AES Explained (Advanced Encryption Standard)

AES Explained (Advanced Encryption Standard) - Computerphile

Рет қаралды 1,224,658

4 жыл бұрын

Advanced Encryption Standard - Dr Mike Pound explains this ubiquitous encryption technique.
n.b in the matrix multiplication animation, the matrices are in the incorrect order, but hopefully the animation still helps to illustrate the general idea.
One Encryption Standard to Rule Them All! : • One Encryption Standar...
Almost All Web Encryption Works Like This (SP Networks) : • Almost All Web Encrypt...
Xor & The Half Adder : • XOR & the Half Adder -...
Reed Solomon Encoding : • Reed Solomon Encoding ...
EXTRA BITS: • EXTRA BITS: AES Explai...
/ computerphile
/ computer_phile
This video was filmed and edited by Sean Riley.
Computer Science at the University of Nottingham: bit.ly/nottscomputer
Computerphile is a sister project to Brady Haran's Numberphile. More at www.bradyharan.com

Пікірлер: 561

@GabrielOliveira-golicar 2 жыл бұрын

Before I watched this video I had no idea how AES worked. Now I've watched it and still have no idea how it works.

@targ37_64 Жыл бұрын

Same goes for me

@cafeinst Жыл бұрын

AES works by mixing stuff up a lot.

@angeis76 Жыл бұрын

@@cafeinst😂ikr, it's hard for u to figure if aes mixes it up or u just too cool to think clearly

@NHA3031 8 ай бұрын

😂

@kevinwydler7305 4 ай бұрын

But that’s not because its not well explained, it’s just a topic that is difficult to understand

@Felix-ve9hs 4 жыл бұрын

I knew what AES is for over 8 years but today I learned how it works

@ziyarules 3 жыл бұрын

That's exactly the same for me :) :P

@vertexpmed 3 жыл бұрын

same.. lol. I felt like a bot using it for so long without knowing how it really works...

@arnabmondal1158 3 жыл бұрын

Same to you 😂

@dotaprorussian3679 4 жыл бұрын

I love his explanations but these videos give me the feeling that camera-man just randomly bursts in to Mikes office and asks him random questions.

@firezdog 4 жыл бұрын

which is prob what happened

@fabitooopestana7541 3 жыл бұрын

in the first seconds of the video I thought it was a scene from The Office lol

@Bandalorian 3 жыл бұрын

@@firezdog Lol totally what happened with the preprinted diagrams and all.

@hououinkyouma5372 3 жыл бұрын

LOL

@Tristoo 3 жыл бұрын

how's that a bad thing?

@Damian-lu8sx 3 жыл бұрын

Computerphile and Numberphile are a blessing. I remember my math classes in college and we were taught different things about math but we were never told what they were used for. Now after seeing these videos I literally feel like I'd actually even enjoy learning maths. It makes sense because now I know why something is useful and when it may come in handy...

@Fullstackdev- 2 жыл бұрын

i dint know Numberphile , l did need some motivation to study math... thanks

@necroowl3953 Жыл бұрын

It's because this is also Nottingham University

@rot527 4 жыл бұрын

There is an issue with the animation at 11:02. Matrix multiplication is not commutative, the matrix has to be multiplied from the left ( the shown multiplication is not even doable)

@silentkiller1753 4 жыл бұрын

Just came to write this

@JNCressey 4 жыл бұрын

If you interpret the vector as a 1 dimensional tensor instead of a 4x1 matrix, the tensor contraction is at least defined for when the matrix is on either side, but still it's not commutative - you'd get a different vector than you're supposed to.

@vitorix24 4 жыл бұрын

yes, A*B!=B*A

@muhammadsiddiqui2244 4 жыл бұрын

I was writing the same comment and then saw yours. Yeah!!! this mistake is confusing.....

@MrSpikegee 4 жыл бұрын

Yep, this matrix multiplication is not possible as written in the animation (4,1)*(4,4) is not correct + it was the right way around on the paper: (4,4)*(4,1) gives a (4,1) vector. Hopefully this will be fixed and re-uploaded.

@rastkomiocinovic 4 жыл бұрын

Thank you for making these videos. I have been watching them for years, finding the algorithms fascinating and the explanations very easy. As a second year cs student I must say that watching this channel realy helps me now more than ever. Keep up the awesome work!

@knightshousegames 4 жыл бұрын

"Captain, this vessel seems to be emitting a Galois Field. It has rendered our sensors completely inoperative."

