**Cryptography Tutorials - Herong's Tutorial Examples** - v5.40, by Dr. Herong Yang

AES Equivalent Decryption Algorithm

The equivalent decryption algorithm of the AES-128 encryption is provided. It follows the same sequence of applying transformation procedures as the encryption algorithm, but uses modified round keys.

The second type of AES decryption algorithms is called "Equivalent Inverse Cipher" in the FIPS publication, "Announcing the ADVANCED ENCRYPTION STANDARD (AES)" at http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf in 2001.

The difference of equivalent decryption algorithms and standard decryption algorithms can be summarized as:

- Standard decryption algorithms use same round keys as the encryption algorithm, but applies transformation procedures in a different sequence.
- Equivalent decryption algorithms have the same sequence of applying transformation procedures as the encryption algorithm, but uses modified round keys.

Here is the equivalent decryption algorithm for a single block of 128-bit ciphertext with a 128-bit cipher key:

Input: C: 128 bits of ciphertext K: 128 bits cipher key InvS[]: Inverse substitution box of 16x16 byte values InvKeyExpansion(): Inverse procedure to expand cipher key AddRoundKey(): Add round key procedure InvShiftRows(): Inverse shift rows procedure InvSubBytes(): Inverse substitution of bytes procedure InvMixColumns(): Inverse mix columns procedure Output: T: 128 bits of plaintext Algorithm: InvKeyExpansion(K,ik[]) # expanding K to 11 round keys: state = C # copying ciphertext to state AddRoundKey(State, ik[10]) # adding last round key for i = 9 to 1 # loop to repeat 9 rounds backward InvSubBytes(state) # performing reverse substitution InvShiftRows(state) # performing reverse byte shifting InvMixColumns(state) # reversely mixing columns in state AddRoundKey(state, ik[i]) # adding next round key end for # end of loop InvSubBytes(state) # performing reverse substitution InvShiftRows(state) # performing reverse byte shifting AddRoundKey(state, ik[0]) # adding first round key T = state # copying state to plaintext

All procedures used in this equivalent decryption algorithm are identical to the standard decryption algorithm except for the InvKeyExpansion() procedure. Comparing with the KeyExpansion procedure, the InvKeyExpansion() procedure only has 1 extra step at the end as shown below:

Procedure Name: InvKeyExpansion(K,ik[]) Input: K: 128 bits cipher key Rcon[]: Round constant array SubWord(): Word substitution procedure RotWord(): Word rotation procedure Output: ik[11]: 11 round keys as 4x4 byte arrays Algorithm: w[4*11] # a word array holding 11 round keys w[0..3] = K # setting cipher key as the first round key for i = 4 to 43 # computing words of other round keys temp = w[i-1] # copying previous word to a temp variable if (i mod 4 = 0) temp = SubWord(RotWord(temp)) temp = temp XOR Rcon[i/4] end if w[i] = w[i-4] XOR temp end for for i = 0 to 10 # building 11 round keys as 4x4 byte arrays ik[i] = w[4*i..4*i+3] end for for r = 1 to 9 # extra step for the inverse round keys InvMixColumns(ik[r]) end for

Table of Contents

►Introduction to AES (Advanced Encryption Standard)

What Is AES (Advanced Encryption Standard)?

AES, or Rijndael, Encryption Algorithm

AES MixColumns() Procedure Algorithm

Example Vector of AES Encryption

AES Standard Decryption Algorithm

►AES Equivalent Decryption Algorithm

DES Algorithm - Illustrated with Java Programs

DES Algorithm Java Implementation

DES Algorithm - Java Implementation in JDK JCE

DES Encryption Operation Modes

PHP Implementation of DES - mcrypt

Blowfish - 8-Byte Block Cipher

Secret Key Generation and Management

Cipher - Secret Key Encryption and Decryption

RSA Implementation using java.math.BigInteger Class

Introduction of DSA (Digital Signature Algorithm)

Java Default Implementation of DSA

Private key and Public Key Pair Generation

PKCS#8/X.509 Private/Public Encoding Standards

Cipher - Public Key Encryption and Decryption

OpenSSL Introduction and Installation

OpenSSL Generating and Managing RSA Keys

OpenSSL Generating and Signing CSR

OpenSSL Validating Certificate Path

"keytool" and "keystore" from JDK

"OpenSSL" Signing CSR Generated by "keytool"

Migrating Keys from "keystore" to "OpenSSL" Key Files

Certificate X.509 Standard and DER/PEM Formats

Migrating Keys from "OpenSSL" Key Files to "keystore"