With the development of symmetric cryptography, the DES Data Encryption Standard algorithm, due to the small key length (56 bits), has not adapted to the requirements of today's distributed open Network for data encryption security, so 1997 NIST publicly solicited new data encryption standards, namely AES[1]. After the screening of the Tri-rounds, the Rijndael algorithm submitted by the Belgian Joan Daeman and Vincent Rijmen was proposed as the final algorithm for AES. This algorithm will become a new data encryption standard in the United States and is widely used in various fields. While there is a different view of AES, in general, AES, as a new generation of data encryption standards, brings together the advantages of strong security, high performance, high efficiency, ease of use and flexibility. The AES design has three key lengths: 128,192,256 bits, whereas AES's 128 key is 1021 times times stronger than the 56 key of DES (2). The AES algorithm mainly includes three aspects: wheel change, lap number and key expansion. Taking 128 As an example, this paper introduces the basic principle of the algorithm, and unifies the AVR assembly language to realize AES of advanced data encryption algorithm.
AES is a packet key, the algorithm inputs 128 bits of data, the key length is also 128 bits. A nr is used to denote the number of rounds of encryption for a data packet (the relationship between the number of encryption wheels and the key length is listed in table 1). Each round requires the participation of an extension key expandedkey (i) with the same length as the input packet. Because the external input encryption key k is limited in length, a key extender (keyexpansion) is used in the algorithm to extend the external key k into a longer bit string to generate the encryption and decryption keys for each wheel.
1.1 Turn change
Each loop transform of AES consists of the following three layers:
Non-linear layer-the Subbyte transformation;
Line-line mixing Layer-shiftrow and mixcolumn operations;
Key addition Layer--perform addroundkey operation.
The ①subbyte transform is a nonlinear byte conversion that acts on each byte in the state, and can be mapped by a computed S-box.
②shiftrow is a byte-transposition. It loops the rows in the state by a different offset, which is also selected according to the difference of NB [3].
③ in the Mixcolumn transformation, each column in the state is considered to be the result of multiplying the polynomial a (x) on the GF (28) with the fixed polynomial C (x). The coefficients of B (x) =c (x) *a (x) are calculated as follows: * The operation is not a normal multiplication, but a special operation, i.e. B (x) =c (x) A (x) (mod x4+1) for this operation B0=02. A0+03. A1+A2+A3 Order Xtime (a0) = 02. A0 of which, the symbol ". "Expression modulo a eight-time irreducible polynomial of the same-remainder multiplication [3]."
For inverse changes, the matrix C is changed to the corresponding D, i.e. B (x) =d (x) *a (x).
The ④ key addition layer operation (Addround) is the bitwise "XOR" of the corresponding byte in the state of the loop key.
⑤ according to the properties of the linear variation [1], the decryption operation is the inverse change of the cryptographic change. This is not described in detail here. The 1.2-wheel change is different for different packet lengths, and the corresponding number of rotations varies, as listed in table 1. The 1.3 key extension AES algorithm utilizes an external input key K (the word count for the key string is NK), and an extension key for the 4 (nr+1) word is obtained through the key extension program. It involves the following three modules: ① position Transformation (rotword)--Changing a 4-byte sequence [a,b,c,d] into a [b,c,d,a];②s box transform (subword)--Substituting a 4-byte s box; ③ transform Rcon[i]--rcon[i] Represents a 32-bit bit word [xi-1,00,00,00]. Here x is (02), such as rcon[1]=[01000000];rcon[2]=[02000000];rcon[3]=[04000000] ... Extension key generation: The first NK character of the extended key is the external key k; W[[i]] is equal to its previous word w[[i-1]] and the first NK character W[[i-nk]] "xor", i.e. W[[i]]=w[[i-1]]w[[i-nk]]. However, if I is a multiple of Nk, then W[i]=w[i-nk]subword (Rotword (w[[i-1])) Rcon[i/nk].
AES's encryption and decryption process is shown in 1.
Principle of AES Encryption algorithm
