Cryptography Reference
In-Depth Information
Table 11-12. ShiftRows for blocks of length 192 bits (
L
b
=6
)
Before ShiftRows
04 8 2 6 0
15 9 3 7 1
After ShiftRows
0 4 8 2 6 0
5
9
13
17
21
1
2
6
10
14
18
22
10
14
18
22
2
6
3
7
11
15
19
23
15
19
23
3
7
11
Table 11-13. ShiftRows for blocks of length 256 bits (
L
b
=8
)
Before ShiftRows
04 8 2 6 0 4 8
15 9 3 7 1 5 9
After ShiftRows
0
4
8
12
16
20
24
28
5
9
13
17
21
25
29
1
2
6
10
14
18
22
26
30
14
18
22
26
30
2
6
10
3
7
11
15
19
23
27
31
19
23
27
31
3
7
11
15
Table 11-14. Distances of line rotations in
ShiftRows
L
b
c
L
b
,
1
c
L
b
,
2
c
L
b
,
3
4
1
2
3
6
1
2
3
8
1
3
4
r
0
(
x
)=
x
3
+
x
2
+
x
,
r
1
(
x
)=
x
3
+1
,
r
2
(
x
)=
x
3
+
x
2
+1
,and
r
3
(
x
)=
x
3
+
x
+1
and reduced modulo
M
(
x
):=
x
4
+1
. The corresponding matrix is
⎡
⎣
⎤
⎦
'0E'
'0B'
'0D'
'09'
'09'
'0E'
'0B'
'0D'
.
(11.4)
'0D'
'09'
'0E'
'0B'
'0B'
'0D'
'09'
'0E'
11.7 The AddRoundKey Step
The last step of a round carries out an XOR of the round key with the block:
(
b
0
,j
,b
1
,j
,b
2
,j
,b
3
,j
)
←
(
b
0
,j
,b
1
,j
,b
2
,j
,b
3
,j
)
⊕
(
k
0
,j
,k
1
,j
,k
2
,j
,k
3
,j
)
,
for
j
=0
,...,L
b
−
1
. In this way, every bit of the result of a round is made
dependent on every key bit.
