用新的高级加密标准AES保持你的数据安全毕业论文外文翻译.docx
- 文档编号:11938435
- 上传时间:2023-04-16
- 格式:DOCX
- 页数:18
- 大小:63.72KB
用新的高级加密标准AES保持你的数据安全毕业论文外文翻译.docx
《用新的高级加密标准AES保持你的数据安全毕业论文外文翻译.docx》由会员分享,可在线阅读,更多相关《用新的高级加密标准AES保持你的数据安全毕业论文外文翻译.docx(18页珍藏版)》请在冰豆网上搜索。
用新的高级加密标准AES保持你的数据安全毕业论文外文翻译
KeepYourDataSecurewiththeNewAdvancedEncryptionStandard
JamesMcCaffrey
SUMMARY
TheAdvancedEncryptionStandard(AES)isaNationalInstituteofStandardsandTechnologyspecificationfortheencryptionofelectronicdata.Itisexpectedtobecometheacceptedmeansofencryptingdigitalinformation,includingfinancial,telecommunications,andgovernmentdata.ThisarticlepresentsanoverviewofAESandexplainsthealgorithmsituses..AfterreadingthisarticleyouwillbeabletoencryptdatausingAES,testAES-basedsoftware,anduseAESencryptioninyoursystems.
NotethatthecodepresentedinthisarticleandanyotherimplementationbasedonthisarticleissubjecttoapplicableFederalcryptographicmoduleexportcontrols(seeCommercialEncryptionExportControlsfortheexactregulations).
AESisanewcryptographicalgorithmthatcanbeusedtoprotectelectronicdata.Specifically,AESisaniterative,symmetric-keyblockcipherthatcanusekeysof128,192,and256bits,andencryptsanddecryptsdatainblocksof128bits(16bytes).Unlikepublic-keyciphers,whichuseapairofkeys,symmetric-keyciphersusethesamekeytoencryptanddecryptdata.Encrypteddatareturnedbyblockciphershavethesamenumberofbitsthattheinputdatahad.Iterativeciphersusealoopstructurethatrepeatedlyperformspermutationsandsubstitutionsoftheinputdata.Figure1showsAESinactionencryptingandthendecryptinga16-byteblockofdatausinga
192-bitkey.
Figure1SomeData
AESisthesuccessortotheolderDataEncryptionStandard(DES).DESwasapprovedasaFederalstandardin1977andremainedviableuntil1998whenacombinationofadvancesinhardware,software,andcryptanalysistheoryallowedaDES-encryptedmessagetobedecryptedin56hours.SincethattimenumerousothersuccessfulattacksonDES-encrypteddatahavebeenmadeandDESisnowconsideredpastitsusefullifetime.
Inlate1999,theRijndael(pronounced"raindoll")algorithm,createdbyresearchersJoanDaemenandVincentRijmen,wasselectedbytheNISTastheproposalthatbestmetthedesigncriteriaofsecurity,implementationefficiency,versatility,andsimplicity.AlthoughthetermsAESandRijndaelaresometimesusedinterchangeably,theyaredistinct.AESiswidelyexpectedtobecomethedefactostandardforencryptingallformsofelectronicdataincludingdatausedincommercialapplicationssuchasbankingandfinancialtransactions,telecommunications,andprivateandFederalinformation.
OverviewoftheAESAlgorithm
TheAESalgorithmisbasedonpermutationsandsubstitutions.Permutationsarerearrangementsofdata,andsubstitutionsreplaceoneunitofdatawithanother.AESperformspermutationsandsubstitutionsusingseveraldifferenttechniques.Toillustratethesetechniques,let'swalkthroughaconcreteexampleofAESencryptionusingthedatashowninFigure1.
Thefollowingisthe128-bitvaluethatyouwillencryptwiththeindexesarray:
00112233445566778899aabbccddeeff
0123456789101112131415
The192-bitkeyvalueis:
000102030405060708090a0b0c0d0e0f1011121314151617
01234567891011121314151617181920212223
Figure2Sbox
WhentheAESconstructoriscalled,twotablesthatwillbeusedbytheencryptionmethodareinitialized.ThefirsttableisasubstitutionboxnamedSbox.Itisa16×16matrix.ThefirstfiverowsandcolumnsofSboxareshowninFigure2.Behindthescenes,theencryptionroutinetakesthekeyarrayandusesittogeneratea"keyschedule"tablenamedw[],showninFigure3.
Figure3KeySched.
ThefirstNk(6)rowsofw[]areseededwiththeoriginalkeyvalue(0x00through0x17)andtheremainingrowsaregeneratedfromtheseedkey.ThevariableNkrepresentsthesizeoftheseedkeyin32-bitwords.You'llseeexactlyhoww[]isgeneratedlaterwhenIexaminetheAESimplementation.Thepointisthattherearenowmanykeystouseinsteadofjustone.Thesenewkeysarecalledtheroundkeystodistinguishthemfromtheoriginalseedkey.
Figure4State
TheAESencryptionroutinebeginsbycopyingthe16-byteinputarrayintoa4×4bytematrixnamedState(seeFigure4).TheAESencryptionalgorithmisnamedCipherandoperatesonState[]andcanbedescribedinpseudocode(seeFigure5).
Theencryptionalgorithmperformsapreliminaryprocessingstepthat'scalledAddRoundKeyinthespecification.AddRoundKeyperformsabyte-by-byteXORoperationontheStatematrixusingthefirstfourrowsofthekeyschedule,andXORsinputState[r,c]withroundkeystablew[c,r].
