To implement AES within python, we have put together a tutorial to talk you though how to code an AES function:
Before we jump into the function, we will set up an AES Key expansion which we will use within our AES function.
This function calculates the given index's round constant for the key expansion.
Parameters:
• index - An integer that specifies the index of the round key to be generated.
The returned value is the calculated constant as an integer.
This function rotates the elements of an array.
Parameters:
• num_arr - The array of integers to be rotated.
The returned value is the rotated array.
This function performs the SBox for the given number. It does this by using a lookup table.
Parameters:
• num - The integer to perform the SBox for.
The returned value is the result of performing the SBox on the given number.
This function performs the SBox on each number in a given array.
Parameters:
• num_arr - The array of integers to perform the SBox on.
The returned value is an array containing the results of running the SBox for each number in the given array.
Other functions from this module used:
• SBox
This function performs key expansion for AES128. It does this by placing the integer values for each character in the initial key into an array. It then iterates and in each round it produces another 4 bytes of the key that are XOR of the previous round's 4 bytes and the bytes from 4 rounds ago. If the round number is a multiple of 4 then the bytes from the previous round are first run through rotate and sub and after the XOR operation the 1st byte is XORed with the relevant round constant. The 4 bytes produced are added to the end of the expanded key array. Before the expanded key is returned it is split into groups of 16 bytes which are the round keys used by AES128.
Parameters:
• init_key - The initial key given as a string.
The returned value is the round keys for AES128 created from the given key as an array of arrays of integers.
Other functions from this module used:
• sub
• rotate
• rc
This function performs key expansion for AES192. It does this by placing the integer values for each character in the initial key into an array. It then iterates and in each round it produces another 4 bytes of the key that are XOR of the previous round's 4 bytes and the bytes from 6 rounds ago. If the round number is a multiple of 6 then the bytes from the previous round are first run through rotate and sub and after the XOR operation the 1st byte is XORed with the relevant round constant. The 4 bytes produced are added to the end of the expanded key array. Before the expanded key is returned it is split into groups of 16 bytes which are the round keys used by AES192.
Parameters:
• init_key - The initial key given as a string.
The returned value is the round keys for AES192 created from the given key as an array of arrays of integers.
Other functions from this module used:
• sub
• rotate
• rc
This function performs key expansion for AES256. It does this by placing the integer values for each character in the initial key into an array. It then iterates and in each round it produces another 4 bytes of the key that are XOR of the previous round's 4 bytes and the bytes from 8 rounds ago. If the round number is a multiple of 8 then the bytes from the previous round are first run through rotate and sub and after the XOR operation the 1st byte is XORed with the relevant round constant. Otherwise, if the round number is a multiple of 4 then the 4 bytes from the previous round are first run through sub. The 4 bytes produced are added to the end of the expanded key array. Before the expanded key is returned it is split into groups of 16 bytes which are the round keys used by AES256.
Parameters:
• init_key - The initial key given as a string.
The returned value is the round keys for AES256 created from the given key as an array of arrays of integers.
Other functions from this module used:
• sub
• rotate
• rc
Now that the key expansion is set up, we will move onto implementing the AES function.
This function generates a random string of a given length to be used in key generation.
Parameters:
• length - The integer that is the required length of the generated string.
The returned value is the generated string.
This function generates a random key for AES128 that is 128 bits or 16 bytes. The returned value is the generated key.
Other functions from this module used:
• KeyGen
This function generates a random key for AES192 that is 192 bits or 24 bytes.
The returned value is the generated key.
Other functions from this module used:
• KeyGen
This function generates a random key for AES256 that is 256 bits or 32 bytes.
The returned value is the generated key.
Other functions from this module used:
• KeyGen
This function performs AES128 encryption on the given plaintext with the given key. It does this by expanding the key into 11 round keys and converting the text into 16 byte blocks of integers and adds padding if needed. Then for each block it performs 10 rounds of encryption on the block and XORs the block with the last round key. At the end if needed the padding is removed and the text is converted to a string.
Parameters:
• key - A string that is the initial key to expand into the round keys.
• message - A string that is the text to encrypt.
• padding - A Boolean that specifies whether or not to remove padding. It has a default value of true.
The returned value is the encrypted text.
