Hacker Newsnew | comments | show | ask | jobs | submitlogin
Animation of the AES algorithm (bc.edu)
81 points by wisesage5001 1599 days ago | comments



Shows how, but doesn't explain why, which make it completely pointless.

-----


The why would be useful but I would hardly say it is pointless. For example I understand the theories but I'm light on details given I have never implemented an encryption algorithm.

Hmmm weekend project?

-----


Writing encryption algorithms as a weekend project should generally be approached in the same way as one might approach writing aircraft control code as a weekend project:

Never use it, never distribute it in a way that someone else might mistakenly think it's a good idea to use it (so posting it on github would probably be a mistake!) and expect your implementation to have bugs you don't realize. (Even if you shove plaintext in and get the right ciphertext out doesn't mean you've found all the bugs, it gets tricky and in some cases different specific algorithmically correct implementations can have not just different performance characteristics, but different runtime security characteristics.)

Otherwise, enjoy.

Most people tend to find weekend projects more fulfilling if they have a way to put them to use. So while I don't mean to go all "this is dark arts that no one should practice uninitiated" on you, I would encourage you to stifle your tendency to find a use for any encryption code you write that isn't peer reviewed. View it as purely an artform; code never to be utilized.

This is the same advice most security researchers give to themselves and others.

-----


Rijndael is well known cipher which became AES - http://en.wikipedia.org/wiki/Advanced_Encryption_Standard

It is not weekend project in any way.

I think that post you answer meant "weekend project on encryption algorithm animation".

-----


I was strictly confining my comments to the implementation the poster was discussing coding up in a weekend.

The Rijndael algorithm itself is of course, very well reviewed and perhaps one of the most solid algorithms publicly available. Which is part of why it was chosen for AES. (Speed being the other factor.)

I think perhaps you misunderstood the conversation.

-----


I've implemented complex encryption methods, but _only as coding exercises_, never ever ever as code that I would ever want to use outside of the exercise.

In your headers you should note that the code contained is for educational use only and is probably very flawed.

Please note: I'm not saying you're a terrible programmer and is guaranteed to botch this attempt. Encryption is a tricky beast. Best leave it to the maths geniuses.

-----


Algorithm design is for the math people, implementation requires a form of paranoia combined with detailed knowledge about CPUs. In many, if not all, cases you will have to look at the assembly that your compiler produces to make sure that an implementation is safe against attacks that look at the timing of calls, their cache misses that affect timing of code on other CPUs, etc. .

-----


if you've worked with C++, there's a very well known and widely used library called Crypto++ that implements various encryption algorithms incl. AES. Give it a try.

-----


How is it pointless? Don't you find a visualization of abstract operations or code useful? How hypocritical.

Besides, the question 'Why does AES work the way it does?' is a completely different topic which should only be touched after the 'How does AES work?'.

-----


I'm pretty sure the number theory involved in the "why" is over most peoples' head.

-----


I disagree. They could add a lot of context by simply explaining the key and its importance, and the concepts of confusion and diffusion.

-----


i agree that the why is complex. but threating it as "math is complex, so let's treat it as a religion and never question or try to understand. just accept." is just plain wrong.

So, the first step should be to NOT start with the "Advanced" standard :) look for block cyphers.

And if you found your self blocked on this little presentation during the non-sense (and not explained) column transformation step, this may help you:

http://docs.google.com/viewer?a=v&q=cache:H0QmIsUIBbkJ:w...

Understanding AES Mix-Columns Transformation Calculation Kit Choy Xintong University of Wollongong,

-----


I've thought about it and I think I agree with you. I've only taken a little advanced math and I was able to understand most of it.

However, I still don't agree with the OP that that makes this presentation pointless.

-----


No, not really. The most complex math AES uses is operations in the finite field GF(256). Given that addition in a power-of-2 finite field is simply XOR, I expect any good programmer to be able to get AES.

-----


I explained more of the details and some of the "why's" in http://www.moserware.com/2009/09/stick-figure-guide-to-advan... , but most people seemed to stop reading before getting to them.

-----


I am more interested in who did the animations. I need such animations to describe our software.

-----


Looks like ezabala at adinet dot com dot uy, Enrique Zabala. Universidad ORT, Montevideo, Uruguay

-----


On step 4, AddRoundKey, shouldn't e5+17 be fc, not f2? Or is AES using something other than simple 8-bit modular arithmetic? It looks like the author did the arithmetic in his/her head, and accidentally used decimal for the second digit (5 + 7 = 12, mod 10 = 2).

-----


The + in a circle means xor, not plus

-----


That's what I get for learning programming years before entering college. I forget standard mathematical notation, since I always use programming language operators (like ^) in my head. Further, I only checked the first row to make sure it was actual addition, and obviously 0xa0 + 0x04 == 0xa0 ^ 0x04.

I should've just checked here first (includes an image of the slide in question): http://stackoverflow.com/questions/839479/what-does-a-circle...

-----




Applications are open for YC Summer 2015

Guidelines | FAQ | Support | Lists | Bookmarklet | DMCA | Y Combinator | Apply | Contact

Search: