我目前正在使用此代码制作一个 AES 的小示例
mix_columns_matrix = [
[0x2, 0x3, 0x1, 0x1],
[0x1, 0x2, 0x3, 0x1],
[0x1, 0x1, 0x2, 0x3],
[0x3, 0x1, 0x1, 0x2]
]
def mix_columns(state):
new_state = [[0 for _ in range(4)] for _ in range(4)]
for i in range(4):
for j in range(4):
result = 0
for k in range(4):
result ^= state[k][j] * mix_columns_matrix[i][k]
new_state[i][j] = result & 0xF # Limit to 4 bits
return new_state`
当我使用它时,我有:
Before MixColumns:
['0x3', '0x6', '0x5', '0xc']
['0xd', '0xe', '0x8', '0xa']
['0x1', '0xf', '0x4', '0x7']
['0x0', '0x2', '0xb', '0x9']
After MixColumns:
['0x0', '0xb', '0xd', '0x8']
['0xa', '0x5', '0x2', '0x4']
['0xc', '0x0', '0x4', '0x3']
['0x5', '0x7', '0x5', '0xb']
所以我尝试创建反向函数
def inv_mix_columns(state):
inv_mix_columns_matrix = [
[0xE, 0xB, 0xD, 0x9],
[0x9, 0xE, 0xB, 0xD],
[0xD, 0x9, 0xE, 0xB],
[0xB, 0xD, 0x9, 0xE]
]
new_state = [[0 for _ in range(4)] for _ in range(4)]
for i in range(4):
for j in range(4):
result = 0
for k in range(4):
result ^= state[k][j] * inv_mix_columns_matrix[i][k]
new_state[i][j] = result & 0xF # Limit to 4 bits
return new_state
根据之前的结果,我得到:
['0x3', '0x7', '0x7', '0xb']
['0x5', '0x3', '0xa', '0xd']
['0x1', '0x6', '0x6', '0x4']
['0xc', '0xb', '0x5', '0xe']
我不明白为什么我没有第一个输入结果以及如何修复它。
我尝试了几种形式的
inv_mix_columns当然,我不想使用库,因为它只是一个例子
感谢您的帮助
def mix_columns(state_matrix, mix_matrix):
state_matrix = np.array(state_matrix)
mix_matrix = np.array(mix_matrix)
mixed_state = np.zeros_like(state_matrix, dtype=int)
for col in range(4):
for row in range(4):
mixed_state[row][col] = gf_add_mul(state_matrix[:, col], mix_matrix[row, :])
return mixed_state
def inv_mix_columns(state_matrix, inv_mix_matrix):
state_matrix = np.array(state_matrix)
inv_mix_matrix = np.array(inv_mix_matrix)
mixed_state = np.zeros_like(state_matrix, dtype=int)
for col in range(4):
for row in range(4):
mixed_state[row][col] = gf_add_mul(state_matrix[:, col], inv_mix_matrix[row, :])
return mixed_state
def gf_add_mul(a, b):
p = 0
for i in range(4):
p ^= gf_mul(a[i], b[i])
return p
def gf_mul(a, b):
p = 0
for _ in range(4):
if b & 1:
p ^= a
hi_bit_set = a & 0x8
a <<= 1
if hi_bit_set:
a ^= 0x3
b >>= 1
return p & 0xF
我已经得到了解决方案,因为乘法和模运算必须使用字节上的有限域规则 GF(2^4) 来完成。这意味着加法和乘法必须在这个特定的上下文中执行。我用了numpy