User documentation for the Maxima computer algebra system implementation of the smallscale AES block cipher.
More...
Go to the source code of this file.
Detailed Description
User documentation for the Maxima computer algebra system implementation of the smallscale AES block cipher.
Using smallscale AES at the Maxima/Lisp level
Functions are presented which implement the AES ("Advanced Encryption
Standard") block cipher.
General idea

XXX

See also [Small Scale Variants of the AES; Carlos Cid, Sean Murphy and M.J.B Robshaw].
Overview

Throughout the implementation, particular parameters maintain the same shortened names for brevity, and ease of use:

p: plaintext block

k: key block

c: ciphertext block.
In each case, there is the assumption that each block is the appropriate dimension and field size (see "General idea").

In all functions the plaintext, key and ciphertext blocks are assumed to be the same dimension.

For smallscale encryption we have the following encryption and decryption functions:

"ss_encrypt(p,k,r,b,e)" and "aes_decrypt(c,k,r,b,e)" are the functions used to encrypt a plaintext block using the given key block with r rounds encryption/decryption and using the standard (as defined by us) GF(b^e) field for the word field.

The blocks are given as matrices and the number of rows and number of columns are derived from the these matrices. The field elements are given as arbitrary polynomials (see "Data types").

"ss_encrypt_gen" and "ss_decrypt_gen" provide generalised versions of "ss_encrypt" and "ss_decrypt" which allow the specification of additional parameters, which have been given default values (based on the other parameters) by "ss_encrypt" and "ss_decrypt":

mod_poly: the modulo polynomial used to quotient polynomials for the smallscale field elements. Defaults in "ss_encrypt" to ss_polynomial(b,e).

sbox_f: the sbox function, taking a polynomial and returning the polynomial result of the smallscale sbox for the given parameters. Defaults in "ss_encrypt" to ss_sbox .

mixcolumns_matrix: the Mixcolumns matrix used in the MixColumns operation. Defaults to ss_mixcolumns_matrix(b,e,n_R) where n_R is the number of rows in the given plaintext and ciphertext blocks.
Data types

The elements of the smallscale wordfield (the elements of the block) are represented as arbitrary polynomials and then are "brought into range" or "standardised" using the given polynomial polynomial (see ss_polynomial in ComputerAlgebra/Cryptology/Lisp/CryptoSystems/Rijndael/ByteField.mac).

AES blocks are then matrices of polynomials, where the dimensions of the smallscale AES block is given by the dimension of the matrix.

As with the AES implementation, there is no interface to the bit level operations of the smallscale AES, but similar to the explanation given in "Data Types" in ComputerAlgebra/Cryptology/Lisp/CryptoSystems/Rijndael/docus/SmallScaleAdvancedEncryptionStandard.hpp one may use the ss_stand function in ComputerAlgebra/Cryptology/Lisp/CryptoSystems/Rijndael/SmallScaleWordField.mac to standardise the polynomial and then consider the coefficients of the polynomial as the e bits of the smallscale word (i.e., the coefficient of x^e becomes the most significant bit of the byte and the coefficient of 1 becomes the least  see [Design of Rijndael;John Daemen and Vincent Rijmen] and [Small Scale Variants of the AES; Carlos Cid, Sean Murphy and M.J.B Robshaw]).
Examples

Encrypting a 128bit word represented as a list of integers:
> key : matrix([x,x^2],[0,1])$
> plaintext : genmatrix(lambda([a,b],0),2,2)$
> num_rounds : 4$
> field_base : 2$
> field_exponent : 4$
> ciphertext : ss_encrypt(plaintext,key,num_rounds,field_base,field_exponent);
matrix([0,x^3+x^2],[x^3+x^2+1,x])
> ss_decrypt(ciphertext,key,num_rounds,field_base,field_exponent);
matrix([0,0],[0,0])
Definition in file SmallScaleAdvancedEncryptionStandard.hpp.