对称密码_高级加密标准.pptVIP

Cryptography and Network Security Advanced Encryption Standard 高级加密标准 内容 1. 背景 2. AES评估准则 3. AES算法 4. AES说明 5. 其它对称加密算法 Origins clear a replacement for DES was needed have theoretical attacks that can break it have demonstrated exhaustive key search attacks can use Triple-DES – but slow with small blocks US NIST issued call for ciphers in 1997 15 candidates accepted in Jun 98 5 were short-listed in Aug-99 Rijndael was selected as the AES in Oct-2000 issued as FIPS PUB 197 standard in Nov-2001 AES Requirements private key symmetric block cipher 128-bit data, 128/192/256-bit keys stronger faster than Triple-DES active life of 20-30 years (+ archival use) provide full specification design details both C Java implementations NIST have released all submissions unclassified analyses AES Evaluation Criteria initial criteria: security – effort to practically cryptanalyse cost – computational algorithm implementation characteristics final criteria general security software hardware implementation ease implementation attacks flexibility (in en/decrypt, keying, other factors) AES Shortlist after testing and evaluation, shortlist in Aug-99: MARS (IBM) - complex, fast, high security margin RC6 (USA) - v. simple, v. fast, low security margin Rijndael (Belgium) - clean, fast, good security margin Serpent (Euro) - slow, clean, v. high security margin Twofish (USA) - complex, v. fast, high security margin then subject to further analysis comment saw contrast between algorithms with few complex rounds verses many simple rounds which refined existing ciphers verses new proposals The AES Cipher - Rijndael designed by Rijmen-Daemen in Belgium has 128/192/256 bit keys, 128 bit data an iterative rather than feistel cipher treats data in 4 groups of 4 bytes operates an entire block in every round designed to be: resistant against known attacks speed and code compactness on many CPUs design simplicity Rijndael processes data as 4 groups of 4 bytes