Encryption and decryption algorithms, such as Advanced Encryption Standard (AES), can be used to protect sensitive or confidential information that is communicated through electrical media. Encryption algorithms can convert data into an encrypted form that can be unintelligible, and decryption algorithms can convert the encrypted data back to its original form.
The AES algorithm is a block cipher that can act on a data block of 16-byte or more using a key that can have 128-bit, 192-bit, 256-bit and the like. Further, the AES algorithm can be implemented via various modes. An AES mode can be chosen based on protection and performance requirement of a specific application.
AES Electronic Code Book (AES-ECB) is a basic mode of the AES algorithm, and is usually used as a subroutine in other modes of the AES algorithm. FIG. 8A shows a block diagram illustrating an exemplary AES-ECB encryption module 800 and FIG. 8B shows a block diagram illustrating an exemplary AES-ECB decryption module 850. The exemplary AES-ECB encryption module 800 can receive a data encryption key 830 and a data block 825. Then the exemplary AES-ECB encryption module 800 can encrypt the data block 825 into an encrypted data block 835 based on the data encryption key 830. The encrypted data block 835 can be unintelligible. The exemplary AES-ECB decryption module 850 can receive a data decryption key 880 and an encrypted data block 875 that can be unintelligible. Then the exemplary AES-ECB decryption module 850 can decrypt the encrypted data block 875 into a data block 885 based on the data decryption key 880. The data block 885 can be intelligible.
More specifically, the exemplary AES-ECB encryption module 800 can include a key expansion unit 810 and a block encryption unit 820. The key expansion unit 810 can expand the data encryption key 830 into a set of round keys 840 and provide the set of round keys 840 to the block encryption unit 820 to encrypt the data block 825. For example, a 16-byte data encryption key can be expanded into a set of ten round keys, and each round key is 16-byte.
The block encryption unit 820 can process the data block 825 through various procedures, such as shifting rows, mixing columns, or adding a round key. A round key can be added to an intermediate data block via an XOR operation. The intermediate data block can be a result of other procedures, such as mixing columns. For a 16-byte data encryption key, the procedure of adding a round key can be executed ten times, each time a different round key from the set of round keys can be added to a different intermediate data block.
The exemplary AES-ECB decryption module 850 can be constructed in a similar manner, including a key expansion unit 860 and a block decryption unit 870. The key expansion unit 860 can expand the data decryption key 880 into a set of round keys 890 and provide the set of round keys 890 to the block decryption unit 870 to decrypt the data block 875.