Applied Mathematics
Vol.10 No.03(2019), Article ID:91453,6 pages
10.4236/am.2019.103010

On Rijndael ByteSub Transformation

W. Eltayeb Ahmed1,2

1Mathematics and Statistics Department, Faculty of Science, Imam Mohammad Ibn Saud Islamic University, Riyadh, KSA

2Department of Basics and Engineering Sciences, Faculty of Engineering, University of Khartoum, Khartoum, Sudan

Copyright © 2019 by author(s) and Scientific Research Publishing Inc.

This work is licensed under the Creative Commons Attribution International License (CC BY 4.0).

http://creativecommons.org/licenses/by/4.0/

Received: March 2, 2019; Accepted: March 25, 2019; Published: March 28, 2019

ABSTRACT

The first step in converting a plaintext to ciphertext by the famous Advanced Encryption Standard (AES), which is called Rijndael ByteSub Transformation, involves some operations: computing a multiplicative inverse, multiplying this multiplicative inverse by a specific matrix, and adding the result to a specific vector. The purpose of this research is to simplify these operations. This paper gives elegant techniques and presents the matrices multiplication as simple XOR operations, and the result is a simple, straightforward way finding the transformation.

Keywords:

Rijndael Cipher, Advanced Encryption Standard, Multiplicative Inverse, XOR Operation

1. Introduction

Rijndael ByteSub transformation (or AES substitution byte) [1] transforms an input byte into another byte by two operations:

1) Finding a multiplicative inverse of an input byte ( a 7 a 6 a 5 a 4 a 3 a 2 a 1 a 0 ) in the finite field GF (28).

2) Applying the following affine transform:

c i = b i + b ( i + 4 ) mod ( 8 ) + b ( i + 5 ) mod ( 8 ) + b ( i + 6 ) mod ( 8 ) + b ( i + 7 ) mod ( 8 ) + d i , 0 i 7 (1)

where ( b 7 b 6 b 5 b 4 b 3 b 2 b 1 b 0 ) is resulting from the first operation, ( d 7 d 6 d 5 d 4 d 3 d 2 d 1 d 0 ) = 01100011 .

In general, the multiplicative inverse is found by using the extended Euclidean algorithm [2] , instead of using it, we use an elegant technique which finds the multiplicative inverse in clear steps.

The transform of the second operation can be expressed in the matrix form as:

[ c 0 c 1 c 2 c 3 c 4 c 5 c 6 c 7 ] = [ 1 0 0 0 1 1 1 1 1 1 0 0 0 1 1 1 1 1 1 0 0 0 1 1 1 1 1 1 0 0 0 1 1 1 1 1 1 0 0 0 0 1 1 1 1 1 0 0 0 0 1 1 1 1 1 0 0 0 0 1 1 1 1 1 ] [ b 0 b 1 b 2 b 3 b 4 b 5 b 6 b 7 ] + [ 1 1 0 0 0 1 1 0 ] (2)

To solve this system, we use an unusual and more suitable technique which shows this multiplication of matrix (8 × 8) and matrix (8 × 1) as simple XOR operations, and we can find it directly from ( b 7 b 6 b 5 b 4 b 3 b 2 b 1 b 0 ) .

2. The Methodology

For an input byte ( a 7 a 6 a 5 a 4 a 3 a 2 a 1 a 0 ) , we find its multiplicative inverse ( b 7 b 6 b 5 b 4 b 3 b 2 b 1 b 0 ) , and find ( e 7 e 6 e 5 e 4 e 3 e 2 e 1 e 0 ) such that:

[ e 0 e 1 e 2 e 3 e 4 e 5 e 6 e 7 ] = [ 1 0 0 0 1 1 1 1 1 1 0 0 0 1 1 1 1 1 1 0 0 0 1 1 1 1 1 1 0 0 0 1 1 1 1 1 1 0 0 0 0 1 1 1 1 1 0 0 0 0 1 1 1 1 1 0 0 0 0 1 1 1 1 1 ] [ b 0 b 1 b 2 b 3 b 4 b 5 b 6 b 7 ] (3)

Then, we find the output ( c 7 c 6 c 5 c 4 c 3 c 2 c 1 c 0 ) as:

[ c 0 c 1 c 2 c 3 c 4 c 5 c 6 c 7 ] = [ e 0 e 1 e 2 e 3 e 4 e 5 e 6 e 7 ] + [ 1 1 0 0 0 1 1 0 ] (4)

First, we find a multiplicative inverse of a 7 x 7 + a 6 x 6 + a 5 x 5 + a 4 x 4 + a 3 x 3 + a 2 x 2 + a 1 x + a 0 mod ( x 8 + x 4 + x 3 + x + 1 ) .

