// encryption: SB -> SR -> MC -> RK // decryption: other way around static void aes_dec_round(aes_cipher_state_t* state, const aes_roundkey_t* k) { uint8_t i; /* keyAdd */ for(i=0; i<16; ++i){ state->s[i] ^= k->ks[i]; //Bitwise Exclusive-Or (XOR) } // Inverse mixed columns /* 14 11 13 09 * E B D 9 * 9 E B D * D 9 E B * B D 9 E */ aes_invmixed_columns( state->s, 16); aes128_invremask(state->s); /* shiftRows */ // WHY is shiftcol used here???? aes_invshiftcol(state->s+1, 1); aes_invshiftcol(state->s+2, 2); aes_invshiftcol(state->s+3, 3); /* subBytes */ for(i=0; i<16; ++i){ state->s[i] = *(aes_invsbox+state->s[i]); } }
static void aes_dec_firstround(aes_cipher_state_t* state, const aes_roundkey_t* k) { uint8_t i; /// *** STEP 1: keyAdd *** for(i=0; i<16; ++i) { state->s[i] ^= k->ks[i]; } #ifdef ENCRYPTION_DEBUG beginSerial(115200, 0); digitalWrite(23,0x01); digitalWrite(11,0x00); printString("\n\n*** STEP 1: keyAdd --> ", 0); _delay_ms(3); for(i=0; i<16; ++i) { puthex((char)state->s[i],0); _delay_ms(3); } #endif /// *** STEP 2: invert shiftRows *** aes_invshiftcol(state->s+1, 1); aes_invshiftcol(state->s+2, 2); aes_invshiftcol(state->s+3, 3); #ifdef ENCRYPTION_DEBUG printString("\n*** STEP 2: shiftRows --> ", 0); _delay_ms(3); for(i=0; i<16; ++i) { puthex((char)state->s[i],0); _delay_ms(3); } #endif /// *** STEP 3: subBytes *** for(i=0; i<16; ++i) { state->s[i] = pgm_read_byte(aes_invsbox+state->s[i]); } #ifdef ENCRYPTION_DEBUG printString("\n*** STEP 3: subBytes --> ", 0); _delay_ms(3); for(i=0; i<16; ++i) { puthex((char)state->s[i],0); _delay_ms(3); } #endif }
static void aes_dec_round(aes_cipher_state_t* state, const aes_roundkey_t* k){ uint8_t tmp[16]; uint8_t i; uint8_t t,u,v,w; /* keyAdd */ for(i=0; i<16; ++i){ tmp[i] = state->s[i] ^ k->ks[i]; } /* mixColums */ for(i=0; i<4; ++i){ t = tmp[4*i+3] ^ tmp[4*i+2]; u = tmp[4*i+1] ^ tmp[4*i+0]; v = t ^ u; v = gf256mul(0x09, v, 0x1b); w = v ^ gf256mul(0x04, tmp[4*i+2] ^ tmp[4*i+0], 0x1b); v = v ^ gf256mul(0x04, tmp[4*i+3] ^ tmp[4*i+1], 0x1b); state->s[4*i+3] = tmp[4*i+3] ^ v ^ gf256mul(0x02, tmp[4*i+0] ^ tmp[4*i+3], 0x1b); state->s[4*i+2] = tmp[4*i+2] ^ w ^ gf256mul(0x02, t, 0x1b); state->s[4*i+1] = tmp[4*i+1] ^ v ^ gf256mul(0x02, tmp[4*i+2] ^ tmp[4*i+1], 0x1b); state->s[4*i+0] = tmp[4*i+0] ^ w ^ gf256mul(0x02, u, 0x1b); /* state->s[4*i+0] = gf256mul(0xe, tmp[4*i+0], 0x1b) ^ gf256mul(0xb, tmp[4*i+1], 0x1b) ^ gf256mul(0xd, tmp[4*i+2], 0x1b) ^ gf256mul(0x9, tmp[4*i+3], 0x1b); state->s[4*i+1] = gf256mul(0x9, tmp[4*i+0], 0x1b) ^ gf256mul(0xe, tmp[4*i+1], 0x1b) ^ gf256mul(0xb, tmp[4*i+2], 0x1b) ^ gf256mul(0xd, tmp[4*i+3], 0x1b); state->s[4*i+2] = gf256mul(0xd, tmp[4*i+0], 0x1b) ^ gf256mul(0x9, tmp[4*i+1], 0x1b) ^ gf256mul(0xe, tmp[4*i+2], 0x1b) ^ gf256mul(0xb, tmp[4*i+3], 0x1b); state->s[4*i+3] = gf256mul(0xb, tmp[4*i+0], 0x1b) ^ gf256mul(0xd, tmp[4*i+1], 0x1b) ^ gf256mul(0x9, tmp[4*i+2], 0x1b) ^ gf256mul(0xe, tmp[4*i+3], 0x1b); */ } /* shiftRows */ aes_invshiftcol(state->s+1, 1); aes_invshiftcol(state->s+2, 2); aes_invshiftcol(state->s+3, 3); /* subBytes */ for(i=0; i<16; ++i){ state->s[i] = pgm_read_byte(aes_invsbox+state->s[i]); } }
