1. AES Description and Characteristics

The Advanced Encryption Standard (AES) algorithm is one of the block cipher encryption algorithm that was published by National Institute of Standards and technology (NIST) in 2000 with the main purpose to replace DES algorithm after some vulnerable aspects was appeared on it. The original name of this algorithm is Rijndael Algorithm which come from the creator of the algorithm named Vincent Rijmen and Joan Daeman. Security, performance, efficiency, implement ability, and low memory requirements are the factors why AES was chosen by NIST. The AES algorithm takes as input of block of 128 bits (16 bytes) with three different keys of 128, 192, or 256 bits and this algorithm is an iterative instead of Feistel cipher. The key sizes decide to the number of rounds. These bytes are then placed in a matrix of 4×4 elements and lines are rotated to the right with the variation depend on the number of the line. A linear transformation in then applied to the matrix which is consist of binary multiplication of each matrix element with polynomials from an auxiliary matrix and this multiplication is subjected to special rules according GF (28). The process is ended by XOR between the matrix and other matrix that allows to obtain in intermediate matrix. These operations are repeated several times and define a “turn”. For a 128, 192, or 256, AES requires respectively 10, 12, or 14 rounds.

AES specifies a Federal Information Processing Standards (FIPS) approved cryptographic algorithm that can be used to protect electronic data.

The most important function in AES algorithm is Mix Column function which provides strength against differential and linear attacks due to the complexity of its mathematical operations. This strong Mix Column function is supported by strong Substitution Box. AES S-box has a relatively simple form. Every round in AES use the same S-box and it act independently on each byte.

NIST use three important criterions to evaluate the algorithms that were submitted by cryptographer experts. The first criterion is Security. Security is one of the most crucial aspects that NIST was considered to choose algorithm because the main purpose of AES was to improve the security issue of DES algorithm. AES has the best ability to protect sensitive data from attackers which is not allowed them to break the encrypt data as compared to other proposed algorithm. This was a result by doing a lot of testing on AES against theoretical and practical attacks.

The second criterion that was emphasis by NIST to evaluate the algorithms is its cost. Again, the factors behind these measures were also clear due to another main aim of AES algorithm to improve the low performance of DES. AES is able to have high computational efficiency and can be used in a wide range of applications especially in broadband links with a high speed. That’s the reason why AES was one of the algorithm which was nominated by NIST. The third criterion is algorithm and implementation characteristics. This criterion was very significant to estimate the algorithms that were received from cryptographer experts. Some important aspects were measured in this stage that is flexibility, simplicity and suitability of the algorithm for diversity if hardware and software implementation .

AES has been tested with a lot of attacks. In the single-key model, previous results can attack up to 7 rounds of AES-128. The first attack is SQUARE attack which uses 2128 – 2119 chosen plaintexts and 2120 encryptions . The second attack is a meet-in-the-middle attack that requires 232 chosen plaintexts and has a time complexity equivalent to almost 2128 encryptions. Recently, another attack on 7-round AES-128 was presented . The new attack is an impossible differential attack that requires 2117.5 chosen plaintexts and has running time of 2121 encryptions. The resulting impossible differential attack on 7-round AES-192 has a data complexity of 292 chosen plaintexts and time complexity of 2162 encryptions, while attack on AES-256 uses 2116.5 chosen plaintexts and running time of 2247.5 encryptions.

• Structure of AES Algorithm
• Mathematical Preliminaries

All bytes in AES algorithm are interpreted as finite field elements which can be added and multiplied, but these operations are different from those used for numbers. The addition of two elements in a finite field is achieved by “adding” the coefficients for the corresponding powers in the polynomials for two elements. The addition operation is symbolized with XOR operation which is denoted with “⊕”. Every addition is module 232 so that 1 ⊕ 1 = 0, 1 ⊕ 0 = 1, and 0 ⊕ 0 = 0. The subtraction of polynomials is identical to addition of polynomials. The sum of two bytes is aquivalent with the XOR of every bit of it. For example the sum of {a7a6a5a4a3a2a1a0} and {b7b6b5b4b3b2b1b0} is {c7c6c5c4c3c2c1c0} where ci = ai bi.

Multiplication in GF (28) is denoted with “.” and in the polynomials representation, it’s corresponds with the multiplication of polynomials modulo an irreducible polynomial of degree 8. A polynomial is irreducible if its only divisor are one and itself, for the AES algorithm this irreducible polynomial is m(x) = x8 + x4 + x3 + x +1 or {01}{1b} in hexadecimal notation. The modular reduction by m(x) makes the result will be a binary polynomial of degree less than 8, and thus can be represented by a byte.

Basic structure of AES algorithm

AES algorithm uses feistel cipher mode which is based on two common techniques to encrypt and decrypt data known as substitution and permutation network (SPN). SPN is a number of mathematical operations that are carried out in block cipher algorithms.

Figure 1. The Basic Structure of AES Algorithm

• Implementation of AES

AES algorithm is one of the most powerful algorithms that are widely used in different fields all over the world because this algorithm enables faster than DES and 3DES algorithms to encrypt and decrypt data. AES also used in many cryptography protocols such as Socket Security Layer (SSL) and Transport Security Layer protocol to provide much more communications security between client and server over internet. Before AES algorithm was released, encryption and decryption data relied on DES algorithm. But after some vulnerable of this algorithm appeared, the Internet Engineering Task Force (IETF) decided to replace DES to AES algorithm. AES also can be found in most modern applications and devices that need encryption functionality such as WhatsApp, Facebook Messenger, Intel and AMD processor, and also Cisco devices like router, switch, etc. AES Crypt package is available on many library, C#/.NET, Java and JavaSript which uses to easily and securely encrypt files from intruders.