用新的高级加密标准(AES)保持你的数据安全毕业论文外文翻译

Keep Your Data Secure with the New Adva need En crypti on

Stan dard

James McCaffrey

SUMMARY

The Advaneed Encryption Standard (AES) is a National Institute of Standards and Tech no logy specificati on for the en cryptio n of electr onic data. It is expected to become the accepted means of encrypting digital information, including financial, telecom muni catio ns, and gover nment data. This article prese nts an overview of AES and explains the algorithms it uses..After reading this article you will be able to en crypt data using AES, test AES-based software, and use AES en crypti on in your systems.

Note that the code presented in this article and any other implementation based on this article is subject to applicable Federal cryptographic module export controls (see Commercial En crypti on Export Con trols for the exact regulati on s).

AES is a new cryptographic algorithm that can be used to protect electr onic data. Specifically, AES is an iterative, symmetric-key block cipher that can use keys of 128, 192, and 256 bits, and en crypts and decrypts data in blocks of 128 bits (16 bytes) Uni ike public-key ciphers, which use a pair of keys, symmetric-key ciphers use the same key to en crypt and decrypt data. En crypted data returned by block ciphers have the same nu mber of bits that the in put data had. Iterative ciphers use a loop structur that repeatedly performs permutati ons and substitutio ns of the in put data. Figure 1 shows AES in action encrypting and then decrypting a 16-byte block of data using a

192-bit key.

Figure 1 Some Data

AES is the successor to the older Data Encryption Standard (DES). DES was approved as a Federal standard in 1977 and remained viable until 1998 when a comb in ati on of adva ncesi n hardware, software, and crypta nalysis theory allowed a DES-e ncrypted message to be decrypted in 56 hours. Since that time nu merous other successful attacks on DES-encrypted data have been made and DES is now considered past its useful lifetime.

In late 1999, the Rijn dael (pr onoun ced "ra in doll") algorithm, created by researchers Joa n Daeme n and Vincent Rijme n, was selected by the NIST as the proposal that best met the design criteria of security, implementation efficiency, versatility, and simplicity. Although the terms AES and Rijn dael are sometimes used in tercha ngeab y, they are distinct. AES is widely expected to become the de facto standard for encrypting all forms of electronic data including data used in commercial applications such as banking and finan cial tran sact ions, telecom muni cati ons, and private and Federal in formatio n.

Overview of the AES Algorithm

The AES algorithm is based on permutations and substitutions. Permutations are rearra ngeme nts of data, and substituti ons replace one unit of data with ano ther. AES performs permutations and substitutions using several different techniques. To illustrate these tech niq ues, let's walk through a con crete example of AES en crypti on using the data show n in Figure 1.

The following is the 128-bit value that you will encrypt with the indexes array:00 11 22 33 44 55 66 77 88 99 aa bb cc dd ee ff 0123456789 10 11 12 13 14 15

The 192-bit key value is:

00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f 10 11 12 13 14 15 16 17 0123456789 10 11 12 13 14 15 16 17 18 19 20 21 22 23

Figure 2 Sbox

When the AES constructor is called, two tables that will be used by the encryption method are initialized. The first table is a substitution box named Sbox. It is a 16 16 matrix. The first five rows and colu mns of Sbox are show n in Figure 2. Behi nd the sce nes, the en cryptio n rout ine takes the key array and uses it to gen erate a "key schedule" table n amed w[], show n in Figure 3.

Figure 3 Key Sched.

The first Nk (6) rows of w[] are seededwith the original key value (0x00 through 0x17) and the remai ning rows are gen erated from the seed key. The variable Nk representsthe size of the seed key in

32-bit words. You'll see exactly how w[] is gen erated later whe n I exam ine the AES impleme ntati on. The point is that there are now many keys to use in stead of just one. These new keys are called the round keys to distinguish them from the original seed key.

Figure 4 State