AES and DES Algorithm Explained | Difference between AES and DES | Network Security | Simplilearn
Summary
TLDRThis script delves into the realm of cryptography, emphasizing the evolution from DES to AES. It explains DES's foundational role and its limitations, leading to the development of the more secure AES algorithm. The script explores the technicalities of both algorithms, their modes of operation, and applications in securing data transmission. It highlights the importance of encryption in safeguarding sensitive information and the continuous advancement in cryptographic standards to meet modern security demands.
Takeaways
- 🔒 **Encryption Importance**: Storing data in plain text is a significant risk; encryption is crucial for secure data transmission.
- 🔐 **Historical Algorithms**: DES and AES are prominent encryption algorithms that have been widely used since the 1970s.
- 🔑 **DES Algorithm**: Data Encryption Standard (DES) is a symmetric key cipher that encrypts data in 64-bit blocks using 48-bit keys.
- 🔄 **DES Structure**: DES is based on the Feistel cipher structure, which involves multiple rounds of substitution and permutation.
- 📉 **DES Vulnerability**: DES's 56-bit key size became insecure with the advancement of computing power, leading to its deprecation.
- 🔄 **Triple DES**: An enhancement of DES, Triple DES (3DES) uses three keys for encryption but was deemed too slow for modern needs.
- 🏆 **AES Development**: Advanced Encryption Standard (AES) was developed as a successor to DES, offering a more secure and efficient alternative.
- 🔑 **AES Key Sizes**: AES supports larger key sizes of 128, 192, or 256 bits, enhancing security against brute force attacks.
- 🔍 **AES Features**: AES uses a Substitution-Permutation Network (SPN) with different numbers of rounds based on key size, adding complexity and security.
- 🌐 **AES Applications**: AES is extensively used in various fields, including wireless security (WPA, WPA2), SSL/TLS encryption, and file encryption.
- 🛡️ **AES Advantages**: AES offers several advantages over DES, such as larger block size, variable number of encryption rounds, and higher encryption and decryption speeds.
Q & A
Why is storing data in plain text considered a significant risk for organizations?
-Storing data in plain text is a significant risk because it makes the data vulnerable to unauthorized access and potential breaches, highlighting the importance of security in data transmission.
What is the Data Encryption Standard (DES) algorithm and how does it work?
-The Data Encryption Standard (DES) is a symmetric key cipher used to encrypt and decrypt information in blocks. It converts plain text into ciphertext using 48-bit keys and follows the Feistel cipher structure, which involves a series of substitution and permutation operations.
How did the DES algorithm originate and what was its historical significance?
-DES originated from the Lucifer block cipher developed by IBM cryptography researcher Horst Feistel in 1971. It was approved as a federal encryption standard in 1976 and was widely used until it was cracked and deemed insecure, leading to the development of the Triple DES.
What is the Triple DES algorithm and why was it developed?
-Triple DES is a symmetric key block cipher that uses a double DES cipher with three keys, encrypting the data three times to enhance security. It was developed as a response to the DES being cracked, but it was deemed too slow for fast communication needs.
What is the Advanced Encryption Standard (AES) and why was it necessary?
-The Advanced Encryption Standard (AES), also known as the Rijndael algorithm, is a symmetric block cipher that replaced DES due to its larger key size and more complex structure, providing stronger security against brute force attacks.
How does the AES algorithm differ from the DES algorithm in terms of key length and block size?
-AES differs from DES by offering larger key lengths of 128, 192, or 256 bits and a block size of 128 bits, compared to DES's 48-bit keys and 64-bit block size, providing enhanced security.
What are the different modes of operation for the DES algorithm?
-DES has five modes of operation: Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR). Each mode provides a different method of encrypting data based on the requirements.
How does the AES algorithm's structure contribute to its security?
-AES's structure, which includes a Substitution-Permutation (SP) network and multiple rounds of processing, contributes to its security by making it resistant to various cryptanalytic attacks and providing a high level of complexity.
What are some practical applications of the AES algorithm in today's IT sphere?
-AES is widely used in wireless security protocols like WPA and WPA2, SSL/TLS encryption for secure web browsing, file encryption for sensitive documents and media, and processor security in hardware appliances.
How does the AES algorithm handle the encryption and decryption process?
