Why does AES have exactly 10 rounds for a 128-bit key, 12 for 192 bits and 14 for a 256-bit key size?Is AES-256 weaker than 192 and 128 bit versions?Difference between Rijndael 128 / 256 blocksize implementations? (and impact of block size in general)Does AES-128 have the same strength as AES-256 with a padded key?Is double encryption using AES using different key lengths (128 bit and then 256 bit) vulnerable?AES - What is the advantage of a 256-bit key with a 128-bit block cipher?AES key and block sizeWhat are pros and cons of AES/CBC/PKCS5Padding vs AES/GCM/NoPadding for key wrapping?Is there any compelling or logical reason to use AES-192 over AES-128 but not use AES-256?Are tags longer than 128 bit possible for AES-256-CCM and AES-256-GCM?AES key expansion for 192-bit
How can ping know if my host is down
What to do when eye contact makes your coworker uncomfortable?
How to explain what's wrong with this application of the chain rule?
awk assign to multiple variables at once
Microchip documentation does not label CAN buss pins on micro controller pinout diagram
How much theory knowledge is actually used while playing?
Does grappling negate Mirror Image?
Stack Interview Code methods made from class Node and Smart Pointers
Multiplicative persistence
Which was the first story featuring espers?
Why does AES have exactly 10 rounds for a 128-bit key, 12 for 192 bits and 14 for a 256-bit key size?
What's the name of the logical fallacy where a debater extends a statement far beyond the original statement to make it true?
Find the next value of this number series
In a multiple cat home, how many litter boxes should you have?
How could a planet have erratic days?
Do we have to expect a queue for the shuttle from Watford Junction to Harry Potter Studio?
15% tax on $7.5k earnings. Is that right?
Creating two special characters
How to get directions in deep space?
"It doesn't matter" or "it won't matter"?
C++ copy constructor called at return
What is going on with gets(stdin) on the site coderbyte?
Is it allowed to activate the ability of multiple planeswalkers in a single turn?
Doesn't the system of the Supreme Court oppose justice?
Why does AES have exactly 10 rounds for a 128-bit key, 12 for 192 bits and 14 for a 256-bit key size?
Is AES-256 weaker than 192 and 128 bit versions?Difference between Rijndael 128 / 256 blocksize implementations? (and impact of block size in general)Does AES-128 have the same strength as AES-256 with a padded key?Is double encryption using AES using different key lengths (128 bit and then 256 bit) vulnerable?AES - What is the advantage of a 256-bit key with a 128-bit block cipher?AES key and block sizeWhat are pros and cons of AES/CBC/PKCS5Padding vs AES/GCM/NoPadding for key wrapping?Is there any compelling or logical reason to use AES-192 over AES-128 but not use AES-256?Are tags longer than 128 bit possible for AES-256-CCM and AES-256-GCM?AES key expansion for 192-bit
$begingroup$
I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:
*128-bit key size -> 10 rounds
*192-bit key size -> 12 rounds
*256-bit key size -> 14 rounds
Why these specific numbers of rounds only?
aes
edited 11 mins ago
forest
4,44511641
asked 2 hours ago
kapilkapil
282
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
$endgroup$
add a comment |
$begingroup$
I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:
*128-bit key size -> 10 rounds
*192-bit key size -> 12 rounds
*256-bit key size -> 14 rounds
Why these specific numbers of rounds only?
aes
edited 11 mins ago
forest
4,44511641
asked 2 hours ago
kapilkapil
282
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
$endgroup$
add a comment |
$begingroup$
I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:
*128-bit key size -> 10 rounds
*192-bit key size -> 12 rounds
*256-bit key size -> 14 rounds
Why these specific numbers of rounds only?
aes
edited 11 mins ago
forest
4,44511641
asked 2 hours ago
kapilkapil
282
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
$endgroup$
I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:
*128-bit key size -> 10 rounds
*192-bit key size -> 12 rounds
*256-bit key size -> 14 rounds
Why these specific numbers of rounds only?
aes
aes
edited 11 mins ago
forest
4,44511641
asked 2 hours ago
kapilkapil
282
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 11 mins ago
forest
4,44511641
asked 2 hours ago
kapilkapil
282
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
edited 11 mins ago
forest
4,44511641
edited 11 mins ago
forest
4,44511641
edited 11 mins ago
forest
4,44511641
4,44511641
asked 2 hours ago
kapilkapil
282
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
asked 2 hours ago
kapilkapil
282
asked 2 hours ago
kapilkapil
282
282
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
New contributor
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
$begingroup$
Why these specific number of rounds only?
Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".
The standard specifies these specific number of rounds to ensure that different implementations are interoperable.
Why not more or less?
The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.
Less might be insecure, and more might be slower with no benefit.
To quote the above book (from Section 3.5 The Number of Rounds):
For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:
One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.
(Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.
edited 46 mins ago
puzzlepalace
2,8701133
answered 2 hours ago
Ella Rose♦Ella Rose
16.5k44281
$endgroup$
add a comment |
Your Answer
StackExchange.ifUsing("editor", function ()
return StackExchange.using("mathjaxEditing", function ()
StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix)
StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
);
);
, "mathjax-editing");
StackExchange.ready(function()
var channelOptions =
tags: "".split(" "),
id: "281"
;
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function()
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled)
StackExchange.using("snippets", function()
createEditor();
);
else
createEditor();
);
function createEditor()
StackExchange.prepareEditor(
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader:
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
,
noCode: true, onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
);
);
kapil is a new contributor. Be nice, and check out our Code of Conduct.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68199%2fwhy-does-aes-have-exactly-10-rounds-for-a-128-bit-key-12-for-192-bits-and-14-fo%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
$begingroup$
Why these specific number of rounds only?
Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".
The standard specifies these specific number of rounds to ensure that different implementations are interoperable.
Why not more or less?
The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.
Less might be insecure, and more might be slower with no benefit.
To quote the above book (from Section 3.5 The Number of Rounds):
For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:
One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.
(Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.
edited 46 mins ago
puzzlepalace
2,8701133
answered 2 hours ago
Ella Rose♦Ella Rose
16.5k44281
$endgroup$
add a comment |
$begingroup$
Why these specific number of rounds only?
Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".
The standard specifies these specific number of rounds to ensure that different implementations are interoperable.
Why not more or less?
The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.
Less might be insecure, and more might be slower with no benefit.
To quote the above book (from Section 3.5 The Number of Rounds):
For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:
One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.
(Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.
edited 46 mins ago
puzzlepalace
2,8701133
answered 2 hours ago
Ella Rose♦Ella Rose
16.5k44281
$endgroup$
add a comment |
$begingroup$
Why these specific number of rounds only?
Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".
The standard specifies these specific number of rounds to ensure that different implementations are interoperable.
Why not more or less?
The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.
Less might be insecure, and more might be slower with no benefit.
To quote the above book (from Section 3.5 The Number of Rounds):
For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:
One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.
(Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.
edited 46 mins ago
puzzlepalace
2,8701133
answered 2 hours ago
Ella Rose♦Ella Rose
16.5k44281
$endgroup$
Why these specific number of rounds only?
Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".
The standard specifies these specific number of rounds to ensure that different implementations are interoperable.
Why not more or less?
The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.
Less might be insecure, and more might be slower with no benefit.
To quote the above book (from Section 3.5 The Number of Rounds):
For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:
One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.
(Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.
edited 46 mins ago
puzzlepalace
2,8701133
answered 2 hours ago
Ella Rose♦Ella Rose
16.5k44281
edited 46 mins ago
puzzlepalace
2,8701133
edited 46 mins ago
puzzlepalace
2,8701133
edited 46 mins ago
puzzlepalace
2,8701133
2,8701133
answered 2 hours ago
Ella Rose♦Ella Rose
16.5k44281
answered 2 hours ago
Ella Rose♦Ella Rose
16.5k44281
answered 2 hours ago
Ella Rose♦Ella Rose
16.5k44281
16.5k44281
add a comment |
add a comment |
kapil is a new contributor. Be nice, and check out our Code of Conduct.
kapil is a new contributor. Be nice, and check out our Code of Conduct.
kapil is a new contributor. Be nice, and check out our Code of Conduct.
kapil is a new contributor. Be nice, and check out our Code of Conduct.
Thanks for contributing an answer to Cryptography Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
Use MathJax to format equations. MathJax reference.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68199%2fwhy-does-aes-have-exactly-10-rounds-for-a-128-bit-key-12-for-192-bits-and-14-fo%23new-answer', 'question_page');
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
