Great video. This is the one place where I was actually able to get code to perform the MixColumns operation. That one extra step where you have to deal with the most significant bit being set seemed to make all of the difference. Thanks for the video and thanks for the code!
Thank you so much!. Your videos helped me a lot to finish my 8th semester thesis. I don't know your name so I putted your channel in the reference page :).
Is there some sort of a "test suite" with an example message, its ciphertext, and all the intermediate states, so that one could verify if one's implementation works correctly and produces the same ciphertexts as other implementations? This is very important, because if the algorithm is implemented in a wrong way, it would still produce some gibberish that would look like encryption, and chances are that its inverse would be able to restore the original message from that gibberish, but it will be incompatible with other implementations and unable to decrypt messages encrypted with those other implementations correctly. So how can one verify if the implementation is doing the right thing?
That's a really great point! I check by using online AES calculators. Normally type like "AES calculator" into Google. You can find working calculators there. Does sometimes help to verify that the calculators agree too! Sometimes they might be wrong. Anywho, hope this helps, have a good one :)
@@WhatsACreel Yeah, I saw a couple of them in your last video I watched later. The problem usually is that they only show you the end result. So if your algorithm works - that's great news. But if you obtain a completely different answer (which might be the case even if you have 99% of it right, because that's how cryptographic algorithms are supposed to work - one bit flip = total mess), then you're dead in the waters, because you have to debug the entire thing :q It could be nice if they showed all the intermediate steps so that you could figure out which one of them failed.
@@bonbonpony Sorry, yes this is sooo true! I used to have a bunch of papers on it, they were all free PDF's. I remember one or more had intermediate test vectors. I think it was the original Rijndael paper? Might have been "autonome-antifa.org/IMG/pdf/Rijndael.pdf". Have a look mate. I find googling "Rijndael pdf" seems to give some pretty in depth papers. Good luck mate :)
Hi! I was going through your video and I think they are really helpful. The lookup tables for mul2 and mul3 are not available on Wikipedia and I can’t seem to find them on the internet... I know this is a long shot but do you still happen to have them?
Hiya, yes I'm not sure why they moved it from the AES wiki page, seems like it's still available on the S-Box page: en.wikipedia.org/wiki/Rijndael_S-box Cheers mate, have a good one!
Hey mate! Thanks for such well explained videos! Do you, by any chance, still have the lookup table for mul2? It seems that it is also removed from the S-Box page :/
You can always go back in Wikipedia history and restore the article that was uploaded at a specific point in time (January 2016 in this case) → en.wikipedia.org/w/index.php?title=Rijndael_MixColumns&oldid=688830989
Hello. I am sorry I find that I have trouble on converting hexadecimal into binary at 26:09. This is quite far related towards the entire video but yet still I don't understand to convert the number 57. I have done a calculating & converting and I have a different answer from yours. Sorry, I am quite a new learner and it would be helpful if you provide some help in order for me to understand so that I can proceed to the next. This is really interesting. I spend the whole day to understand what is AES.
Mult3 table is useless. Use Mult3(x)=Mult2(x)xor(x). Also Mult2 is a bit overkill. In polynomial perspective ×2 is ×(x) so it's left shift then you have to reduce. But only if top bit was 1. In that case you just have to replace x^8 by the reminder of x^8 / (x^8+x^4+x^3+x^1+1) and adding that to the lower bits is adding x^4+x^3+x^1+1 ie xoring with 0x1b
More than one way to skin a cat, as they say! To compute or use a table lookup, that is the question! I think they discovered the whole thing can be reduced to 4 or 5 tables? Still pretty hard to reverse. I was trying to explain the steps so peeps could code it. Not sure if I explained it simple, or not, but that was my objective. I felt like there was no place that described it in that way. Well, thanks for watching, have a good one!
What's a Creel? Actually you can do it without any tables at all but it may be slow in particular because it involves computing inverses and doing multiplications in GF (2^8) for example. It really depends on the architecture and constrains you have (ex Ram & Rom size) That can also affect security by side channel attacks for example because of caching on cpus or if the time taken or power consumption depends on the datas... The Mult2 and 3 tables are working well but the speedup/cost ratio is not good on small systems. Modern cpus don't need that anyway because they can do aes natively.
Yeh mate, you can compute anything without tables. Agreed, AES instruction set is defo the way to go on modern x86! I thought I mentioned that, and the vulnerability at some point in these vids? Well, anywho, I wanted to do vids on the AES instructions, but never got round to it... Oh well, maybe some day
What's a Creel? Thanks for the videos and keep up with the great job you do! The reason why I don't like the multiply tables is that you need more to do aes decoding (see invmixcolumns page 23 of csrc.nist.gov/publications/fips/fips197/fips-197.pdf ). There's a trick using 3 (ie" x+1") and its powers in gf (2^8). You need 2×255 bytes tables containing 3^x values and logbase3(x). You a×b=3^(log3(a)+log3(b) mod 255) you can also do inverses. The biggest drawback is that you have to check for 0 and treat that properly. blogs.msdn.microsoft.com/matthew_van_eerde/2014/03/18/efficient-multiplication-and-division-in-gf2/
LUTs are removed from wiki pages - looks like someone thinks they does not provides useful information. But in the history of changes there is older version of articles where all the LUTs presented.