-AES handles encryption and decryption through a series of steps including key expansion, SubBytes, ShiftRows, MixColumns, and AddRoundKey, which are repeated for a number of rounds depending on the key size. The process is reversed for decryption.
Outlines
🔒 Cryptography and the Evolution of Encryption Standards
This paragraph delves into the critical role of cryptography in securing data transmission, emphasizing the historical significance of encryption algorithms like DES and AES. It explains how plain text storage poses a significant risk, and encryption has been pivotal since the 1970s. The paragraph introduces DES (Data Encryption Standard) and AES (Advanced Encryption Standard), discussing their widespread use and reliability. It outlines the DES encryption process, including its 64-bit block size and 48-bit key usage, and touches on its evolution and eventual deprecation due to security vulnerabilities. The segment also covers the development of Triple DES and the AES algorithm's emergence as a more secure alternative.
🔑 The DES Algorithm: Structure, Flaws, and Modes of Operation
This section provides an in-depth look at the DES algorithm, detailing its structure based on the Feistel cipher and its 16 rounds of encryption. It discusses the origin of DES, its reliance on a 56-bit key, and the introduction of Triple DES as an attempt to enhance security. The paragraph also explores the various modes of operation for DES, including ECB, CBC, CFB, OFB, and CTR, explaining how each mode impacts encryption and decryption processes. The limitations of DES, particularly its susceptibility to brute force attacks due to its relatively short key length, are highlighted, leading to the adoption of AES as a more secure standard.
🚀 The AES Algorithm: A New Era in Data Security
The paragraph introduces the AES algorithm, also known as Rijndael, as a successor to DES, designed to address the shortcomings of its predecessor. It outlines the development of AES by the National Institute of Standards and Technology (NIST) and its selection as the global encryption standard in 2001. The segment describes AES's unique features, such as its larger block size of 128 bits and key sizes of 128, 192, or 256 bits, which significantly enhance security. The process of encryption in AES is detailed, including the use of substitution-permutation networks and the varying number of rounds based on key size. The paragraph also touches on AES's implementation in various security applications, such as wireless security and SSL/TLS encryption.
🔄 AES Encryption Process: Steps and Techniques
This section breaks down the AES encryption process into its constituent steps, starting with the initial XOR operation with the round key. It describes the four key stages of each round in AES: SubBytes, ShiftRows, MixColumns, and AddRoundKey, explaining their purposes and how they contribute to the algorithm's security. The paragraph also discusses the final round, which omits the MixColumns step, and the use of a state array to manage data throughout the encryption process. The summary includes an example to illustrate how plaintext is converted into ciphertext using AES, highlighting the algorithm's complexity and robustness.
🌐 AES in Practice: Applications and Advantages
The paragraph explores the practical applications of AES, highlighting its use in securing Wi-Fi networks through WPA and WPA2-PSK, as well as its role in SSL/TLS to encrypt internet browser sessions. It also mentions AES's prevalence in file encryption for various formats and its importance in processor security for hardware appliances. The section contrasts AES with DES, emphasizing the advantages of AES, such as its larger key and block sizes, and the number of rounds that depend on the key length, providing greater security and efficiency in encryption and decryption processes.
📚 Conclusion and Invitation to Learn More
In the concluding paragraph, the script summarizes the importance of understanding encryption algorithms like DES and AES in the context of data security. It invites viewers to ask questions and engage with the content, encouraging subscription to the channel for more educational videos on cryptography and related topics. The paragraph serves as a call to action, promoting further learning and exploration of encryption standards and their significance in the digital age.
Mindmap
Keywords
💡Cryptography
💡Data Encryption Standard (DES)
💡Advanced Encryption Standard (AES)
💡Symmetric Key Cipher
💡Fiestel Cipher Structure
💡Key Length
💡Block Cipher
💡Triple DES
💡Mode of Operation
💡Substitution-Permutation Network (SP Network)
💡Initialization Vector (IV)
Highlights
Encryption is essential for securing data transmission, with algorithms like DES and AES playing a crucial role for decades.
The Data Encryption Standard (DES) algorithm was developed based on the Lucifer algorithm and uses a symmetric key cipher.
DES encryption involves 16 rounds of the Feistel structure, utilizing a 48-bit key for each round.
Triple DES was introduced as a more secure alternative to standard DES but was considered too slow for efficient communication.
