This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Section 1 of the paper shall introduce readers about the Advanced Encryption Standard (AES), Section 2 discusses the different aspects of Software implementation of a Cryptographic Algorithm and different platforms being used for software implementation. In Section 3, few commons software implementation errors are discussed. Section 4 describes about the some improvement techniques being used to enhance the efficiency or the execution speed in software implementations. Section
1. AES - A BRIEF INTRODUCTION
NIST in 1997, announced a call for candidate ciphers for its new Advanced Encryption Standard (AES), because a replacement for DES was needed at that time. After exhaustive analysis and evaluation of different algorithms, Rijndael, designed by Rijmen & Daemen in Belgium, was selected as AES finalist. It was selected among diffenrent competitors on the evaluation criteria, which included Security, Cost and Alogorithm and its implemmentation characteristics. 
AES is based on a substitution-permutation network, and is fast in both software and hardware implementations. Unlike its predecessor DES, AES does not use a Feistel network.
Block size of 128-bit
Variable key size of 128, 192, or 256 bit
Processes data as 4 groups of 4 bytes
Number of rounds. 9, 11, or 13 rounds, depending on the Key Size.
Each round consists of 4 functions:
Byte substitution step - Uses an S-box to perform a byte-by-byte substitution of the block
Shift rows step - A simple permutation
Mix columns step - substitution that makes use of arithmetic over GF(28)
Add round key step - A simple bitwise XOR of the current block with a portion of the expanded key
2. ASPECTS OF SOFTWARE IMPLEMENTATION
The main consideration in designing any encryption algorithm is always the security of the algorithm against undesirable attacks. However, in practical scenarios, performance of the algorithm on different platforms, its implementation cost and flexibility are also significant aspects. Even during the evaluation of candidate cipher for AES, Cost (Computationa Requirements, Memory Requirements), Algorithm and Implementation characteristics (Flexibility, Hardware and Software suiteability and simplicty) and Performance of the algorithm on different software and Hardware platforms were also evaluated. Different aspect of the software implementation are briefly discussed
i. Security - Security of the Cryptographic algorithm is the most significant requirement and therefore, a secure and well tested algorithm must be used. Moreover, during implementation, it must be taken care that implementation should not leak any information which can potentially compromise security. As per the final NIST evaluation of Rijndael, it has no known security attacks. It appears to have an adequate security margins, but the algorithm has received criticism that its mathematical structure may lead to attacks . Here, we will not discuss the security of the AES but we will discuss few implementation errors that may likely compromise the security aspects of AES. In this paper, we will be focusing on the AES, a standard algorithm approved by NIST, so security of the algorithm against different attacks has not been discussed. Only the software implementation and related issues will be discussed. However, Proper implementation of the algorithm is mandatory to ensure security and therefore, few common implementation errors will be discussed in Section 3.
ii. Performance - Performance of the software implementation includes minimum overheads and maximum execution speed which is considered a very important parameter in practical scenarios. An implementation should be fast enough to ensure that execution of cryptographic algorithms does not slow down a system significantly. The requirement for fast implementations is mandatory because computation of cryptographic algorithms dominates in computational complexity of many protocols. Same has been discussed in Section 4.
iii. Cost.-. Implementation of cryptographic algorithms should not increase the total cost of a product and it is more evident in case of low consumer products. This requirement sets strict constraints for designers, especially, if other requirements, such as speed, are considered too. Generally, a tradeoff between different parameters is sought to achieve the desirable results. Moreover, low cost also makes any algorithm practical for use in wide range of Applications.
iv. Flexibility or ease of upgrade is actually the one of the advantage of software implementation.
3. SOFTWARE PLATFORMS
Different Software platforms like C, Java, Visual Studio 2008 and Matlab can be used for software implementation. Implementation of AES in Matlab is only for the purpose of understandability of algorithm and its functions and cannot be used for practical purposes.
4. COMMON SOFTWARE IMPLEMENTATION ERRORS
It is very difficult to prove the strength of any implemntation to withstand the threats or attacks. However, people who test the resistance of a specific implemntation, prove its strength. Moreover, it is also not a universal truth that an implementation will remain computationaly secure for a given time period. Vulnerabilities can arise in the entire life cycle of a cryptographic method. Even if an algorithm like AES, which has been proven as secure, it cannot be guaranteed that implemntation of specific algorithm is secure. There are few factors which can raise the vulnerabilities in software implementation .
Programming Errors may include the programming bugs and usage of cryptographic algorithm in an improper way . Therefore, while programming, it must be taken care of while software programming as the poor software programming may adversly affect the implementation of AES.
5. PERFORMANCE ENHANCING TECHNIQUES
Performance of the algorithm also plays an important role and therefore it is very important during the implemntation process. Performance of the algorithm can be measured by the execution speed of the algorithm on the specific platform. The execution speed can be improved by following methods  and :-
Software Optimization.can be one of the technique to improve the execution speed. Hand-coded assembly code generally produce better performance results than an optimizing compiler. Interpreted languages are poorly adapted for performance optimization.
Parallel execution of the software is a better option and produces better performanc results than the sequential executions.
Use of Transposed Matrix Primitives and Key Scheduling as proposed by Eashwar Thiagarajan and Madhuri Gourishetty in their paper is also a good technique to improve the performance of AES allgorithm. Such more techniques can also be used but it must be taken care that such an implementation must not compromise the security of the algorithm.
Software implementation alone offers limited physical security, especially with respect to key storage. Because two approaches of Key generations on the fly and key unrolling are used. If key unrolling is used then keys are to be generated and stored for use. In case of Software Implementation, this scenario is vulnerable to threats. However, hardware implementation provides less flexibility as compared to software implementation. Therefore, in practical applications, reconfigurable hardware devices, such as Field Programmable Gate Arrays (FPGAs) are used to achieve security from threats and flexibility or upgrade with minimum cost.
Crypto algorithms are employed basically for security of the system; therefore there is actually no tradeoff on this aspect. However, other aspects of the software or even the hardware implementation are traded off to suit the desired results. In this paper, I have combined different aspects of software implementation of cryptographic algorithms in general and AES in particular and have also briefly discussed little improvement.
 William Stallings, (2005), Cryptography and NetworkSecurity Principles and Application, (4th Ed.), Prentice Hall (pp-135 - pp 173)
 Eashwar Thiagarajan and Madhuri Gourishetty, (2003), Study of AES and its Efficient Software Implementation
 Vladislav Nazaruk, Pavel Rusakov, (2010), Implementation of Cryptographic Algorithms in Software: An Analysis of the Effectiveness, Riga Technical University, Scientific Journal of Riga Technical University, Vol 43
 Ioan Mang, Considerations on Hardware Implementations of Encryption Algorithms, University of Oradea, Faculty of Electrotechnics and Informatics
 Kimmo JÂ¨arvinen, (2008), Studies on efficient implementation of cryptographic algorithms, Manuscript of a thesis for the degree of Doctor of Science in Technology. (pp 31-32, 51-