CS369: Introduction to Cryptography and Network Security LAB
LAB Assignment III
Course Instructor: Dr. Dibyendu Roy Due: Nov 10, 2024, 11:59 pm
Instructions: Clearly write your name and roll number on the top of your C code. Code must be well
commented. Program file name should be YOUR ROLL NO.c
You need to implement AES-Subbytes S-box S : {0, 1}8 → {0, 1}8 . The table corresponding to
the S-box is given below. You are not allowed to use Table look up for implementing the S-box.
Implementing
112 S-box in table look upCryptography: Theory and−10
method is carrying Marks. Thus you need to implement
Practice
the S-box using the algorithm of Subbytes discussed in your class (also available in book). Finding
polynomial inverse using exhaustive search carries −10 Marks.
TABLE 4.5: The AES S-box
Input and output will be in hexadeciaml format e.g., S(01) = 7C.
Y
X 0 1 2 3 4 5 6 7 8 9 A B C D E F
0 63 7C 77 7B F2 6B 6F C5 30 01 67 2B FE D7 AB 76
1 CA 82 C9 7D FA 59 47 F0 AD D4 A2 AF 9C A4 72 C0
2 B7 FD 93 26 36 3F F7 CC 34 A5 E5 F1 71 D8 31 15
3 04 C7 23 C3 18 96 05 9A 07 12 80 E2 EB 27 B2 75
4 09 83 2C 1A 1B 6E 5A A0 52 3B D6 B3 29 E3 2F 84
5 53 D1 00 ED 20 FC B1 5B 6A CB BE 39 4A 4C 58 CF
6 D0 EF AA FB 43 4D 33 85 45 F9 02 7F 50 3C 9F A8
7 51 A3 40 8F 92 9D 38 F5 BC B6 DA 21 10 FF F3 D2
8 CD 0C 13 EC 5F 97 44 17 C4 A7 7E 3D 64 5D 19 73
9 60 81 4F DC 22 2A 90 88 46 EE B8 14 DE 5E 0B DB
A E0 32 3A 0A 49 06 24 5C C2 D3 AC 62 91 95 E4 79
B E7 C8 37 6D 8D D5 4E A9 6C 56 F4 EA 65 7A AE 08
C BA 78 25 2E 1C A6 B4 C6 E8 DD 74 1F 4B BD 8B 8A
D 70 3E B5 66 48 03 F6 0E 61 35 57 B9 86 C1 1D 9E
E E1 F8 98 11 69 D9 8E 94 9B 1E 87 E9 CE 55 28 DF
F 8C A1 89 0D BF E6 42 68 41 99 2D 0F B0 54 BB 16
in row X and column Y isFigure
πS ( XY1:). AES-Subbytes
The array representation
S-box of πS is presented in
Table 4.5.
In contrast to the S-boxes in DES, which are apparently “random” substitu-
tions, the AES S-box can be defined algebraically. The algebraic formulation of the
AES S-box involves operations in a finite field (finite fields are discussed in detail
in Section 7.4). We include the following description for the benefit of readers who
are already familiar with finite fields (other readers may want to skip this descrip-
tion, or read Section 7.4 first): The permutation πS incorporates operations in the
finite field
F28 = Z2 [ x ]/( x8 + x4 + x3 + x + 1).
Let F IELD I NV denote the multiplicative inverse of a field element; let B INARY-
T O F IELD convert a byte to a field element; and let F IELD T O B INARY perform the
inverse conversion. This conversion is done in the obvious way: the field element
7
∑ ai x i
i =0
corresponds to the byte
a7 a6 a5 a4 a3 a2 a1 a0 ,
where ai ∈ Z2 for 0 ≤ i ≤ 7. Then the permutation πS is defined according to
Algorithm 4.4. In this algorithm, the eight input bits a7 a6 a5 a4 a3 a2 a1 a0 are replaced
by the eight output bits b7 b6 b5 b4 b3 b2 b1 b0 .
Example 4.4 We do a small example to illustrate Algorithm 4.4, where we also
include the conversions to hexadecimal. 1Suppose we begin with (hexadecimal) 53.
In binary, this is