Other functions from this module used:
• StrToInts
• AESEncRound
• ESEncLastRound
• pad
• IntsToStr
This function performs AES128 encryption on the given ciphertext with the given key. It does this by expanding the key into 11 round keys and converting the text into 16 byte blocks of integers and adding padding if needed. Then for each block it XORs the block with the first round key and performs 10 rounds of encryption. At the end the text is converted to a string.
Parameters:
• key - A string that is the initial key to expand into the round keys.
• message - A string that is the text to encrypt.
• padding - A Boolean that specifies whether or not to remove padding. It has a default value of true.
The returned value is the encrypted text.
Other functions from this module used:
• StrToInts
• AESEncRound
• AESEncLastRound
• XOR
• pad
• IntsToStr
This function performs AES192 encryption on the given ciphertext with the given key. It does this by expanding the key into 13 round keys and converting the text into 16 byte blocks of integers and adding padding if needed. Then for each block it XORs the block with the first round key and performs 12 rounds of encryption. At the end the text is converted to a string.
Parameters:
• key - A string that is the initial key to expand into the round keys.
• message - A string that is the text to encrypt.
• padding - A Boolean that specifies whether or not to remove padding. It has a default value of true.
The returned value is the encrypted text.
Other functions from this module used:
• StrToInts
• AESEncRound
• AESEncLastRound
• XOR
• pad
• IntsToStr
This function performs AES192 decryption on the given ciphertext with the given key. It does this by expanding the key into 13 round keys and converting the text into 16 byte blocks of integers. Then for each block it performs 12 rounds of decryption on the block and XORs the block with the last round key. At the end if needed the padding is removed and the text is converted to a string.
Parameters:
• key - A string that is the initial key to expand into the round keys.
• ciphertext - A string that is the text to decrypt.
• padding - A Boolean that specifies whether or not to remove padding. It has a default value of true.
The returned value is the decrypted text.
Other functions from this module used:
• StrToInts
• AESDecFirstRound
• AESDecRound
• XOR
• removePadding
• IntsToStr
This function performs AES256 encryption on the given ciphertext with the given key. It does this by expanding the key into 15 round keys and converting the text into 16 byte blocks of integers and adding padding if needed. Then for each block it XORs the block with the first round key and performs 14 rounds of encryption. At the end the text is converted to a string.
Parameters:
• key - A string that is the initial key to expand into the round keys.
• message - A string that is the text to encrypt.
• padding - A Boolean that specifies whether or not to remove padding. It has a default value of true.
The returned value is the encrypted text.
Other functions from this module used:
• StrToInts
• AESEncRound
• AESEncLastRound
• XOR
• pad
• IntsToStr
This function performs AES256 decryption on the given ciphertext with the given key. It does this by expanding the key into 15 round keys and converting the text into 16 byte blocks of integers. Then for each block it performs 14 rounds of decryption on the block and XORs the block with the last round key. At the end if needed the padding is removed and the text is converted to a string.
Parameters:
• key - A string that is the initial key to expand into the round keys.
• ciphertext - A string that is the text to decrypt.
• padding - A Boolean that specifies whether or not to remove padding. It has a default value of true.
The returned value is the decrypted text.
Other functions from this module used:
• StrToInts
• AESDecFirstRound
• AESDecRound
• XOR
• removePadding
• IntsToStr
This function performs a round of AES encryption on the given block. It does this by running the block through SubBytes, ShiftRows, MixCols and XORing it with the round key.
Parameters:
• round_key - An array of integers that is the relevant round key.
• block - An array of integers that is the block to perform the encryption round on.
The returned value is the result of running the encryption round on the given block with the given key.
Other functions from this module used:
• XOR
• ShiftRows
• SubBytes
• MixCols
This function performs the last round of AES encryption on the given block. This is separate from the other rounds as it does not perform the mix columns operation. It does this by running the block through SubBytes, ShiftRows and XORs it with the round key.
Parameters:
• round_key - An array of integers that is the relevant round key.
• block - An array of integers that is the block to perform the encryption round on.
The returned value is the result of running the encryption round on the given block with the given key.
Other functions from this module used:
• XOR
• ShiftRows
• SubBytes
This function performs a round of AES decryption on the given block. It does this by XORing it with the round key and running the result through InvMixCols, InvShiftRows and InvSubBytes.