Oh come on. Drawing out *all* these tables? Repeatedly going over and over and over the absolute basics of binary manipulation in the middle of a video explaining AES encryption? This video could be half the length if you weren't labouring the trivial. Multiplying a binary number by two is simple - YOU JUST STICK A ZERO ON THE END (28:47). I'm watching on x2 and it's still too slow. Anyway, apart from that, very useful and informative, you just need to think a bit about the audience - are you addressing people who need the absolute fundamentals of xor explaining over and over (in which case why are you trying to explain AES which will be completely over their heads) or are you explaining AES to people who had the basics of binary nailed years ago?
![Kodak Black - Catch Fire [Official Music Video]](http://i.ytimg.com/vi/A4ch-olIuZo/mqdefault.jpg)
Great video. This is the one place where I was actually able to get code to perform the MixColumns operation. That one extra step where you have to deal with the most significant bit being set seemed to make all of the difference. Thanks for the video and thanks for the code!
FINALLY, someone who can explain this clearly…..thank you!!
Finally a video on actual solving of "MixColumns in AES" !! So thankful.Bless you :)
The best AES explanation forever. Thanks a lot!
Very informative. Looking forward to the Matrix Multiplication video.
Hello dear I have Ex4 file encrypted so can you find key ? How to compile it ?
This is honnestly the best explanation i seen, thanks!
Thank you so much!. Your videos helped me a lot to finish my 8th semester thesis. I don't know your name so I putted your channel in the reference page :).
This video is just magnificent. Well done dude!
You saved my life, thank youuu 😍
Haha, you're welcome!
This awesome ! please continue. awaiting the next video. gday mate.
thank you very much! a perfect explanation!
This is really good! Thank you!
Awwww. You make this look so easy but the worst part about this is whole AES thing is having to do the InvMixColumns
Thank you for making this video. Learned a bunch from you :)
Thank you so much.
This content is so great!!!!
Is there some sort of a "test suite" with an example message, its ciphertext, and all the intermediate states, so that one could verify if one's implementation works correctly and produces the same ciphertexts as other implementations? This is very important, because if the algorithm is implemented in a wrong way, it would still produce some gibberish that would look like encryption, and chances are that its inverse would be able to restore the original message from that gibberish, but it will be incompatible with other implementations and unable to decrypt messages encrypted with those other implementations correctly. So how can one verify if the implementation is doing the right thing?
That's a really great point! I check by using online AES calculators. Normally type like "AES calculator" into Google. You can find working calculators there. Does sometimes help to verify that the calculators agree too! Sometimes they might be wrong. Anywho, hope this helps, have a good one :)
@@WhatsACreel Yeah, I saw a couple of them in your last video I watched later. The problem usually is that they only show you the end result. So if your algorithm works - that's great news. But if you obtain a completely different answer (which might be the case even if you have 99% of it right, because that's how cryptographic algorithms are supposed to work - one bit flip = total mess), then you're dead in the waters, because you have to debug the entire thing :q It could be nice if they showed all the intermediate steps so that you could figure out which one of them failed.
@@bonbonpony Sorry, yes this is sooo true! I used to have a bunch of papers on it, they were all free PDF's. I remember one or more had intermediate test vectors. I think it was the original Rijndael paper? Might have been "autonome-antifa.org/IMG/pdf/Rijndael.pdf". Have a look mate. I find googling "Rijndael pdf" seems to give some pretty in depth papers. Good luck mate :)
31:24
AMAZING EXPLAINATION....
good stuff
u r really too good
well done, i'm really grateful thanks much more than a lot
For mul3, couldn’t you just mul2(a) xor a? Why store an extra 256 bytes? Is the latency from the xor noticeable?
Hi! I was going through your video and I think they are really helpful. The lookup tables for mul2 and mul3 are not available on Wikipedia and I can’t seem to find them on the internet... I know this is a long shot but do you still happen to have them?
Hiya, yes I'm not sure why they moved it from the AES wiki page, seems like it's still available on the S-Box page: en.wikipedia.org/wiki/Rijndael_S-box
Cheers mate, have a good one!
Hey mate! Thanks for such well explained videos! Do you, by any chance, still have the lookup table for mul2? It seems that it is also removed from the S-Box page :/
@@132GG With this c++-code you can print the tables.
