The Advanced Encryption Standard (AES), also known as the Rijndael algorithm, is the current mainstream international symmetric encryption algorithm. AES belongs to the category of block cipher algorithms within symmetric encryption algorithms. Its encryption process involves dividing plaintext into fixed-length blocks and encrypting them using a key to produce ciphertext blocks. Decryption is the reverse process of encryption. The algorithm uses a block length of 128 bits, and the key length can be specified as 128 bits, 196 bits, or 256 bits.

For a plaintext block, a round function transformation is applied, and multiple rounds of iterations are performed to produce ciphertext blocks. The round function consists of four operations: ByteSub, ShiftRow, MixColumn, and AddRoundKey. The encryption and decryption process of the algorithm (illustrated in Figure 1) uses a 128-bit key (referred to as the seed key). For example, with the seed key, the iteration consists of 10 rounds for both encryption and decryption. The input matrix of each operation is the output matrix of the previous operation, and W[i]~W[j] represent the keys used for encryption in each round, obtained through key expansion from the seed key. The encryption with different key lengths follows a similar process, with the difference lying in the number of iteration rounds; encryption with a 196-bit key involves 12 rounds, while encryption with a 256-bit key involves 14 rounds.

Figure 1: AES-128 Algorithm Encryption and Decryption Process

The following sections describe the key expansion and the four operations included in the round function.

1. KeyExpansion

The encryption key for each round is derived from the previous round's key using specified expansion rules. The encryption key for the first round is obtained through the expansion of the seed key, and the KeyExpansion is performed on a per-word (i.e., four bytes) basis.

The expansion rules are as follows:

2. ByteSub

ByteSub Operation

For each byte, the high 4 bits are considered as the row value, and the low 4 bits as the column value. The corresponding element is then replaced by looking it up in the S-box defined in the AES algorithm, as shown in Figure 2.

Figure 2: S-Box

Inverse ByteSub Operation

Similar to ByteSub Operation, the difference lies in the Inverse ByteSub Operation where transformation is performed by looking up the element in the inverse S-box (see Figure 3).

Figure 3: Inverse S-Box

3. ShiftRow

ShiftRow Operation

When the key length is 128 bits, in the previous output matrix, the 0th row is shifted left by 0 bytes, the 1st row is shifted left by 1 byte, the 2nd row is shifted left by 2 bytes, and the 3rd row is shifted left by 3 bytes, as shown in Figure 4.

Figure 4: ShiftRow

Inverse ShiftRow Operation

Opposite to Left ShiftRow, this operation involves Right ShiftRow as shown in Figure 5.

Figure 5: Inverse ShiftRow

4. MixColumn

MixColumn Operation

The previous output matrix is left-multiplied by a fixed matrix (see Figure 6).

Figure 6: MixColumn

Inverse MixColumn Operation

Similar to MixColumn (as shown in Figure 7), the difference lies in the left multiplication by a different fixed matrix denoted asA', whereA⊗A' equals the identity matrix.

Figure 7: Inverse MixColumn

5. AddRoundKey

The previous output matrix undergoes a column-wise bitwise XOR operation with the key for each round (see Figure 8).

Figure 8: AddRoundKey

The AES algorithm is primarily used to address data encryption for transmission, storage, and other relevant purposes. It is particularly suitable for scenarios involving big data volumes such as secure database storage.