Why does AES have exactly 10 rounds for a 128-bit key, 12 for 192 bits and 14 for a 256-bit key size?Is AES-256 weaker than 192 and 128 bit versions?Difference between Rijndael 128 / 256 blocksize implementations? (and impact of block size in general)What is the security loss from reducing Rijndael to 128 bits block size from 256 bits?Does AES-128 have the same strength as AES-256 with a padded key?What are the constraints on using GCM with a tag size of 96 and 128 bits?AES - What is the advantage of a 256-bit key with a 128-bit block cipher?AES key and block sizeIs there any compelling or logical reason to use AES-192 over AES-128 but not use AES-256?Are tags longer than 128 bit possible for AES-256-CCM and AES-256-GCM?AES key expansion for 192-bit

Why does Carol not get rid of the Kree symbol on her suit when she changes its colours?

How can ping know if my host is down

Does "he squandered his car on drink" sound natural?

How much of a Devil Fruit must be consumed to gain the power?

Circuit Analysis: Obtaining Close Loop OP - AMP Transfer function

What fields between the rationals and the reals allow a good notion of 2D distance?

How to get directions in deep space?

"It doesn't matter" or "it won't matter"?

How to preserve electronics (computers, iPads and phones) for hundreds of years

Permission on Database

Is there any evidence that Cleopatra and Caesarion considered fleeing to India to escape the Romans?

Is there a nicer/politer/more positive alternative for "negates"?

What (the heck) is a Super Worm Equinox Moon?

How do I tell my boss that I'm quitting soon, especially given that a colleague just left this week

How does electrical safety system work on ISS?

The Digit Triangles

Why should universal income be universal?

C++ copy constructor called at return

What is the English pronunciation of "pain au chocolat"?

How much theory knowledge is actually used while playing?

Quoting Keynes in a lecture

Why does AES have exactly 10 rounds for a 128-bit key, 12 for 192 bits and 14 for a 256-bit key size?

How could a planet have erratic days?

What is the difference between lands and mana?



Why does AES have exactly 10 rounds for a 128-bit key, 12 for 192 bits and 14 for a 256-bit key size?


Is AES-256 weaker than 192 and 128 bit versions?Difference between Rijndael 128 / 256 blocksize implementations? (and impact of block size in general)What is the security loss from reducing Rijndael to 128 bits block size from 256 bits?Does AES-128 have the same strength as AES-256 with a padded key?What are the constraints on using GCM with a tag size of 96 and 128 bits?AES - What is the advantage of a 256-bit key with a 128-bit block cipher?AES key and block sizeIs there any compelling or logical reason to use AES-192 over AES-128 but not use AES-256?Are tags longer than 128 bit possible for AES-256-CCM and AES-256-GCM?AES key expansion for 192-bit













7












$begingroup$


I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:



*128-bit key size -> 10 rounds
*192-bit key size -> 12 rounds
*256-bit key size -> 14 rounds



Why these specific numbers of rounds only?






aes






share









New contributor




kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
Check out our Code of Conduct.







$endgroup$
















    7












    $begingroup$


    I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:



    *128-bit key size -> 10 rounds
    *192-bit key size -> 12 rounds
    *256-bit key size -> 14 rounds



    Why these specific numbers of rounds only?






    aes






    share









    New contributor




    kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
    Check out our Code of Conduct.







    $endgroup$














      7












      7








      7





      $begingroup$


      I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:



      *128-bit key size -> 10 rounds
      *192-bit key size -> 12 rounds
      *256-bit key size -> 14 rounds



      Why these specific numbers of rounds only?






      aes






      share









      New contributor




      kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.







      $endgroup$




      I was reading about the AES algorithm to be used in one of our projects and found that the exact number of rounds is fixed in AES for specific key sizes:



      *128-bit key size -> 10 rounds
      *192-bit key size -> 12 rounds
      *256-bit key size -> 14 rounds



      Why these specific numbers of rounds only?






      aes




      aes





      share









      New contributor




      kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.










      share









      New contributor




      kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.








      share



      share








      edited 1 hour ago









      forest

      4,44511641




      4,44511641






      New contributor




      kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.









      asked 3 hours ago









      kapilkapil

      382




      382




      New contributor




      kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.





      New contributor





      kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.






      kapil is a new contributor to this site. Take care in asking for clarification, commenting, and answering.
      Check out our Code of Conduct.




















