In this project work, the plain text of 128 bits is given as input to encryption block in which encryption of data is made. The cipher text is 128 bits and the key length of 128 bit is used in process of encryption. The main objectives of AES are high level security, adoptable to diverse application, efficient and exportable.
In this project work, the plain text of 128 bits is given as input to encryption block in which encryption of data is made. The cipher text is 128 bits and the key length of 128 bit is used in process of encryption. The main objectives of AES are high level security, adoptable to diverse application, efficient and exportable.
In this project work, the plain text of 128 bits is given as input to encryption block in which encryption of data is made. The cipher text is 128 bits and the key length of 128 bit is used in process of encryption. The main objectives of AES are high level security, adoptable to diverse application, efficient and exportable.
Algorithm with 128-bits Key Length APPLICATION: High speed ATM/Ethernet/Fiber-Channel switches Secure video teleconferencing Routers and Remote Access Servers The main objectives of AES are high level security, adoptable to diverse application, efficient and exportable. In this project work, the plain text of 128 bits is given as input to encryption block in which encryption of data is made and the cipher text of 128 bits is throughout as output. The key length of 128 bits is used in process of encryption. The AES algorithm is a block cipher that uses the same binary key both to encrypt and decrypt data blocks is called a symmetric key cipher. A commonly accepted definition of a good symmetric key algorithm, such as the AES, is that there exists no attack better than key exhaustion to read an encrypted message. INTRODUCTION TO AES The Advanced Encryption Standard (AES) specifies a FIPS- approved cryptographic algorithm that can be used to protect electronic data. AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. Encryption converts data to an unintelligible form called cipher-text; decrypting the cipher-text converts the data back into its original form, called plaintext.
SPECIFICATION For the AES algorithm, the length of the input block, the output block and the State is 128 bits. This is represented by Nb = 4, which reflects the number of 32-bit words (number of columns) in the State. For the AES algorithm, the length of the Cipher Key, K, is 128 bits. The key length is represented by Nk = 4, which reflects the number of 32-bit words (number of columns) in the Cipher Key. For the AES algorithm, the number of rounds to be performed during the execution of the algorithm is dependent on the key size. The number of rounds is represented by Nr, where Nr = 10 when Nk = 4. DESCRIPTION The AES is an iterated block cipher with a fixed block size of 128 and a variable key length. The different transformations operate on the intermediate results, called state. The state is a rectangular array of bytes and since the block size is 128 bits, which is 16 bytes, the rectangular array is of dimensions 4x4. The basic unit for processing in the AES algorithm is a byte, a sequence of eight bits treated as a single entity. The input, output and Cipher Key bit sequences which are processed as arrays of bytes that are formed by dividing these sequences into groups of eight contiguous bits to form arrays of bytes. The above figure shows the top level blocks available in the AES algorithm. Also the basic inputs to the system and the outputs from the system were clearly represented. As per the standard, 10 rounds for 128 bits key length were carried out in which the last round will be performed separately. For both its Cipher and Inverse Cipher, the AES algorithm uses a round function that is composed of four different byte- oriented transformations: Byte substitution using a substitution table (S-box) Shifting rows of the State array by different offsets Mixing the data within each column of the State array Adding a Round Key to the State Above mentioned functions were carried out for every individual round and in the last round the third function, that is, Mixing the data within each column of the State array will not be performed. Hence the last round is carried out separately. Based on the key provided, the new set of keys will be generated in the Key Expansion block and is given to the each round as input. ENCRYPTION At the start of the Encryption or Cipher, the input data and the input key were copied to the State array using the conventions. Initially the XOR operation should be performed between each byte of the input data and the input key and the output will be given as the input of the Round-1. After an initial Round Key addition, the State array is transformed by implementing a round function 10 times, with the final round differing slightly from the first Nr1 rounds. The final State is then copied to the output. The round function is parameterized using a key schedule that consists of a one-dimensional array of four-byte words derived using the Key Expansion routine. The individual transformations that carried out are listed below. SubBytes ShiftRows MixColumns AddRoundKey Table represents the operation performed at each round and its order in which each one is carried out. All Nr rounds are identical with the exception of the final round, which does not include the MixColumns transformation. Thus the cipher text, that is, encrypted data will be achieved at the end of the final round. AES CIPHER FUNCTIONS The block diagram shown in the figure represents the functions carried out in each round and the functions performed in the last round. SubBytes Transformation ShiftRows Transformation MixColumns Transformation AddRoundKey Transformation The first time Add Round Key gets executed. The second time Add Round Key is executed. Figure AddRoundKey Operation KEY EXPANSION The key expansion routine executes a maximum of 4 consecutive functions. These functions are: ROT WORD SUB WORD RCON XOR Rot Word (4 bytes) This does a circular shift on 4 bytes similar to the Shift Row Function. The 4-byte word is cyclically shifted 1 byte to the left. For Example, lets take a sequence 1,2,3,4 which will be rotated and obtain the result as 2,3,4,1.
