Cryptosynchrotron: Generalized Rijndael, schematics

Before to enter in deep on the questions remarked in the previous post about this series, I like to post some schemas that some day would be useful.

The Rijndael symmetric cryptosystem build by iteration using a network of permutations who follows the basic shannon's properties of "confusion and diffusion". The bits in the plain text are mixes and substituted by a group of operations do by an order. To decrypt, what have to be done is to do the same things but in the opposite way. For sure, there is a key to introduce here the secret to be able to undo the encrypt operation.

Diagram 1: Flow of the Rindael encrypt/decrypt

As in the diagram 1 shows, using only 4 operations (subBytes, shitfRows, mixcolumns, addRoundKey, and its inverses). But those operations are in a certain order to maintain a set of properties.

subBytes: word substitution, where each element in the state matrix is replaced by its inverse and an affine mapping. Operations in $\mathbb{F}_{2^{wordsize}}$
shiftRows: cyclic left shift of the elements of the i'th row by i words.
mixColumns: column linear transformation of the state matrix, where each column is given as an element of a polynomial ring, where the coefficients of this polynomial are polynomials in $\mathbb{F}_{2^{w}}$ .
This polynomial ring is: $\frac{\mathbb{F}_{2^n}[x]}{m(x)}$
addRoundKey: XORed transformation between the state matrix and the round key.

Is necessary to emphasize the use of a part of the key in the 'addRoundKey()' operation. This round key is much longer than the given key to encrypt/decrypt, and the process to generate this key expansion can be described in a iterative way:

Diagram 2: Iterator schema of the Rijndael key expansion

The first 4x4 matrix (the

) is the original key given with in a structure of a matrix of elements in the wordsize (8 bits, a byte in rijndael, AES). This example is using the 128 key option but the key matrix can have more columns: To build the key expansion its the same way, but remark that "#c" represents the number of columns for the message, not the key.

To build the following columns to have each round keys, an iterator is good to see how this is made. I have tried to get an schema from other webs sites, but the ones that I found haven't convinced to me. I hope this would help to someone who search on internet for a diagram of the rijndael key expansion.

Cryptosynchrotron

2012/08/06

Generalized Rijndael, schematics

No comments:

License

Blog Archive

Labels