AES (Advanced Encryption Standard)
2/Jan/1997: Call for evaluation criteria.
NIST publicly asked interested parties to propose a criteria to choose a DES successor.
Many submissions received during 3 months.
12/Sep/1997: Call for new algorithms.
Block ciphers 128-bit blocks.
128, 192, and 256-bit keys.
Such ciphers were rare at the time of the call.
Evaluation Rounds
1st round
15 candidate algorithms were evaluated by the community.
Conferences were organized for the evaluation.
Cryptographic weakness were found.
Performance issues were identified.
In a variety of hardware.
PCs, smart cards, hardware implementations.
Constrained environments were evaluated.
Limited memory smart cards, low gate count circuits, FPGAs.
Aug/1999: AES finalists announced
MARS, RC6, Rijndael, Serpent, and Twofish.
2nd round
The 5 finalists continued to be evaluated.
In a final conference the proposal of each algorithm presented their advantage against the other.
2/Oct/2000: AES algorithm was announced
Rijndael was selected.
Proposed by Vincent Rijmen and Joan Daemen.
Family of ciphers with different key and block sizes.
26/Nov/2001: AES was approved by NIST
FIPS PUB 197.
Subset of Rijndael (3 family members).
Now part of the ISO/IEC 18033-3 standard
Architecture
AddRoundKey
128-bit XOR.
Output is a 4x4 byte matrix.
SubBytes
256-element S-box.
Each matrix's bytes are substituted.
ShiftRows
Rows are rotated left.
Byte shift vary (0, 1, 2 and 3).
MixColumns
Each column is transformed.
Not performed in the last round.
CPU Instruction Sets
Intel AES New Instructions (AES-NI).
AESENC | Perform one round of an AES encryption flow. |
AESENCLAST | Perform the last round of an AES encryption flow. |
AESDEC | Perform one round of an AES decryption flow. |
AESDECLAST | Perform the last round of an AES decryption flow. |
AESKEYGENASSIST | Assist in AES round key generation. |
AESIMC | Assist in AES Inverse Mix Columns. |
ARMv8 Cryptographic Extension.
Last updated
