Advanced Encryption Standard (AES)
In 2001, after an open competition, an encryption algorithm named Rijndael invented by cryptographers Joan Daemen and Vincent Rijmen was standardized as AES with minor modifications by NIST. So far, no attack has been found against AES that is more effective than the brute-force method. The original version of Rijndael permits different key and block sizes of 128 bits, 192 bits, and 256 bits. In the AES standard, however, only a 128-bit block size is allowed. However, key sizes of 128 bits, 192 bits, and 256 bits are permissible.
How AES works
During AES algorithm processing, a 4 × 4 array of bytes known as the state is modified using multiple rounds. Full encryption requires 10 to 14 rounds, depending on the size of the key. The following table shows the key sizes and the required number of rounds:
Once the state is initialized with the input to the cipher, the following four operations are performed sequentially step by step to encrypt the input:
- AddRoundKey: In this step, the state array is XORed with a subkey, which is derived from the master key.
- SubBytes: This is the substitution step where a lookup table (S-box) is used to replace all bytes of the state array.
- ShiftRows: This step is used to shift each row to the left, except for the first one, in the state array in a cyclic and incremental manner.
- MixColumns: Finally, all bytes are mixed in a linear fashion (linear transformation), column-wise.
This is one round of AES. In the final round (either the 10th, 12th, or 14th round, depending on the key size), stage 4 is replaced with AddRoundKey to ensure that the first three steps cannot be simply reversed, as shown in the following diagram:
Figure 3.13: AES block diagram, showing the first round of AES encryption. In the final round, the mixing step is not performed
Various cryptocurrency wallets use AES encryption to encrypt locally-stored data. Bitcoin wallets use AES-256 in CBC mode to encrypt the private keys. In Ethereum wallets, AES-128-CTR is used; that is, AES 128-bit in counter mode is used to encrypt the private key. Peers in Ethereum also use AES in counter mode (AES CTR) to encrypt their Peer to Peer (P2P) communication.
An OpenSSL example of how to encrypt and decrypt using AES
We can use the OpenSSL command-line tool to perform encryption and decryption operations. An example is given here.
First, we create a plain text file to be encrypted:
$ echo Datatoencrypt > message.txt
Now the file is created, we can run the OpenSSL tool with appropriate parameters to encrypt the file message.txt using 256-bit AES in CBC mode:
$ openssl enc -aes-256-cbc -in message.txt -out message.bin
enter aes-256-cbc encryption password:
Verifying - enter aes-256-cbc encryption password:
Once the operation completes, it will produce a message.bin file containing the encrypted data from the message.txt file. We can view this file, which shows encrypted contents of the message.txt file:
$ cat message.bin
Note that message.bin is a binary file. Sometimes, it is desirable to encode this binary file in a text format for compatibility/interoperability reasons. A common text encoding format is base64. The following commands can be used to create a base64-encoded message:
$ openssl enc -base64 -in message.bin -out message.b64
$ cat message.b64
U2FsdGVkX193uByIcwZf0Z7J1at+4L+Fj8/uzeDAtJE=
In order to decrypt an AES-encrypted file, the following commands can be used. An example of message.bin from a previous example is used:
$ openssl enc -d -aes-256-cbc -in message.bin -out message.dec
enter aes-256-cbc decryption password:
$ cat message.dec
Datatoencrypt
Readers may have noticed that no IV has been provided, even though it's required in all block encryption modes of operation except ECB. The reason for this is that OpenSSL automatically derives the IV from the given password. Users can specify the IV using the following switch:
-K/-iv , (Initialization Vector) should be provided in Hex.
In order to decode from base64, the following commands are used. Follow the message.b64 file from the previous example:
$ openssl enc -d -base64 -in message.b64 -out message.ptx
:~/Crypt$ cat message.ptx
There are many types of ciphers that are supported in OpenSSL. You can explore these options based on the examples provided thus far. A list of supported cipher types is shown as follows:
Figure 3.14: Some of the cipher types available in OpenSSL
Readers might see a different number of supported ciphers depending on the version of the OpenSSL tool being used.
The OpenSSL tool can be used to experiment with all the ciphers shown in the preceding screenshot. We will also use OpenSSL in the next chapter to demonstrate various public key cryptographic primitives and protocols.