**Cryptography Tutorials - Herong's Tutorial Examples** - Version 5.32, by Dr. Herong Yang

AES Key Schedule Algorithm

A quick description of the AES key schedule algorithm is provided. AES key schedule expands the given cipher key into 11 round keys. It uses round constants, S-box lookups and byte rotations.

The first step of the AES encryption algorithm is to call the KeyExpansion() procedure to generate 11 round keys based on a given cipher key. The KeyExpansion() procedure is also called key schedule generation.

Here is the algorithm of the KeyExpansion() procedure should follow for 128-bit cipher keys:

Procedure Name: KeyExpansion(K,k[]) Input: K: 128 bits cipher key Rcon[]: Round constant array SubWord(): Word substitution procedure RotWord(): Word rotation procedure Output: k[11]: 11 round keys as 4x4 byte arrays Algorithm: w[4*11] # a word array holding 11 round keys w[0..3] = K # setting cipher key as the first round key for i = 4 to 43 # computing words of other round keys temp = w[i-1] # copying previous word to a temp variable if (i mod 4 = 0) temp = SubWord(RotWord(temp)) temp = temp XOR Rcon[i/4] end if w[i] = w[i-4] XOR temp end for for i = 0 to 10 # building 11 round keys as 4x4 byte arrays k[i] = w[4*i..4*i+3] end for

Some notes on KeyExpansion() algorithm:

- The KeyExpansion() algorithm is mainly operate on unit of word, which is 4 bytes or 32 bits long.
- The RotWord() procedure performs a rotate (cyclic shift) operation of 1 byte to the left on the given word.
- The SubWord() procedure performs a byte substitution operation with the same S-box as the encryption algorithm on the given word.
- The round constant array, Rcon[], holds 11 constants: 0x8d000000, 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000, 0x1b000000, 0x36000000.

*Last update: 2015.*

Table of Contents

►Introduction to AES (Advanced Encryption Standard)

What Is AES (Advanced Encryption Standard)?

AES, or Rijndael, Encryption Algorithm

AES MixColumns() Procedure Algorithm

Example Vector of AES Encryption

AES Standard Decryption Algorithm

AES Equivalent Decryption Algorithm

DES Algorithm - Illustrated with Java Programs

DES Algorithm Java Implementation

DES Algorithm - Java Implementation in JDK JCE

DES Encryption Operation Modes

PHP Implementation of DES - mcrypt

Blowfish - 8-Byte Block Cipher

Secret Key Generation and Management

Cipher - Secret Key Encryption and Decryption

RSA Implementation using java.math.BigInteger Class

Introduction of DSA (Digital Signature Algorithm)

Java Default Implementation of DSA

Private key and Public Key Pair Generation

PKCS#8/X.509 Private/Public Encoding Standards

Cipher - Public Key Encryption and Decryption

OpenSSL Introduction and Installation

OpenSSL Generating and Managing RSA Keys

OpenSSL Generating and Signing CSR

OpenSSL Validating Certificate Path

"keytool" and "keystore" from JDK

"OpenSSL" Signing CSR Generated by "keytool"

Migrating Keys from "keystore" to "OpenSSL" Key Files

Certificate X.509 Standard and DER/PEM Formats

Migrating Keys from "OpenSSL" Key Files to "keystore"

Using Certificates in IE (Internet Explorer)