We're almost done! Now is time to combine all the functions we've created into a single encrypt()
function
The first phase is called "pre-whitening". And is to ⊕ (XOR) your state (which right now is your plaintext) with the first round key (which is the original key provided to AES).
This pre-whitening is done to avoid losing the first few transformations to the attacker. If no XOR with a round key was in place, the attacker could compute the internal state of AES up to the AddRoundKey operation of the first round (and ignore the first few transformations).
After this, exactly n-1 rounds take place. In the case of AES-128 this would be 9 rounds. Each round will take the subsequent round key. (Starting with the second round key, since we already used the first in the pre-whitening phase.) Here is what a round looks like:
Finally, a last round takes place, but this time the MixColummns transformation is skipped. And if you counted correctly, the final and 11th key is used in the AddRoundKey transformation.
And that's it! That's all there is to AES' encryption.
Implement the encrypt()
function. Then encrypt this text: theblockbreakers
with the following key:
2b7e151628aed2a6abf7158809cf4f3c
and verify that you get the following ciphertext:
c6 02 23 2f 9f 5a 93 05 25 9e f6 b7 d0 f3 3e 47
Remember: to test your function, you can use the test vectors from the appendix A.1 of the AES standard. We also gave some other good resources to understand and test your implementation in the main page of this set.