Cryptography Reference
In-Depth Information
-
MixColumn
: The columns of the state are substituted by a deterministic
principle. This rule is somewhat more complicated and uses transfor-
mations over Galois fields.
-
AddRoundKey
: The round key is XORed bitwise with the state. Only
this process mixes a secret into the transformation so that one may
speak of encryption.
2. Prior to the first round, an
AddRoundKey
transformation is executed, and
the
MixColumn
transformation is missing in the last round.
Rijndael can also work with 192-bit and 256-bit blocks; it then uses 4
×
6 and
4
8 matrices, respectively, as states, and the
ShiftRow
transformation changes
somewhat. The algorithm with 128-bit block and key lengths uses 10 rounds,
while 12 and 14 rounds, respectively, are used for longer block or key lengths.
×
Cryptanalyzing Rijndael the Classic Way
Rijndael with only one round would offer extremely low security. Since
Byte-
Sub, ShiftRow
, and
MixColumn
form only a fixed reversible transformation
even when executed one after the other, the security would correspond to a
128-bit Vernam cipher. We know from Section 3.6 what kind of special treat
this is for cryptanalysts.
But since Rijndael is a product algorithm, the security of such algorithms grows
explosively as the number of rounds increases, as we know. The cryptanalysis
of Rijndael known to date (see below) shows this rather impressively.
The
ByteSub, ShiftRow
, and
MixColumn
transformations are chosen such that
they are simple (and thus easy to analyze) on the one hand, and that all crypt-
analytic methods currently known will fail, on the other hand. The authors
explain their motivation for choosing these transformations in detail in their
publication (see the Web site:
algor/aes/rijndael.ps
. I just want to mention here
that operations on Galois fields play an important role.
The most important factors in choosing the transformations are strong diffusion
and confusion in every round:
•
Diffusion means here that a change to even one single state bit (or to
a round key bit) after as few rounds as possible influences all bits of
that state.
ShiftRow
and
MixColumn
are mainly responsible for this in
Rijndael.