The Advance Encryption Standard And Rijndael Algorithm Computer Science Essay

Published: Last Edited:

This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.

This review paper describes the Rijndael algorithm which was selected as the AES (advanced encryption standard) by NIST (national institute of standard and technology) to be used as an encryption method by the U.S government for non classified and non military uses. The introduction and history of Advanced Encryption Standard is also described followed by a brief insight to the selection procedure of the AES. The methodology employed by the Rijndael algorithm for encryption is described which includes the four main steps involved in the encryption process used by this algorithm. A brief analysis of AES follows with some emphasis on the superiority of AES over its predecessor DES (Data Encryption Standard) and its other advantages over major encryption algorithms. The threats to AES posed by side channel attacks and the theoretical concept of quantum computers are considered in the latter section of the paper.


There always has been a demand for the development of the processes and methods for ensuring the secure transportation of data. Cryptography is around for a long time as a solution for the protection of information. Earliest known use is some carved coded words on stones in Egypt. Modern cryptography is the branch of science (Mathematics, Engineering and computer sciences) dealing with the issue of hiding information. Encryption is a cryptographic technique of transforming information in incomprehensible form so that the information is unreadable by anyone except those possessing the special knowledge which is commonly achieved by using algorithms known as ciphers. Ciphers define the series of well known steps for performing encryption or decryption, i.e. the reverse process of encryption. Block ciphers & stream ciphers are two main classes of ciphers in use. The Advance Encryption Standard (AES) is a symmetric key (block cipher) algorithm which commonly processes the data in blocks of 128 bits. It is defined in Federal Information Processing Standard (FIPS), 192 published in November, 2001 as a United States Encryption Standard [1]. It is based on well known mathematical grounds and resists all known attacks very well. A long time has passed since the arrival of AES and a lot of information and economic value is already saved by it. Different Standards of AES are available like AES-128, AES-192, and AES-256 where the associated integer is indicating the length of data bits of the key. The AES is the most commonly employed algorithm for information encryption today [1].


The Data Encryption Standard (DES) was adopted in 1977 by then National Bureau of Standards now called NIST for use by the US government and commercial use [1]. The data encryption standard was an aging algorithm in late 1990’s and it was widely criticized for its short key. The DES used a 56 bit key for encryption. DES served very well in the period in which it was in use but by the evolution of high speed personal computers the security aspect of DES was challenged multiple times. The most famous and important attack was done using one hundred thousand pc’s and a server that cost two hundred and fifty thousand dollars. This system designed by Electronic Frontier Foundation was able to decrypt the message that was encrypted using DES in twenty two hours [2].

This was a remarkable achievement considering the number of possible combinations of the DES(data encryption standard) key were 72x10e16 but this also proved to be the last nail in the coffin of DES as a standard encryption algorithm for the US government.

An improved version of the DES algorithm called the triple DES is still widely used in many commercial applications.

The principal drawback of 3DES is that the algorithm is relatively sluggish in software. The original DES was designed for mid-1970s hardware implementation and does not produce efficient software code. 3DES, which has three times as many rounds as DES, is correspondingly slower. A secondary drawback is that both DES and 3DES use a 64-bit block size. For reasons of both efficiency and security, a larger block size is desirable.

Because of these drawbacks, 3DES is not a reasonable candidate for long-term use. As a replacement, new Advanced Encryption Standard (AES), should have security strength equal to or better than 3DES and significantly improved efficiency

In a first round of evaluation, 15 proposed algorithms were accepted. A second round narrowed the field to 5 algorithms. NIST completed its evaluation process and published a final standard (FIPS PUB 197) in November of 2001. NIST selected Rijndael as the proposed AES algorithm. The two researchers who developed and submitted Rijndael for the AES are both cryptographers from Belgium: Dr. Joan Daemen and Dr. Vincent Rijmen. [3]

The advanced encryption standard which is based on Rijndael algorithm has no such issues. It has three key sizes that are 128 bit, 192 bits, and 256 bits so it has a considerably large key size and is very hard to decrypt using a brut force attack. The numbers of possible combinations of the AES key are very large for any kind of brute force attack. The national institute of standards and technology in its Jan 2010 publication of has allowed the two key triple DES to be used only through 2010 whereas AES can be used beyond 2010[4].


In 1997 a call was put on by the US National Institute for Standards and Technology (NIST) for the candidates to replace the old Data Encryption Standard, DES.NIST announced that the candidate algorithms for AES should support key sizes up to 256bits and that the proposed algorithm should be as secure as triple DES but much more efficient in terms of implementation. The proposed algorithms were to be evaluated on three criterions.



Algorithm implementation characteristics

There were five major algorithms under consideration to become AES. The first one of them was CAST-256 it was rejected due to higher implementation costs. CRYPTON was another promising contender but it had a lower security margin. The DFC algorithm was rejected due to its poor performance on processors lower then 64 bit. SAFER + was rejected due to its low speed [1]. The last and most promising contender was Rijndael algorithm which was faster more secure and cheaper to implement then any of the above mentioned algorithms.

Key size (words/bytes/bits)




Plaintext block size (words/bytes/bits)




Number of rounds




Round key size (words/bytes/bits)




Expanded key size (words/bytes)




Table : AES Variants [3]

Encryption using AES

AES is a several round symmetric key block cipher. The term block refers to the fact that the AES algorithm can be applied on a single bloc of data at a time the standard data block size for AES is 128 bits. The term round refers to the fact that data is encrypted ten to fourteen times over using the same algorithm. AES has three key sizes 128 bit, 192 bit, 256 bit as AES is a symmetric encryption algorithm it uses the same key for encryption and decryption so the key is always kept secret.