AES, the Advanced Encryption Standard, was chosen as the global encryption standard after a public competition to replace DES.
AES operates on a 128-bit block size with key sizes of 128, 192, or 256 bits, enhancing security over DES.
AES uses a Substitution-Permutation Network (SP network) and performs calculations on byte data rather than bit data.
The number of rounds in AES encryption depends on the key size, providing more complexity and security.
AES is widely used in wireless security protocols like WPA and WPA2 PSK to secure Wi-Fi endpoints.
AES is also integral to SSL/TLS encryption, ensuring secure internet browser sessions.
File encryption across various formats benefits from AES's large key size, providing robust security for sensitive documents and media files.
AES contributes to processor security in hardware appliances, preventing unauthorized access and machine hijacking.
AES's larger block size and key length offer significant advantages over DES in terms of security and complexity.
The simplicity of DES made it faster but less secure, whereas AES provides a balance between speed and security.
AES is more streamlined for deployment in global systems and frameworks compared to DES, adapting to modern computational standards.
Online tools can demonstrate the encryption and decryption process using DES and AES algorithms, providing practical insights into their application.
Transcripts
the world of cryptography storing data
in plain text is the biggest risk an
organization can take
encryption has been a staple in the
field of data transmission since the
1970s only further highlighting the
importance of security when it comes to
sharing messages
algorithms like the data encryption
standard which is also known as the des
algorithm and the advanced encryption
algorithm also known as the aes
algorithm have been used for decades in
both the consumer and business spaces
let's understand what is it about these
algorithms that make them so reliable
even after years of inception and growth
in the technical field
we start by learning about what is the
data encryption standard algorithm in
general
we then cover the origin of this
algorithm and how fistal ciphers played
a huge role in the formation of this
encryption standard
we cover all the steps in a des
encryption phase and also take a look at
the future of ds especially with other
algorithms having entered the market
we have a small demonstration of how the
ds algorithm uses a key to convert plain
text to ciphertext and vice versa
moving on we take a look into the aes
algorithm and why it was a necessity and
its distinct features
we also cover the working and specific
applications of the advanced encryption
algorithm in today's it sphere
finally we take a look at the
differences between both the des
algorithm and the aes algorithm from a
technical and a functional perspective
des algorithm stands for data encryption
standard
it is a symmetric key cipher that is
used to encrypt and recrypt information
in a block by block manner
each block is encrypted individually and
they are later chained together to form
our final ciphertext which is then sent
to a receiver
des takes the original unaltered piece
of data called the plain text in a
64-bit block and it is converted into an
encrypted text that is called the
ciphertext
it uses 48-bit keys during the
encryption process and follows a
specific structure called the fiscal
cipher structure during the entire
process
it is a symmetric key algorithm which
means des can reuse the keys used in the
encryption format to decrypt the
ciphertext back to the original plain
text
once the 64-bit blocks are encrypted
they can be combined together before
being transmitted
let's take a look at the origin and the
reason des was founded
des is based on a pistol block cipher
called lucifer developed in 1971 by ibm
cryptography researcher host fister
des uses 16 rounds of the swisstal
structure using a different key for each
round it also utilizes a random function
with two inputs and provides a single
output variable
das became the organization's approved
encryption standard in november 1976 and
was later reaffirmed as our standard in
1983 1988 and finally in 1999 but
eventually des was cracked and it was no
longer considered a secure solution for
all official rules of communication
consequently triple ds was developed
triple gs is a symmetric key block
cipher that uses a double ds cipher
encrypt with the first key delete
encryption with the second key and
encrypt again with a third key there is
also a variation of the two keys where
the first and second key are duplicate
of each other but triple ds was
ultimately deemed too slow for the
growing need for fast communication
channels and people eventually fell back
to using ds for encrypting messages
in order to search for a better
alternative a public-wide competition
was organized and helped cryptographers
develop their own algorithm as a
proposal for the next global standard
this is where the vindal algorithm came
into play and was later credited to be
the next advanced encryption standard
for a long time des was the standard for
data encryption for data security
its rule ended in 2002 when finally the
advanced encryption standard replaced
des as an acceptable standard following
a public competition for a place
to understand the structure of a fistal
cipher we can use the following image as
a reference
the block being encrypted is divided
into two parts one of which is being
passed on to the function while the
other part is xor with the function's
output
the function also uses the encryption
key that differs for each individual
round
this keeps going on until the last step
until where the right hand side and the
left hand side are being swapped here we
receive our final cipher text
for the decryption process the entire
procedure is reversed starting from the
order of the keys to the block sorting
if the entire process is repeated in a
reverse order we will eventually get
back our plain text and this simplicity
helps the speed
overall this was later detrimental to
the efficiency of the algorithm hence
the security was compromised
a pistol block cipher is a structure
used to derive many symmetric block
ciphers such as des which as we have
discussed in our previous comment
crystal cipher proposed a structure that
implements substitution and permutation
alternately so that we can obtain
ciphertext from the plain text and vice
versa this helps in reducing the
redundancy of the program and increases
the complexity to combat brute force
attacks
the pistol cipher is actually based on
the shannon structure that was proposed
in 1945.