@robinw77 4 жыл бұрын

"...our tensors..." surely? 🙈

@supdawg7811 4 жыл бұрын

Just a correction: the vector operand at 10:59 should be on the other side of the matrix. Matrix multiplication is undefined in the way you have it written because the sizes of the vector and the matrix don’t match.

@deshantdevkota2563 2 жыл бұрын

Hey computerphile, thanks to all of the team for sharing the enthusiasm of Computer Science with me and other students, it's easy to find the lectures boring so I come here often to get more insights and intuitions. Being here enables me to learn things casually.

@dehartyz 4 жыл бұрын

Very well explained. Thank you so much for taking the time to record and post this!

@timshearer5092 2 жыл бұрын

I just want to say this is a great description of Galois fields in practical use. I learned it from textbooks way back when, and it was mind boggling.

@vernekarraghavendranagaraj8695 2 жыл бұрын

Absolutely love the way Mr. Pound teaches. Can listen for hours together. Waiting for many more such interesting videos.

@rabidbigdog Жыл бұрын

Dr Pound.

@dandan7884 4 жыл бұрын

itd be insane if he actually encrypted a message going to all of those steps not much was talked about the generation and usage of the key

@danieljensen2626 4 жыл бұрын

They have done other videos on key generation, presumably it just uses any of the other standards for that.

@nonav5763 4 жыл бұрын

All these keys and I can never find my own 🤔

@SirFancyPants21 4 жыл бұрын

There are vastly differing ways in which the keys are generated, but the purpose of the video is the algorithm utilizing a given 128bit key. I’m no expert upon the AES so I cannot explain exactly how the key is utilized, but I’m guessing that is what dictates the matrix chosen, the number of row swaps, things like that

@Megaranator 4 жыл бұрын

@@SirFancyPants21 the key only matters for the XOR functions, where you add the round key

@JNCressey 4 жыл бұрын

I think the key seeds the generation of a series of round keys using a method he says he explained in another video, and the round key is just "added" to the block after each round. (And "add" in this field means XOR)

@TobiasJarvelov 4 жыл бұрын

Yes, been excited for more AES since the last video! Always love when you discuss cryptography on this channel.

@ColibriX037 4 жыл бұрын

I just talked a few hours ago with a colleague about how we could use this encription on an arduino to secure the data sent to a raspberry for a project (never used it before). And now you upload this... I need to use a mic detector in my classroom. Thanks for the explanation!

@fantazzmagazz9156 3 жыл бұрын

Dude! you're just a legend and so clear in your explanations! What I couldn't stop noticing is the scene you're filmed in. You sitting next to a white board is absolutely identical to watching The Office!

@dropcake 4 жыл бұрын

I literally just learned this yesterday in my cryptography class. Great refresher Dr. Pound!

@kvelez Жыл бұрын

0:36 Encryption 2:34 XOR 2:55 Process. 3:20 Rounds of encryption. 7:40 Byte replacement. 8:33 Row shifting. 13:00 AES errors and CPU.

@vil9386 Жыл бұрын

Dr. Mike makes all the logics so charming and interesting. What a pleasure to listen to the logics through him!!

@zombiegun71 2 жыл бұрын

This man is one of the most interesting people I have ever had the pleasure of listening to. Kudos!

@Zerbey 3 жыл бұрын

You're an excellent teacher, you took something very complicated and made it easy even for someone like myself who only has A level education in maths.

@ajnikurtaj2782 4 жыл бұрын

Keep doing these types of videos, I love them!

@karolbomba6704 4 жыл бұрын

Great job on explaining it guys! Thank you for making these for free!

@cnp2z3fyz2zuag8 4 жыл бұрын

Was hoping this would come out

@philipmrch8326 4 жыл бұрын

I've been waiting for this one!!

@drgr33nUK 4 жыл бұрын

1.5M subscribers! Great job guys :D

@ehudv9276 4 жыл бұрын

Amazing. Very well explained. thank you for expanding my knowledge!

@katczinsky 4 жыл бұрын

Woow I was thinking of this TODAY and this vid comes out ! Plus its Mike Pound

@santizdr 3 ай бұрын

This is a blessing, couldnt be explained more clearly. Could we see an ElGamal cipher video please. Love you guys.

@wouldyoudomeakindnes 4 жыл бұрын

this is amazing i always wanted to learn the mechanics about AES

@rayanslimani5664 2 жыл бұрын

a lecture of 1.5 hours didn't understand it , just watched this video understood it in 14 min , TY you saved my semester .

