Cryptography Reference
In-Depth Information
1. We first perform the regular polynomial multiplication.
2. We make the Euclidean division of the product by the
x
8
x
4
x
3
+
+
+
x
+
1
polynomial and we take the remainder.
3. We reduce all its terms modulo 2.
Later in Chapter 6 we will see that this provides
Z
with the structure of the unique
finite field of 256 elements. This finite field is denoted by GF(2
8
). This means that we
can add, multiply, or divide by any nonzero element of
Z
with the same properties that
we have with regular numbers. We can further define matrix operations with terms in
Z
. We can then define MixColumns as follows.
MixColumns
(
s
)
1:
for
i
=
0to3
do
v
be the 4-dimensional vector with coordinates
s
0
,
i
,
2:
let
s
1
,
i
s
2
,
i
s
3
,
i
3:
replace
s
0
,
i
,
s
1
,
i
s
2
,
i
s
3
,
i
by the coordinates of
M
×
v
4:
end for
Here
M
isa4
×
4-matrix over
Z
defined by
⎛
⎝
⎞
⎠
.
x
x
+
11
1
1
x
x
+
11
M
=
1
1
x
x
+
1
x
+
11
1
x
The substitution table S-box is defined by the inversion operation
x
−
1
(except for
0 which is mapped to zero) in the finite field GF(2
8
). This operation has good
nonlinear properties. In order to “break” the algebraic structure of this table, an affine
transformation is added on this function.
=
x
The linear transformation in MixColumns is defined by a matrix following prin-
ciples similar to the mixing box of CSC (see Section 2.6.2): whenever
i
input bytes of
this linear transformation are modified, we make sure that this induces a modification
of at least 5
i
output bytes.
8
−
We complete the description of AES by outlining the key expansion. It is easier to
consider
W
as a row sequence (i.e. four bytes) of length 4Nr starting by
w
0
and up to
w
4Nr
−
1
. Hence
W
i
=
[
w
4
i
,
w
4
i
+
1
,
w
4
i
+
2
,
w
4
i
+
3
]
.
The key expansion proceeds with a key described as a sequence of Nk rows (i.e. Nk is
either 4, 6, or 8) starting from key
0
. The expansion works as follows.
8
Equivalently, the set of all (
x
,
M
(
x
)) 8-byte vectors is an MDS code if
M
denotes the linear transformation,
or in other words,
M
is a multipermutation.
Search WWH ::
Custom Search