the fistel cipher is the structure
suggested by horst feistel which was
considered to be a backbone while
developing many symmetric block ciphers
the shannon structure highlights the
implementation of alternate confusion
and diffusion
and like we already discussed the fiscal
cipher structure can be completely
reversed depending on the data however
we must consider the fact that to
decrypt the information by reversing the
physical structure we will need the
exact polynomial functions and the key
orders
to understand how the blocks are being
calculated we take a plain text which is
of 64 bit and it is later divided into
two equal halves of 32 bit each
in this the right half is immediately
transferred to the next round to become
the new left half of the second row
the right hand is again passed off to a
function which uses an encryption key
that is unique to each round in the
pistol cipher
whatever the function gives off as an
output it is passed on as an xor input
with the left half of the initial plain
text
the next output will become the right
half of the second round for the plain
text
this entire process constitutes of a
single round in the fistula cipher
taking into account what happens in a
polynomial function
we take one half of the block and pass
it through an expansion box the work of
the expansion box is to increase the
size of the half from 32-bit to 48-bit
text
this is done to make the text compatible
to a 48-bit keys we have generated
beforehand
once we pass it through the xor function
we get a 48-bit text as an output
now remember a half should be of 32-bit
so this 48-bit output is then later
passed on to a substitution box this
substitution box reduces its size from
48 bit to 32 bit output which is then
later xored with the first half of the
plain text
a block cipher is considered the safest
if the size of the block is large but
large block sizes can also slow down
encryption speed and the decryption
screen
generally the size is 64 bit
sometimes modern block ciphers like aes
have a 128 bit block size as well
the security of the block server
increases with increasing key size
but larger key sizes may also reduce the
speeds of the process
earlier 64-bit keys were considered
sufficient
modern ciphers need to use 128-bit keys
due to the increasing complexity of
today's computational standards
the increasing number of rounds also
increase the security of the block
cipher
they are inversely proportional to the
speed of encryption
a highly complex round function enhances
the security of the block cipher always
we must maintain a balance between the
speed and security
the symmetric block cipher is
implemented in a software application to
achieve better execution speed
there is no use of an algorithm it
cannot be implemented in a real-life
framework that can help organizations to
encrypt or decrypt the data in a timely
manner
now that we understand the basics of
fiscal ciphers we can take a look at how
des manages to run through 16 rounds of
the structure and provide the cipher
text at the end
now that we understand the basics of
western cyphers we can take a look at
how des manages to run through 16 rounds
of this structure and provide a cipher
text
in simple terms ds takes the 64-bit
plaintext and converts it into a 64-bit
cipher text and since we are talking
about these symmetric algorithms the
same key is being used when it is
decrypting the data as well
we first take a 64-bit click plain text
and we pass it to an initial permutation
function
the initial permission function it has
the job of dividing the block into two
different parts so that we can perform
fiscal cycle structures on it
there are multiple rounds being procured
in the ds algorithm namely 16 rounds of
pistol cipher structure
each of these rounds will need keys
initially we take a 56 bit cipher key
but it is a single key
we pass it on to a round key generator
which generates 16 different keys for
each single round that the pistol cipher
is being run
these keys are passed on to the rounds
as 48 bits
the size of these 48 bits case is the
reason we use the substitution and
permutation bonds in the polynomial
functions of the special ciphers
when passing through all these rounds we
reached round 16 but the final key is
passed on from the round key generator
and we get a final permutation
in the final permutation the rhymes are
swapped and we get our final ciphertext
this is the entire process of des with
16 rounds of pistol servers encompassed
in it to decrypt our ciphertext back to
the plain text we just have to reverse
the process we did in the des algorithm
and reverse the key order along with the
functions
this kind of simplicity is what gave des
the bonus when it comes to speed but
eventually it was detrimental to the
overall efficiency of the program when
it comes to security factors des have
five different modes of operation to
choose from
this one of those is electronic code
book
each 64-bit block is encrypted and
decrypted independently in the
electronic code book format
we also have cipher block chaining or
the cbc method
here each 64-bit block depends on the
previous one and all of them use an
initialization vector
