Code quality: Spaghetti with a chance of meatballs
AES is a variant of the Rjindael block cipher. It's a symmetric key algorithm. It uses the substitution-permutation network design principle which is a series of linked mathematical operations.
AES has a fixed block size of 128 bits and a key size of 128, 192 or 256 bits. For more information: here
hex - Encoding and decoding data into/from hexadecimal representation.
AES 128 operates under a 11 round transformation. As a result, 10 additional unique keys are required to complete the entire rounds. The creation of these additional keys involve the following steps:
- rot_word - The third word of the key n is cyclically rotated to the left by one shift.
- sub_byte - The values of result from the rot_word function are then substituted using an SBOX table.
- add_rcon - The sub_byte vector and a round constant vector are XOR'ed. The result is then XOR'ed with the first column of the key n. The subsequent columns are generated by key n[i] XOR key n+1[i-1].
The input(plaintext and cipher key) is first decoded into hexadecimal then divided into a 4x4 matrix. We first perform key expansion to get all the required keys. Encryption involves various transformations:
Involves substituting the block values with their correspoing values in the SBOX table.
This performs a left rotation on the rows of the provided matrix. The degree of the rotation is the row's index.
It involves the result of multiplying the mix's column fixed matrix and the provided state. Overflows in the multiplication process is handled by performing an XOR with 1b on the result and trimming the first 1 off the hexadecimal digit.
We finally perform an XOR on the current process' key and the mix_column's result.
The first round only involves the round_key_xor whereas the last round does not involve the mix_columns transformation.
In the decryption algorithm, we have a separate SBOX matrix which is the inverse of the encryption SBOX. In the shift rows step, we perform a right circular shift of the word bytes by degree of the row's index. In mix columns stage, we use a matrix which is the inverse of the encryption mix column matrix. The round keys are also transformed using the inverse mix column except for the first and last round making the decryption algorithm to closely resembles the encryption algorithm.
More information about the process can be found here.