# A Stick Figure Guide to the Advanced Encryption Standard (AES)

(A play in 4 acts. Please feel free to exit along with the stage character that best represents you. Take intermissions as you see fit. Click on the stage if you have a hard time seeing it. If you get bored, you can jump to the code. Most importantly, enjoy the show!) Act 1: Once Upon a Time... Act 2: Crypto Basics Act 3: Details Act 4: Math! Epilogue I created a heavily-commented AES/Rijndael implementation to go along with this post and put it on GitHub. The Design of Rijndael is the book on the subject, written by the Rijndael creators. Please leave a comment if you notice something that can be better explained. Update #1: Several scenes were updated to fix some errors mentioned in the comments.Update #2: By request, I've created a slide show presentation of this play in both PowerPoint and PDF formats. Related:  cryptography

Ethiopian multiplication Ethiopian multiplication You are encouraged to solve this task according to the task description, using any language you may know. A method of multiplying integers using only addition, doubling, and halving. Method: Take two numbers to be multiplied and write them down at the top of two columns. For example: 17 × 34 Halving the first column: Doubling the second column: Strike-out rows whose first cell is even: Sum the remaining numbers in the right-hand column: So 17 multiplied by 34, by the Ethiopian method is 578. The task is to define three named functions/methods/procedures/subroutines: one to halve an integer, one to double an integer, and one to state if an integer is even. Use these functions to create a function that does Ethiopian multiplication. References  ACL2  ActionScript Output: ex. 17 348 68 Strike4 136 Strike2 272 Strike1 544 Keep= 578  Ada package Ethiopian is function Multiply(Left, Right : Integer) return Integer;end Ethiopian;  Aime  ALGOL 68 Output:

Web users ignoring security certificate warnings | Security Digital certificate warnings in Web browsers are not an effective security measure, according to Carnegie Mellon researchers. The researchers, who plan to present their findings on August 14 at the Usenix Security Symposium in Montreal, found over the course of two experiments that certificate warnings were ineffectual. The warnings appear when a browser detects a problem with a Web site's certificate and arrive as a pop-up with a message such as: "There is a problem with this Web site's security certificate." In an online study conducted among 409 participants, the researchers found that the majority of respondents would ignore warnings about an expired Secure Sockets Layer (SSL) certificate. The more tech-savvy the user, the more likely they would be to ignore it, the study found. SSL certificates are designed to provide the user with a degree of confidence about the authenticity of a Web site they are visiting. Again, high percentages of users ignored the warnings.

Are AES 256-bit keys too large? This may seem an odd question given that since the mid 70's discussions about cryptographic keys have been mainly concerned about their potential shortness. While the risks of using short keys are apparent, there are risks lurking at the other end of the gamut as well. We can have too much of a good thing, and also think we have a good thing when we in fact don't. The adoption of the AES cipher has progressed quite rapidly, greatly assisted by being mandated as a US government standard. The economics of AES keys Modern block ciphers encrypt by mixing data over a series of rounds to produce a complex nonlinear relationship between the plaintext (message), ciphertext and key. So given that AES-256 is likely to be deployed widely, what type of security can we expect? AES and Passwords It is common for laptop and USB encryption solutions to use one of the following key management systems: How large a password space do we need to provide the same security as a 256-bit key space? Related Posts

Low Level Bit Hacks You Absolutely Must Know I decided to write an article about a thing that is second nature to embedded systems programmers - low level bit hacks. Bit hacks are ingenious little programming tricks that manipulate integers in a smart and efficient manner. Instead of performing some operation (such as counting the 1 bits in an integer) by looping over individual bits, these programming nuggets do the same with one or two carefully chosen bitwise operations. To get things going I'll assume that you know what the two's complement binary representation of an integer is and also that you know all the the bitwise operations. I'll use the following notation for bitwise operations in the article: & - bitwise and | - bitwise or ^ - bitwise xor ~ - bitwise not << - bitwise shift left >> - bitwise shift right The numbers in the article are 8 bit signed integers (though the operations work on arbitrary length signed integers) that are represented as two's complement and they are usually named 'x'. Here we go. Bit Hack #1. 1. 2.

