AES 256-bit CBC FIPS-197

Intelligible blog title? Maybe, maybe not.

The Advanced Encryption Standard (AES) has been widely recognised as government- and military-grade encryption for the past 12 years. The AES specification was initially established in 2001 by the U.S National Institute of Standards and Technology (NIST) to replace the then encryption standard DES (Data Encryption Standard).

The AES cipher was initially called Rijndael (pronounced “rain dahl”) and was developed by Belgian cryptographers Joan Daemen and Vincent Rijmen.

As part of the requirements for my dissertation, I have produced a 256-bit CBC FIPS-197 compliant implementation of the AES algorithm.

What does 256-bit CBC FIPS-197 compliant mean?

• 256-bit
  "256-bit" denotes the key size. AES can support 128, 192 and 256 bit key sizes.
• CBC
  AES is a block-cipher. Data is inputted and outputted in blocks, in the case of AES blocks are fixed at 128-bits. “CBC” stands for Cipher Block Chaining. This method involves XORing each plaintext block with the previous ciphertext block before encryption. CBC is considered substantially more secure than other block modes such as Electronic Codebook (ECB).
• FIPS-197 compliant
  FIPS-197 is the official standard issued by NIST after approval from U.S Secretary of Commerce on 26th November 2001.

Implementing AES in a new language (C) has proven to have its challenges as I was trying to understand exactly how AES works at the same time as learning a new language. However, most of the challenges I encountered were problems with the C programming language instead of a misunderstanding of how AES works.

Despite being well established as the current encryption standard, there are limited resources on the internet that explain how AES works in a straightforward manner to someone who has a fundamental working knowledge of cryptography. However, AES is quite a simple encryption algorithm for all the smoke and mirrors.