Cryptography Reference
In-Depth Information
diffusion layer performs a linear operation on state matrices A , B , i.e., DIFF( A )+
DIFF( B )=DIFF( A + B ).
ShiftRows Sublayer
The ShiftRows transformation cyclically shifts the second row of the state matrix
by three bytes to the right, the third row by two bytes to the right and the fourth
row by one byte to the right. The first row is not changed by the ShiftRows trans-
formation. The purpose of the ShiftRows transformation is to increase the diffusion
properties of AES. If the input of the ShiftRows sublayer is given as a state matrix
B =( B 0 , B 1 ,..., B 15 ):
B 0 B 4 B 8 B 12
B 1 B 5 B 9 B 13
B 2 B 6 B 10 B 14
B 3 B 7 B 11 B 15
the output is the new state:
B 0
B 4
B 8 B 12
no shift
B 5
B 9 B 13 B 1 ←−
one position left shift
(4.1)
B 10 B 14 B 2
B 6 ←−
two positions left shift
B 15 B 3
B 7 B 11
←−
three positions left shift
MixColumn Sublayer
The MixColumn step is a linear transformation which mixes each column of the
state matrix. Since every input byte influences four output bytes, the MixColumn
operation is the major diffusion element in AES. The combination of the ShiftRows
and MixColumn layer makes it possible that after only three rounds every byte of
the state matrix depends on all 16 plaintext bytes.
In the following, we denote the 16-byte input state by B and the 16-byte output
state by C :
MixColumn( B )= C ,
where B is the state after the ShiftRows operation as given in Expression (4.1).
Now, each 4-byte column is considered as a vector and multiplied by a fixed
4
4 matrix. The matrix contains constant entries. Multiplication and addition of
the coefficients is done in GF (2 8 ). As an example, we show how the first four output
bytes are computed:
×
Search WWH ::




Custom Search