Cryptography Reference
In-Depth Information
3.5
The Advanced Encryption Standard
Not to go back, is somewhat to advance,
And men must walk at least before they dance.
Alexander Pope
(1688-1744), English poet
— from
Imitations of Horace
(1738, Bk. 1, Epistle 1)
3.9
On November 26, 2001, NIST announced, in FIPS 197 (see [93]), that the
Advanced Encryption Standard
(AES) would be
Rijndael
, and that it would
take effect on May 26, 2002. The name “Rijndael” (just call it “Rain Doll”)
was derived from the names of Rijndael's Belgian designers, Vincent
Rij
men
and Joan
Dae
men.
Joan Daemen was born in Belgium in 1965. In 1988 as a member of the
research group
CO
mputer
S
ecurity and
I
ndustrial
C
ryptography (COSIC), he
began a Ph.D. in cryptography, which he completed in 1995. By the spring
of 1998, he joined the newly formed
Proton World International
, a Brussels-
based company whose focus is on high-level banking security applications, and
he remains there to this day. He is currently designing protocols for smart cards,
and related applications. Moreover, he continues, on occasion, to collaborate
with his former COSIC colleague, Vincent Rijmen.
Vincent Rijmen was born in Belgium in 1970. After obtaining a degree in
electrical engineering at the Katholieke Universiteit Leuven, he joined COSIC,
where he, too, was working on his Ph.D., which he obtained in 1997. His
preferred area of research has always been cryptanalysis of block ciphers. In fact,
the title of his Ph.D. thesis is
Cryptanalysisanddesignofiteratedblockciphers
.
Among his pursuits has been the evolution of computer security systems.
The Rijndael cipher is based upon the 128-bit block cipher, called
Square
,
which Rijmen and Daemen originally designed with a concentration on resis-
tance against LC (see page 132). Later Lars Knudsen engaged in more crypt-
analysis of the Square cipher. A paper by these three authors, describing the
details of Square, was presented at the workshop for
Fast Software Encryption
in the spring of 1997 in Haifa, Israel. (Consequently, Rijndael has been called
Son of Square
and alternatively Square has been called
Mother of Rijndael
by
their creators.) In that spring of 1997, Daemen and Rijmen began working on
a variant of the Square cipher that would allow for key and block lengths of
128, 192, and 256 bits. They called their new cipher design “Rijndael” and
submitted it to NIST by the June 1998 deadline. The rest, as noted above, is
history.
The first item of importance is that Rijndael is
not
a Feistel cipher. Yet, the
reader will recognize similarities to DES. We will see that the modulo 2 addi-
tions,
⊕
, will add key material to the data. As with DES, the S-boxes will add
nonlinearity. However, the S-boxes were designed so that the complementation
property suffered by DES is avoided (see page 127).
We begin by providing a preliminary verbal introduction to the AES cipher,
before presenting the details of the Rijndael mechanisms in action.
3.9
The symbol
will denote advanced material henceforth.
Search WWH ::
Custom Search