Design of AES (Advanced Encryption

Standard) Encryption and Decryption

Algorithm with 128-bits Key Length
APPLICATION:
High speed ATM/Ethernet/Fiber-Channel switches
Secure video teleconferencing
Routers and Remote Access Servers
The main objectives of AES are high level security, adoptable to
diverse application, efficient and exportable.
In this project work, the plain text of 128 bits is given as input to
encryption block in which encryption of data is made and the cipher text
of 128 bits is throughout as output.
The key length of 128 bits is used in process of encryption. The AES
algorithm is a block cipher that uses the same binary key both to encrypt
and decrypt data blocks is called a symmetric key cipher.
A commonly accepted definition of a good symmetric key algorithm,
such as the AES, is that there exists no attack better than key exhaustion
to read an encrypted message.
INTRODUCTION TO AES
The Advanced Encryption Standard (AES) specifies a FIPS-
approved cryptographic algorithm that can be used to protect electronic
data.
AES algorithm is a symmetric block cipher that can encrypt
(encipher) and decrypt (decipher) information. Encryption converts data
to an unintelligible form called cipher-text; decrypting the cipher-text
converts the data back into its original form, called plaintext.


SPECIFICATION
For the AES algorithm, the length of the input block, the
output block and the State is 128 bits. This is represented by Nb = 4,
which reflects the number of 32-bit words (number of columns) in the
State. For the AES algorithm, the length of the Cipher Key, K, is 128
bits. The key length is represented by Nk = 4, which reflects the
number of 32-bit words (number of columns) in the Cipher Key.
For the AES algorithm, the number of rounds to be performed
during the execution of the algorithm is dependent on the key size. The
number of rounds is represented by Nr, where Nr = 10 when Nk = 4.
DESCRIPTION
The AES is an iterated block cipher with a fixed block size of 128
and a variable key length.
The different transformations operate on the intermediate results,
called state. The state is a rectangular array of bytes and since the
block size is 128 bits, which is 16 bytes, the rectangular array is of
dimensions 4x4.
The basic unit for processing in the AES algorithm is a byte, a
sequence of eight bits treated as a single entity. The input, output and
Cipher Key bit sequences which are processed as arrays of bytes that
are formed by dividing these sequences into groups of eight
contiguous bits to form arrays of bytes.
The above figure shows the top level blocks available in the AES
algorithm. Also the basic inputs to the system and the outputs from the
system were clearly represented. As per the standard, 10 rounds for 128
bits key length were carried out in which the last round will be
performed separately. For both its Cipher and Inverse Cipher, the AES
algorithm uses a round function that is composed of four different byte-
oriented transformations:
Byte substitution using a substitution table (S-box)
Shifting rows of the State array by different offsets
Mixing the data within each column of the State array
Adding a Round Key to the State
Above mentioned functions were carried out for every individual
round and in the last round the third function, that is, Mixing the
data within each column of the State array will not be performed.
Hence the last round is carried out separately. Based on the key
provided, the new set of keys will be generated in the Key
Expansion block and is given to the each round as input.
ENCRYPTION
At the start of the Encryption or Cipher, the input data and the input
key were copied to the State array using the conventions.
Initially the XOR operation should be performed between each byte
of the input data and the input key and the output will be given as the
input of the Round-1.
After an initial Round Key addition, the State array is transformed by
implementing a round function 10 times, with the final round differing
slightly from the first Nr1 rounds.
The final State is then copied to the output. The round function is
parameterized using a key schedule that consists of a one-dimensional
array of four-byte words derived using the Key Expansion routine.
The individual transformations that carried out
are listed below.
SubBytes
ShiftRows
MixColumns
AddRoundKey
Table represents the operation performed at each round and its
order in which each one is carried out.
All Nr rounds are identical with the exception of the final round,
which does not include the MixColumns transformation. Thus the
cipher text, that is, encrypted data will be achieved at the end of the
final round.
AES CIPHER FUNCTIONS
The block diagram shown in the figure represents the functions
carried out in each round and the functions performed in the last round.
SubBytes Transformation
ShiftRows Transformation
MixColumns Transformation
AddRoundKey Transformation
The first time Add Round Key gets executed.
The second time Add Round Key is executed.
Figure AddRoundKey Operation
KEY EXPANSION
The key expansion routine executes a maximum of 4
consecutive functions. These functions are:
ROT WORD
SUB WORD
RCON
XOR
Rot Word (4 bytes)
This does a circular shift on 4 bytes similar to the Shift Row
Function. The 4-byte word is cyclically shifted 1 byte to the left.
For Example, lets take a sequence 1,2,3,4 which will be rotated
and obtain the result as 2,3,4,1.

