The AES encryption algorithm is a block cipher consist of a block length of 128 bits that uses the same encryption key to perform several rounds of encryption.
★Advanced Encryption Standard (AES) :
⍟ In 1997, NIST proposed the Advanced Encryption Standard (AES) method into the U.S. Federal Government. They proposed the formal goal of this project to overcome the lack of encryption security in the earlier well-known Data encryption standard (DES) algorithm. The algorithm consists of advanced encryption key management, data validation, and compliance.
⍟ In the beginning, the algorithm expected to used by the U.S. Federal Government and its agency. It was unclassified by the U.S Fed and announced it publicly as a disclosed encryption algorithm and it accepted worldwide and considered it as a 21st-century encryption standard protocol.
⍟ After the close call of the Round 1 and Round 2 public analysis and review period. During the analysis period, NIST has studied all the available information in order to conclude the final selection process. In 2001, NIST published the Advanced Encryption Standard (AES).
★ AES encryption key Features and its functionality:
⍟ The AES encryption algorithm is a block cipher consist of a block length of 128 bits that uses the same encryption key to perform several rounds of encryption. That being said, the block cipher algorithm converts entire plaintext into a single block at a time. In AES block cipher block length is available in 128, 192, and 256 bits. The term Rounds refers to how the algorithm mixes the block data by re-encrypting it from the initial 10 rounds to 14 rounds depending on the choice of key length. The AES algorithm can use 128, 192, and 256 bits cryptographic keys to encrypt and decrypt data in blocks of 128 bits. The AES key operations such as Encryption keys, key length, modes of operation, key management functions depicted In Fig.1, In Fig.2, In Fig3, respectively.
In.Fig.1. AES Encryption Keys and rounds.
★ AES Modes of Operation:
★ AES Modes of Operation:
In.Fig.2. AES Modes of Operation.
★ AES Key Management system:
★ AES Key Management system:
In.Fig.3 AES Key Management System.
★ AES Encryption phases :
★ AES Encryption phases :
⍟ The AES encryption phases brake-down into three major phases: Initial round, Main round, and the final round.
In.Fig.4. AES Encryption phases.
★ Primary Factors:
- Fast in both hardware and software.
- Efficient and secure.
- Flexibility.
- Key length increases the execution time of both encryption and decryption.
- AES uses a single S-Box for all bytes in all rounds.
*Robust against attacks.
★ AES System strengths and weaknesses:
⍟ In the symmetric encryption, the sender and recipient must have a common shared secret key that they have exchanged before communication begins. The sender uses this key to encrypt the plaintext according to his requirement values, and the recipient uses it to decrypt it with the shared key from the sender. One major advantage of using symmetric algorithms, they work at a top speed rate with which data could encrypt and decrypt with low computational energy. One demand in AES is the requirement for an efficient key management system.
⍟ If we consider the key generation principle than RSA considered as the weakest algorithm. However, RSA requires additional key generation because of the execution time for the computation is very slow. In the symmetric algorithm, AES considered as the most efficient choice for data encryption, data decryption and provides better hardware optimization on most vendors. AES key pair functions are very effective and generated rapidly and preloaded onto the devices relatively compared to the asymmetric algorithm like ElGamal encryption, Rivest–Shamir–Adleman (RSA), Digital Signature Algorithm (DSA), Elliptic-curve cryptography (ECC), Public-key cryptography standards (PKCS).
Since 2005, researchers, threat actors conducted many attacks on the AES algorithm for a breakthrough. Because of the complex encryption process, it’s not broken yet. But, the research community believes that within two generations we will break code. Future generations will notice a breakthrough. Alternatively, a hybrid approach used to deploy both algorithms, offering exclusive authentication and data encryption services for any secure communication.
⍟ In 2003, RSA Laboratories concluded broad research that 1024-bit RSA keys are equivalent in strength to 80-bit symmetric keys and it’s vulnerable for deployment[1]. In Jan 2015, NIST released a key management guideline and recommends using 2048-bit RSA keys which is the equivalent of 112-bit symmetric keys, that being said 2048-bit keys are sufficient until 2030 [2]. In Jan 2016, NIST key management guidelines further suggest that 3072-bit RSA keys equivalent to 128-bit symmetric keys and15360-bit RSA keys are equivalent to 256-bit symmetric keys should be used if security is required beyond 2030 [3].
Design and Development Procedures:
In this section, we encrypt web traffic using the chosen prototype Advanced Encryption Standard (AES) algorithm, and the required procedures such as designing, developing, testing of various operations has documented with cryptool2.1 opensource software.
Step 1: First, Open the CrypTool2 UI on your PC. As shown below in Fig.5.
In Fig.5. Cryptool 2.1 Home screen.