Let M 1 = a 7 x 7 + a 6 x 6 + a 5 x 5 + a 4 x 4 + a 3 x 3 + a 2 x 2 + a 1 x + a 0 , P = x 8 + x 4 + x 3 + x + 1 , and represent the multiplicative inverse by T.

We seek for q 1 and r 1 satisfying:

M 1 q 1 + r 1 = Q 1 (5)

where Q 1 = P + 1 [3] , (look at Table 1).

If r 1 = 0 , then T = q 1 .

If r 1 0 , we let M 2 = r 1 + 1 and seek for q i and r i satisfying:

M i q i + r i = Q i , 2 i 7 (6)

where Q i = M i 1 , and M i + 1 = r i (look at Table 2).

Whenever r i = 1 , then

T = T i = q i T i 1 + T i 2 (7)

where T 0 = 1 , and T 1 = q 1 .

Then, to find ( e 7 e 6 e 5 e 4 e 3 e 2 e 1 e 0 ) , we write the system (3), as follows:

[ e ] = [ X Y Y X ] [ b ] (8)

e i = X b i + Y b j (9)

e j = Y b i + X b j (10)

where 0 i 3 , 4 j 7 , and

X = [ 1 0 0 0 1 1 1 1 1 1 0 1 1 0 0 1 ] (11)

Y = [ 1 1 0 1 1 1 1 1 0 0 0 0 1 1 0 1 ] (12)

b i = [ b 0 b 1 b 2 b 3 ] , b j = [ b 4 b 5 b 6 b 7 ] (13)

Table 1. First step to find the multiplicative inverse.

Table 2. All steps to find the multiplicative inverse.

Then we compute

X b i = [ 1 0 0 0 1 1 1 1 1 1 0 1 1 0 0 1 ] [ b 0 b 1 b 2 b 3 ] = [ b 0 b 0 + b 1 b 0 + b 1 + b 2 b 0 + b 1 + b 2 + b 3 ] (14)

Y b j = [ 1 1 0 1 1 1 1 1 0 0 0 0 1 1 0 1 ] [ b 4 b 5 b 6 b 7 ] = [ b 7 + b 6 + b 5 + b 4 b 7 + b 6 + b 5 b 7 + b 6 b 7 ] (15)

Y b i = [ 1 1 0 1 1 1 1 1 0 0 0 0 1 1 0 1 ] [ b 0 b 1 b 2 b 3 ] = [ b 3 + b 2 + b 1 + b 0 b 3 + b 2 + b 1 b 3 + b 2 b 3 ] (16)

X b j = [ 1 0 0 0 1 1 1 1 1 1 0 1 1 0 0 1 ] [ b 4 b 5 b 6 b 7 ] = [ b 4 b 4 + b 5 b 4 + b 5 + b 6 b 4 + b 5 + b 6 + b 7 ] (17)

X b i + Y b j = [ b 0 b 0 + b 1 b 0 + b 1 + b 2 b 0 + b 1 + b 2 + b 3 ] + [ b 7 + b 6 + b 5 + b 4 b 7 + b 6 + b 5 b 7 + b 6 b 7 ] = [ b 0 + b 7 + b 6 + b 5 + b 4 b 0 + b 1 + b 7 + b 6 + b 5 b 0 + b 1 + b 2 + b 7 + b 6 b 0 + b 1 + b 2 + b 3 + b 7 ] (18)

Y b i + X b j = [ b 3 + b 2 + b 1 + b 0 b 3 + b 2 + b 1 b 3 + b 2 b 3 ] + [ b 4 b 4 + b 5 b 4 + b 5 + b 6 b 4 + b 5 + b 6 + b 7 ] = [ b 3 + b 2 + b 1 + b 0 + b 4 b 3 + b 2 + b 1 + b 4 + b 5 b 3 + b 2 + b 4 + b 5 + b 6 b 3 + b 4 + b 5 + b 6 + b 7 ] (19)