we have a cipher feedback block
mechanism where the preceding ciphertext
becomes the input for the encryption
algorithm
it produces a pseudo random output which
in turn is xored with the plain text
there is an output feedback method as
well which is the same as cipher
feedback except that the encryption
algorithm input is the output from the
preceding des
a counter method has a different way of
approach where each plaintext block is
xored with an encrypted counter
the counter is then incremented for each
subsequent block
there are a few other alternatives to
these modes of operation but the five
mentioned above are the most widely used
in the industry and recommended by
cryptographers worldwide
let's take a look at the future of tes
the dominance of des ended in 2002 when
the advanced encryption standard
replaced the ds encryption algorithm as
the accepted standard it was done by
following a public competition to find a
replacement
nist officially withdrew the global
acceptance standard in may 2005 although
triple des has approved for some
sensitive government information through
2030.
nist also had to change the ds algorithm
because its key length was too short
given the increased processing power of
the new computers
encryption power is related to the size
of the key and des found itself a victim
of ongoing technological advances in
computing
we have received a point where 56 bit
was no longer a challenge to the
computers of tracking
note that because ds is no longer the
nist federal standard does not mean that
it is no longer in use triple ds is
still used today and is still considered
a legacy encryption algorithm
to get a better understanding of how
these keys and ciphertext look like we
can use an online tool for our benefit
as we already know to encrypt any kind
of data a key is mandatory
this key can be generated using
mathematical functions or computerized
key generation program such as this
website offers
it can be based on any piece of text
let's say the word is simply learning
in our example
once the key is settled we provide the
plain text or the clear text that needs
to be encrypted using the aforementioned
key
suppose our sentence for this example
is this is my first message
we have satisfied two prerequisites the
message and the key
another variable that goes into play is
the mode of operation
we have already learned about five
different modes of operation while we
can see some other options here as well
let us go with the cbc variant which
basically means the cipher block
chaining method
one of cbc's key characteristics is that
it uses a chaining process it causes the
decryption of our block of ciphertext to
depend all on the preceding ciphertext
blocks
as a result the entire validity of all
the blocks is contained in the previous
adjacent blocks as well
a single bit error in a ciphertext block
affects the decryption of all the
subsequent blocks
rearrangement of the order of these for
example can cause the decryption process
to get corrupted
regarding the manner of displaying
binary information we have two options
here we can either go with base64 or the
hexadecimal format
let's go to the base64 right now
as you can see the ciphertext is readily
available b64 is a little more efficient
than hex so we will be getting a smaller
ciphertext when it comes to base64
albeit the size of both the formats will
be the same the hex has a longer cipher
text since base64 takes four characters
for every three bytes while hex will
take two characters for each byte hence
b64 turns out to be more efficient
now to decrypt the cipher text we go by
the same format
choose base64
we copy the ciphertext onto our
decryption tool and we have to make sure
that the key we are using is exactly the
same
we choose similar mode of operation
and we choose the correct encoding
format as well which is base 64 in this
case
as you can see
the decryption is complete and we get a
plain text back
even if you keep everything the same but
we just change the encoding format
it will not be able to decrypt anything
unfortunately des has become rather easy
to crack even without the help of a key
the advanced encryption standard is
still on top when it comes to symmetric
encryption security and will likely stay
there for a while
eventually with so much computing power
growth the need for a stronger algorithm
was necessary to safeguard our personal
data
as solid as des was the computers of
today could easily break the encryption
with repeated attempts thereby rendering
the data security helpless
to counter this dilemma a new standard
was introduced which was termed as the
advanced encryption standard or the aes
algorithm
let's learn what is advanced encryption
standard
the aes algorithm also known as the
raindial algorithm is a symmetric block
cipher with a block size of 128 bits
it is converted into ciphertext using
keys of 128 192 or 256 bits
it is implemented in software and
hardware throughout the world to encrypt
sensitive data
the national institute of standards and
technology also known as nist started
development on aes in 1997 when it was
announced the need for an alternative to
the data encryption standard
the new internet needed a replacement
