 - Rijndael (pronounced rain-dahl) is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard (AES). It was selected from a list of five finalists, that were themselves selected from an original list of more than 15 submissions. Rijndael will begin to supplant the Data Encryption Standard (DES) - and later Triple DES - over the next few years in
many cryptography applications. The algorithm was designed by two
Belgian cryptologists, Vincent Rijmen and Joan Daemen, whose surnames are
reflected in the cipher's name. Rijndael has its origins in Square, an
earlier collaboration between the two cryptologists.
The Rijndael algorithm is a new generation symmetric block cipher that supports key sizes of 128, 192 and 256 bits, with data handled in 128-bit blocks - however, in excess of AES design criteria, the block sizes can mirror those of the keys. Rijndael uses a variable number of rounds, depending on key/block sizes, as follows:
9 rounds if the key/block size is 128 bits
11 rounds if the key/block size is 192 bits
13 rounds if the key/block size is 256 bits
Rijndael is a substitution linear transformation cipher, not requiring a
Feistel network. It use triple discreet invertible uniform
transformations (layers). Specifically, these are: Linear Mix Transform;
Non-linear Transform and Key Addition Transform. Even before the first
round, a simple key addition layer is performed, which adds to security.
Thereafter, there are Nr-1 rounds and then the final round. The
transformations form a State when started but before completion of the
entire process.
The State can be thought of as an array, structured with 4 rows and the column number being the block length divided by bit length (for example, divided by 32). The cipher key similarly is an array with 4 rows, but the key length divided by 32 to give the number of columns. The blocks can be interpreted as unidimensional arrays of 4-byte vectors.
The exact transformations occur as follows: the byte subtransformation is
nonlinear and operates on each of the State bytes independently - the
invertible S-box (substitution table) is made up of 2 transformations. The
shiftrow transformation sees the State shifted over variable offsets. The
shift offset values are dependent on the block length of the State. The
mixcolumn transformation sees the State columns take on polynomial
characteristics over a Galois Field values (28), multiplied x4 + 1
(modulo) with a fixed polynomial. Finally, the roundkey transform is
XORed to the State. The key schedule helps the cipher key determine the round keys through key expansion and round selection.
Overall, the structure of Rijndael displays a high degree of modular
design, which should make modification to counter any attack developed in
the future much simpler than with past algorithm designs.
Was the best choice really Rijndael?
Our Cryptography expert, Borys Pawliw comments: "The AES selection was always going to be a compromise, balancing various
factors such as overall security, performance, and efficiency. As such, it
was unlikely that the selection of any one algorithm would receive
unanimous praise from all quarters. Rijndael's selection has been
criticized by some because the algorithm does not appear to be as secure
as some of the other choices.
This criticism is valid theoretically, but does not mean that data secured using this algorithm is going to be unacceptably vulnerable to attack. Although Rijndael may not have been the most secure algorithm from an academic viewpoint, defenders claim that it is more than likely secure enough for all applications in the real world and can be enhanced by simply adding more rounds. Attacks on the algorithm have succeeded only in an extremely limited environment and, while interesting from a mathematical viewpoint, appear to have little consequence in the real world."
 |
Learn more about Disk Encryption and File Encryption |
| CONTRIBUTORS: |
Borys Pawliw |
| LAST UPDATED: |
28 May 2007
|
 |
Do you have something to add to this definition? Let us know.
Send your comments to techterms@whatis.com
|
|
More resources from around the web:
|
|
Show me everything on 
