1 / 11

AES Proposal: Rijndael

AES Proposal: Rijndael. Joan Daemen. Vincent Rijmen. “Rijndael is expected, for all key and block lengths defined, to behave as good as can be expected from a block cipher with the given block and key lengths.” Presented by Jianning TANG. Outline. Introduction Applications of Rijndael

pabla
Download Presentation

AES Proposal: Rijndael

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. AES Proposal: Rijndael Joan Daemen Vincent Rijmen “Rijndael is expected, for all key and block lengths defined, to behave as good as can be expected from a block cipher with the given block and key lengths.” Presented by Jianning TANG

  2. Outline • Introduction • Applications of Rijndael • Design Criteria • Rijndael Encryption • Resistance Against Known Attacks •  Security goal •  Conclusion •  Question

  3. Introduction AES: Advanced Encryption Standard published by NIST Block Cipher: An encrypting method in which each block of plain text is converted into a block of cipher text of the same length Rijndael: An iterated block cipher with a variable block length and a variable key length. The block length and the key length can be independently specified to 128, 192 or 256 bits.

  4. Applications of Rijndael Rijndael cipher is designed to be implemented efficiently on a wide range of processors and in dedicated hardware. i.e. Smart Card, ATM, HDTV, B-ISDN, Voice and Satellite (encryption). Rijndael can also be used in MAC algorithm, iterated hash function, synchronous stream cipher, pseudo-random number generator, self-synchronizing stream cipher.

  5. Design Criteria • Resistance against all known attacks; • Speed and code compactness on a wide range of platforms; • Design simplicity.

  6. Rijndael Encryption Pseudo code of Rijndael encryption: Rijndael(State,CipherKey) { KeyExpansion(CipherKey,ExpandedKey) ; AddRoundKey(State,roundKey[0]); For( i=1 ; i<Nr ; i++ ) Round(State,roundKey[i]) ; FinalRound(State,roundKey[Nr]);// return State; } Block Length(bits) Key Length(bits) Nr: number of rounds

  7. Resistance Against Known Attacks Attack: If the computational time of a cryptanalysis method(to find the key) is less than the computational time of an exhausted key search, the method is said to be an effective attack. Plain Text--Cipher Text Pairs: Known to cryptanalyst. Keys: NOT known to cryptanalyst

  8. List of known cryptanalysis methods:  Symmetry properties and weak keys of the DES type  Differential cryptanalysis  Linear cryptanalysis  Truncated differentials  The Square attack  Interpolation attacks  Related-key attacks No attack has yet been found to be effective against Rijndael.

  9. Security Goal 1. K-security: All possible attack strategies for Rijndael have the same expected work factor and storage requirements as for the majority of possible block ciphers with the same dimensions. 2. Hermetic: It does not have weaknesses that are not present for the majority of block ciphers with the same block and key length. Or: its internal structure cannot be exploited in any application. Rijndael is expected to achieve its security goal

  10. Conclusion In security aspect: “Rijndael is expected, for all key and block lengths defined, to behave as good as can be expected from a block cipher with the given block and key lengths.”

  11. Question If a block cipher is k-security, do you think it is secure enough?

More Related