1 temp = rot_word (temp); temp = sub_bytes (temp, s_box); temp = reshape (temp, 4, 1)'; r = rcon ((i - 1)/6, :); temp = bitxor (temp, r); end w(i, :) = bitxor (w(i - 6, :), temp); end


Chapter: 05

Results

5.1) AES Text encryption and decryption Result using 128 bits key. Input_Message = Here you can find and share romantic messages to surprise your SO with, texts to send to a dear friend's mobile phone, or something sweet to write on a card attached to a gift or present. Find love messages and submit your own that you use for chatting. Encrypted_Message =

� �£5Y íï·-_p»ø «1h �=| Q»¶Þç�«[NíØ¦©U íqõ"aºaÂ²Þ � � � � �T¼ gÏ ;û#Tò Åÿ µìð¤¤IÏ =f!(À ³ð 24ýºµ- � �Ü/¹ £ùâ $`ú_ý Æ8Ç � �}áÑÜó ÿR}}úvÇßf¡^ <MN:- � � � � � �»¿Ê<øÕ%9è¾Ö8 d~ iªuV« »·åV |® â -

� � � �ÔM Õ¶ T.Ýï.-�´ @»� �G g; �Á ãe¯$Û- � �� Æ¡ ßªøÄ Ã ¥Ë\� � � � � �´@pðä¦c ìU;` Ïtú)Ï ¥8·O/I®OÑ JÃ @� �æ @o`ÐOÊN¹

Decrypted_Message = Here you can find and share romantic messages to surprise your SO with, texts to send to a dear friend's mobile phone, or something sweet to write on a card attached to a gift or present. Find love messages and submit your own that you use for chatting.


5.2) AES Image encryption and decryption Result using 128 bits key. Image size (128x128).


5.3) AES Text encryption and decryption Result using 192 bits key.

Command Window Snap Shot


5.4) AES Image encryption and decryption Result using 192 bits key. Image size (128x128).


5.5) AES Text encryption and decryption Result using 256 bits key.

Command Window Snap Shot


5.6) AES Image encryption and decryption Result using 256 bits key. Image size (128x128)


5.7) Execution time comparison during images encryption and decryption

Image Size

128 bits Key

192 bits Key

256 bits Key

128x128 24.9 seconds 32.2 seconds 35.2 seconds

64x64 7.6seconds 10.7 seconds 15.2 seconds

Table (2)

Date post:	15-Jul-2015
Category:	Software
Upload:	sakhi-rehman
View:	237 times
Download:	2 times