Why does AES have exactly 10 rounds for a 128-bit key, 12 for 192 bits and 14 for a 256-bit key size?Increase number of rounds for SPN and Feistel ciphersIs AES-256 weaker than 192 and 128 bit versions?What is the security loss from reducing Rijndael to 128 bits block size from 256 bits?Can Poly1305-AES be used with AES-256?What are the constraints on using GCM with a tag size of 96 and 128 bits?AES - What is the advantage of a 256-bit key with a 128-bit block cipher?AES function with 128 bit key and 128 bit input size - does it have perfect secrecy?Replacing a block cipher's key schedule with a stream cipherA Lightweight Matrix Suggestion for MixColumns State of AESOCB-AES: Ambiguous definition of “Encipher” in RFC document
How could a planet have erratic days?
Can I cause damage to electrical appliances by unplugging them when they are turned on?
How can I write humor as character trait?
Change the color of a single dot in `ddot` symbol
Short story about a deaf man, who cuts people tongues
What is going on with gets(stdin) on the site coderbyte?
Delete multiple columns using awk or sed
How much theory knowledge is actually used while playing?
Pre-mixing cryogenic fuels and using only one fuel tank
Does "he squandered his car on drink" sound natural?
C++ copy constructor called at return
Why does Carol not get rid of the Kree symbol on her suit when she changes its colours?
When were female captains banned from Starfleet?
"It doesn't matter" or "it won't matter"?
Giving feedback to someone without sounding prejudiced
How do I fix the group tension caused by my character stealing and possibly killing without provocation?
Microchip documentation does not label CAN buss pins on micro controller pinout diagram
"Oh no!" in Latin
How can ping know if my host is down
Does Doodling or Improvising on the Piano Have Any Benefits?
What kind of floor tile is this?
Do we have to expect a queue for the shuttle from Watford Junction to Harry Potter Studio?
Shouldn’t conservatives embrace universal basic income?
Does the reader need to like the PoV character?
Why does AES have exactly 10 rounds for a 128-bit key, 12 for 192 bits and 14 for a 256-bit key size?
Increase number of rounds for SPN and Feistel ciphersIs AES-256 weaker than 192 and 128 bit versions?What is the security loss from reducing Rijndael to 128 bits block size from 256 bits?Can Poly1305-AES be used with AES-256?What are the constraints on using GCM with a tag size of 96 and 128 bits?AES - What is the advantage of a 256-bit key with a 128-bit block cipher?AES function with 128 bit key and 128 bit input size - does it have perfect secrecy?Replacing a block cipher's key schedule with a stream cipherA Lightweight Matrix Suggestion for MixColumns State of AESOCB-AES: Ambiguous definition of “Encipher” in RFC document
$begingroup$
I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:
$$
beginarrayc
hline
beginarrayc textbfKey Size \ left(textbitsright) endarray
&beginarrayc textbfRounds \ left(textnumberright) endarray \ hline
128 & 10 \ hline
192 & 12 \ hline
256 & 14 \ hline
endarray
$$
Why these specific numbers of rounds only?
aes
edited 5 hours ago
Nat
2081411
asked 10 hours ago
kapilkapil
583
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
$endgroup$
add a comment |
$begingroup$
I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:
$$
beginarrayc
hline
beginarrayc textbfKey Size \ left(textbitsright) endarray
&beginarrayc textbfRounds \ left(textnumberright) endarray \ hline
128 & 10 \ hline
192 & 12 \ hline
256 & 14 \ hline
endarray
$$
Why these specific numbers of rounds only?
aes
edited 5 hours ago
Nat
2081411
asked 10 hours ago
kapilkapil
583
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
$endgroup$
add a comment |
$begingroup$
I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:
$$
beginarrayc
hline
beginarrayc textbfKey Size \ left(textbitsright) endarray
&beginarrayc textbfRounds \ left(textnumberright) endarray \ hline
128 & 10 \ hline
192 & 12 \ hline
256 & 14 \ hline
endarray
$$
Why these specific numbers of rounds only?
aes
edited 5 hours ago
Nat
2081411
asked 10 hours ago
kapilkapil
583
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
$endgroup$
I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:
$$
beginarrayc
hline
beginarrayc textbfKey Size \ left(textbitsright) endarray
&beginarrayc textbfRounds \ left(textnumberright) endarray \ hline
128 & 10 \ hline
192 & 12 \ hline
256 & 14 \ hline
endarray
$$
Why these specific numbers of rounds only?