The result is

[ e 0 e 1 e 2 e 3 e 4 e 5 e 6 e 7 ] = [ b 0 + b 7 + b 6 + b 5 + b 4 b 0 + b 1 + b 7 + b 6 + b 5 b 0 + b 1 + b 2 + b 7 + b 6 b 0 + b 1 + b 2 + b 3 + b 7 b 3 + b 2 + b 1 + b 0 + b 4 b 3 + b 2 + b 1 + b 4 + b 5 b 3 + b 2 + b 4 + b 5 + b 6 b 3 + b 4 + b 5 + b 6 + b 7 ] (20)

and this satisfies:

e i = b i + b ( i + 4 ) mod ( 8 ) + b ( i + 5 ) mod ( 8 ) + b ( i + 6 ) mod ( 8 ) + b ( i + 7 ) mod ( 8 ) , 0 i 7 (21)

At the last, to find ( c 7 c 6 c 5 c 4 c 3 c 2 c 1 c 0 ) , we add ( e 7 e 6 e 5 e 4 e 3 e 2 e 1 e 0 ) to 01100011 .

3. Results

The matrices: X b i , Y b j , Y b i and X b j are just ( b 7 b 6 b 5 b 4 b 3 b 2 b 1 b 0 ) with some XOR operations. When multiplying X by b i or b j , the result will be:

(first element, first + second, first + second + third, first + second + third+ fourth) of b i or b j , and when multiplying Y by b i or b j , starting from the fourth element, the result will be:

(First + second + third + fourth, second + third + fourth, third + fourth, fourth) of b i or b j .

So, we can find ( e 7 e 6 e 5 e 4 e 3 e 2 e 1 e 0 ) from ( b 7 b 6 b 5 b 4 b 3 b 2 b 1 b 0 ) directly.

4. Example

To encrypt:

Input: 32 43 F6 A8 88 5A 30 8D 31 31 98 A2 E0 37 07 34

Key: 2B 7E 15 16 28 AE D2 A6 AB F7 15 88 09 CF 4F 3C

using AES [1] .

Let us do the first step (Rijndael ByteSub transformation).

[ 32 88 31 E 0 43 F 6 A 8 5 A 30 8 D 31 98 A 2 37 07 34 ] + [ 2 B 28 A B 09 7 E 15 16 A E D 2 A 6 F 7 15 88 C F 4 F 3 C ] = [ 19 .. .. .. .. .. .. .. .. .. .. .. .. .. .. .. ]

We just transform the element {19},

19 = 00011001 = x 4 + x 3 + 1

Computing the multiplicative inverse, (look at Table 3).

Since r 2 = 1 ,

T = T 2 = q 2 T 1 + T 0 = x ( x 4 + x 3 + x 2 + x + 1 ) + 1 = x 5 + x 4 + x 3 + x 2 + x + 1 = 00111111

Now, we take ( 00111111 ) , to do the second operation.

[ 1 1 1 1 1 1 0 0 ] [ 1 0 1 0 ] + [ 0 1 0 0 ] [ 0 1 0 1 ] + [ 1 0 0 0 ] [ 1 1 1 0 1 1 0 1 ]

Then we add the result to ( 01100011 )

Table 3. Steps finish when r 2 = 1 .

[ 1 1 1 0 1 1 0 1 ] + [ 1 1 0 0 0 1 1 0 ] = [ 0 0 1 0 1 0 1 1 ]

So,

19 11010100 = D 4

5. Conclusion

The modern technique proposed in this work equivalently finds the Rijndael byte substitute transformation without a need to compute multiplicative inverses and matrices multiplication by traditional methods.

Conflicts of Interest

The author declares no conflicts of interest regarding the publication of this paper.

Cite this paper

Ahmed, W.E. (2019) On Rijndael ByteSub Transformation. Applied Mathematics, 10, 113-118. https://doi.org/10.4236/am.2019.103010

References

  1. 1. Advanced Encryption Standard (AES), FIPS Publication 197, National Institute of Standards and Technology (NIST), November 26, 2001.

  2. 2. Menezes, A., van Oorschot, P. and Vanstone, S. (1997) Handbook of Applied Cryptography. CRC Press, New York.

  3. 3. Ahmed, W. (2019) Some Techniques to Compute Multiplicative Inverses for Advanced Encryption Standard. Journal of Advances in Mathematics, 16, 8208-8212.
    https://doi.org/10.24297/jam.v16i0.8016