AES加密算法(FIPS-197)标准详细解读

AES

5星 · 超过95%的资源需积分: 9 110 浏览量更新于2023-07-16 1 收藏 302KB PDF 举报

身份认证购VIP最低享 7 折!

30元优惠券

AES specification (FIPS-197),正式名称为"Advanced Encryption Standard (AES)",是美国国家标准与技术研究院(National Institute of Standards and Technology, NIST)于2001年11月26日发布的一份计算机安全标准，属于密码学类别。该标准规定了一种被FIPS批准的加密算法，旨在保护电子数据的安全。作为对Public Law 104-106 (Information Technology Management Reform Act of 1996) 和 Public Law 100-235 (Computer Security Act of 1987) 的响应，FIPS PUBS系列旨在确保加密算法的强度和安全性。AES算法是基于对称密钥体制，这意味着加密和解密过程都使用同一密钥，从而提供高效且保密性强的通信保障。 AES算法的核心特性在于其块加密功能，它将输入的信息分割成固定大小的数据块（通常为128位），然后进行加密。使用128位、192位或256位的密钥，AES提供了不同级别的安全性。128位密钥提供了相对平衡的安全性和性能，而更长的密钥则提供了更强的防护，但加密和解密的速度可能会有所下降。 AES采用一种称为Rijndael的分组密码设计，它包括了轮密钥扩展和替换、行移位、混合列以及循环移位等复杂的操作步骤。这些步骤共同构成了AES算法的加密流程，使得即使对于拥有相同密钥的攻击者，破解密文也变得极其困难。此外，AES还通过精心设计的迭代过程，确保了即使在密钥泄露的情况下，数据的长期安全性仍能得到保障。 AES算法的成功在于其广泛的应用范围，不仅在政府和军事领域得到采用，还在商业和互联网通信中占据主导地位。许多现代安全协议，如SSL/TLS、WPA2 Wi-Fi加密，都依赖于AES。随着技术的发展，AES的后续版本，如AES-128、AES-192和AES-256，也在不断优化和适应新的安全需求。总结来说，AES specification (FIPS-197) 是一个重要的信息安全里程碑，它定义了一套经过严格验证的加密技术，确保了数据在传输和存储过程中的高度安全。对于任何从事IT行业的专业人员来说，理解和掌握AES算法及其标准至关重要，因为它直接影响到信息安全策略的设计和实施。

资源详情

资源推荐

1. Introduction

This standard specifies the Rijndael algorithm ([3] and [4]), a symmetric block cipher that can

process data blocks of 128 bits, using cipher keys with lengths of 128, 192, and 256 bits.

Rijndael was designed to handle additional block sizes and key lengths, however they are not

adopted in this standard.

Throughout the remainder of this standard, the algorithm specified herein will be referred to as

“the AES algorithm.” The algorithm may be used with the three different key lengths indicated

above, and therefore these different “flavors” may be referred to as “AES-128”, “AES-192”, and

“AES-256”.

This specification includes the following sections:

2. Definitions of terms, acronyms, and algorithm parameters, symbols, and functions;

3. Notation and conventions used in the algorithm specification, including the ordering and

numbering of bits, bytes, and words;

4. Mathematical properties that are useful in understanding the algorithm;

5. Algorithm specification, covering the key expansion, encryption, and decryption routines;

6. Implementation issues, such as key length support, keying restrictions, and additional

block/key/round sizes.

The standard concludes with several appendices that include step-by-step examples for Key

Expansion and the Cipher, example vectors for the Cipher and Inverse Cipher, and a list of

references.

2. Definitions

2.1 Glossary of Terms and Acronyms

The following definitions are used throughout this standard:

AES Advanced Encryption Standard

Affine A transformation consisting of multiplication by a matrix followed by

Transformation the addition of a vector.

Array An enumerated collection of identical entities (e.g., an array of bytes).

Bit A binary digit having a value of 0 or 1.

Block Sequence of binary bits that comprise the input, output, State, and

Round Key. The length of a sequence is the number of bits it contains.

Blocks are also interpreted as arrays of bytes.

Byte A group of eight bits that is treated either as a single entity or as an

array of 8 individual bits.

MixColumns() Transformation in the Cipher that takes all of the columns of the

State and mixes their data (independently of one another) to

produce new columns.

Nb Number of columns (32-bit words) comprising the State. For this

standard, Nb = 4. (Also see Sec. 6.3.)

Nk Number of 32-bit words comprising the Cipher Key. For this

standard, Nk = 4, 6, or 8. (Also see Sec. 6.3.)

Nr Number of rounds, which is a function of Nk and Nb (which is

fixed). For this standard, Nr = 10, 12, or 14. (Also see Sec. 6.3.)

Rcon[] The round constant word array.

RotWord() Function used in the Key Expansion routine that takes a four-byte

word and performs a cyclic permutation.

ShiftRows() Transformation in the Cipher that processes the State by cyclically

shifting the last three rows of the State by different offsets.

SubBytes() Transformation in the Cipher that processes the State using a non-

linear byte substitution table (S-box) that operates on each of the

State bytes independently.

SubWord() Function used in the Key Expansion routine that takes a four-byte

input word and applies an S-box to each of the four bytes to

produce an output word.

XOR Exclusive-OR operation.

⊕

Exclusive-OR operation.

⊗

Multiplication of two polynomials (each with degree < 4) modulo

+ 1.

• Finite field multiplication.

3. Notation and Conventions

3.1 Inputs and Outputs

The input and output for the AES algorithm each consist of sequences of 128 bits (digits with

values of 0 or 1). These sequences will sometimes be referred to as blocks and the number of

bits they contain will be referred to as their length. The Cipher Key for the AES algorithm is a

sequence of 128, 192 or 256 bits. Other input, output and Cipher Key lengths are not permitted

by this standard.

The bits within such sequences will be numbered starting at zero and ending at one less than the

sequence length (block length or key length). The number i attached to a bit is known as its index

and will be in one of the ranges 0 ≤ i < 128, 0 ≤ i < 192 or 0 ≤ i < 256 depending on the block

length and key length (specified above).

剩余50页未读，继续阅读

muniverse

粉丝: 14
资源: 42

AES加密算法(FIPS-197)标准详细解读

AES加密标准-NIST FIPS 197中英文版本

AES标准文档fips-197.pdf

高级加密标准AES-FIPS197中文版实用.pdf

christophe devine fips-197 compliant aes implementation

内部异常 NotSupportedException: Either itext7.bouncy-castle-adapter or itext7.bouncy-castle-fips-adapter dependency must be added in order to use BouncyCastleFactoryCreator

OpenSSH_7.4p1, OpenSSL 1.0.2k-fips Unsupported Match attribute final /etc/ssh/ssh_config.d/05-redhat.conf line 3: Bad Match condition

NIST.FIPS.202

rocky安装percona

fips 140-2 标准

FIPS认可密钥传输方法有AES KW，

[root@iZuf60b2oqkencqmwd57z1Z bin]# openssl version OpenSSL 1.0.2k-fips 26 Jan 201

linux下载openssl

python国密sm2

如果RSA算法的密钥生成没有遵循FIPS186-4，那么可能会受到低加密指数攻击

如果RSA算法的密钥生成没有遵循FIPS186-4，那么可能会受到故障注入攻击

如果RSA算法的密钥生成没有遵循FIPS186-4，那么可能会受到的攻击有

如果RSA算法的密钥生成没有遵循FIPS186-4，那么可能会受到模分解攻击

如果RSA算法的密钥生成没有遵循FIPS186-4，那么可能会受到低解密指数攻击

最新资源