Cryptography Reference
In-Depth Information
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
K
0 123456789 0 1
12
13
14
15
16
17
18
19
20
21
22
23
32
32
32
32
32
32
W[0]
W[1]
W[2]
W[3]
W[4]
W[5]
g
g
function of round
i
32
V
V
V
V
W[6]
W[7]
W[8]
W[9]
W[10]
W[11]
8
8
8
8
V
V
V
V
S
S
S
S
RC[i]
W[42]
W[43]
W[44]
W[45]
W[46]
W[47]
8
g
32
W[48]
W[49]
W[50]
W[51]
Fig. 4.6 AES key schedule for 192-bit key sizes
why such an implementation on a device with limited memory resources, such as a
smart card, is sometimes not desireable.
2. On-the-fly A new subkey is derived for every new round during the encryption
(decryption) of a plaintext (ciphertext). Please note that when decrypting cipher-
texts, the last subkey is XORed first with the ciphertext. Therefore, it is required to
recursively derive all subkeys first and then start with the decryption of a ciphertext
and the on-the-fly generation of subkeys. As a result of this overhead, the decryption
of a ciphertext is always slightly slower than the encryption of a plaintext when the
on-the-fly generation of subkeys is used.
Search WWH ::




Custom Search