对 MixColumns 步骤的误解
我在理解此处中描述的 MixColumns 步骤时遇到问题。
我了解扩散,它指出每列都被视为多项式并乘以 GF(2^8) 的模,这一切都是有意义的。
但是..乘以 GF(2^8)。 虽然域仍然是相同的,但由于 mod.... 它是不可逆的,并且它必须是可逆的,因为这就是它的全部要点。
就第一位而言,我的方法是将 A、B、C 和 D 作为列的 4 个字节,将 A1、A2、...、A8 作为位,将 E、F、G 和 H 作为输出字节。 我打算设置
E = A1,B2,C3,D4,A5,B6,C7,D8
F = D1,A2,B3,C4,D5,A6,B7,C8
G = C1,D2,A3,B4,C5,D6,A7,B8
H = B1,C2,D3,A4,B5,C6,D7,A8
因此它是可逆的、一对一的、线性的和分布式的
它后来指出它可以被视为矩阵乘法,但由于矩阵的元素必须是字节并作为字节输出,那么每个元素矩阵必须以 256 为模,因此不可逆且非线性。
难道我理解错了? 我在数学方面遇到了困难,并试图理解需要做什么,以便我可以将其转化为逻辑。
I'm having an issue understanding the MixColumns step described here.
I know about diffusion and it all makes sense up the the point where it states that each column is treated as a polynomial and multiplied modulo over GF(2^8).
BUT..multiplying in GF(2^8). Although the domain is still the same, it is not reversible due to mod.... and it has to be reversible because that is the entire point of it.
As far as the first bit goes, my approach is taking A,B,C and D as the 4 bytes of a column and A1, A2, ..., A8 as the bits and E,F,G and H as the output bytes. I was going to set
E = A1,B2,C3,D4,A5,B6,C7,D8
F = D1,A2,B3,C4,D5,A6,B7,C8
G = C1,D2,A3,B4,C5,D6,A7,B8
H = B1,C2,D3,A4,B5,C6,D7,A8
And thus it is reversible, one-to-one, linear and distributive
It later states that it can be viewed as a matrix multiplication but as the elements of the matrix must be bytes and output as bytes then each element of the matrix must be modulo 256 and therefore not reversible and non linear.
Have I understood this wrong? I struggle with maths and am trying to understand what needs to be done so that I can convert it into logic.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
MixColumns 可能是 AES 最难的部分,但对我来说,计算数学并实际了解数字的来源是令人兴奋的。 我在我的博客文章“
MixColumns is probably the hardest part to AES, but it was exciting for me to work out the math and actually see where the numbers came from. I worked out the math of it in detail in my blog post "A Stick Figure Guide to the Advanced Encryption Standard (AES)". Specifically, look at Act 4, Scene 16. I also put the reverse of it on the crib sheet in the next scene (17). If you have any further questions, feel free to leave a comment on that post or here.
MixColumns 中的乘法确实是可逆的,并且它不是模 256。 samiam.org/mix-column.html 对 MixColumns 步骤有很好的解释,并且 samiam.org/galois.html 确实出色地解释了如何在 AES 有限域中进行算术运算。
The multiplication in MixColumns is indeed reversible, and it is not modulo 256. samiam.org/mix-column.html has a good explanation of the MixColumns step, and samiam.org/galois.html does an excellent job of explaining how to do arithmetic in AES's finite field.