Review past
MD series algorithms
SHA algorithm
ARM assembly language program structure
Xposed framework installation, use and plug-in development
1. Introduction to AES
AES(Advanced Encryption Standard) is one of the most common symmetric Encryption algorithms.
2, AES encryption process:
1) Plaintext P: data without encryption.
2) Key K:
The password used to encrypt plain text. In symmetric encryption algorithms, the encryption and decryption keys are the same. The key is generated through negotiation between the receiver and sender. However, the key cannot be directly transmitted over the network. Otherwise, the key is leaked. Do not leak the key. Otherwise, attackers will restore the ciphertext and steal confidential data.
3) AES encryption function
Data processed by an encryption function
4) AES decryption function
If the AES decryption function is D, P = D(K, C), where C is the ciphertext, K is the key, and P is the plaintext. In other words, if ciphertext C and key K are input as parameters of the decryption function, the decryption function will output plaintext P.
3, the difference between symmetric encryption algorithm and asymmetric encryption algorithm:
1) Symmetric encryption algorithm
The encryption and decryption keys are the same. This encryption mode has a high encryption speed and is suitable for frequent data transmission. The disadvantage is that the transmission of the key is troublesome.
2) Asymmetric encryption algorithm
The encryption and decryption keys are different. This encryption method is constructed with difficult mathematical problems. Generally, the encryption and decryption speed is relatively slow, which is suitable for occasionally sending data. The advantage is that key transmission is convenient. Common asymmetric encryption algorithms are RSA, ECC and EIGamal.
In practice, the AES key is encrypted through RSA and transmitted to the receiver. The receiver decrypts the AES key and then the sender and receiver use the AES key to communicate.
4. Basic structure of AES
AES is a block cipher. A block cipher divides the plaintext into groups with the same length and encrypts one group of data each time until the whole plaintext is encrypted. In the AES standard specification, packet length can only be 128 bits, that is, each packet is 16 bytes (8 bits per byte). The key length can be 128 bits, 192 bits, or 256 bits.
5, AES128 implementation principle
Aes-128, that is, the length of the key is 128 bits and the number of encryption rounds is 10. The encryption formula of AES is C = E(K,P). In the encryption function E, a round function will be executed, and the round function will be executed 10 times. The operation of the round function is the same for the first 9 times, except the 10th time. That is, a plaintext partition will be encrypted for 10 rounds. The core of AES is to implement all operations in a round.
The AES processing unit is bytes. The 128-bit input plaintext group P and input key K are divided into 16 bytes, denoted as P = P0 P1… P15 and K = K0 K1… K15. For example, the plaintext group is P = abcdefghijklmnop, where a corresponds to P0 and P corresponds to P15.
Generally, plaintext grouping is described by a square matrix in bytes, called a state matrix. In each round of the algorithm, the content of the state matrix changes constantly, and the final result is output as ciphertext. The order of bytes in the matrix is from top to bottom and from left to right, as shown in the figure below:
Now assume that the plaintext group P is “abcdefghijklmNOp”, then the corresponding state matrix generated above is as follows:
Similarly, a 128-bit key is represented as a matrix in bytes, each column of which is called a 32-bit bit word (one cell is 8 bits, four cells are 32 bits).
The key matrix is extended into a sequence of 44 words W[0],W[1]…
W[43], the first four elements of the sequence W[0],W[1],W[2],W[3] are the original keys used for the initial key addition in the encryption operation (introduced below); The following 40 words are divided into 10 groups, each group of 4 words (4*32=128 bits) are respectively used for round key addition in 10 rounds of encryption operation, as shown in the following figure:
In the figure above, if K = abcdefghijklMNOp in plaintext, K0 = a, K15 = P, W[0] = K0 K1 K2 K3 = abCD.
The overall structure of AES is shown in the following figure, where W[0,3] refers to the 128-bit key composed of W[0], W[1], W[2], and W[3] in series. Round functions for round 1 through 9 of encryption include four operations: byte substitution, row displacement, column mixing, and round key addition. The last iteration does not perform column mixing. In addition, an xor encryption operation is performed on the plaintext and the original key before the first iteration.
The figure above also shows the AES decryption process (encryption on the left and decryption on the right). The decryption process is still 10 rounds, and each round of operation is the reverse operation of the encryption operation. Since all four rounds of AES are reversible, one round of decryption is a sequence of reverse shift, reverse byte substitution, round key addition, and inverse column mixing. Similar to the encryption operation, the last round does not perform inverse column mixing, and a keyplus-operation is performed before the first round of decryption.
Four operations for a round in AES:
1) Byte substitution
A) Byte substitution operation
AES byte substitution is a simple table lookup operation. AES defines an S-box and an inverse S-box
B) Byte substitution inverse operation
Inverse byte substitution is looking at the inverse S-box;
2) Row shift
A) Row shift operation
Row shift is a simple circular left shift operation
B) The inverse transformation of row shifts
The inverse of a row shift is to perform the opposite shift for each row in the state matrix
3) Column mixing
A) Column mixing operation
The mixed transformation is performed by matrix multiplication, where the row-shifted state matrix is multiplied by the fixed matrix, yielding the state matrix after ‘objects’
B) column mixed inverse operation
The product of the inverse transformation matrix and the forward transformation matrix is exactly the identity matrix
4) Round key addition
Round key addition is a bit by bit xOR operation between 128-bit round key Ki and the data in the state matrix.
Analyze the AES algorithm in Eclipse
1) Analyze these methods here:
Initkey: generates a key
Encrypt: encrypts data
Decrypt: Decrypts data
2. Analyze the Java code of the AES class
Several important methods are involved:
GetInstance: instantiates the required algorithm
GenerateKey: Generates the secret key
GetEncoded: Obtain binary key encoding form
SecretKeySpec: Instantiates the key material
summary
1. Introduce the algorithm and realization principle of AES. 2. Analyze the code of AES algorithm in Eclipse.
If you are also interested in Android reverse, please add contact information, wechat search [Chen Road mobile security team], pay attention to surprise oh!
Penguin Colony: 876526335
Ag: Yjxiaox