Professional Documents
Culture Documents
J. MANUEL MORENO EGULAZ Departament d'Enginyeria Electrnica Secci Barcelona-Sud (E.T.S.E.I.B.) Universitat Politcnica de Catalunya
RC6
RSA Laboratories
Rijndael
Joan Daemen (Proton World International) and Vincent Rijmen (Katholieke Universiteit Leuven)
Serpent
Ross Anderson (University of Cambridge), Eli Biham (Technion), and Lars Knudsen (University of California San Diego)
Twofish
Bruce Schneier, John Kelsey, and Niels Ferguson (Counterpane, Inc.), Doug Whiting (Hi/fn, Inc.), David Wagner (University of California Berkeley), and Chris Hall (Princeton University)
Coste
Computacionalmente eficiente (velocidad) Recursos de memoria
Caractersticas de implementacin
Flexibilidad, fcilmente implementable en software o hardware, simplicidad del algoritmo.
El ganador
El algoritmo de Rijndael gan el concurso y el AES es un caso particular del algoritmo Rijndael. El algoritmo Rijndael permite trabajar con distintos tamaos de datos y de claves. Publicacin oficial del algoritmo AES: FIPS 197 (Federal Information Processing Standards Publicacionts). Disponible de forma gratuita en internet en formato pdf. http://csrc.nist.gov/publications/fips/fips197/fips197.pdf
El tamao de la clave y del bloque de datos puede ser de 128, 192 y 256 bits.
Algoritmo de cifrado
byte state[4,Nb] state = in AddRoundKey(state, keySchedule[0, Nb-1])
for round = 1 step 1 to Nr1 { SubBytes(state) ShiftRows(state) MixColumns(state) AddRoundKey(state, keySchedule[round*Nb, (round+1)*Nb-1]) } SubBytes(state) ShiftRows(state) AddRoundKey(state, keySchedule[Nr*Nb, (Nr+1)*Nb-1]) out = state
AES 128 Nb = 4 Nk = 4 Nr = 10
Multiplicacin en AES ()
(x6 + x4 + x2 + x +1) (x7 + x +1) = x13 + x11 + x9 + x8 + x7 + x7 + x5 + x3 + x2 + x + x6 + x4 + x2 + x +1 = x13 + x11 + x9 + x8 + x6 + x5 + x4 + x3 +1 y x13 + x11 + x9 + x8 + x6 + x5 + x4 + x3 +1 mdulo ( x8 + x4 + x3 + x +1) = x7 + x6 +1.
Multiplicacin en AES ()
Ejemplo: {57} {13} {57} {02} = xtime({57}) = {ae} {57} {04} = xtime({ae}) = {47} {57} {08} = xtime({47}) = {8e} {57} {10} = xtime({8e}) = {07} {57} {13} = {57} ({01} {02} {10}) = ({57} {01}) ({57} {02}) ({57} {10}) = {57} {ae} {07} = {fe}
Expansin de la clave
Se expanden los bits de la clave (128) de manera que en cada ronda se utiliza una clave nica.
KeyExpansion(byte key[4*Nk], word w[Nb*(Nr+1)], Nk) word temp i = 0 while (i < Nk) w[i] = word(key[4*i], key[4*i+1], key[4*i+2], key[4*i+3]) i = i+1 end while i = Nk while (i < Nb * (Nr+1)] temp = w[i-1] if (i mod Nk = 0) temp = SubWord(RotWord(temp)) xor Rcon[i/Nk] else if (Nk > 6 and i mod Nk = 4) temp = SubWord(temp) end if w[i] = w[i-Nk] xor temp i = i + 1 end while end
AES 128 Nb = 4 Nk = 4 Nr = 10
Descifrado en AES
byte state[4,Nb] state = in AddRoundKey(state, keySchedule[Nr*Nb, (Nr+1)*Nb-1])
AES 128 Nb = 4 Nk = 4 Nr = 10
for round = Nr-1 step -1 downto 1 { InvShiftRows(state) InvSubBytes(state) AddRoundKey(state, keySchedule[round*Nb, (round+1)*Nb-1]) InvMixColumns(state) } InvShiftRows(state) InvSubBytes(state) AddRoundKey(state, keySchedule[0, Nb-1]) out = state
Cifrado / Descifrado
Cifrado AddRoundKey SubBytes ShiftRows MixColumns AddRoundKey SubBytes ShiftRows AddRoundKey Descifrado AddRoundKey InvShiftRows InvSubBytes AddRoundKey InvMixColumns InvShiftRows InvSubBytes AddRoundKey
PRCTICA 9
Implementar el algoritmo AES en VHDL y comprobar su funcionamiento mediante vectores de test conocidos (hay varios ejemplos en el estndar FIPS PUB 197).