The data is represented in a 4x4 matrix before performing four important steps for encryption. The four major steps are:

Byte substitution

Sift rows

Mix columns

Add round key

In byte substitution a 16x16 permutation matrix is used and every byte is replaced by the entry in the permutation matrix with index corresponding to the value f the byte for example

Suppose a byte in the data matrix has a value 0x42 it will be replaced by the entry in the fourth row and 2nd column.

In shift row operation a simple circular shift is done in rows. First row remains unchanged, 2nd row does one byte cyclic shift to left. 3rd row does two byte cyclic shift to left. The 4th row does three byte cyclic shift to left.

In the mix column step all columns are processed separately each entry is replaced by a value which is dependant upon all the values in the column.

In the Add round key step an exclusive or operation is performed between the data matrix and the 128 bit key.

As discussed earlier nine rounds of the above mentioned procedure are performed in the tenth and final round the mix column step is not performed. The round key is updated at each step and is added to the data at that step.

Advantages of AES

AES has many advantages over DES its predecessor the main advantage of AES is its key. The data encryption standard or DES had a week point that was its key it had a 56 bit key[2] which allowed with the advancement of high speed personal computers a brut force attack to be successful on that algorithm. To counter this problem triple DES was introduced but its implementation was very slow. So naturally when the U.S national institute of standards and technology announced the competition about AES on of the mandatory quality for the researchers and organizations taking part was that their algorithms should be compatible with key lengths of 128, 192 and 256 bits.

AES is extremely efficient in terms of implementation it can very easily be implemented on an 8-bit microcontroller which makes it very useful in embedded applications.

When the competition was being held it was mandatory for every participating researcher or organization to sign a document according to which the winning researcher or company will not claim intellectual property rights for their algorithm so AES is free for any one to use and implement.

Another major advantage of Advanced Encryption Standard is key agility. Key agility is the measure of the rapid change of keys with very limited use of resources. Rijndael algorithm is extremely efficient in key generation it uses of the fly sub key generation for encryption and decryption. Although few other contenders of AES competition had equally good or (in case of Serpent algorithm) better key agility then Rijndael but as compared to the previous standard encryption algorithm the Data Encryption Standard or DES the new standard is much better performing and uses very little resources.[5]

Fig 1: flow chart of AES encryption algorithm.

The AES encryption standard works very well in limited use environments for example like in applications where only encryption or decryption is performed (not both) as it has extremely low RAM requirements and also is not a burden on the ROM of the device if only encryption or decryption is implemented.

The encryption and decryption procedures in Rijndael are slightly different from each other in terms of hardware implementations. Some studies performed by individual researchers show that the implementation of decryption alone takes up to 40% less space then the implementation of encryption so it is suited for application like smart cards.

DES was not trusted by many because they worried that several complicated parts of the cipher could contain a ‘trap door’, a hidden weakness introduced by the designers allowing the cipher to be broken. To avoid these concerns, the designers of Rijndael gave Rijndael a relatively simple algebraic structure. [3]

Disadvantages of AES

There are no major disadvantages of using AES but AES is prone to some attacking strategies such as side channel attacks.

Side channel attacks

Side channel attacks employ some very unorthodox methods to guess the key of an encryption device. These attacks are based on side channel information. Side channel information can be categorized as any information gathered from the encryption device other then plain text or cipher text for example clock, voltage and other outputs [6]. Side channel attacks use this information with other techniques to guess the key on which the system is working.

Side channel attacks are very important as they can be mounted quickly and cheaply and also this type of attack bypasses the inherent security of the algorithm.

There are many types of side channel attacks such as

Time attack

Power monitoring attack

Radiation monitoring attack

Acoustic cryptanalysis

Fault analysis[7]

The above mentioned side channel attacks are known to have successfully guessed the key of AES encryption system. A special type of timing attack called the cache attack is specially successful in this regard in 2005 three Israeli researchers published a research paper showing that by using cache attack(under special circumstances) the AES key can be guessed in as low as 800 instructions or 65ms[8].

There are many methods that can be employed to protect against side channel attacks such as hiding the timing and disabling cache sharing [8] and also by using side channel models [9].

Quantum computers

Quantum computing is an emerging concept which promises computers with extremely high computational capabilities. These computers (theoretically) work by the laws of quantum mechanics [10]. If these theoretical computers are developed to a practical form them all the encryption algorithms including AES will become extremely vulnerable to brut force attack due to the superior computational power promised by this technology. Public key algorithms are more susceptible to this future threat but due to the shear computational capabilities promised by these theoretical devices the private key algorithms such as AES are also vulnerable.


The Advanced Encryption Standard is been in use by the U.S government and other major organizations for about ten years now and has been proved its worth as a reliable and flexible encryption algorithm. The flexibility shown by this algorithm is without any shadow of doubt far more superior then its predecessor with its variable length keys and variable length data blocks (Rijndael algorithm). It is many times more secure then its predecessor but does it in less time and using fewer resources. This standard will last for at least 20 to 30 years even with the rapidly increasing computational power of computers. The AES has never been successfully attacked by a brut force attack and the successful attempts using side channel attacks have been against individual implementations of the algorithm not the algorithm itself. All in all the Advanced Encryption Standard is performing the job it was designed to perform efficiently and with minimal risk which is all that was required by it to deliver.