          1 Answer
          1






          active

          oldest

          votes


















          7












          $begingroup$

          Why these specific number of rounds only?



          Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".



          The standard specifies these specific number of rounds to ensure that different implementations are interoperable.



          Why not more or less?



          The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.



          Less might be insecure, and more might be slower with no benefit.



          To quote the above book (from Section 3.5 The Number of Rounds):




          For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:



          1. One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.


          2. (Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.







          share|improve this answer











          $endgroup$












            Your Answer





            StackExchange.ifUsing("editor", function ()
            return StackExchange.using("mathjaxEditing", function ()
            StackExchange.MarkdownEditor.creationCallbacks.add(function (editor, postfix)
            StackExchange.mathjaxEditing.prepareWmdForMathJax(editor, postfix, [["$", "$"], ["\\(","\\)"]]);
            );
            );
            , "mathjax-editing");

            StackExchange.ready(function()
            var channelOptions =
            tags: "".split(" "),
            id: "281"
            ;
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function()
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled)
            StackExchange.using("snippets", function()
            createEditor();
            );

            else
            createEditor();

            );

            function createEditor()
            StackExchange.prepareEditor(
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: false,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: null,
            bindNavPrevention: true,
            postfix: "",
            imageUploader:
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            ,
            noCode: true, onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            );



            );






            kapil is a new contributor. Be nice, and check out our Code of Conduct.









            draft saved

            draft discarded


















            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68199%2fwhy-does-aes-have-exactly-10-rounds-for-a-128-bit-key-12-for-192-bits-and-14-fo%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            7












            $begingroup$

            Why these specific number of rounds only?



            Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".



            The standard specifies these specific number of rounds to ensure that different implementations are interoperable.



            Why not more or less?



            The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.



            Less might be insecure, and more might be slower with no benefit.



            To quote the above book (from Section 3.5 The Number of Rounds):




            For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:



            1. One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.


            2. (Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.







            share|improve this answer











            $endgroup$

















              7












              $begingroup$

              Why these specific number of rounds only?



              Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".



              The standard specifies these specific number of rounds to ensure that different implementations are interoperable.



              Why not more or less?



              The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.



              Less might be insecure, and more might be slower with no benefit.



              To quote the above book (from Section 3.5 The Number of Rounds):




              For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:



              1. One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.


              2. (Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.







              share|improve this answer











              $endgroup$















                7












                7








                7





                $begingroup$

                Why these specific number of rounds only?



                Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".



                The standard specifies these specific number of rounds to ensure that different implementations are interoperable.



                Why not more or less?



                The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.



                Less might be insecure, and more might be slower with no benefit.



                To quote the above book (from Section 3.5 The Number of Rounds):




                For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:



                1. One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.


                2. (Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.







                share|improve this answer











                $endgroup$



                Why these specific number of rounds only?



                Because AES is a standard; AES is an acronym for "Advanced Encryption Standard".



                The standard specifies these specific number of rounds to ensure that different implementations are interoperable.



                Why not more or less?



                The reason these specific numbers of rounds were chosen was a choice of the designers. They did a lot of math to determine that these were the sweet spot between sufficient security and optimal performance.



                Less might be insecure, and more might be slower with no benefit.



                To quote the above book (from Section 3.5 The Number of Rounds):




                For Rijndael versions with a longer key, the number of rounds was raised by one for every additional 32 bits in the cipher key. This was done for the following reasons:



                1. One of the main objectives is the absence of shortcut attacks, i.e. attacks that are more efficient than an exhaustive key search. Since the workload of an exhaustive key search grows with the key length, shortcut attacks can afford to be less efficient for longer keys.


                2. (Partially) known-key and related-key attacks exploit the knowledge of cipher key bits or the ability to apply different cipher keys. If the cipher key grows, the range of possibilities available to the cryptanalyst increases.








                share|improve this answer














                share|improve this answer



                share|improve this answer








                edited 1 hour ago









                puzzlepalace

                2,8701133




                2,8701133










                answered 3 hours ago









                Ella RoseElla Rose

                16.5k44281




                16.5k44281




















                    kapil is a new contributor. Be nice, and check out our Code of Conduct.









                    draft saved

                    draft discarded


















                    kapil is a new contributor. Be nice, and check out our Code of Conduct.












                    kapil is a new contributor. Be nice, and check out our Code of Conduct.











                    kapil is a new contributor. Be nice, and check out our Code of Conduct.