for des because of its small key size
with increasing computing power it was
considered unsafe against entire key
search attacks
the triple ds was designed to overcome
this problem however it was deemed to be
too slow to be deployed in machines
worldwide
strong cases were present by the mars
rc-6 serpent and the two fish algorithms
but it was the rindal encryption
algorithm also known as aes which was
eventually chosen as the standard
symmetric key encryption algorithm to be
used
its selection was formalized with the
release of federal information
processing standards publication 197 in
the november of 2001. it was approved by
the u.s secretary of commerce
now that we understand the origin of aes
let us have a look at the features that
make aes encryption algorithm unique
the aes algorithm uses a substitution
permutation or sp network
it consists of multiple rounds to
produce a ciphertext
it has a series of linked operations
including replacing inputs with specific
outputs that is substitutions and others
that involve bit shuffling which is
permutations
at the beginning of the encryption
process we only start out with a single
key which can be either a 128-bit key a
192-bit key or a 256-bit key eventually
this one key is expanded to be used in
multiple rounds throughout the
encryption and the decryption cycle
interestingly aes performs all its
calculations on byte data instead of bit
data as seen in the case of the ds
algorithm
therefore aes treats 128 bits of a clear
text block as 16 bytes
the number of rounds during the
encryption process depends on the key
size that is being used
the 128 bit key size fixes 10 rounds the
192 bit key size fixes 12 rounds and the
256 bit key holds 14 rounds
a round key is required for each of
these rounds but since only one key is
input into the algorithm the single key
needs to be expanded to get the key for
each round including the round zero
with so many mathematical calculations
going on in the background there are
bound to be a lot of steps throughout
the procedure
let's have a look at the steps followed
in aes
before we move ahead we need to
understand how data is being stored
during the process of aes encryption
everything in the process is stored in a
4 into 4 matrix format
this matrix is also known as a state
array and we'll be using these state
arrays to transmit data from one step to
another and from one round to the next
round
each round takes straight array as input
and gives a straight array as output to
be transferred into the next round
it is a 16 byte matrix with each cell
representing one byte
with each four bytes representing a word
so every state array will have a total
of four words representing it
as we previously discussed we take a
single key and expand it to the number
of rounds that we need the key to be
used in
let's say the number of rounds are n
then the key has to be expanded to be
used with n plus 1 rounds because the
first round is the key 0 round
let's say n is the number of rounds the
key is expanded to n plus 1 rounds
it is also a state array having four
words in its vicinity
every key is used for a single round and
the first key is used as a round key
before any round begins
in the very beginning the plain text is
captured and passed through an xor
function with the round key as a
supplement
this key can be considered the first key
from the n plus 1 expanded set
moving on the state array resulting from
the above step is passed on to a byte
substitution process
beyond that there is a provision to
shift rows in the state arrays
later on the state array is mixed with a
constant matrix to shuffle its column in
the mix column segment
after which we add the round key for
that particular round
the last four steps mentioned are part
of every single round that the
encryption algorithm goes through
the state arrays are then passed from
one round to the next as an input
in the last round however we skip the
mix columns portion with the rest of the
process remaining unchanged
but what are these byte substitution and
row shifting processes let's find out
regarding each step in more detail
in the first step the plain text is
stored in a state array and it is
exhaust with the k0 which is the first
key in the expanded key set
this step is performed only once on a
block while being repeated at the end of
each round as per iteration demands
the state array is xored with the key to
get a new state array which is then
passed off as input to the sub bytes
process
in the second stage we have byte
substitution
we leverage an x box called as a
substitution box to randomly switch data
among each element
every single byte is converted into a
hexadecimal value having two parts the
first part denotes the row value and the
second part denotes the column value
the entire state array is passed through
the s box to create a brand new state
array which is then passed off as an
input to the row shifting process
the 16 input bytes are replaced by
looking at a fixed table given in the
design we finally get a matrix with four
rows and four columns
when it comes to row shifting each bit
in the four rows of the matrix is
shifted to the left
an entry that is a fall off is