aes
aes
edited 5 hours ago
Nat
2081411
asked 10 hours ago
kapilkapil
583
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 5 hours ago
Nat
2081411
asked 10 hours ago
kapilkapil
583
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 5 hours ago
Nat
2081411
edited 5 hours ago
Nat
2081411
edited 5 hours ago
Nat
2081411
2081411
asked 10 hours ago
kapilkapil
583
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 10 hours ago
kapilkapil
583
asked 10 hours ago
kapilkapil
583
583
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
$begingroup$
Why these specific number of rounds only?
Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".
The standard specifies these specific number of rounds to ensure that different implementations are interoperable.
Why not more or less?
The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.
Less might be insecure, and more might be slower with no benefit.
To quote the above book (from Section 3.5 The Number of Rounds):
For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:
One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.
(Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.
edited 8 hours ago
puzzlepalace
2,8701133
answered 9 hours ago
Ella Rose♦Ella Rose
16.6k44382
$endgroup$
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
return StackExchange.using("mathjaxEditing", function ()
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix)
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
);
);
, "mathjax-editing");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "281"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
kapil is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68199%2fwhy-does-aes-have-exactly-10-rounds-for-a-128-bit-key-12-for-192-bits-and-14-fo%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
$begingroup$
Why these specific number of rounds only?
Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".
The standard specifies these specific number of rounds to ensure that different implementations are interoperable.
Why not more or less?
The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.
Less might be insecure, and more might be slower with no benefit.
To quote the above book (from Section 3.5 The Number of Rounds):
For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:
One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.
(Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.
edited 8 hours ago
puzzlepalace
2,8701133
answered 9 hours ago
Ella Rose♦Ella Rose
16.6k44382
$endgroup$
add a comment |
$begingroup$
Why these specific number of rounds only?
Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".
The standard specifies these specific number of rounds to ensure that different implementations are interoperable.
Why not more or less?
The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.
Less might be insecure, and more might be slower with no benefit.
To quote the above book (from Section 3.5 The Number of Rounds):
For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:
One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.
(Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.
edited 8 hours ago
puzzlepalace
2,8701133
answered 9 hours ago
Ella Rose♦Ella Rose
16.6k44382
$endgroup$
add a comment |
$begingroup$
Why these specific number of rounds only?
Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".
The standard specifies these specific number of rounds to ensure that different implementations are interoperable.
Why not more or less?
The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.
Less might be insecure, and more might be slower with no benefit.
To quote the above book (from Section 3.5 The Number of Rounds):
For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:
One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.
(Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.
edited 8 hours ago
puzzlepalace
2,8701133
answered 9 hours ago
Ella Rose♦Ella Rose
16.6k44382
$endgroup$
Why these specific number of rounds only?
Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".
The standard specifies these specific number of rounds to ensure that different implementations are interoperable.
Why not more or less?
The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.
Less might be insecure, and more might be slower with no benefit.
To quote the above book (from Section 3.5 The Number of Rounds):
For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:
One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.
(Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.
edited 8 hours ago
puzzlepalace
2,8701133
answered 9 hours ago
Ella Rose♦Ella Rose
16.6k44382
edited 8 hours ago
puzzlepalace
2,8701133
edited 8 hours ago
puzzlepalace
2,8701133
edited 8 hours ago
puzzlepalace
2,8701133
2,8701133
answered 9 hours ago
Ella Rose♦Ella Rose
16.6k44382
answered 9 hours ago
Ella Rose♦Ella Rose
16.6k44382
answered 9 hours ago
Ella Rose♦Ella Rose
16.6k44382
16.6k44382
add a comment |
add a comment |
kapil is a new contributor. Be nice, and check out our Code of Conduct.
kapil is a new contributor. Be nice, and check out our Code of Conduct.
kapil is a new contributor. Be nice, and check out our Code of Conduct.
kapil is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Cryptography Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
Use MathJax to format equations. MathJax reference.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68199%2fwhy-does-aes-have-exactly-10-rounds-for-a-128-bit-key-12-for-192-bits-and-14-fo%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