@DexHD31 4 жыл бұрын

OMG we just ended the semester and AES was covered in one of my modules! Wish i had this video a while back...Thanks for the upload though :)

@lukor-tech 4 жыл бұрын

Hell yes! Two in a row!

@wlockuz4467 2 жыл бұрын

Damn I can listen to him for hours, I know what is AES I have used it many times for development but I have never looked into how it actually works. Hands down the best video.

@mgdecodes8746 2 жыл бұрын

Absolutely great way to share, great job!

@jeremymcclellan474 3 жыл бұрын

Best explanation I've found so far. Thank you.

@michaelpound9891 4 жыл бұрын

As mathematicians will have noticed, during the mix columns animation the vector goes on the right, it's correct on the paper. Fabulous animations though as always Sean ;)

@tomas5970 2 жыл бұрын

Wow, this is beautifully explained!

@synt4xphc832 4 жыл бұрын

Dr. Mike rocking! Best Man for teaching things with Humor! I just want to know everything he knows ._.

@KangoV 4 жыл бұрын

Great video. I'm shocked that they still have music rule paper! Gives me nightmares of the IBM band printers I used to have to deal with on a S/38 :)

@Slickjitz 4 жыл бұрын

FYI the CNSA has recommended organizations stop using AES-128 as of January 2016 in their Algorithm Suite and Quantum Computing FAQ. If possible you should implement AES-256 to better secure from Grover’s algo

@KJ-1271 3 жыл бұрын

Idk y but this guy is fun to watch. Like ik some of these concepts and he just makes me understand them more

@DarkussJerry1597 4 жыл бұрын

This is the only channel on KZbin which I have the notifications turned on. Love computerphile 😍

@Tukan435 4 жыл бұрын

Very interesting video! Thanks for the insights.

@mgerber59 4 жыл бұрын

Just last week I gave a presentation on how AES works and now this video is coming out. Anyway, I liked the video and can confirm that what he was talking about is correct :)

@georgelza 4 жыл бұрын

wow, funky, nice to learn how ASE works, and also love Dr Mike's presentation style. G

@Zahlenteufel1 4 жыл бұрын

Great, you've adapted to my curriculum :) perfect.

@BlackFalconElectronics 4 жыл бұрын

Biggest fan guys! Keep up the great work!!

@__cm__ 2 жыл бұрын

this guy is a genius at so many different topics !

@dd9516 4 жыл бұрын

A separate video on the MDS matrix, with full example, would be nice. Haven't seen a clear example yet.

@fatiharmin1301 2 жыл бұрын

You can tell this stuff makes him very happy. I have no clue how this works after watching this, but I'm happy for him. 🤷🏾‍♀️

@robertboran6234 4 жыл бұрын

Could you please add another video about the Key Schedule process ? Because for every round we need to use a different subKey that is created during the Key Schedule process. This is important for a full picture of the algorithm.

@TheHamoodz 4 жыл бұрын

Just before my security exam, thanks!!

@josephkokenge4022 4 жыл бұрын

The interview part looks like The Office lol

@arpitarora1588 3 жыл бұрын

Nice explanation, can you also confirm how the symmetric key(the original key and not the round key) is generated and shared between the 2 parties

@chriswysocki8816 4 жыл бұрын

Hello. Can you explain the difference between AES and Twofish? I believe that Twofish was the runner up in the competition to select the standard encryption algorithm back in 1999 (I think)

@deep.space.12 Жыл бұрын

The most secure feature when it comes to the AES standard is its matrix being column-major.

@Grimlock1979 4 жыл бұрын

1:46 Drawing a 4 by 4 grid 101: 1. Draw a square (roughly) 2. Draw a vertical line through the middle. 3. Draw 2 more vertical lines through the middle of each half. 4. Draw a horizontal line through the middle. 5. Draw 2 more horizontal lines through the middle of each half.

@fox_the_apprentice 4 жыл бұрын

6. Look at your grid and ask yourself how you screwed it up this bad.

@ArleiOliveira Жыл бұрын

Thank you for this amazing video about AES...congrats

@HieuNguyen-ty7vw 2 жыл бұрын

Thanks prof. Can you explain about the Authentication tag using in AES GCM? What is the different between GCM tag and authentication tag? Thank you

@harirao12345 Жыл бұрын

Awesome explanation! Thank you!

