AES

Before we can begin our adventure and set foot in the realm of cryptanalysis, we need a piƱata. Something we can squish and squeeze to help us learn the nuts and bolts of block cipher cryptanalysis. And for that, why not use the state of the art?

To facilitate the understanding of AES, we've split the implementation of the block cipher in several steps. They should not require "too much" time if you already know about bitwise operations. If you do not, then pick a programming language, and get yourself ready to learn a lot of new things. Of course, this does not substitute for reading the official standard.

Through-out these steps, keep in mind that there exist a lot of resources to help you understand AES. My favorite ones are the stick figure explanation of AES, the AES flash animation and of course the dense official AES standard.

1. The Key Expansion Part 1: RotWord

To transform a plaintext into a ciphertext, AES makes it undergo a number of transformations, one of them is to XOR it with keys. Since we only provide AES with a single key, AES will need to derive a number of keys from it.

2. The Key Expansion Part 2: SubWord

The next helper function we'll need for our key Expansion is SubWord. SubWord takes an input of 4 bytes like the previous function, and returns an output of 4 bytes as well. SubWord is basically an Sbox.

3. The Key Expansion Part 3: Rcon

The last helper function Rcon takes an integer as input, and gives back an array of 4 bytes with the 3 least significant bytes set to 0.

4. The Key Expansion

We've got all of the functions we need to implement the key scheduler! So let's finally get to it :)

5. Understanding the State of AES

The plaintext that AES manipulates is represented as a square of 4 rows and 4 columns.

6. SubBytes

AES-128 has 10 rounds in total. Each round takes a different round key and the last round is a bit different from the other rounds. (The last round skips the MixColumns transformation.) With that in mind we will start by implementing SubBytes, the first transformation in an AES round.

7. ShiftRows

Our second transformation, ShiftRows, is a pretty simple one! It takes a state, look at its rows and rotate them. The first row doesn't get touched, the second one gets rotated by one position on the left, the second by two positions and the third by three positions.

8. MixColumns

Now, on to our third round transformation. And surprise! It's another one of these AES operations that use the weird field we talked about in Rcon

9. AddRoundKey

The last transformation of a round is called AddRoundKey, and at this point you probably have an idea of what it is. And you're also probably right, it is just a XOR between the values in the state, and the values of your round key.

10. Encryption

Now is time to combine all of the functions we've been implementing into one big Encryption function.

11. Decryption

That's cool, you can encrypt and all. But what about decrypting :)

You are done! Congratulation, you now should be equiped to start your journey as a cryptanalyst! Head to our second set on the Square attack.