Cryptography Reference
In-Depth Information
> KeyExpansion := proc(key)
local k, l, s, Nk, ek, ek1, i, temp;
k := checkkey(key);
l := nops(k);
Nk := iquo(l, 4);
s := l+28;
ek := [$1 .. s];
ek1 := ListTools:-LengthSplit(k, 4);
foritoNkdo
ek[i] := ek1[i]
end do;
for i from Nk+1 to s do
temp := ek[i-1];
if i-1 mod Nk = 0 then
temp := zip(BitXor, map(SB,ListTools:-Rotate(temp, 1)), Rcon[iquo(i-1, Nk)])
elif Nk = 8 and i-5 mod Nk = 0 then
temp := map(SB, temp)
end if;
ek[i] := zip(BitXor, ek[i-Nk], temp)
end do;
map(x -> Array(0..3, 0..3, (i,j) -> x[j+1,i+1]), [ListTools:-LengthSplit(ek,4)]);
end proc:
Example 4.1
Let us consider the 192-bit key given in Example A.2 of [73]:
> k192 := "8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b":
Next we compute the expanded key corresponding to
k192
butwedonot
print it:
> expkey := KeyExpansion(k192):
Let us print, for example, the last three round keys in matrix form. We use Maple's
function
ArrayTools:-Alias
to put the round keys in a format suitable to be
printed (as on other similar occasions, the elementwise operator ~ should be replaced
by a call to
map
if a version of Maple prior to v13 is used):
> map(x -> bytetohex
∼
(x), map(x -> ArrayTools:-Alias(x, [4,4]), expkey)[-3..1]);
⎡
⎣
⎡
⎣
⎤
⎦
,
⎡
⎣
⎤
⎦
,
⎡
⎣
⎤
⎦
⎤
⎦
a7 94 82 ad
e1 11 1f
ca 8f 28 bc
40 cc 2d 3c
05 50 16 e7
38 06 6a b5
e9 44 8e 01
8b 8c cc 00
a0 77 72 22
6f 3c 04 02
07
46 f1
75 d7
6c df
0a 53
Exercise 4.4
Compute the expanded keys corresponding to the AES keys given in
Examples A.1, A.2, and A.3 in [73] and check that the results obtained correspond
exactly to the ones given there.
4.2.3 AES Decryption
The four basic AES operations are invertible and so AES decryption is straightfor-
ward: it consists of running the inverse operations in reverse order, with the round
