# Rijndael The Unbreakable Cipher Computer Science Essay

**Published:** **Last Edited:**

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

The symmetric and parallel construction of Rijndael Cipher makes it stand out among all others as it gives a lot of flexibility to the implementers, easy adoptability with the processors and importantly it does not allow efficient attacks against it. It is the most effective cipher with a very simple algorithm. The thing that appealed me a lot to write on Rijndael is its distinguishing property of repetition, substitutions and transposition which make it almost unbreakable. Every step in linked with other which is the strength of Rijndael. Some of the key features of Cipher Rijndael are that it is resistant to almost all known attacks, its fast working speed and last but not least its simplicity in design. Its flexible structure of having variable sized texts and keys makes it a lot easier to be implemented on hardware.

Rijndael is a block cipher so it supports different key sizes for its encryption i.e. 128, 192 and 256. The larger the key size the more difficult would it be for the attacker to exploit the plain text through brute force [1]. The larger the key the more secure will be the data from external attacks, but it would require more work to be done in the encryption process. Now this does not means that 128 bit might not be strong enough to prevent external attacks. 128 bit key is in fact strong enough; it is like if you are encrypting a lot of data then 128 bit key can give you a performance boast in your encryption process as compared to 256 bit key. For a 128 bit key there would be 2^128 [2] different possibilities for the hacker to judge the plain text from. Unlike DES [3] or any other cipher techniques that uses 56 bit key size, the cipher text becomes less immune against external attacks due to the brute force attack. The round transformation of Rijndael needs not to be like Fiestel [4] in structure like DES. Some of the main features of Cipher Rijndael's round transformation are its byte substitution, shifting rows, shifting columns and the round key addition. All the steps are cycled 10, 12 or 14 times depending upon the size of the key selected by the implementer. Rijndael uses a 16 byte of data for encryption arranged in a 4x4 bytes matrix. For a data that is less than 16 bytes (128 bits) some extra bits are padded to that data to make it at least 16 bytes long before the encryption process can take place.

The key expansion process involves the expansion of the key that then could be used for the upcoming rounds. The ideal key would be the key that is a random every time (ONE TIME PAD) [5] , but it gets very hard or almost impossible to generate a random key for every plain text and which has to be at least 128 bits long at the same time. Key expansion process generates different random sub keys from the given key so that each of the key could be used in each round. Keeping this fact in mind to generate a large no of random keys for as many rounds, rounds are limited to ten but they are enough to make the algorithm strong enough against external attacks. The key expansion process is independent of the data i.e. this process can be performed separately from the encryption decryption process. This can be done in parallel to the round steps so there is no extra time required to perform key expansion hence the processing speed is enhanced. The key is expanded up to 44 columns so that each of the 4 columns can be used for each round after the first for the ten rounds in total. Advantage of the key expansion process is that for every round there is a different key that has a relationship with the key used in the previous round. This results that if an error occurs even in a single bit then the error will continue and would affect larger no of bits as the no of rounds increases up to 10. If we use the same key for every round (do not expand our key) then each of our round would be key independent and the idea behind to make an ideal key would be lost. Here key expansion process acts as a small one time pad that generates a random 128 bit key for each of the ten rounds from the main key. Rijndael involves a byte level substitution (S Box) [6] and a byte level permutation.

Byte substitution involves the substitution process. Here a complete bye is replaced with a corresponding entry from Substitution Box (16 X 16 lookup table). Substitution of bytes as a first and major step in Rijndael is to produce ambiguity between plain text and the cipher text so that the attacker cannot predict the plain text from the cipher text or vice versa. The goal of this part of encryption is to minimize any kind of association between the input bit and the output bits. The substitution is done through a combination of GF(2^8) [7] and bit mangling which completely destroys the correlation between the bits within the bytes. S Box ensures that Rijndael is resistant against attacks which can be seen from the fact that the output of S Box cannot be written in some mathematical function of its input. Each byte is replaced using an 8 bit S box which produces a high non linearity in the cipher text. S-Box substitution is process of strengthening out encryption process as it replaces a byte with a completely new byte. The point is, that Rijndael supports a key and a block length of 128-256 in chunks of 32 bits with at least a size of 128 bits which are represented in a form of 4x4 arrays of bytes. Each column of array contains 4 bytes of data (32 bits) and S-Box uses a byte substitution which is a factor of 32 (32 bits). A valid question could be why we use byte substitution. If we use a 4 bit substitution then it would use an S Box with only sixteen entries. A brute force search would be fairly easy to produce the matching combination in S Box. Using an 8 bit substitution would use S Box with 264 entries (2^4 x 2^4) in the table; hence it eliminates the brute force attack from the cipher. Using 16 bit substitution would require an S-Box with 65536 entries (2^8 x 2^8). This is possible but would require a lot of memory space to work on. Any other bit substitution that is not a factor of 32 (column size) would then have to be padded with additional bits for each chunk to make it a block of 32 bits and this require additional work to be done and makes things more complicated. Without the S-Box substitution, the algorithm would sound less secure as we would just be shifting the rows and columns in every round.

