Advanced Encryption Standard (AES) 256-Bit Encryption - Galois Counter Mode
Encryption Application and Python Source Code
AES-256 is a 128-bit block cipher that uses a 256-bit symmetric-key.
DOWNLOADS
AES-256 GCM.exe - Desktop Application
AES-256 GCM.py - Python Source Code
Password: password
INSTRUCTIONS
Select “Next”
Select “Open” and choose file.
Enter password
Select “Next”
Select “Encrypt” or “Decrypt”
Select “Delete Original File” to encrypt, overwrite, and delete the source file.
Select “Save As”
Encrypted or Decrypted file has been saved.
Select “Exit”
The source file extension will be added to data before encryption. Upon decryption the file extension will automatically be attached to the end of the saved filename.
BACKGROUND
National Institute of Standards and Technology (NIST) - US Department of Commerce
|| Source: NIST - Advanced Encryption Standard (AES) ||
The Advanced Encryption Standard (AES) specifies a FIPS-approved cryptographic algorithm that can be used to protect electronic data. The AES algorithm is a symmetric block cipher that can encrypt (encipher) and decrypt (decipher) information. Encryption converts data to an unintelligible form called ciphertext; decrypting the ciphertext converts the data back into its original form, called plaintext. The AES algorithm is capable of using cryptographic keys of 128, 192, and 256 bits to encrypt and decrypt data in blocks of 128 bits.
High-Level Description of AES
|| Source: Advanced Encryption Standard Wikipedia ||
Key Expansion - round keys are derived from the cipher key using the AES key schedule. AES requires a separate 128-bit round key block for each round plus one more.
Initial round key addition:
Add Round Key - each byte of the state is combined with a byte of the round key using bitwise XOR.
13 rounds:
Sub Bytes - a non-linear substitution step where each byte is replaced with another according to a lookup table.
Shift Rows - a transposition step where the last three rows of the state are shifted cyclically a certain number of steps.
Mix Columns - a linear mixing operation which operates on the columns of the state, combining the four bytes in each column.
Add Round Key
Final round:
Sub Bytes
Shift Rows
Add Round Key
Galois Counter Mode
|| Source: Galois/Counter Mode Wikipedia ||
Galois Counter Mode (GCM) is a mode of operation for symmetric-key cryptographic block ciphers which is widely adopted for its performance.
The GCM algorithm provides both data authenticity (integrity) and confidentiality and belongs to the class of authenticated encryption with associated data (AEAD) methods. This means that as input it takes a key (K), some plaintext (P), and some associated data (AD);
it then encrypts the plaintext using the key to produce ciphertext (C) and computes an authentication tag (T) from the ciphertext (C) and the associated data (AD) (which remains unencrypted).
A recipient with knowledge of K, upon reception of AD, C and T, can decrypt the ciphertext (C) to recover the plaintext (P) and can check the tag (T) to ensure that neither ciphertext nor associated data were tampered with.