http://www.codeproject.com/Articles/57478/A-Fast-and-Easy-to-Use-AES-Library

Introduction

EfAesLib is a highly optimized Advanced Encryption Standard (AES) library for the Windows platform 32-bit architecture. The Extreme Fast AES Library is implemented based on the official document:http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf.

The library is actually my personal work. I have decided to put it in the public domain and make it free. The size is a little on the higher side because of some optimization to use space in exchange of time.

I have provided the compiled DLL in VS2008, and the project files; or you can use the source in any other platform, it is just plain 'C'.

Using the code

AES is a 128-bit block encrypt/decrypt algorithm. That means you need to carefully handle the last block which is not 16 bytes aligned. Otherwise, you might be unable to decrypt correctly.

There are many block modes defined in the cipher realm. Different block modes have different characteristics. For example, the CRT mode only needs encryption logic, so it is suitable for low cost hardware implementations. The PCBC mode provides better error propagation. As for CFB, OFB modes, there is an extra parameter: 'feedback size'. You can treat it as the result size of each AES block process. That means, CFB 8-bits mode should be about 16 times slower than CFB 128-bits mode. And also, you can do stream ciphers by using the CFB 8-bits mode.

You can reference the EfAesLib.pdf in the package for details about how the different block modes work.

AES always needs a 128-bit key to encrypt/decrypt. But it is also combined with an initial vector to work with, except in ECB mode. Each bit of the initial vector you use will double the possibilities of encrypted text from a given plain text, which means more safety.

EfAesLib supports ECB, CBC, PCBC, OFB, CFB, CRT block modes, and support OFB,CFB mode with [1..16] bytes feedback size. It also supports in-place encryption/decryption in each mode (source and destination buffer are the same).

The following sample uses Counter mode to encode a file:

#include "EfAes.h"

#include <fcntl.h>

#include <io.h>

#include <stdio.h>

#include <stdlib.h>

int main(int argc , char * argv[])

{

    unsigned char key[16]={

       0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88,

       0x11,0x22,0x33,0x44,0x55,0x66,0x77,0x88

    };

    unsigned char vector[16]={

       0x1f,0x32,0x43,0x51,0x56,0x98,0xaf,0xed,

       0xab,0xc8,0x21,0x45,0x63,0x72,0xac,0xfc

    };

    unsigned char buff[4096];

    int rd_fd,wr_fd, rdsz;

    AesCtx context;

    AesSetKey( &context , AES_KEY_128BIT ,BLOCKMODE_CRT, key , vector );

    rd_fd = open("test.dat", O_RDONLY);

    wr_fd = open("test.encoded",O_WRONLY | O_CREAT);

    setmode(rd_fd,O_BINARY);

    setmode(wr_fd,O_BINARY);

    while( (rdsz = read(rd_fd, buff ,4096)) > 0 )

    {

      // before last block , the block size

      // should always be the multiply of 16

      // the last block should be handled

      // if the size is not a multiply of 16

      AesEncryptCRT(&context , buff, buff, rdsz );

      rdsz = AesRoundSize( rdsz, 16);

      write( wr_fd , buff , rdsz );

    }

    close(rd_fd);

    close(wr_fd);

}

The use of the AesCtx structure is mainly designed for thread issues. Each encryption session should have its own AesCtx. The EfAesLib APIs will always pad 0 to input data whose size is not a multiple of 16, or a multiple of the feedback size in the CFB, OFB modes.

Optimization

There are pre-defined functions in the AES algorithm. The first step, also proposed in the Wiki, is to combineSubBytes, ShiftRows with MixColumns. The follow is my sample implementation:

void SubAndShiftAndMixRound(uint8 * pState ,uint32 * pRoundKey , uint32 * pOutput)

{

    uint32 a1,a2,a3,a4;

    a1=pState[0];

    a2=pState[5];

    a3=pState[10];

    a4=pState[15];

    *pOutput++ =

        ((SboxXTime2[a1] ^ SboxXTime3[a2] ^        FSB[a3] ^

                                                   FSB[a4])        |

               ((FSB[a1] ^ SboxXTime2[a2] ^ SboxXTime3[a3] ^

                                            FSB[a4]) << 8)  |

               ((FSB[a1] ^        FSB[a2] ^ SboxXTime2[a3] ^

                                  SboxXTime3[a4]) << 16 )|

        ((SboxXTime3[a1] ^        FSB[a2] ^        FSB[a3] ^

                                  SboxXTime2[a4]) << 24))^ *pRoundKey++;

    ...........

}

In the second step, notice the horizontal direction of a1, a2, a3, a4. We can reduce this by using a pre-build lookup table for each column.

for(i=0;i<256;i++)

{

    TestTable1[i]=SboxXTime2[i] | FSB_8[i]        | FSB_16[i]        | SboxXTime3_24[i];

    TestTable2[i]=SboxXTime3[i] | SboxXTime2_8[i] | FSB_16[i]        | FSB_24[i];

    TestTable3[i]=FSB[i]        | SboxXTime3_8[i] | SboxXTime2_16[i] | FSB_24[i];

    TestTable4[i]=FSB[i]        | FSB_8[i]        | SboxXTime3_16[i] | SboxXTime2_24[i];

}

The code in step one will be optimized to:

void SubAndShiftAndMixRound(uint8 * pState ,uint32 * pRoundKey , uint32 * pOutput)

{

    uint32 a1,a2,a3,a4;

     a1=pState[0];

     a2=pState[5];

     a3=pState[10];

     a4=pState[15];

     *pOutput++ = TestTable1[a1] ^ TestTable2[a2] ^ TestTable3[a3] ^

                                   TestTable4[a4] ^ *pRoundKey++;

     ...........

}

In the third step, notice a1=pState[0],a2=pState[5],a3=pState[10],a4=pState[15]; it is slow in the 32-bit architecture. We can change it to a 32-bit access and XOR the sequence.

Performance

The best performance EfAesLib has is 10M bytes in 78 milliseconds with my Pentium IV 3.0Ghz computer.

Reference

The official document: http://www.csrc.nist.gov/publications/fips/fips197/fips-197.pdf.

The Wiki

• http://en.wikipedia.org/wiki/AES
• http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation

History

v2.0: Extended the library to 128/192/256 bits key length, and also added a 64 bit DLL in addition.

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)