Each of the steps used in cipher Rijndael are interlinked with each other. This part of Rijndael explains the importance of arranging the data in 4x4 byte matrix. Shifting rows operation is applied on to the rows. This process produces diffusion over multiple rounds of processing. Shifting row operation is in fact producing diffusion in the byte order i.e. scramble up the byte inside the 128 bit block, that result from byte substitution. Shifting rows further enhances the strength of S-Box substitution as without this process Cipher Rijndael algorithm would be a very simpler encryption algorithm where the first byte after going through all the processing remains fixed to its original position and same would be the case for the rest of the bytes. In a broader sense it can be taken as, that the shift row operation is again encrypting the output of S-Box. The main idea behind this process is to jumble up the byte order within the 128 bit block. The input block is written column wise, shifting the bytes of columns would completely scramble the input order of bytes. This results that after row shifting operation, each of the column now contains a byte from each of the columns that were there before the shift row operation. If shift row operation was not a part of Cipher Rijndael then each of the byte would remain at the same place even after ten rounds of operation.

Mixing column is the key part of Cipher Rijndael. Mixing column along with shifting rows together makes every bit of cipher text dependent on each of the plain text after the 10 rounds, this is what a good cipher is said to be [8]. Whereas in DES a single bit of plain text affected about 31 bits of cipher text [8]. Mixing columns is basically a permutation process. Here mixing column operation is applied on to the four bytes of each column. Mixing operation is performed with a metric multiplication in Rijndael Galois field in such a way that each byte at the input of the multiplication effects all the four bytes of the multiplication output and the error propagates all the way till the last round effecting almost every bit. It's the mixing column operation that corrupts the complete byte with error in a single bit during external attacks and the shifting row operation spreads this error in to complete 4 x 4 byte metric. Shifting rows and mixing columns together produces confusion and diffusion.

Finally expanded sub key that was generated during the key scheduling process is bitwise XORED with the output of mixing columns. Each sub key is the in size as that of state. Each of the 128 bit block, that is arranged in a 4x4 byte array is known as state. During the round functions all the operations are performed on a state. The purpose of key addition is to make each round of Rijndael key dependent. The complete round process is kept as simple as possible so that there might be lesser operations and lesser memory be used. We can regard the round process as the best way of confusing a cipher attack due to its nature of continuous substitutions and permutations.

The encryption and decryption process of Cipher Rijndael are different from one another. Although the steps are the same but the order of processing is different. Unlike DES which has its encryption and decryption process exactly the same with reverse order. This makes DES less resistant against the external attacks and less secure as well. The non Fiestel nature of the algorithm makes it faster to be implemented on to software as compared to DES where data is divided into two halves and process separately. Key expansion process of Rijndael ensures that it does not have any weak key [9] (that produces same key for almost all rounds). A plain text encrypted and encrypted again with same key would produce the same plain text again. If compared to DES that produces weak keys when consisting of ones and zeros. Rijndael structure gives it a lot suitability to be implemented on 8 or 32 bit processors [10] for these reasons Rijndael is highly suitable to be implemented in hardware. Rijndael tops among the list of ciphers that are considered the best regarding simplicity and strong against attacks. It is strong enough to resist against many know attacks like the square attack [11], the interpolation attacks [12] etc. The most efficient attack for recovery of key against Rijndael is the brute force attack, but it requires a much longer time and a great lot of effort to recover the key. A cipher is said to be strong enough if; "cost of breaking the cipher is much greater than value of the encrypted in formation" and "time to break the cipher is much longer than the useful lifetime of the encrypted information" [13] and this is what is achieved with Cipher Rijndael.