//print_mkLookUpTablesMult.cpp
#include
unsigned char mult2(unsigned char columnField);
unsigned char mult3(unsigned char columnField);
void printLookUpTabels(unsigned char*);
int main(int argc, char* argv[]){
unsigned char m2[256], m3[256];
for (int i = 0; i < 256; ++i)
{
m2[i] = mult2(i);
m3[i] = mult3(i);
}
std::cout
You can always go back in Wikipedia history and restore the article that was uploaded at a specific point in time (January 2016 in this case) → en.wikipedia.org/w/index.php?title=Rijndael_MixColumns&oldid=688830989
i think the quickest way is to shift left if byte begins with 0, else if it begins with 1, shift left and XOR with 27 (00011011)
thx sir
damn this was helpful! thank you !
Hello.
I am sorry I find that I have trouble on converting hexadecimal into binary at 26:09. This is quite far related towards the entire video but yet still I don't understand to convert the number 57. I have done a calculating & converting and I have a different answer from yours. Sorry, I am quite a new learner and it would be helpful if you provide some help in order for me to understand so that I can proceed to the next. This is really interesting. I spend the whole day to understand what is AES.
USE Scientific calc
thanku!!!!!
Mult3 table is useless. Use Mult3(x)=Mult2(x)xor(x).
Also Mult2 is a bit overkill. In polynomial perspective ×2 is ×(x) so it's left shift then you have to reduce. But only if top bit was 1. In that case you just have to replace x^8 by the reminder of x^8 / (x^8+x^4+x^3+x^1+1) and adding that to the lower bits is adding x^4+x^3+x^1+1 ie xoring with 0x1b
More than one way to skin a cat, as they say! To compute or use a table lookup, that is the question! I think they discovered the whole thing can be reduced to 4 or 5 tables? Still pretty hard to reverse. I was trying to explain the steps so peeps could code it. Not sure if I explained it simple, or not, but that was my objective. I felt like there was no place that described it in that way. Well, thanks for watching, have a good one!
What's a Creel? Actually you can do it without any tables at all but it may be slow in particular because it involves computing inverses and doing multiplications in GF (2^8) for example. It really depends on the architecture and constrains you have (ex Ram & Rom size) That can also affect security by side channel attacks for example because of caching on cpus or if the time taken or power consumption depends on the datas... The Mult2 and 3 tables are working well but the speedup/cost ratio is not good on small systems. Modern cpus don't need that anyway because they can do aes natively.
Yeh mate, you can compute anything without tables. Agreed, AES instruction set is defo the way to go on modern x86! I thought I mentioned that, and the vulnerability at some point in these vids? Well, anywho, I wanted to do vids on the AES instructions, but never got round to it... Oh well, maybe some day
What's a Creel? Thanks for the videos and keep up with the great job you do! The reason why I don't like the multiply tables is that you need more to do aes decoding (see invmixcolumns page 23 of csrc.nist.gov/publications/fips/fips197/fips-197.pdf ). There's a trick using 3 (ie" x+1") and its powers in gf (2^8). You need 2×255 bytes tables containing 3^x values and logbase3(x). You a×b=3^(log3(a)+log3(b) mod 255) you can also do inverses. The biggest drawback is that you have to check for 0 and treat that properly. blogs.msdn.microsoft.com/matthew_van_eerde/2014/03/18/efficient-multiplication-and-division-in-gf2/
i can't find out multiply by 2 lookup table in hex format?
can you send me link?
LUTs are removed from wiki pages - looks like someone thinks they does not provides useful information.
But in the history of changes there is older version of articles where all the LUTs presented.
Could you make the file available?
please teach me about calculator invmixcolumns ?
What's a Creel Can you make RSA Encryption tutorial Please ?
Oh that's a very good idea... I'd love to. can't guarantee i'll get round to it tho.
take your time , I will wait your tutorial XD
@@WhatsACreel Its been three years mate.
I need code matlab
For aes
Please
0:12
Sweet Jesus.
great video, but isnt it x^4+1 modulus rather than x^8+x^4+x^3+x+1?
Oh come on. Drawing out *all* these tables? Repeatedly going over and over and over the absolute basics of binary manipulation in the middle of a video explaining AES encryption? This video could be half the length if you weren't labouring the trivial. Multiplying a binary number by two is simple - YOU JUST STICK A ZERO ON THE END (28:47). I'm watching on x2 and it's still too slow. Anyway, apart from that, very useful and informative, you just need to think a bit about the audience - are you addressing people who need the absolute fundamentals of xor explaining over and over (in which case why are you trying to explain AES which will be completely over their heads) or are you explaining AES to people who had the basics of binary nailed years ago?
Hahaha, yep, she's a boring vid all right! Most of my vids are boring. Speed them up if it helps. Have a good one!
Hahahah, yeah I bored myself so much with this series, I never even went through decryption!
Actually I dont use Xor, I dont remember how it works bitwise, but AES is not over my head.
So, counterexamples!.