                    Thanks for contributing an answer to Cryptography Stack Exchange!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid


                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.

                    Use MathJax to format equations. MathJax reference.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function ()
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fcrypto.stackexchange.com%2fquestions%2f68199%2fwhy-does-aes-have-exactly-10-rounds-for-a-128-bit-key-12-for-192-bits-and-14-fo%23new-answer', 'question_page');

                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    -

                    Popular posts from this blog

                    Ружовы пелікан Змест Знешні выгляд | Пашырэнне | Асаблівасці біялогіі | Літаратура | НавігацыяДагледжаная версіяправерана1 зменаДагледжаная версіяправерана1 змена/ 22697590 Сістэматыкана ВіківідахВыявына Вікісховішчы174693363011049382

                    Image
                    Уразлівыя відыЖывёлы паводле алфавітаПеліканыПтушкі ЕўразііПтушкі АфрыкіЖывёлы, апісаныя ў 1758 годзе птушкаАрэалБалканы (function()var node=document.getElementById("mw-dismissablenotice-anonplace");if(node)node.outerHTML="u003Cdiv class="mw-dismissable-notice"u003Eu003Cdiv class="mw-dismissable-notice-close"u003E[u003Ca tabindex="0" role="button"u003Eн...
                    Read more

                    ValueError: Error when checking input: expected conv2d_13_input to have shape (3, 150, 150) but got array with shape (150, 150, 3)2019 Community Moderator ElectionError when checking : expected dense_1_input to have shape (None, 5) but got array with shape (200, 1)Error 'Expected 2D array, got 1D array instead:'ValueError: Error when checking input: expected lstm_41_input to have 3 dimensions, but got array with shape (40000,100)ValueError: Error when checking target: expected dense_1 to have shape (7,) but got array with shape (1,)ValueError: Error when checking target: expected dense_2 to have shape (1,) but got array with shape (0,)Keras exception: ValueError: Error when checking input: expected conv2d_1_input to have shape (150, 150, 3) but got array with shape (256, 256, 3)Steps taking too long to completewhen checking input: expected dense_1_input to have shape (13328,) but got array with shape (317,)ValueError: Error when checking target: expected dense_3 to have shape (None, 1) but got array with shape (7715, 40000)Keras exception: Error when checking input: expected dense_input to have shape (2,) but got array with shape (1,)

                    Image
                    Do I have a twin with permutated remainders? Maximum likelihood parameters deviate from posterior distributions How is the claim "I am in New York only if I am in America" the same as "If I am in New York, then I am in America? What's that red-plus icon near a text? Theorems that impeded progress How can I prevent hyper evolved versions of regular creatures from wiping out their cousins? Today is the Center Modeling an IP Address Alternative to sending password over mail? Pattern match does not work in bash script Why "Having chlorophyll without photosynthesis is actually very dangerous" and "like living with a bomb"? Fully-Firstable Anagram Sets RSA: Danger of using p to create q Did Shadowfax go to Valinor? US citizen flying to France today and my passport expires in less than 2 months How do I draw and define two right triangles next to each other? How does strength of boric acid solution increase in presence of ...
                    Read more

                    Illegal assignment from SObject to ContactFetching String, Id from Map - Illegal Assignment Id to Field / ObjectError: Compile Error: Illegal assignment from String to BooleanError: List has no rows for assignment to SObjectError on Test Class - System.QueryException: List has no rows for assignment to SObjectRemote action problemDML requires SObject or SObject list type error“Illegal assignment from List to List”Test Class Fail: Batch Class: System.QueryException: List has no rows for assignment to SObjectMapping to a user'List has no rows for assignment to SObject' Mystery

                    Image
                    How to determine the actual or "true" resolution of a digital photograph? How to figure out whether the data is sample data or population data apart from the client's information? Can someone publish a story that happened to you? Why do computer-science majors learn calculus? Please, smoke with good manners Normal subgroup of even order whose nontrivial elements form a single conjugacy class is abelian Why does processed meat contain preservatives, while canned fish needs not? TikZ how to make supply and demand arrows for nodes? Is there a way to get a compiler for the original B programming language? Why is the origin of “threshold” uncertain? Upright [...] in italics quotation Will a top journal at least read my introduction? get exit status from system() call How to delegate to implementing class Why are the 2nd/3rd singular forms of present of « potere » irregular? Confused by notation of atomic number Z and mass number A on period...
                    Read more