Cryptography Reference
In-Depth Information
For instance, if
Nb
=
4
, then
a
0
,
0
a
0
,
1
a
0
,
2
a
0
,
3
a
1
,
0
a
1
,
1
a
1
,
2
a
1
,
3
a
2
,
0
a
2
,
1
a
2
,
2
a
2
,
3
a
3
,
0
a
3
,
1
a
3
,
2
a
3
,
3
a
0
,
0
a
0
,
1
a
0
,
2
a
0
,
3
a
1
,
3
a
1
,
0
a
1
,
1
a
1
,
2
a
2
,
2
a
2
,
3
a
2
,
0
a
2
,
1
a
3
,
1
a
3
,
2
a
3
,
3
a
3
,
0
−−−−→
SR
The
SR
step introduces high diffusion over multiple rounds and interacts
with the next step.
(3) Mix Column (MC)
: As with the S-box description, the MC description is
given in Appendix D on page 529 for the sake of simplicity of presentation.
All one needs to know about this step, at this juncture, is that it linearly
combines bytes in the columns, and creates high intracolumn diffusion.
(4) Round Key Addition (RKA)
: In this step, a round key is added modulo
2 to the state. For example,
(
a
i,j
)
⊕
(
k
i,j
)=(
b
i,j
)
,
where
is addition modulo 2, (
a
i,j
) is the state matrix, (
k
i,j
) is the round
key matrix, and (
b
i,j
) is the resulting state matrix. Thus, this step makes
the round function key dependent.
⊕
There is significant parallelism in the round function. All four steps of a
given round operate in parallel on bytes, rows, or columns of the state.
Then round keys are extracted from the expanded key as follows. The first
round key consists of the first
Nb
words, the second round key consists of the
following
Nb
words, and so on.
Stepwise Description of the Rijndael Cipher
Step 1
(
Initial Addition Round
) There is an initial RKA step.
Step 2
(
Rounds
) There are
Nr
1 rounds executed.
Step 3
(
Final Round
) A final round is executed (omitting the
MC
step).
−
Hence, the detailed sequence of steps for Rijndael is an initial round key
addition, then
Nr
1 rounds of
BSB
,
SR
,
MC
,
RKA
each, followed by a final
round consisting of
BSB
,
SR
,
RKA
. Unlike DES, Rijndael does not require a
“swapping step” in its rounds since the
MC
step causes every byte in a column
to alter every other byte in the column.
Deciphering Rijndael is executed by reversing the steps using inverses and
a modified key schedule. Encryption and decryption diagrams are given in
Diagrams 3.6 and 3.7.
−
Search WWH ::
Custom Search