ADVANCED ENCRYPTION STANDARD (AES): RIJNDAEL. Pertemuan ke-7 Dr. R. Rizal Isnanto, S.T., M.M., M.T

ADVANCED ENCRYPTION STANDARD (AES): RIJNDAEL Pertemuan ke-7 Dr. R. Rizal Isnanto, S.T., M.M., M.T.

1

Introduction (1)  In 1997 the National Institute of Standards and

Technology (NIST) of the United States put out a call for proposals for a new symmetric algorithm, that will be called the Advanced Encryption Standard (AES).  The algorithm DES was since 1976 the standard for symmetric algorithms, and a replacement was necessary.  In 1998 15 candidate algorithms were accepted, and after one year of research 5 of these candidates were announced as finalists:

2

• MARS (IBM corporation) • RC6 (RSA Laboratories) • Rijndael (J. Daemen & V. Rijmen) • Serpent (E. Biham et al.) • Twofish (B. Schneier et al.)

Introduction (2)  On all of these algorithms extensive research has been

done to find attacks or weaknesses.  According to NIST, all 5 finalists appear to offer adequate security. Also much research has been done to test the performs of these 5 algorithms in both software and hardware.  In 2000 NIST announced that Rijndael was chosen as the successor of DES, the AES. The combination of security, performance, efficiency, implementability and flexibility made Rijndael an appropriate selection for the AES. 3

Introduction (3)  The candidates for the AES algorithm had to fulfill certain

design criteria. 1. First, of course the algorithm should be a symmetric algorithm and it must be resistant against all known attacks. 2. Furthermore, the AES must be efficient in performance and memory for different platforms. 3. The design must be simple, and it should be able to handle different key lengths (128, 192 and 256 bits). 4. The block length of the cipher should be 128 bits.  This chapter gives a description of the Rijndael algorithm. 4

Mathematical tools (1)  This section gives a short introduction to the

mathematics that are used in Rijndael.  Rijndael uses a finite field of the form GF(28), and here the basics of (finite) fields are presented such that the Rijndael algorithm can be understood.  GF stands for Galois Field and is an other name for finite field.

5

Galois Field (GF) 1. 2.

3. 4. 5. 6.

6

Hanya berlaku terbatas, di luar GF tidak berlaku Nilai Koefisien yang dikenal hanya 0 dan 1 Hanya ada tanda ‘+’, tidak dikenal tanda ‘-’ Operator yang dipakai: ‘+’ dan ‘X’. Penjumlahan ‘+’ diberlakukan sebagai XOR (Exclusive OR) Bilangan disajikan dalam 3 (tiga) cara: biner, polinomial dalam f(x), dan heksadesimal. Contoh: f (x) = x3+x+1, dalam GF (23). Secara biner ditulis sebagai 00001011. Secara heksadesimal ditulis sebagai ‘0B’

Penjumlahan dalam GF (1)

7

Penjumlahan dalam GF (2)

8

Perkalian dalam GF

9

Pembagian dan Modulo dalam GF  Contoh: berapakah  Jawab:

sehingga

10

?

Sekilas tentang Rijndael  First an overview of the Rijndael

algorithm is given. Figure 1 shows the different phases of the Rijndael algorithm. It starts with an initial round followed by a number of standard rounds and it ends with the final round. Only four different operations are necessary to compute these rounds and a key schedule. Each of these operations are described separately in the next chapters. 11

Panjang Kunci dan Jumlah Ronde

12

Representasi Kunci dan Pesan dalam Matriks

13

Representasi Kunci dan Pesan dalam Matriks

14

Operasi AddRoundKey (1)

15

Operasi AddRoundKey (2)

16

Operasi SubBytes (1)  The operation SubBytes is similar to the S-boxes used in the DES-

algorithm. Rijndael has only one S-box.

