<< NL_S_AESInitializationM NL_S: Security NL_S_AESMixColumns >>

NARVAL >> NL_S: Security > NL_S_AESKeyExpansion

NL_S_AESKeyExpansion

Perform the key Expansion.

Calling Sequence

[W] = NL_S_AESKeyExpansion(K,S_box,R,Mod_pol,Aes_logt,Aes_ilogt)

Arguments

K :

Cryptographic key.

s_box :

Substitution table.

R :

Rounds.

Mod_pol :

Irreducible polynomial for multiplication in a finite field 0x11b.

Aes_logt :

Logarithm lookup table.

Aes_ilogt :

Reverse logarithm lookup tabler.

W :

Expanded key.

Description

NL_S_AESKeyExpansion permits to diversify the cryptographic key K of 4.Nk bytes into the expanded key of 4.Nb(Nr+1). Nr+1 rounds key of size 4.Nb are generated. The tables Expkey and K can be viewed as a succession of 4 bytes. By convention we note c[i] (respectivelly K[i]) the (i+1)th column of W (respectivelly k). The first Nk columns of K are copied into the first Nk columns of W. The following columns are recursively defined from previous columns. SubWord applies the S-box substitution on each word of 4 bytes. RotWord performs on each 4 bytes [a0,a1,a2,a3] a circular permutation such that the result is [a1,a2,a3,a0]. The table of rounds constant Rcon[i], independant of Nk is defined by Rcon[i]=[x^(i-1),00,00,00] for all i>=1 ([01 02 04 08 10 20 40 80 1b 36...]).

Pseudo-Code

KeyExpansion(K, W) {
    /* Direct copy of the first Nk columns */
    for (i=0; i<Nk; i++)
        c[i] = k[i];
    for (i=Nk; i<Nb*(Nr+1); i++) {
        tmp = c[i-1];
        if (i mod Nk == 0)
            tmp = SubWord(RotWord(tmp)) + Rcon[i/Nk];
        else if ((Nk > 6) && (i mod Nk == 4)) // Case Nk > 6
            tmp = SubWord(tmp);
            c[i] = c[i-Nk] + tmp;
        }
}

Examples

//128 bits
key128h={'2b','7e','15','16','28','ae','d2','a6','ab','f7','15','88','09','cf','4f','3c'};//16 bytes
key128=hex2dec(key128h);
[s128]=NL_S_AESInitialization(key128);
[Ekey128]=NL_S_AESKeyExpansion(s128.key, s128.s_box, s128.rounds, s128.mod_pol, s128.aes_logt, s128.aes_ilogt);//application of NL_S_AESKeyExpansion
Ekey128'
matrix(s128.key,4,4)

Report an issue
<< NL_S_AESInitializationM NL_S: Security NL_S_AESMixColumns >>