Because I want to learn the security of the Internet of Things, I have learned several encryption algorithms by myself, so as not to forget, here is the most simple and simple summary of AES symmetric encryption.
If you want to study specifically, it is recommended to watch the following article of the big brother, very detailed, I also looked at this article and made my own summary.
Click here to transfer to the
AES symmetric encryption algorithm (symmetric means that the keys used for encryption and decryption are the same).
In the AES standard specification, the packet length can only be 128 bits, that is, each packet is 16 words Section (8 bits per byte). The length of the key can be 128 bits, 192 bits or 256 bits. The length of the key is different, and the recommended number of encryption rounds is also different. This time taking AES128 as an example, the encryption is ten rounds.
The following is the encryption step 1. The
128-bit input plaintext and input key are divided into 16 bytes.
The processing unit of AES is byte. The 128-bit input plaintext packet P and the input key K are divided into 16 bytes, which are respectively denoted as P = P0 P1… P15 and K = K0 K1… K15.
2. Byte generation For
AES, an S box and an inverse S box are defined. Take out each byte in the plain text, take the high 4 bits of the byte as the row value, and the low 4 bits as the column value, take out the element at the corresponding position in the S box, and replace the original byte.
3. Row shift operation The
matrix row 0 is shifted left by 0 bytes, the matrix row 1 is shifted left by 1 byte, and the matrix row 2 is shifted left by 2 bytes. And so on.
4. Column mixing operation
Column mixing transformation is achieved by matrix multiplication. The state matrix after row shift is multiplied by a fixed matrix to obtain the confused state matrix.
5. Round key addition
Perform a bit-wise XOR operation on the data in the 128-bit round key K with the state matrix.
The key matrix is different for each round of XOR operation. The key expansion is introduced below.
AES first enters the initial key into a 4 4 state matrix. The 4 bytes in each column of the 4 4 matrix form a word, and the 4 words in the 4 columns of the matrix are named W [0], W [1], W [2], and W [3] in sequence. They form a Array W of word units.
Next, the W array is expanded by 40 new columns to form a total of 44 columns of extended key arrays. The new column is generated recursively as follows:
1. If i is not a multiple of 4, then the i-th column is determined by the following equation:
W [i] = W [i-4] ⨁W [i-1]
2. If i Is a multiple of 4, then the i-th column is determined by the following equation:
W [i] = W [i-4] ⨁T (W [i-1])
Among them, T is a somewhat complicated function. The function T is composed of three parts: word loop, byte substitution, and XOR of the rotation constant. The functions of these three parts are as follows.
Word rotation: shift 4 bytes in 1 word to the left by 1 byte. The input words [b0, b1, b2, b3] will be converted to [b1, b2, b3, b0].
Byte substitution: Use the S box to perform byte substitution on the result of the word loop.
XOR of wheel constant: XOR the results of the first two steps with the wheel constant Rcon [j], where j represents the wheel.
The following is the complete encryption process
. The round functions of rounds 1 to 9 of encryption are the same, including 4 operations: byte substitution, row displacement, column mixing, and round key addition. The last iteration does not perform column blending. In addition, before the first round of iterations, the plaintext and the original key are XOR-encrypted.
Some pictures are quoted from this article https://blog.csdn.net/qq_28205153/article/details/55798628?depth_1-utm_source=distribute.pc_relevant.none-task&utm_source=distribute.pc_relevant.none-task