17

Operasi SubBytes (2)

18

PR (1 minggu)

19

AES masih belum selesai  Kita tuntaskan setelah UTS karena masih sangat banyak

 Ada pertanyaan?  Terima kasih

20

KISI-KISI UTS KRIPTOGRAFI Periode Genap 2014-2015

All about Midsemester….  Pelaksanaan: Kamis, 23 April 2015, jam: 12.00-13.40 (Waktu:    



100 menit); ruang D205,E201,E202 Sifat: Buka ringkasan 1 lbr double folio (tulis tangan, disisipkan pada lembar jawab ujian) Yang tidak sepakat dengan sifat ini: CLOSED BOOK Kalkulator boleh dipakai, jangan saling pinjam Segala alat komunikasi, laptop, dkk  tutup Bahan yg perlu disiapkan: next page

BAHAN YANG PERLU DISIAPKAN UNTUK UTS 1. Algoritma Klasik 1 (Matrix Encryption atau Playfair)

2. Algoritma Klasik 2 (Affine, Hill, One-Time-Pad, Rotor) 3. RSA (Rivest, Shamir, Adleman): Konversi kata ke dalam angka

(plaintext), pembangkitan kunci, enkripsi dan dekripsi 4. El Gamal: pembangkitan kunci, enkripsi, dan dekripsi; atau Rabin Williams Cryptosystem: enkripsi saja 5. Block Cipher (CBC = Cipher Block Chaining atau CFB = Cipher Feedback) 6. Data Encryption Standard (DES): substitusi dan ekspansi

Hal-hal (agak) penting Tabel ASCII : sudah diberikan 2. Tabel Ekspansi dan Substitusi pada DES/AES: sudah diberikan 3. Jika mau buat lagi sendiri  juga boleh 4. Semua soal yang akan dikeluarkan, versi soalnya sudah diberikan selama perkuliahan 1.

Ada pertanyaan tentang UTS  Selamat belajar, semoga sukses  Terima kasih

25

ADVANCED ENCRYPTION STANDARD (AES): RIJNDAEL (2) Pertemuan ke-8 Dr. R. Rizal Isnanto, S.T., M.M., M.T.

26

Operasi ShiftRows (1)  In ShiftRows (figure 3), the rows of State are cyclically shifted with

different offsets.  Row 1 is shifted over c1 bytes, row 2 over c2 bytes, and row 3 over c3 bytes.  The values of c1, c2, and c3 depend on the block length Nb:

27

Operasi ShiftRows (2)

28

Operasi ShiftRows (3)

29

Operasi MixColumns (1)

30

Operasi MixColumns (2)

31

Operasi MixColumns (3)  Contoh Soal: State s dinyatakan sebagai

32

Operasi MixColumns (3)

33

Operasi MixColumns (4)

34

Bagaimana jika pangkat tertinggi dari f(x) lebih dari 7? (1)

35

Bagaimana jika pangkat tertinggi dari f(x) lebih dari 7? (2)

36

Bagaimana jika pangkat tertinggi dari f(x) lebih dari 7? (3)

37

Bagaimana jika pangkat tertinggi dari f(x) lebih dari 7? (4)

38

Lanjutan…

ADVANCED ENCRYPTION

STANDARD (AES): RIJNDAEL Ekspansi Kunci AES (key scheduling) 39

Ekspansi Kunci AES (key scheduling)

• • 40

Contoh: untuk Nk = 4, panjang kunci = 128 bit (AES-128)

41

i

1

2

3

4

5

6

7

8

9

10

rcon(i)

01

02

04

08

10

20

40

80

1B

3C

w[4] = w[0]

SubWord(RotWord(w[3]))

w[5] = w[1]

w[4] ; i = 4

w[6] = w[2] . . . w[8] = w[4]

w[5] ; i = 5

SubWord(RotWord(w[7]))

rcon(i/4) ; i = 4

rcon(i/4) ; i = 8

Contoh Soal:

42

Solusi

43

Lanjutan Solusi

44

PR (1 minggu) 1.

2. Misalnya terdapat kunci AES sebagai berikut. CA 14 10 90 FF AC DA 27 83 C1 BF 93 67 19 E1 32 Tentukanlah 4 byte pertama kunci ronde 1 (=w[4]) 3. Tentukanlah w[5] hasil ekspansi kunci AES-128 dengan kunci sbb. AB CD EF 01 23 45 67 89 AB CD EF 01 23 45 67 89 45

Ada pertanyaan?  Selamat belajar, semoga sukses

 Terima kasih