Cryptography Tutorials - Herong's Tutorial Examples - v5.42, by Herong Yang
AES Equivalent Decryption Algorithm
The equivalent decryption algorithm of the AES-128 encryption is provided. It follows the same sequence of applying transformation procedures as the encryption algorithm, but uses modified round keys.
The second type of AES decryption algorithms is called "Equivalent Inverse Cipher" in the FIPS publication, "Announcing the ADVANCED ENCRYPTION STANDARD (AES)" at http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf in 2001.
The difference of equivalent decryption algorithms and standard decryption algorithms can be summarized as:
Here is the equivalent decryption algorithm for a single block of 128-bit ciphertext with a 128-bit cipher key:
Input: C: 128 bits of ciphertext K: 128 bits cipher key InvS[]: Inverse substitution box of 16x16 byte values InvKeyExpansion(): Inverse procedure to expand cipher key AddRoundKey(): Add round key procedure InvShiftRows(): Inverse shift rows procedure InvSubBytes(): Inverse substitution of bytes procedure InvMixColumns(): Inverse mix columns procedure Output: T: 128 bits of plaintext Algorithm: InvKeyExpansion(K,ik[]) # expanding K to 11 round keys: state = C # copying ciphertext to state AddRoundKey(State, ik[10]) # adding last round key for i = 9 to 1 # loop to repeat 9 rounds backward InvSubBytes(state) # performing reverse substitution InvShiftRows(state) # performing reverse byte shifting InvMixColumns(state) # reversely mixing columns in state AddRoundKey(state, ik[i]) # adding next round key end for # end of loop InvSubBytes(state) # performing reverse substitution InvShiftRows(state) # performing reverse byte shifting AddRoundKey(state, ik[0]) # adding first round key T = state # copying state to plaintext
All procedures used in this equivalent decryption algorithm are identical to the standard decryption algorithm except for the InvKeyExpansion() procedure. Comparing with the KeyExpansion procedure, the InvKeyExpansion() procedure only has 1 extra step at the end as shown below:
Procedure Name: InvKeyExpansion(K,ik[]) Input: K: 128 bits cipher key Rcon[]: Round constant array SubWord(): Word substitution procedure RotWord(): Word rotation procedure Output: ik[11]: 11 round keys as 4x4 byte arrays Algorithm: w[4*11] # a word array holding 11 round keys w[0..3] = K # setting cipher key as the first round key for i = 4 to 43 # computing words of other round keys temp = w[i-1] # copying previous word to a temp variable if (i mod 4 = 0) temp = SubWord(RotWord(temp)) temp = temp XOR Rcon[i/4] end if w[i] = w[i-4] XOR temp end for for i = 0 to 10 # building 11 round keys as 4x4 byte arrays ik[i] = w[4*i..4*i+3] end for for r = 1 to 9 # extra step for the inverse round keys InvMixColumns(ik[r]) end for
Table of Contents
►Introduction to AES (Advanced Encryption Standard)
What Is AES (Advanced Encryption Standard)?
AES, or Rijndael, Encryption Algorithm
AES MixColumns() Procedure Algorithm
Example Vector of AES Encryption
AES Standard Decryption Algorithm
►AES Equivalent Decryption Algorithm
DES Algorithm - Illustrated with Java Programs
DES Algorithm Java Implementation
DES Algorithm - Java Implementation in JDK JCE
DES Encryption Operation Modes
PHP Implementation of DES - mcrypt
Blowfish - 8-Byte Block Cipher
Secret Key Generation and Management
Cipher - Secret Key Encryption and Decryption
RSA Implementation using java.math.BigInteger Class
Introduction of DSA (Digital Signature Algorithm)
Java Default Implementation of DSA
Private key and Public Key Pair Generation
PKCS#8/X.509 Private/Public Encoding Standards
Cipher - Public Key Encryption and Decryption
OpenSSL Introduction and Installation
OpenSSL Generating and Managing RSA Keys
OpenSSL Generating and Signing CSR
OpenSSL Validating Certificate Path
"keytool" and "keystore" from JDK
"OpenSSL" Signing CSR Generated by "keytool"
Migrating Keys from "keystore" to "OpenSSL" Key Files
Certificate X.509 Standard and DER/PEM Formats
Migrating Keys from "OpenSSL" Key Files to "keystore"