**Advanced Encryption Standard (AES) **was introduced by NIST in 2001 is a **symmetric block cipher** which overcomes the key size weakness of DES. AES comes with the variable key sizes i.e. 128-bit key, 192-bit key and a 256-bit key. AES does not follow the Feistel structure in fact it operates on entire plaintext block at once instead of dividing them into two halves.

AES can be applied in both hardware and software. In this section, we will discuss the encryption and decryption process of AES in detail. We will also discuss the round function of AES in brief.

## Content: Advanced Encryption Standard (AES)

- What is Advanced Encryption Standard?
- AES Encryption
- Round Functions
- AES Decryption
- Advantage and Disadvantage
- Key Takeaways

### What is Advanced Encryption Standard (AES)?

Advanced Encryption Standard was introduced by **NIST** (National Institute of Standard and Technology) in the year **2001**. It is a **symmetric block cipher** and No doubt it was introduced to overcome the weakness of DES (Data Encryption Standard).

AES cipher intakes the 128-bit plain text block accompanied by a 128-bit key to generate cipher text block of 128-bit. And while decryption it takes 128-bit cipher text block along with expanded key used in encryption in reverse order to recover the plain text block of 128-bit.

AES being a symmetric block cipher **does not** use the **Feistel structure** like **DES** where the plain text is divided into two halves. And one half of the plain text block helps in modifying the other half of plain text block and then both the halves are swapped.

AES operates on an **entire block of plain text** in the form of a single matrix at each round which includes substitution and permutation. AES has

10 rounds -> 128-bit key

12 rounds -> 192-bit key

14 rounds -> 256-bit key

Let us discuss some key point before moving to the encryption process of AES.

- AES operates on a 128-bit plain text block as a single
**4X4 matrix**which would have a total size of 16 bytes. Every 4 bytes would represent a word. - The 128-bit key is
**expanded**to form an array containing**44, 32-bit words**. And at each round of AES 4 distinct words are served to the round key process from the expanded key. - A round has four functions among which one is of permutation and three are of substitution:

Substitute Byte, Mix Column and Add Round Key functions are**substitution**functions whereas Shift Rows is a**permutation**function. - Both the
**encryption**and**decryption**process starts with the**Add Round Key**function which is then followed by the nine-round which has all four substitutions and permutation function but the last tenth round has only three functions. - Only the
**Add Round ke**y function makes**use**of the**key.** - During decryption, the
**inverse functions**of Substitute Bytes, Mix Columns and Shift Rows are used and the inverse of Add Round key is carried out by XORing the same round key as in encryption with the cipher block. - While decryption the sequence of keys used during encryption is reversed.
- In both the encryption and decryption, the
**last round**always has only**three functions**, Mix Column is ignored at the last round of AES. - Every intermediate result is stored in the 4X4
**state matrix**.

### Advanced Encryption Standard (AES) Encryption

Knowing the Key points of AES now, let’s discuss the encryption process in AES in details. Observe the figure given below.

**Step 1:** Initially the 16-byte key or a 4-word key is expanded to an array of 44 words where each word is of 4 bytes.

**Step 2:** At the very first of encryption process the 16-byte plain text block or **4-word plain text block** is **XORed** with the **4-word key** i.e. W_{0}, W_{1}, W_{2}, W_{3}. The resultant of this XOR is provided to the 1^{st} round.

**Step 3:** In the first round, the result of XOR is processed by the Substitute Bytes, Shift Rows, Mix Column and Add Round Key functions in the respective sequence.

To the Add Round Key function, the next 4 words from the expanded key are provided that are W_{4}, W_{5}, W_{6}, W_{7.} The corresponding result of first-round is provided to the second round.

**Step 4:** All round till round nine, performs the same functions and in each round, a distinct key is provided from the expanded key. In round ten only three functions are performed on the input provided by round 9 that are Substitute Bytes, Shift Rows and Add Round Key function.

The result of round 10 is the cipher text block of the corresponding pain text block.