Sub Word (4 bytes)
The Key Schedule uses the same S-Box substitution as the
main algorithm body. This step applies the S-box value substitution
as described in SubBytes function to each of the 4 bytes in the
argument. The S-Box is present in the Appendix-1 for the reference.
Steps in Key Expansion
The first n bytes of the expanded key are simply the cipher key (n = the size of the
encryption key)
The rcon value i is set to 1
Until we have enough bytes of expanded key, we do the following to generate n
more bytes of expanded key (please note once again that "n" is used here, this varies
depending on the key size)
1.we do the following to generate four bytes
owe use a temporary 4-byte word called t
owe assign the previous 4 bytes to t
owe perform the key schedule core on t, with i as Rcon value
owe increment i
owe XOR t with the 4-byte word n bytes before in the expandedKey (where
n is once 16 bytes)
2.we do the following x times to generate the next x*4 bytes of the expandedKey
(x = 3 for n=16)
owe assign the previous 4-byte word to t
owe XOR t with the 4-byte word n bytes before in the expandedKey (where
n is once 16 bytes)
Hence, for n=16, we generate: 4 + 3*4 bytes = 16 bytes per iteration.
DECRYPTION
The cipher text of 128 bits and the same key of 128 bits will be
given as the input to the decryption block. The encrypted data will
be decrypted and the original plain message will be achieved as the
output of the decryption block.


The Cipher transformations can be inverted and then implemented
in reverse order to produce a straightforward Inverse Cipher for the
AES algorithm.
The individual transformations used in the Inverse Cipher were
listed as follows.

InvShiftRows
InvSubBytes
InvMixColumns
AddRoundKey

Here also 10 rounds will be carried out and the only difference in
the decryption block with respect to the algorithm flow is that the
result of the KeyExpansion of each round will also be given to the
MixCoulmns operation after which the AddRoundKey transformation
should be carried out.

I nvMixColumns (state XOR Round Key) = I nvMixColumns
(state) XOR I nvMixColumns (Round Key)
AES INVERSE CIPHER FUNCTIONS
The AES Inverse Cipher Function has the same set of
transformations as in the encryption but in the inverse form, that is, the
predefined values which used for the each transformation will be
different.

InvSubBytes Transformation

InvSubBytes is the inverse of the byte substitution transformation, in
which the inverse S-Box is applied to each byte of the State. The
inverse S-Box is present in the Appendix-1 for the reference. The
transformation of this process will be carried out in the similar way as
in the SubBytes in the encryption such as the substitution value would
be determined by the intersection of the row and the column.

InvShiftRows Transformation
The InvShiftRows is the inverse of the ShiftRows transformation.
The bytes in the last three rows of the State are cyclically shifted over
different numbers of bytes (offsets). The first row, r = 0, is not shifted.
The bottom three rows are cyclically shifted by Nb - shift(r,Nb) bytes,
where the shift value shift(r,Nb) depends on the row number.
Specifically, the InvShiftRows transformation proceeds as follows.
The illustration figure will gives the clear view on this
InvShiftRows transformation.
3InvMixColumns Transformation
The InvMixColumns is the inverse of the MixColumns
transformation. InvMixColumns operates on the State considering
column-by-column. The pre-defined 4X4 matrix value and the first
column of the InvShiftRows state are represented as follows, for the
multiplication.

As a result of this multiplication, the four bytes in a column are
replaced by the following.

Thus the 4X4 matrix will be obtained which will be given as
the input to the next transformation.
Inverse of the AddRoundKey Transformation

The Inverse of the AddRoundKey is similar to the
AddRoundKey in the encryption process. Each element in the
resultant matrix of MixColumns and resultant matrix of KeyExpansion
will be XORed and the resultant matrix of AddRoundKey will be
given as the input to the next round.

Hence all the inverse cipher transformations were discussed
above and finally, the only thing left to do is putting it all together in
one inversed main algorithm. Similarly the forward cipher
transformations were combined together to form a Round and
combining all the 10 Rounds will constitute a complete AES
Encryption and Decryption algorithm.

CONCLUSION
Firstly, understanding the concept of cryptology and flow of AES
algorithm is done. Successful implementation of AES algorithm,
make to know one of the encryption and decryption standard
available in market and it helps to explore the path to implement
such an algorithm using VHDL.
Mainly, the concept of instantiation and arrays plays a major part
in implementation. This is a 128-bit Key dependent algorithm
which has control over the 128-bit input data or plaintext. The
original message is taken to 10 round operations which produces
the ciphertext.
This resultant encrypted data is fed as the input to the decryption
and 10 rounds operations were carried out and hence the same
plain text is achieved. Given the same input key and data (plaintext
or ciphertext) any implementation that produces the same output
(ciphertext or plaintext) as the algorithm specified in this standard
is an acceptable implementation of the AES.

The simulation results have been verified for the different
appropriate test cases. Finally the developed model is taken to the
Xilinx tool
FUTURE SCOPE
In recent days, AES (Advanced Encryption Standard) is used which
has increased level of security. This work on the AES Encryption and
Decryption Algorithm of 128 bits can be extended in the future in the
following ways.

As this algorithm supports the key length of 192 bits and 256 bits,
the work can be extended by increasing the key length which
increases both the security level to high and also the difficulties in
hacking level.

Also this work can be extended by developing a switch. This
switch will be used to switch the system of key lengths to either of
128 bits, 192 bits and 256 bits. This will be handling all the three key
lengths and the required process can be carried out by with respect to
the switch.

LANGUAGE USED:
VHDL
TOOLS REQUIRED:
XILINX-ISE Synthesis
MODELSIM - Simulation
THANK YOU