@Derbauer 4 жыл бұрын

i spent around 5 minutes furiously scrolling through computerphile videos trying to find "how aes works" because it was in the end of the previous video, and i couldnt find it so was a bit puzzled. I found other encryption content, but not this video. Turns out this one is uploaded AFTER the last video recommending it 👍😁

@Computerphile 4 жыл бұрын

If a video is 'coming soon' I'll generally put 'coming soon' next to its title in the video description (which nobody ever reads) (in the interests of clarity, I try then to update the video description (which nobody ever reads) once the forthcoming video goes live)- HTH :) Sean

@Derbauer 4 жыл бұрын

@@Computerphile And the videos you produce are a breath of fresh air, and i hope to see more content from Dr Mike Pound. Really you should make videos with him atleast each month, i dont care what the topic is, its sheer joy watching content featuring him.

@jurgentreep 4 жыл бұрын

this video is a lot better than the last video I watched

@DavidNBerger 4 жыл бұрын

Thank you for sharing this.

@2Sor2Fig 2 жыл бұрын

10:00 I judge the paper as more than worth it. I really appreciate your videos. Often they provide me with the inspiration for my work even when it has no direct bearing on the task at hand. I was reminded of this when you referenced Turing, because I remember watching the one on Turing operations and it making it easier for me to develop a pickle-based data storage for my app that was significantly faster [in terms of read and write times] than an SQLAlchemy-based solution. I've used the same DB in my last 3 Android apps and every time I initialize that git submodule, I say a little thank-you to Alan Turing and Computerphile for giving me the courage to try something more ambitious than a command-line tool or Django-site. Baie dankie, from Southern Africa.

@OliverQueen-yu3ly 4 жыл бұрын

I wish you released this in April before my exams

@brendasaurusrex 4 жыл бұрын

Loved the explaination! What paper do you use to write on (the paper with the holes)?

@wrjacqmein 2 жыл бұрын

Looks like continuous feed paper (used for impact printers).

@santaclaus897 3 жыл бұрын

very well explained but can you explain me how AES is combine with CBC or others Block ciphers mode because I am very confuse about it

@IsYitzach 5 ай бұрын

I implemented AES and RSA in C++. AES is about 800 lines. RSA is about 300 lines. The thing that makes AES fast is that its bitshifts and bitwise xors. The 2 things that make RSA slow is mod exponentiation and prime number testing. Prime number test is an O(1) problem as you only do it once. So if you have a key pair, don't throw it out of you can avoid it. The mod exponentiation has to be done repeatedly and on large numbers that aren't native to machine code, numbers that are can get up to 4kbits longs.

@adedejiemmanuel1 3 жыл бұрын

Thanks for this lesson. I have a question, what cipher mode is applicable in the AES encryption? By cipher mode, I meant something like ECB, CBC, CTM, GCM, etc.

@franatrturcech8484 3 жыл бұрын

i think the ones most used are GCM and CTR, as they are the most secure, sometimes u might find CBC. other modes, such as CFB, EBC or OFB are usable, but not believed to be secure

@muhammadhassan3058 3 жыл бұрын

You are great sir the way of explanation is very nice thanks sir ☺️ for AES explanation

@zachhockey 4 жыл бұрын

I was wondering a few days ago about how BitLocker and the like are so quick to decrypt. It makes sense now knowing the security chip is capable of being so quick.

@Vivian-swim 3 жыл бұрын

these videos are amazing and very helpful but please do consider to put subtitles as there are a lot of people who do watch them and are from other couintries. English subtitles would be amazing!!!thanks

@GoGoGreenGiant 4 жыл бұрын

Can you do more videos where you work with images. Those are awesome. Encryption is fun to, but the result is less visible in daily life and as such, it is harder to appreciate.

@skunfiltered9672 4 жыл бұрын

Just in time for my exam in a couple hours !!

@skunfiltered9672 4 жыл бұрын

Also great barnet

@dotslashsatan 2 жыл бұрын

Can you explain the iv? (Initialisation vector) and why having a unique iv helps?

@AnEvilSnowman 4 жыл бұрын

Why is a round definined to have the key xor at the end instead of the start is it just convention to have a non round xor at the start of the process instead of as the final stage? Or does this actually make a difference in the security?

@MoosesValley 4 жыл бұрын

Great explanation.

@1337GameDev 4 жыл бұрын

8:01 - No byte can become itself? Wasn't that the CRUX of how the enigma machine was defeated?