How to disable USB sticks and limit access to USB storage devices on Windows systems | Diary Products - Hannes Schmidt Submitted by Hannes Schmidt on Sat, 08/20/2005 - 09:50. USB storage - a possible security risk? Decent IT administrators secure their networks behind firewalls. They install mail filters on their SMTP servers and deploy anti-virus software on all client workstations. But securing the network is not sufficient -- what happens if the users bring their own USB memory sticks and connect them to the computers at their office? A 1 Gb USB stick can sometimes hold an entire company's vital data. What does Microsoft have to say about it? If you, the administrator, want to establish a minimum level of security, it is absolutely necessary to control which users can connect USB memory sticks to a computer. Suggestions? Mark Heitbrink describes how to disable USB storage devices entirely on all or some computers in the network. The Howto! If we combine Mark Heitbrink's approach with the one outlined in knowledge base article 823732, we get a more reliable solution.

Creating a Cryptographic Hash Function A Cryptographic hash function is something that mechanically takes an arbitrary amount of input, and produces an "unpredictable" output of a fixed size. The unpredictableness isn't in the operation itself. Obviously, due to its mechanical nature, every time a given input is used the same output will result. This differs from non-cryptographic hash functions used for high-speed hash-tables or other data structures. An ideal hash function produces an output of n bits. If Quantum Computers scale upwards enough (as of this writing, they can factor 15=3×5) then Grover's algorithm becomes applicable. So you've decided to create your own cryptographic hash function. The Merkle-Damgård construction Many modern cryptographic hash functions are based on the "Merkle-Damgård construction". It can be proved that if the compression function is collision resistant, and if the correct type of termination is done, then the result is also collision resistant. Keccak Compression and Mixing Functions

Bit Twiddling Hacks By Sean Eron Anderson seander@cs.stanford.edu Individually, the code snippets here are in the public domain (unless otherwise noted) — feel free to use them however you please. The aggregate collection and descriptions are © 1997-2005 Sean Eron Anderson. Contents About the operation counting methodology When totaling the number of operations for algorithms here, any C operator is counted as one operation. Compute the sign of an integer int v; // we want to find the sign of v int sign; // the result goes here // CHAR_BIT is the number of bits per byte (normally 8). sign = -(v < 0); // if v < 0 then -1, else 0. // or, to avoid branching on CPUs with flag registers (IA32): sign = -(int)((unsigned int)((int)v) >> (sizeof(int) * CHAR_BIT - 1)); // or, for one less instruction (but not portable): sign = v >> (sizeof(int) * CHAR_BIT - 1); The last expression above evaluates to sign = v >> 31 for 32-bit integers. Alternatively, if you prefer the result be either -1 or +1, then use: sign = (v !

Disabling USB Storage With Group Policy by Mitch Tulloch 11/15/2005 The security threat posed to companies by USB flash drives has been known for some time now. LabMice has a good summary of both the tremendous usefulness of these devices and the dangers they pose to businesses, both in terms of being a potential malware vector and a channel for stealing sensitive information from companies. Policy First Start by updating your company's security policy to provide guidance to employees concerning the proper use and misuse of USB storage devices. When your boss hears that anyone can now walk into an office and take a USB key from his pocket and grab megabytes of confidential business data and walk out with it undetected, her first response might be to ask, "How can we lock down our computers to prevent this from happening?" Of course, the reality sometimes is that maybe you don't have a written security policy for your company, or maybe you have one but management won't buy into it and violations are never punished.

2013 - Interview: Gilles Van Assche:<br/>Keccak, More Than Just SHA3SUM FOSDEM 2013/Interviews/Gilles Van Assche: Keccak, More Than Just SHA3SUM Gilles Van Assche and Joan Daemen will give a talk about Keccak, More Than Just SHA3SUM at FOSDEM 2013 Q: Could you briefly introduce yourself? We, Guido, Joan, Michaël and Gilles (a.k.a. the Keccak Team), are cryptographers working at STMicroelectronics (Guido, Joan, Gilles) and NXP (Michaël). During the last few years we have joined forces, concentrating on permutation-based cryptography with a focus on actual usability. Q: What will your talk be about, exactly? Recently, the American National Institute of Standards and Technology (NIST) announced the selection of Keccak as the winner of the SHA-3 Cryptographic Hash Algorithm Competition. In this talk we will introduce and highlight the strengths of our cryptographic primitive and explain how it can benefit the FOSS community. Q: What do you hope to accomplish by giving this talk? In the approach, SHA-3 was very similar to AES.

Related: