0

We know that the AES S-box is generated by determining the multiplicative inverse of a given number in GF$(2^8)$. Considering this information, we have to explain:

what is $\{07\}^{-1}$ in GF$(2^8)$? This problem must be solved with Extended Euclidean algorithm.

Could someone please explain how to do this with a step by step example?

AndroidCuet
  • 101
  • What is ${07}$? – user10354138 Nov 04 '18 at 17:59
  • It is much easier to calculate the log and power tables for the AES generator 0x1b. Then the inverse of $x\ne 0$ is x'=PowerTab[255-LogTab[x]]. With this you find, that the inverse of 0x07 is 0xD1. The tables can also be used for fast multiplication and division in $GF(2^8).$ – gammatester Nov 04 '18 at 19:09
  • 1
    Assuming you also use the field defined by $p(x)=x^8+x^4+x^3+x+1$ (so that ${07}$ stands for the coset of $x^2+x+1+\langle p(x)\rangle$), you can use the method described here. – Jyrki Lahtonen Nov 05 '18 at 06:24
  • In software you can, of course, use a discrete logarithm table as apparently suggested by @gammatester. However, I find it strange to call 0x1b a generator. I realize that when doing field arithmetic you will XOR with 0x11bwhenever you get an overflow to bit in position $8$, but I wouldn't call 0x1b a generator because of this. The multiplicative group is generated by 0x02, i.e. the coset $x+\langle p(x)\rangle$ (= the base of thet discrete log table). But, if that's standard AES-slang, fine :-) Shrug. – Jyrki Lahtonen Nov 05 '18 at 06:29
  • @JyrkiLahtonen: Sorry it was my 'slang'. Wikipedia uses the term reducing polynomial. – gammatester Nov 05 '18 at 08:39
  • @JyrkiLahtonen Thanks. Your solution help me to calculate my problem. I just use Extended Euclidiean Algorithm instead of Euclid-Wallis Algorithm. – AndroidCuet Nov 07 '18 at 22:41

0 Answers0