@SillyMakesVids 4 жыл бұрын

The Enigma machine didn't do permutation.

@y__h 4 жыл бұрын

That's fine for an S-box where you expect non-linear elationship of bits. In fact you don't want some bytes to be mapped to themselves as that introduced a fixed point into the cipher construction.

@1337GameDev 4 жыл бұрын

@@SillyMakesVids True, but it did substitution... which was what I was referring too. Not saying this is a vulnerability of AES, but just curious why they didn't let same substitutions as the input

@dingo137 4 жыл бұрын

That's only for a part of AES's internal operation. With Enigma, a byte of the input couldn't give an identical byte as the output - which means you immediately know something about the plaintext for any ciphertext. That's not true for AES.

@g2g591 4 жыл бұрын

With enigma there was a one to one output. For each encryption one letter of the message got mapped to a specific letter of the output. That's how in combination with knowing a letter can't be itself they tore it apart

@SamTheSciencerAtheist 4 жыл бұрын

You should make a video about chacha20 and salsa20 encryption algorithms. They're modern, much faster and are not vulnerable to side-channel attacks like cache-timing attacks.

@THEPHILOSOPHYIS 4 жыл бұрын

Love your videos ❤

@brendanlydon5272 3 жыл бұрын

For the numbers in the matrix step were u using the jumbling of only the shifting of the row operations and not columns? Also why use 1 twice instead of incorporating the rows on the grid as 1-4? Or was it just hypothetical numerical values?

@robertbrummayer4908 2 жыл бұрын

Great job!

@alankuentz4617 4 жыл бұрын

Being that you study these encryption standards, do you think it's possible they were created with a hidden way to decipher them without knowing the private key?

@qm3ster 2 жыл бұрын

This is shockingly close to a cypher I designed knowing nothing, except instead of an intelligently designed S-box I generated unique lookup tables for each round using Fisher-Yates on a secure PRNG seeded with the key. (And that was the only way the key was used, there was no key XOR step).

@pruthalikhankar4427 3 жыл бұрын

Hello, Just to say that the content guys put forth is so much helpful in many ways.. masters really!! Only thing is sometimes its difficult to understand what they say ... not quite familiar with the accent ... please kindly make captions/subtitles available... it will help us to understand better ... Thanks in advance

@WobblycogsUk 4 жыл бұрын

Is it possible for an input to map to itself as cipher text? Is it possible to prove one way to the other?

@gonurushravya8794 4 жыл бұрын

Will you please make the video on PRESENT block cipher... I'm feeling very difficult to understand the present block cipher...

@christianalbertjahns2577 4 жыл бұрын

So AES is just Vernam cipher with substitution without key and some permutations (also without key)?

@neilthomas2549 4 жыл бұрын

In the Galois Field, multiplication and inverse are not opposites, multiplication by n and multiplication by inverse of n are

@DavidRTribble 4 ай бұрын

8:29 The AES designers could also have done rotations within the 4x4 grid (e.g., b0 shifts to b1, b4 to b0, b3 to b7, etc.), which is just a 4x4 cell permutation, but they didn't.

@garybuttherissilent5896 Жыл бұрын

My professor Joan Daemen co-invented this cipher, really cool to be taught by one of the best!

@minxythemerciless 4 жыл бұрын

Does this mean repeated encryption of a correctly sized plaintext results in repeated instances of ciphertext? If so, is a known text attack fairly easy?

@supern0vae 4 жыл бұрын

The same plaintext with the same key will always provide the same ciphertext with AES (as any other cipher, since they are reversible). You could get a rainbow table for AES for every possible key for a known plaintext (say all 0s). This would require 2^128 bits of storage for AES-128, which is 42 trillion trillion terabytes, which is unfeasible. Each additional bit of the key would double that space. In a cipher that just XORs, you would have weakness in known plaintext. The SubBytes, ShiftRows and MixColumns steps mean that after a single round of AES, you no longer have that known plaintext any more. And you still have at least 9 more rounds to go to finish the encryption.

@DAVIDGREGORYKERR 2 жыл бұрын

AMD and INTEL have the AESNI instructions which are AESKEYGENASSIST,AESENC,AESENCLAST,AESDEC,AESDECLAST,AESIMC,PXOR and PCLMULQDQ and make use of the 128 data busses that are part of processors in the INTEL AND AMD ranges,therefore there are no side channel attack vectors, actually the AMD A10-7800k (Kavari) can make use of the AESNI instructions so can run bitlocker very quickly.