Cryptography: 2. AES principle of symmetric encryption


Using the encryption method of single key cryptosystem, the same key can be used to encrypt and decrypt information at the same time. This encryption method is called symmetric encryption, also known as single key encryption.

The encryption algorithms based on “symmetric key” mainly include DES, 3DES (tripledes), AES, RC2, RC4, RC5 and blowfish. At present, the most secure encryption algorithm is AES.

secret key

AES supports three key lengths: 128 bits, 192 bits and 256 bits. The difference between them lies in the number of encryption rounds. Excluding the initial rounds, the number of rounds corresponding to each key length is as follows:

Key length Encryption rounds
128 bit 10
192 bits 12
256 bits 14


In cryptography, the mode of operation of block cipher allows more than one block of data to be encrypted with the same block cipher key, and its security is guaranteed.
Partial mode (ECC and CBC) requires the last block to be filled before encryption. Block cipher can only encrypt single block data whose length is equal to the length of cipher block.
CFB, OFB and CTR modes do not require special processing for messages whose length is not an integer multiple of the size of the cipher block. Because these patterns work by XOR the output of block cipher and plaintext. After the last plaintext block (which may be incomplete) is XOR with the first few bytes of the key stream block, a ciphertext block of the same size as the plaintext block is generated. This feature of stream ciphers makes them suitable for applications where the length of ciphertext and plaintext data is strictly equal, or when data is transmitted in stream form and is not easy to fill.

Stream cipher: encrypts plaintext messages bit by bit.
Block cipher: plaintext messages are grouped (each group has multiple characters) and is encrypted group by group.

Working mode

The working mode of AES is embodied in the process of encrypting plaintext block into ciphertext block. AES encryption algorithm provides five different working modes: ECB, CBC, CTR, CFB and OFB.

ECB mode (default): codebook mode electronic codebook book
CBC mode: cipher block chaining
CTR mode: calculator mode counter
CFB mode: cipher feedback
OFB mode: output feedback mode

ECB mode

The electronic codebook (ECB) mode is the simplest working mode. In this mode, the encryption of each plaintext block is completely independent and does not interfere with each other.

Disadvantages: the same plaintext block after encryption will become the same ciphertext block, so the security is poor.

CBC mode

In CBC mode, each plain text block is XOR with the previous cipher block, and then encrypted. In this method, each ciphertext block depends on all the plain text blocks in front of it. At the same time, in order to ensure the uniqueness of each message, the initialization vector needs to be used in the first block.

Initialization vector (IV)

Initialization vector (IV) is a piece of data used for randomization encryption in many working modes. Therefore, different ciphertexts can be generated from the same plaintext and the same key without regenerating the key, which avoids the usually quite complicated process.

Disadvantages: encryption can not be parallel computing (decryption can), performance is not as good as ECB. The initialization vector IV is introduced to increase the complexity.

CTR mode

In CTR mode, there is a self increasing operator. This operator uses the output of the encrypted key and the result of XOR of plaintext to get ciphertext, which is equivalent to one encryption at a time. This encryption method is simple, fast, safe and reliable, and can be encrypted in parallel.

CFB mode

In CFB mode, block cipher can be changed into self synchronous stream cipher; the working process is similar to CBC, and the decryption process of CFB is almost the encryption process of reversed CBC.

OFB mode

In OFB mode, block cipher can be changed into synchronous stream cipher. It generates the block of the key stream, and then XOR it with the plaintext block to get the ciphertext. Like other stream ciphers, the flip of a bit in ciphertext will cause the same bit in plaintext to flip. This feature enables many error correction codes, such as parity bits, to get correct results even if they are calculated before encryption and checked after encryption.

AES encryptor

The difference of all working modes is only on the macro level (the relationship between plaintext blocks), while the internal processing flow of AES encryptor is the same

Different stages have different processing steps

The initial round has only one step:

  1. Addroundkey

The common wheel has four steps:

  1. Byte substitution (subbytes)

  2. Shift Rows

  3. Column obfuscation (MixColumns)

  4. Addroundkey

The final round has three steps:

  1. Byte substitution (subbytes)

  2. Shift Rows

  3. Addroundkey

The security of encryption depends not only on the encryption algorithm itself, but also on the security of key management. Because both encryption and decryption use the same key, how to transfer the key safely to the decryptor has become a problem that must be solved.