Sub Word (4 bytes) The Key Schedule uses the same S-Box substitution as the main algorithm body. This step applies the S-box value substitution as described in SubBytes function to each of the 4 bytes in the argument. The S-Box is present in the Appendix-1 for the reference. Steps in Key Expansion The first n bytes of the expanded key are simply the cipher key (n = the size of the encryption key) The rcon value i is set to 1 Until we have enough bytes of expanded key, we do the following to generate n more bytes of expanded key (please note once again that "n" is used here, this varies depending on the key size) 1.we do the following to generate four bytes owe use a temporary 4-byte word called t owe assign the previous 4 bytes to t owe perform the key schedule core on t, with i as Rcon value owe increment i owe XOR t with the 4-byte word n bytes before in the expandedKey (where n is once 16 bytes) 2.we do the following x times to generate the next x*4 bytes of the expandedKey (x = 3 for n=16) owe assign the previous 4-byte word to t owe XOR t with the 4-byte word n bytes before in the expandedKey (where n is once 16 bytes) Hence, for n=16, we generate: 4 + 3*4 bytes = 16 bytes per iteration. DECRYPTION The cipher text of 128 bits and the same key of 128 bits will be given as the input to the decryption block. The encrypted data will be decrypted and the original plain message will be achieved as the output of the decryption block.
The Cipher transformations can be inverted and then implemented in reverse order to produce a straightforward Inverse Cipher for the AES algorithm. The individual transformations used in the Inverse Cipher were listed as follows.
Here also 10 rounds will be carried out and the only difference in the decryption block with respect to the algorithm flow is that the result of the KeyExpansion of each round will also be given to the MixCoulmns operation after which the AddRoundKey transformation should be carried out.
I nvMixColumns (state XOR Round Key) = I nvMixColumns (state) XOR I nvMixColumns (Round Key) AES INVERSE CIPHER FUNCTIONS The AES Inverse Cipher Function has the same set of transformations as in the encryption but in the inverse form, that is, the predefined values which used for the each transformation will be different.
InvSubBytes Transformation
InvSubBytes is the inverse of the byte substitution transformation, in which the inverse S-Box is applied to each byte of the State. The inverse S-Box is present in the Appendix-1 for the reference. The transformation of this process will be carried out in the similar way as in the SubBytes in the encryption such as the substitution value would be determined by the intersection of the row and the column.
InvShiftRows Transformation The InvShiftRows is the inverse of the ShiftRows transformation. The bytes in the last three rows of the State are cyclically shifted over different numbers of bytes (offsets). The first row, r = 0, is not shifted. The bottom three rows are cyclically shifted by Nb - shift(r,Nb) bytes, where the shift value shift(r,Nb) depends on the row number. Specifically, the InvShiftRows transformation proceeds as follows. The illustration figure will gives the clear view on this InvShiftRows transformation. 3InvMixColumns Transformation The InvMixColumns is the inverse of the MixColumns transformation. InvMixColumns operates on the State considering column-by-column. The pre-defined 4X4 matrix value and the first column of the InvShiftRows state are represented as follows, for the multiplication.
As a result of this multiplication, the four bytes in a column are replaced by the following.
Thus the 4X4 matrix will be obtained which will be given as the input to the next transformation. Inverse of the AddRoundKey Transformation
The Inverse of the AddRoundKey is similar to the AddRoundKey in the encryption process. Each element in the resultant matrix of MixColumns and resultant matrix of KeyExpansion will be XORed and the resultant matrix of AddRoundKey will be given as the input to the next round.
Hence all the inverse cipher transformations were discussed above and finally, the only thing left to do is putting it all together in one inversed main algorithm. Similarly the forward cipher transformations were combined together to form a Round and combining all the 10 Rounds will constitute a complete AES Encryption and Decryption algorithm.
CONCLUSION Firstly, understanding the concept of cryptology and flow of AES algorithm is done. Successful implementation of AES algorithm, make to know one of the encryption and decryption standard available in market and it helps to explore the path to implement such an algorithm using VHDL. Mainly, the concept of instantiation and arrays plays a major part in implementation. This is a 128-bit Key dependent algorithm which has control over the 128-bit input data or plaintext. The original message is taken to 10 round operations which produces the ciphertext. This resultant encrypted data is fed as the input to the decryption and 10 rounds operations were carried out and hence the same plain text is achieved. Given the same input key and data (plaintext or ciphertext) any implementation that produces the same output (ciphertext or plaintext) as the algorithm specified in this standard is an acceptable implementation of the AES.
The simulation results have been verified for the different appropriate test cases. Finally the developed model is taken to the Xilinx tool FUTURE SCOPE In recent days, AES (Advanced Encryption Standard) is used which has increased level of security. This work on the AES Encryption and Decryption Algorithm of 128 bits can be extended in the future in the following ways.
As this algorithm supports the key length of 192 bits and 256 bits, the work can be extended by increasing the key length which increases both the security level to high and also the difficulties in hacking level.
Also this work can be extended by developing a switch. This switch will be used to switch the system of key lengths to either of 128 bits, 192 bits and 256 bits. This will be handling all the three key lengths and the required process can be carried out by with respect to the switch.
LANGUAGE USED: VHDL TOOLS REQUIRED: XILINX-ISE Synthesis MODELSIM - Simulation THANK YOU