### Round Functions

Each round function has four stages or four functions those are as follows:

**Substitute Bytes**

The **input** to Substitute Byte is a **4X4 state matrix** of 16 bytes where each element of the matrix is of 1 byte. Now AES has defined a **16X16 matrix** namely** S-box** which contains a permutation of 256 8-bit values.

The Substitute Bytes function maps each byte element of state matrix to the new value using the following procedure.

**Step 1:** **A byte element** in the state matrix would have 8-bits. The **leftmost 4-bit** is used to retrieve the **row value** of S-box and the **rightmost 4-bit** are used to retrieve the **column value** of S-box.

**Step 2:** This row value and column value act as an index to get the new value from the S Box.

Let’s suppose a byte element S_{2,2 }has a value 25 whose binary representation is 00011001. So, the leftmost 4-bit 0001 represents ‘1’ and the rightmost 1001 represents ‘9’. So, intersection value at row 1 and column 9 in S-box is ‘D4’. In this way, the value 25 is mapped to the new value D4.

The Substitute Byte function maps each element of 4X4 state matrix to the new value and forwards this newly formed 4X4 State matrix to Shift Rows function.

**Shift Rows**

The input to Shift Row function is a 4X4 state matrix forwarded from the Substitute Bytes function. The Shift row performs the **circular left shift on the rows** of the matrix. On the **first row**, the circular left shift is performed by** 0 bytes**.

On the **second row**, a circular left shift is performed by **1 byte**. On the **third row**, the circular left shift is performed by **2 bytes**. On the **fourth row** of the input state matrix, the circular let shift is performed by **3 bytes**. The resultant 4X4 state matrix of Shift Rows function is forwarded to the Mix Column function.

**Mix Columns**

The input 4X4 state matrix is **multiplied** with a **constant predefined matrix** as you can see in the figure below:

Each byte element of the resultant matrix of Mix Column function is the sum of the product of one row of the defined matrix and one column of state matrix. The product matrix of the Mix Column function is forwarded to the last function of a round i.e. Add Round Key.

**Add Round Key**

In the Add Round Key function, the input state matrix is **XORed** with the 4-words unique key. In each round the key used to XOR with state matrix is distinct.

Add Round Key function is a **column-wise** function, a 4-byte state matrix column is XORed with a 4-byte word of a key. It can also be taken as **byte-level** function.

### Advanced Encryption Standard (AES) Decryption

AES Encryption and AES Decryption process are the same and it also starts with the Add Round Key Function. The 16-byte cipher text in the form of 4X4 state matrix is XORed with the unique 4-word key.

The key sequence in encryption is reversed during the decryption. And all the other round functions are also inversed in the decryption process to retrieve the original 16-byte plain text block.

## Advantage and Disadvantage

**Advantages**

- AES can be implemented on both hardware and software.
- AES has three key length 128-bits,192-bits and 256-bits.
- AES is implemented in a wide range of application as it is defined as the standard by NIST.

**Disadvantage**

The key used in AES if not employed properly it can cause a cryptanalytic attack. Therefore, key scheduling should be done carefully.

### Key Takeaways

- AES is a symmetric block cipher published by NIST in 2001.
- AES was introduced to overcome the weakness of DES.
- AES can be implemented with three key sizes 128-bit key, 192-bit key and a 256-bit key.
- The rounds in AES vary with the key length i.e. it conducts 10 rounds for a 128-bit key, 12 rounds for 192-bit key and 14 rounds for a 256-bit key.
- Each round has 4 functions Substitute Bytes, Shift Rows, Mix Columns and Add Round Key. But every last round in AES has only three functions Substitute Bytes, Shift Rows and Add Round Key.
- Encryption and decryption algorithm of AES are same, both start with Add Round Key.
- In decryption, the inverse of each function is used and the key sequence used during encryption is also reversed.

So, this is all about AES it’s encryption, decryption and key scheduling. AES provides the best result if key scheduling is done properly.

Mohamed Abdul Kader says

A nice description with all necessary details.