reinserted to the right of the line the
change is done as follows
the first line is not moved in any way
the second line is shifted to a single
position to the left
the third line is shifted two positions
to the left and the fourth line is
shifted three positions to the left
the result is a new matrix that contains
the same 16 bytes but has been moved in
relation to each other to boost the
complexity of the program
in mixed columns each column of 4 bytes
is now replaced using a special
mathematical function
the function takes four bytes of a
column as input and outputs four
completely new bytes
we will get a new matrix with the same
size of 16 bytes and it should be noted
that this phase has not been done in the
last round of the iteration
when it comes to adding a round key the
16 bytes of the matrix are treated as
128 bits and the 128 bits of the round
key are xor
if it is the last round the output is
the cipher text if you still have a few
rounds remaining the resulting 128 bits
are interpreted as 16 bytes and we start
another similar round
let's take an example to understand how
all these processes work
if our plain text is the
string 2 1 9 2 we first convert it into
a hexadecimal format as follows
we use an encryption key which is that's
my kung fu and it is converted into a
hexadecimal format as well
as per the guidelines we use a single
key which is then later expanded into n
plus 1 number of keys in which case is
supposed to be 11 keys for 10 different
rounds
in round 0 we add the round key the
plain test is xored with the k0 and we
get a state array that is passed off as
an input to the substitution by its
process
when it comes to the substitution bytes
process we leverage an s box to
substitute the elements of each byte
with a completely new byte
this way the state array that we receive
is passed off as an input to the row
shifting process on the next step
when it comes to row shifting each
element is shifted a few places to the
left with the first two being shifted by
zero places second row by one place
third row by two places and the last by
three
the state array that we received from
the row shifting is passed off as an
input to mix columns
in mixed columns we multiply the
straight array with a constant matrix
after which i receive a new state error
to be passed on onto the next step
we add the new state array as an xor
with the round key of the particular
iteration
whatever state array we receive here it
becomes an output for this particular
round
now since this is the first round of the
entire encryption process the state
array that we receive is passed off as
an input to the new round
we repeat this process for 10 more
rounds and we finally receive a cipher
text
once the final state array can be
denoted in the hexadecimal format this
becomes our final ciphertext that we can
use for transferring information from
the sender and receiver
let's take a look at the applications of
aes in this work
aes finds most use in the area of
wireless security in order to establish
a secure mode of authentication between
routers and clients
highly secure mechanisms like wpa and
wpa2 psk are extensively used in
securing wi-fi endpoints with the help
of rindial's algorithm
it also helps in ssl tls encryption that
is instrumental in encrypting our
internet browser sessions
aes works in tandem with other
asymmetric encryption algorithms to make
sure the web browser and web server are
properly configured and use encrypted
channels for communication
aes is also prevalent in general file
encryption of various formats ranging
from critical documents to the media
files
having a large key allows people to
encrypt media and decrypt data with
maximum security possible
aes is also used for processor security
in hardware appliances to prevent
machine hijacking among other things
as a direct successor to the des
algorithm
there are some aspects that aes provides
an immediate advantage in
let's take a look
when it comes to key length the biggest
flaw in des algorithm was its small
length was easily vulnerable by today's
standards aes has managed to nab up 128
192 and 256 bit key lens to bolster the
security further
the block size is also larger in aes
awing to more complexity of the
algorithm
the number of rounds in des is fixed
irrespective of the plain text being
used
in aes the number of round depends on
the key length that is being used for
the particular iteration thereby
providing more randomness and complexity
in the algorithm
the des algorithm is considered to be
simpler than aes even though aes beats
des when it comes to relative speed of
encryption and decryption
this makes advanced encryption standard
much more streamlined to be deployed in
frameworks and systems worldwide when it
compares to the data encryption standard
hope you learned something new today if
you have any questions from today's
session be sure to let us know in the
comments section below subscribe to our
channel for more videos like this and
thank you for watching
hi there if you like this video
subscribe to the simply learn youtube
channel and click here to watch similar
videos to nerd up and get certified
click here
関連動画をさらに表示
5.0 / 5 (0 votes)