Step 2: Now, we will add a “File Input” file using the component “search” box. Find the “File Input” on the left side of the cryptool as shown below.
Step 2: Now, we will add a “File Input” file using the component “search” box. Find the “File Input” on the left side of the cryptool as shown below.
In Fig.6 To open a File Input.
Step 3: Add an image or video file into the “File Input” through the “open” option.
Step 3: Add an image or video file into the “File Input” through the “open” option.
In Fig.7 To Upload an Image or Video into the File input.
Step 4: Open a “Converter” file using the component “search” box. Find the “Converter” on the left side of the cryptool as shown below. Set the “converting to” to the cryptosystem. After that, click on the “File Input” output arrow to make a link to the input of the “Converter” as like show in Fig.8., and Fig.9.
Step 4: Open a “Converter” file using the component “search” box. Find the “Converter” on the left side of the cryptool as shown below. Set the “converting to” to the cryptosystem. After that, click on the “File Input” output arrow to make a link to the input of the “Converter” as like show in Fig.8., and Fig.9.
In Fig.8 To open a converter.
In Fig.9 To Add a link between File Input and converter.
Step 5: Now, we need to add the AES algorithm to the converter. Use the component “search” box to find AES.
Step 5: Now, we need to add the AES algorithm to the converter. Use the component “search” box to find AES.
After that, click on the “converter” output arrow to make a link to the input point of the “AES” as like shown in Fig.10.
Note: 1. Set Action to “Encrypt”.
2. Set Key size to “256 bit”.
In Fig.10 To Add AES algorithm and link it to the converter.
Step 6: Now, we will add an “SHA” algorithm and a “Text input” file into the workspace and to establish a link between “Text Input”, “SHA”, and “AES” as like shown in Fig.11., Fig.12. and Fig.13.
Step 6: Now, we will add an “SHA” algorithm and a “Text input” file into the workspace and to establish a link between “Text Input”, “SHA”, and “AES” as like shown in Fig.11., Fig.12. and Fig.13.
In Fig.11 To Add an “SHA” Algorithm.
In Fig.12 To Add a “Text Input” file.
In Fig.13 Establish a link.
Step 7: We will perform two actions. First, we add a “key” in the “Text input” and then add another “AES” algorithm for decryption purposes. Please, make sure you set the action to “decrypt” and key size to “256 bit”.
Step 7: We will perform two actions. First, we add a “key” in the “Text input” and then add another “AES” algorithm for decryption purposes. Please, make sure you set the action to “decrypt” and key size to “256 bit”.
In Fig.14 Enter Key values and Add an AES for decryption.
Step 8: First, we will add an “SHA” algorithm and a “Text Input” into the workspace. Then, we will enter the pre-defined shared “key” in the “Text input” box. Finally, we will establish the links between them.
Step 8: First, we will add an “SHA” algorithm and a “Text Input” into the workspace. Then, we will enter the pre-defined shared “key” in the “Text input” box. Finally, we will establish the links between them.
Note: Set Action “Decrypt”.
Set Key size to “256 bit”.
In Fig.15 To Add an SHA algorithm, Text key and establish a link between them.
Step 9: Now, we will add a “Picture output” and a “Converter” to the workspace and establish a link between them and finally connect it to the “AES” decryption output arrow point. Please, Set the “converting to” to a byte in the converter.
Step 9: Now, we will add a “Picture output” and a “Converter” to the workspace and establish a link between them and finally connect it to the “AES” decryption output arrow point. Please, Set the “converting to” to a byte in the converter.
In Fig.16 To Add a Picture output file, converter and establish a link between them.
Step 10: Finally, click on the “Play” button. If Cryptool run the simulation successfully. It executes the input image on the left side to the right side correctly and the web traffic has been encrypted with the AES algorithm. Q.E.D.
Step 10: Finally, click on the “Play” button. If Cryptool run the simulation successfully. It executes the input image on the left side to the right side correctly and the web traffic has been encrypted with the AES algorithm. Q.E.D.
In Fig.17 WEB Traffic Encryption with AES — Simulation executes correctly.
Conclusion:
We conclude this section, the AES algorithm compute much faster than RSA in execution and implementation. RSA algorithm is reliable for key exchange management but it’s not very efficient in terms of performance and cost factor. RSA’s strengths and weaknesses remain in factoring large integers. AES’s strength remains in the possible key permutations using Rijndael finite field method.
— — — — — — — — — — — THE END — — — — — — — — — —--
Quote of the day: “One cannot make an omelet without breaking eggs”
Quote of the day: “One cannot make an omelet without breaking eggs”
— English Proverb
Explanation: While this may seem like a funny proverb it points out that sometimes things may not work the way we want it to, or sometimes what seems like a negative can sometimes turn into a positive.
Thanks for reading!
Have a pleasant day!