5.1 What was the original set of criteria used by NIST to evaluate candidate AES ciphers? Get solution
5.2 What was the final set of criteria used by NIST to evaluate candidate AES ciphers? Get solution
5.3 What is power analysis? Get solution
5.4 What is the difference between Rijndael and AES? Get solution
5.5 What is the purpose of the State array? Get solution
5.6 How is the S-box constructed? Get solution
5.7 Briefly describe SubBytes. Get solution
5.8 Briefly describe ShiftRows. Get solution
5.9 How many bytes in State are affected by ShiftRows? Get solution
5.10 Briefly describe MixColumns. Get solution
5.11 Briefly describe AddRoundKey. Get solution
5.12 Briefly describe the key expansion algorithm Get solution.
5.13 What is the difference between SubBytes and SubWord? Get solution
5.14 What is the difference between ShiftRows and RotWord? Get solution
5.15 What is the difference between the AES decryption algorithm and the equivalent inverse cipher? Get solution
Problems
5.1 In the discussion of MixColumns and Inverse MixColumns, it was stated that
b(x) = a1(x) mod (x4+ 1) where a(x) = {03}x3+ {01}x2+ {01}x + {02} and b(x) = {03}x3+ {0D}x2
+ {09}x + {0E}. Show that this is true. Get solution
5.2
1. What is {01}1 in GF(281. )?
2. Verify the entry for {01} in the S-box. Get solution
5.3 Show the first eight words of the key expansion for a 128-bit key of all zeros. Get solution
5.4 Given the plaintext {000102030405060708090A0B0C0D0E0F} and the key
{01010101010101010101010101010101},
a. Show the original contents of State, displayed as a 4 x 4 matrix.
b. Show the value of State after initial AddRoundKey.
c. Show the value of State after SubBytes.
d. Show the value of State after ShiftRows.
e. Show the value of State after MixColumns. Get solution
5.5 Verify Equation (5.11). That is show that xi(x4+ 1) = xi mod 4 Get solution
5.6 Compare AES to DES. For each of the following elements of DES, indicate the comparable element in AES or explain why it is not needed in AES.
a. XOR of subkey material with the input to the f function
b. XOR of the f function output with the left half of the block
c. The f function
d. Permutation P
e. Swapping of halves of the block Get solution
5.7 In the subsection on implementation aspects, it is mentioned that the use of tables helps thwart timing attacks. Suggest an alternative technique. Get solution
5.8 In the subsection on implementation aspects, a single algebraic equation is developed that describes the four stages of a typical round of the encryption algorithm. Provide the equivalent equation for the tenth round. Get solution
5.9 Compute the output of the MixColumns transformation for the following sequence of input bytes "67 89 AB CD". Apply the InvMixColumns transformation to the obtained result to verify your calculations. Change the first byte of the input from '67' to '77', perform the MixColumns transformation again for the new input, and determine how many bits have changed in the output. Note: You can perform all calculations by hand or write a program supporting these computations. If you choose to write a program, it should be written entirely by you; no use of libraries or public domain source code is allowed in this assignment. Get solution
5.10 Use the key 1010 0111 0011 1011 to encrypt the plaintext "ok" as expressed in ASCII, that is 0110 11110110 1011. The designers of S-AES got the ciphertext 0000 0111 0011 1000. Do you? Get solution
.
5.11 Show that the matrix given below, with entries in GF(24), is the inverse of the matrix used in the MixColumns step of S-AES.
5.12 Carefully write up a complete decryption of the ciphertext 0000 0111 0011 1000, using the key 1010 0111 0011 1011 and the S-AES algorithm. You should get the plaintext we started with in Problem 5.10. Note that the inverse of the S-boxes can be done with a reverse table lookup. The inverse of the MixColumns step is given by the matrix in the previous problem. Get solution