static void aes_dec_firstround(aes_cipher_state_t* state, const aes_roundkey_t* k){ uint8_t i; /* keyAdd */ for(i=0; i<16; ++i){ state->s[i] ^= k->ks[i]; } /* shiftRows */ aes_invshiftcol(state->s+1, 1); aes_invshiftcol(state->s+2, 2); aes_invshiftcol(state->s+3, 3); /* subBytes */ for(i=0; i<16; ++i){ state->s[i] = pgm_read_byte(aes_invsbox+state->s[i]); } }
// encryption: SB -> SR -> RK // decryption: other way around static void aes_dec_firstround(aes_cipher_state_t* state, const aes_roundkey_t* k){ uint8_t i; // do the array permutation aes128_update_shuffling_array(); /* keyAdd */ for(i=0; i<16; ++i){ state->s[permutation_array[i]] ^= k->ks[permutation_array[i]]; } /* shiftRows */ aes_invshiftcol(state->s+1, 1); aes_invshiftcol(state->s+2, 2); aes_invshiftcol(state->s+3, 3); /* subBytes */ for(i=0; i<16; ++i){ state->s[permutation_array[i]] = pgm_read_byte(aes_invsbox+state->s[permutation_array[i]]); } }
// encryption: SB -> SR -> MC -> RK // decryption: other way around static void aes_dec_round(aes_cipher_state_t* state, const aes_roundkey_t* k, uint8_t rounds) { uint8_t i; /* keyAdd */ for(i=0; i<16; ++i){ state->s[permutation_array[i]] ^= k->ks[permutation_array[i]]; //Bitwise Exclusive-Or (XOR) } // Inverse mixed columns /* 14 11 13 09 * E B D 9 * 9 E B D * D 9 E B * B D 9 E */ aes_invmixed_columns( state->s, 16); /* shiftRows */ // WHY is shiftcol used here???? aes_invshiftcol(state->s+1, 1); aes_invshiftcol(state->s+2, 2); aes_invshiftcol(state->s+3, 3); // do the array permutation if(rounds == 2) { aes128_update_shuffling_array(); } /* subBytes */ for(i=0; i<16; ++i){ state->s[permutation_array[i]] = pgm_read_byte(aes_invsbox+state->s[permutation_array[i]]); } }
static void aes_dec_round(aes_cipher_state_t* state, const aes_roundkey_t* k) { uint8_t tmp[16]; uint8_t i; uint8_t t,u,v,w; /// *** STEP 1: keyAdd *** for(i=0; i<16; ++i) { tmp[i] = state->s[i] ^ k->ks[i]; } #ifdef ENCRYPTION_DEBUG beginSerial(115200, 0); digitalWrite(23,0x01); digitalWrite(11,0x00); printString("\n\n*** STEP 1: keyAdd --> ", 0); for(i=0; i<16; ++i) { puthex((char)tmp[i],0); _delay_ms(3); } #endif /// *** STEP 2: mixColums *** inv_mix_column(&tmp[0]); inv_mix_column(&tmp[4]); inv_mix_column(&tmp[8]); inv_mix_column(&tmp[12]); // copy result for(i=0; i<16; ++i) { state->s[i] = tmp[i]; } #ifdef ENCRYPTION_DEBUG printString("\n*** STEP 2: mixColums --> ", 0); _delay_ms(3); for(i=0; i<16; ++i) { puthex((char)state->s[i],0); _delay_ms(3); } #endif /// *** STEP 3: shiftRows *** aes_invshiftcol(state->s+1, 1); aes_invshiftcol(state->s+2, 2); aes_invshiftcol(state->s+3, 3); #ifdef ENCRYPTION_DEBUG printString("\n*** STEP 3: shiftRows --> ", 0); _delay_ms(3); for(i=0; i<16; ++i) { puthex((char)state->s[i],0); _delay_ms(3); } #endif /// *** STEP 4: subBytes *** for(i=0; i<16; ++i) { state->s[i] = pgm_read_byte(aes_invsbox+state->s[i]); } #ifdef ENCRYPTION_DEBUG printString("\n*** STEP 4: subBytes --> ", 0); _delay_ms(3); for(i=0; i<16; ++i) { puthex((char)state->s[i],0); _delay_ms(3); } printString("\n", 0); #endif }