Parameters:
• round_key - An array of integers that is the relevant round key.
• block - An array of integers that is the block to perform the decryption round on.
The returned value is the result of running the decryption round on the given block with the given key.
Other functions from this module used:
• XOR
• InvShiftRows
• InvSubBytes
• InvMixCols
This function performs the first round of AES decryption on the given block. This is separate from the other rounds as it does not perform the inverse mix columns operation.It does this by XORing it with the round key and running the result through InvShiftRows and InvSubBytes.
Parameters:
• round_key - An array of integers that is the relevant round key.
• block - An array of integers that is the block to perform the decryption round on.
The returned value is the result of running the decryption round on the given block with the given key.
Other functions from this module used:
• XOR
• InvShiftRows
• InvSubBytes
This function XORs the elements of 2 given matrices.
Parameters:
• mat1 - An array of integers that is one of the arrays to XOR.
• mat2 - An array of integers that the other array to XOR.
The returned value is the matrix that is the XOR of the given 2.
This function converts a string to an array of AES blocks.
Parameters:
• in_str - The string to convert to an array of arrays of integers.
The returned value is the array for the given string.
This function converts an array of AES block integers into a string.
Parameters:
• in_arr - The array of arrays of integers to convert to a string.
The returned value is the string for the given array.
This function adds PKCS7 padding to the given array of matrices.
Parameters:
• in_arr - An array of arrays of integers that is the array to add padding to.
The returned value is the padded array.
This function removes PKCS7 padding from the given array of matrices.
Parameters:
• in_arr - An array of arrays of integers that is the array to remove padding from.
The returned value is the array with padding removed.
This function performs the sub bytes operation on a given matrix.
Parameters:
• in_mat - An array of integers that is the matrix to perform the operation on.
The returned value is the result of performing the operation on the given matrix.
This function performs the inverse of the sub bytes operation on a given matrix.
Parameters:
• in_mat - An array of integers that is the matrix to perform the operation on.
The returned value is the result of performing the operation on the given matrix.
This function performs the shift rows operation on a given matrix.
Parameters:
• in_mat - An array if integers that is the matrix to perform the shift rows operation on.
The returned value is the result of performing the operation on the given matrix.
This function performs the inverse of the shift rows operation on a given matrix.
Parameters:
• in_mat - An array if integers that is the matrix to perform the inverse shift rows operation on.
The returned value is the result of performing the operation on the given matrix.
This function performs the mix columns operation on a given matrix. It does this by iterating through the columns and applying the operation to each one.
Parameters:
• in_mat - The matrix to perform the mix columns operation on.
The returned value is the result of the operation for the given matrix.
Other functions from this module used:
• MixCol
This function performs the inverse of the mix columns operation on a given matrix. It does this by iterating through the columns and applying the operation to each one.
Parameters:
• in_mat - The matrix to perform the inverse mix columns operation on.
The returned value is the result of the operation for the given matrix.
Other functions from this module used:
• InvMixCol
This function performs the mix column operation on a given column. It does this by multiplying the given column by the matrix below using GF(28) field multiplication and addition.
| 2 |
3 |
1 |
1 |
| 1 |
2 |
3 |
1 |
| 1 |
1 |
2 |
3 |
| 3 |
1 |
1 |
2 |
Parameters:
• in_col - This is an array of integers that is the column to perform the mix column operation on.
The returned value is the result of performing the operation on the column.
Other functions used from this module:
• mult
This function performs the inverse of the mix column operation. It does this by multiplying the given column by the matrix below using GF(2
8) field multiplication and addition.
| 14 |
11 |
13 |
9 |
| 9 |
14 |
11 |
13 |
| 13 |
9 |
14 |
11 |
| 11 |
13 |
9 |
14 |
Parameters:
• in_col - This is an array of integers that is the column to perform the inverse mix column operation on.
The returned value is the result of performing the operation on the column.
Other functions used from this module:
• mult
This function multiplies the 2 given numbers in the GF(2^8) field using a lookup table.
Parameters:
• num1 - An integer that is one of the numbers to multiply by (it can only be 2, 3, 9, 11, 13 or 14).
• num2 - An integer that is the other number to multiply by.
The returned value is the product of the given numbers.
Written by Abby
