OKlibrary  0.2.1.6

User documentation for the Maxima computer algebra system implementation of the small-scale AES block cipher. More...

Go to the source code of this file.

## Detailed Description

User documentation for the Maxima computer algebra system implementation of the small-scale AES block cipher.

# Using small-scale AES at the Maxima/Lisp level

Functions are presented which implement the AES ("Advanced Encryption Standard") block cipher.

## General idea

• XXX
• See also [Small Scale Variants of the AES; Carlos Cid, Sean Murphy and M.J.B Robshaw].

## Overview

• Throughout the implementation, particular parameters maintain the same shortened names for brevity, and ease of use:
• p: plaintext block
• k: key block
• c: ciphertext block.
In each case, there is the assumption that each block is the appropriate dimension and field size (see "General idea").
• In all functions the plaintext, key and ciphertext blocks are assumed to be the same dimension.
• For small-scale encryption we have the following encryption and decryption functions:
• "ss_encrypt(p,k,r,b,e)" and "aes_decrypt(c,k,r,b,e)" are the functions used to encrypt a plaintext block using the given key block with r rounds encryption/decryption and using the standard (as defined by us) GF(b^e) field for the word field.
• The blocks are given as matrices and the number of rows and number of columns are derived from the these matrices. The field elements are given as arbitrary polynomials (see "Data types").
• "ss_encrypt_gen" and "ss_decrypt_gen" provide generalised versions of "ss_encrypt" and "ss_decrypt" which allow the specification of additional parameters, which have been given default values (based on the other parameters) by "ss_encrypt" and "ss_decrypt":
• mod_poly: the modulo polynomial used to quotient polynomials for the small-scale field elements. Defaults in "ss_encrypt" to ss_polynomial(b,e).
• sbox_f: the sbox function, taking a polynomial and returning the polynomial result of the small-scale sbox for the given parameters. Defaults in "ss_encrypt" to ss_sbox .
• mixcolumns_matrix: the Mixcolumns matrix used in the MixColumns operation. Defaults to ss_mixcolumns_matrix(b,e,n_R) where n_R is the number of rows in the given plaintext and ciphertext blocks.

## Data types

• The elements of the small-scale word-field (the elements of the block) are represented as arbitrary polynomials and then are "brought into range" or "standardised" using the given polynomial polynomial (see ss_polynomial in ComputerAlgebra/Cryptology/Lisp/CryptoSystems/Rijndael/ByteField.mac).
• AES blocks are then matrices of polynomials, where the dimensions of the small-scale AES block is given by the dimension of the matrix.
• As with the AES implementation, there is no interface to the bit level operations of the small-scale AES, but similar to the explanation given in "Data Types" in ComputerAlgebra/Cryptology/Lisp/CryptoSystems/Rijndael/docus/SmallScaleAdvancedEncryptionStandard.hpp one may use the ss_stand function in ComputerAlgebra/Cryptology/Lisp/CryptoSystems/Rijndael/SmallScaleWordField.mac to standardise the polynomial and then consider the coefficients of the polynomial as the e bits of the small-scale word (i.e., the coefficient of x^e becomes the most significant bit of the byte and the coefficient of 1 becomes the least - see [Design of Rijndael;John Daemen and Vincent Rijmen] and [Small Scale Variants of the AES; Carlos Cid, Sean Murphy and M.J.B Robshaw]).

## Examples

• Encrypting a 128-bit word represented as a list of integers:
```> key : matrix([x,x^2],[0,1])\$
> plaintext : genmatrix(lambda([a,b],0),2,2)\$
> num_rounds : 4\$
> field_base : 2\$
> field_exponent : 4\$
> ciphertext : ss_encrypt(plaintext,key,num_rounds,field_base,field_exponent);
matrix([0,x^3+x^2],[x^3+x^2+1,x])
> ss_decrypt(ciphertext,key,num_rounds,field_base,field_exponent);
matrix([0,0],[0,0])
```