How to implement AES-512 algorithm?

javascript aes

23,697

Solution 1

The Rijdael cipher comes in 128, 160, 192, 224, and 256-bit variants. The 128, 192, and 256-bit variants were selected for the Advanced Encryption Standard. 128-bit symmetric keys are considered to be roughly as strong as 1024-bit RSA keys, and 256-bit symmetric keys are considered to be roughly as strong as 2048-bit RSA keys. In practice, nobody uses 192-bit AES, because they're either concerned about performance and/or export control, and use 128-bit, or paranoid, and use 256-bit.

There isn't a single 512-bit symmetric key cipher in common public use. The whirlpool hash function, which is based on AES, returns a 512-bit digest, but that's not the same thing as a 512-bit AES cipher.

Solution 2

I understand that there is no such thing as a 512-bit AES.

From wikipedia:

In cryptography, the Advanced Encryption Standard (AES) is an encryption standard adopted by the U.S. government. The standard comprises three block ciphers, AES-128, AES-192 and AES-256, adopted from a larger collection originally published as Rijndael.

Solution 3

As others have mentioned double-AES-256 does not give 512 bits of security (rather 256+1 bits of time complexity) due to the time/space trade off given by the "meet-in-the-middle attack".

However I don't believe anyone has correctly answered "what" AES-512 actually would be IF it existed. Note that all current AES variants have a fixed block size of 128 bits, therefore AES-512 if it existed would also have a block size of only 128 bits (assuming the pattern held), and thus would require NO CHANGES to the MixColumns or ShiftRows subroutines.

Extending the AES system to use 512 bit key sizes is technically supported by the AES standard, IF you allow N_k>8. Note that the AES standard FIPS-197 has a design that is mostly independent of the key size. The only thing that is missing is the number of rounds for N_k=16 (512 bit keys=16*'32 bit words'). The current standard (on page 14) specifies N_r={10,12,14} rounds for N_k={4,6,8} respectively. Following the pattern shows N_r=N_k+6. Therefore N_r=22 if N_k=16... after defining N_r=22 for N_k=16 nothing else needs to change, just pre-populate the first 512 bits of the key schedule (as specified in section 5.2) with the given key and continue with the algorithm...

the only limiting factor might be the Rcon[i] word that gets multiplied by x (mod x^8+x^4+x^3+x+1) for every N_k words as it has a period of 51 and then begins to repeat. x^51=(1 mod x^8+x^4+x^3+x+1)... however the largest Rcon[i] that gets used is

i=(N_r+1)*N_b/N_k  ; ((N_r+1)*N_b is the total size (in 4 octet words) of the key schedule)
i=(N_k+6+1)*N_b/N_k
i=(N_k+7)*4/N_k
i=4+28/N_k ; (correct... ignoring rounding issues (and probably an off by one error due to laziness))

so it's not an issue as less Rcon's get used as the key size increases...

Solution 4

Please note that running AES256 twice is not equivalent in any way to a (future) AES512 encryption.

Comsider: 2^256 + 2^256 < 2^512

In other words, the time required to brute force 2 256-bit keys is significantly less than the time to brute force a single 512-bit key.

(Not that either attack is feasible on current hardware anyways)

Solution 5

I think that it might be possible to extend A.E.S but the fly in the ointment so to speak is the shift and reverse shift values otherwise there should be no problems. So for 512 you would need four rows and 16 columns but you would need to work out the shift factors as I said earlier. for 1024 you just double the number of columns but again the shifts and reverse shifts need to be worked out.

View more solutions

23,697

Author by

Admin

Updated on July 15, 2022

Comments

Admin almost 2 years

Is there javascript avaialable which implements AES-512 algorythm(i.e Encyption,Decryption)? I found most of the javascripts implmented AES-128,AES-192,AES-256.