Forexample,ifthefirstrowoftheStatematrixholdsthebytes{00,44,88,cc},andthefirstcolumnofthekeyscheduleis{00,04,08,0c},thenthenewvalueofState[0,2]istheresultofXORingState[0,2](0x88)withw[2,0](0x08),or0x80:
10001000
00001000XOR
10000000
ThemainloopoftheAESencryptionalgorithmperformsfourdifferentoperationsontheStatematrix,calledSubBytes,ShiftRows,MixColumns,andAddRoundKeyinthespecification.TheAddRoundKeyoperationisthesameasthepreliminaryAddRoundKeyexceptthateachtimeAddRoundKeyiscalled,thenextfourrowsofthekeyscheduleareused.TheSubBytesroutineisasubstitutionoperationthattakeseachbyteintheStatematrixandsubstitutesanewbytedeterminedbytheSboxtable.Forexample,ifthevalueofState[0,1]is0x40andyouwanttofinditssubstitute,youtakethevalueatState[0,1](0x40)andletxequaltheleftdigit(4)andyequaltherightdigit(0).ThenyouusexandyasindexesintotheSboxtabletofindthesubstitutionvalue,asshowninFigure2.
ShiftRowsisapermutationoperationthatrotatesbytesintheStatematrixtotheleft.Figure6showshowShiftRowsworksonState[].Row0ofStateisrotated0positionstotheleft,row1isrotated1positionleft,row2isrotated2positionsleft,androw3isrotated3positionsleft.
Figure6RunningShiftRowsonState
TheMixColumnsoperationisasubstitutionoperationthatisthetrickiestpartoftheAESalgorithmtounderstand.Itreplaceseachbytewiththeresultofmathematicalfieldadditionsandmultiplicationsofvaluesinthebyte'scolumn.Iwillexplainthedetailsofspecialfieldadditionandmultiplicationinthenextsection.
SupposethevalueatState[0,1]is0x09,andtheothervaluesincolumn1are0x60,0xe1,and0x04;thenthenewvalueforState[0,1]isshowninthefollowing:
State[0,1]=(State[0,1]*0x01)+(State[1,1]*0x02)+(State[2,1]*0x03)+(State[3,1]*0x01)=(0x09*0x01)+(0x60*0x02)+(0xe1*0x03)+(0x04*0x01)
=0x57
Theadditionandmultiplicationarespecialmathematicalfieldoperations,nottheusualadditionandmultiplicationonintegers.
ThefouroperationsSubBytes,ShiftRows,MixColumns,andAddRoundKeyarecalledinsidealoopthatexecutesNrtimes—thenumberofroundsforagivenkeysize,less1.Thenumberofroundsthattheencryptionalgorithmusesiseither10,12,or14anddependsonwhethertheseedkeysizeis128,192,or256bits.Inthisexample,becauseNrequals12,thefouroperationsarecalled11times.Afterthisiterationcompletes,theencryptionalgorithmfinishesbycallingSubBytes,ShiftRows,andAddRoundKeybeforecopyingtheStatematrixtotheoutputparameter.
Insummary,therearefouroperationsthatareattheheartoftheAESencryptionalgorithm.AddRoundKeysubstitutesgroupsof4bytesusingroundkeysgeneratedfromtheseedkeyvalue.SubBytessubstitutesindividualbytesusingasubstitutiontable.ShiftRowspermutesgroupsof4bytesbyrotating4-byterows.MixColumnssubstitutesbytesusingacombinationofbothfieldadditionandmultiplication.
FieldAdditionandMultiplicationinGF(28)
Asyou'veseen,theAESencryptionalgorithmusesfairlystraightforwardtechniquesforsubstitutionandpermutation,exceptfortheMixColumnsroutine.TheMixColumnsroutineusesspecialadditionandmultiplication.TheadditionandmultiplicationusedbyAESarebasedonmathematicalfieldtheory.Inparticular,AESisbasedonafieldcalledGF(28).
TheGF(28)fieldconsistsofasetof256valuesfrom0x00to0xff,plusadditionandmultiplication,hencethe(28).GFstandsforGaloisField,namedafterthemathematicianwhofoundedfieldtheory.OneofthecharacteristicsofGF(28)isthattheresultofanadditionormultiplicationoperationmustbeintheset{0x00...0xff}.Althoughthetheoryoffieldsisratherdeep,thenetresultforGF(28)additionissimple:
GF(28)additionisjusttheXORoperation.
MultiplicationinGF(28)istrickier,however.Asyou'llseelaterintheC#implementation,theAESencryptionanddecryptionroutinesneedtoknowhowtomultiplybyonlythesevenconstants0x01,0x02,0x03,0x09,0x0b,0x0d,and0x0e.SoinsteadofexplainingGF(28)multiplicationtheoryingeneral,Iwillexplainitjustforthesesevenspecificcases.
Multiplicationby0x01inGF(28)isspecial;itcorrespondstomultiplicationby1innormalarithmeticandworksthesameway—anyvaluetimes0x01equalsitself.
Nowlet'slookatmultiplicationby0x02.Asinthecaseofaddition,thetheoryisdeep,butthenetresultisfairlysimple.Ifthevaluebeingmultipliedislessthan0x80,thentheresultofmultiplicationisjustthevalueleft-shifted1bitposition.Ifthevaluebeingmultipliedisgreaterthanorequalto0x80,thentheresultofmultiplicationisthevalueleft-shifted1bitpositionXORedwiththevalue0x1b.Thisprevents"fieldoverflow"andkeepstheproductofthemultiplicationinrange.
Onceyou'veestablishedadditionandmultiplicationby0x02inGF(28),youcanusethemtodefinemultiplicationbyanyconstant.Tomult
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 用新的高级加密标准AES保持你的数据安全 毕业论文外文翻译 高级 加密 标准 AES 保持 数据 安全 毕业论文 外文 翻译