Author Topic: Improving Diffusion Power of AES Rijndael with 8x8 MDS Matrix  (Read 2424 times)

0 Members and 1 Guest are viewing this topic.

content.writer

  • Newbie
  • *
  • Posts: 48
  • Karma: +0/-0
    • View Profile
Quote
Author : R.Elumalai, Dr.A.R.Reddy
International Journal of Scientific & Engineering Research, IJSER - Volume 2, Issue 3, March-2011
ISSN 2229-5518
Download Full Paper : PDF

Abstract— AES Rijndael is a block cipher developed by NIST as the Advanced Encryption Standard (AES) replacing DES and published as FIPS 197 in November 2001 [5] to address the threatened key size of Data Encryption Standard (DES). AES-Rijndael was developed by Joan Daemen and Vincent Rijmen, Rijndael [4, 5] and was selected from five finalists. Advancement in computation speed every day puts lots of pressure on AES and AES may not with stand attack for longer time. This work focuses on improving security of an encryption algorithm, beyond AES. Though there are various techniques available to enhance the security, an attempt is made to improve the diffusion strength of an algorithm. For enhancing the diffusion power AES Rijndael in MixColumn operation the branch number of MDS matrix is raised from 5 to 9 using a new 8X8 MDS matrix with trade off of speed [8, 9] and implemented on R8C microcontroller.
Index Terms— diffusion, MDS matrix, AES Rijndael, security, encryption standard, R8C, microcontroller.

Introduction
The AES Rijndael algorithm basically consists of four byte oriented transformation for encryption and inverse transformation for decryption process over number of rounds depending on plain text size and key length  namely [1,2],

1) Byte substitution (S-box) a non linear operation, operating on each of the State bytes independently.

2) Shifting rows (Row transformation) is obtained by shifting row of states cylindrically.   

3) Mix Column transformation,  the columns of the State are considered as polynomials over GF(28) and multiplied modulo X4 + 1 with a fixed polynomial c(x ), given by
c(x ) = ‘03’ x3 + ‘01’ x2 + ‘01’ x + ‘02’
The inverse of MixColumn is similar to MixColumn. Every column is transformed by multiplying it with a specific multiplication polynomial d(x), given by
d(x ) = ‘0B’ x3 + ‘0D’ x2 + ‘09’ x + ‘0E’ .

4) Add round key, a Round Key is applied to the State by a simple bitwise EXOR. The Round Key is derived from the Cipher Key by means of the key schedule. The Round Key length is equal to the block length.

The round transformation in C pseudo can be written as [1]
 Round(State,RoundKey)
{
ByteSub(State);
ShiftRow(State);
MixColumn(State);
AddRoundKey(State,RoundKey);
}
The final round of the cipher is slightly different. It is defined by:
FinalRound (State,RoundKey)
{
ByteSub(State) ;
ShiftRow(State) ;
AddRoundKey(State, roundkey);
}

In AES Rijndael confusion and diffusion are obtained by non- linear S-Box operation and by the linear mixing layer over rounds respectively.

DIFFUSION IN AES RIJNDAEL
The linear mixing layer guarantees high diffusion over multiple rounds. Rijndael in his proposal approved by NIST replacing DES in the 2001 proposed MixColumn which operates on space of 4-byte to 4-byte linear transformations according to the following criteria[1,2]:
1. Invertibility;
2. Linearity in GF(2);
3. Relevant diffusion power;
4. Speed on 8-bit processors;
5. Symmetry;
6. Simplicity of description.
Criteria 2, 5 and 6 have lead to the choice of polynomial multiplication modulo x4+1. Criteria 1, 3 and 4 impose conditions on the coefficients. Criterion 4 imposes that the coefficients have small values, in order of preference ‘00’, ’01’, ’02’, ’03’…The value ‘00’ implies no processing at all, for ‘01’ no multiplication needs to be executed, ‘02’ can be implemented using xtime and ‘03’ can be implemented using
xtime and an additional EXOR. The criterion 3 induces more complicated conditions on the coefficients.

In Mix Column, the columns of the State are considered as polynomials over GF (28) and multiplied modulo x4 + 1 with a fixed polynomial c(x ) [1,2].  The Mix Column transformation operates independently on every column of the state and treats each sub state of  the column as term of a(x) in the operating equation b(x)=c(x)⊗a(x), where c(x)= ‘03’X3+’01’X2+’01’X+’02’.This polynomial is co-prime to (X4 + 1)  For example, in the figure1. a(x) is  a0,jX3+ai,jX2+a2,jX+a3,j and it is used as multiplicand of operation.

Read More: Click here...