ラインダール ミックスコラム

Cryptographic operation in the Rijndael encryption algorithm

ラインダール暗号（Advanced Encryption Standard）によって実行されるMixColumns演算は、ShiftRowsステップと並んで、拡散の主な源泉です。各バイト列は4項多項式として扱われ、各バイトはガロア体 の元を表します。係数は素数部分体の元です。 ${\displaystyle b(x)=b_{3}x^{3}+b_{2}x^{2}+b_{1}x+b_{0}}$ ${\displaystyle \operatorname {GF} (2^{8})}$ ${\displaystyle \operatorname {GF} (2)}$

各列には を法とする固定多項式が乗算されます。逆関数は です。 ${\displaystyle a(x)=3x^{3}+x^{2}+x+2}$ ${\displaystyle x^{4}+1}$ ${\displaystyle a^{-1}(x)=11x^{3}+13x^{2}+9x+14}$

デモンストレーション

多項式は と表現されます。 ${\displaystyle a(x)=3x^{3}+x^{2}+x+2}$ ${\displaystyle a(x)=a_{3}x^{3}+a_{2}x^{2}+a_{1}x+a_{0}}$

多項式の乗算

${\displaystyle {\begin{aligned}a(x)\bullet b(x)=c(x)&=\left(a_{3}x^{3}+a_{2}x^{2}+a_{1}x+a_{0}\right)\bullet \left(b_{3}x^{3}+b_{2}x^{2}+b_{1}x+b_{0}\right)\\&=c_{6}x^{6}+c_{5}x^{5}+c_{4}x^{4}+c_{3}x^{3}+c_{2}x^{2}+c_{1}x+c_{0}\end{aligned}}}$

どこ：

${\displaystyle {\begin{aligned}c_{0}&=a_{0}\bullet b_{0}\\c_{1}&=a_{1}\bullet b_{0}\oplus a_{0}\bullet b_{1}\\c_{2}&=a_{2}\bullet b_{0}\oplus a_{1}\bullet b_{1}\oplus a_{0}\bullet b_{2}\\c_{3}&=a_{3}\bullet b_{0}\oplus a_{2}\bullet b_{1}\oplus a_{1}\bullet b_{2}\oplus a_{0}\bullet b_{3}\\c_{4}&=a_{3}\bullet b_{1}\oplus a_{2}\bullet b_{2}\oplus a_{1}\bullet b_{3}\\c_{5}&=a_{3}\bullet b_{2}\oplus a_{2}\bullet b_{3}\\c_{6}&=a_{3}\bullet b_{3}\end{aligned}}}$

モジュール削減

結果は7 項多項式であり、これを を法として乗算することで 4 バイトのワードに縮小する必要があります。 ${\displaystyle c(x)}$ ${\displaystyle x^{4}+1}$

いくつかの基本的な多項式モジュラー演算を実行すると、次のことがわかります。

${\displaystyle {\begin{aligned}x^{6}{\bmod {\left(x^{4}+1\right)}}&=-x^{2}=x^{2}{\text{ over }}\operatorname {GF} \left(2^{8}\right)\\x^{5}{\bmod {\left(x^{4}+1\right)}}&=-x=x{\text{ over }}\operatorname {GF} \left(2^{8}\right)\\x^{4}{\bmod {\left(x^{4}+1\right)}}&=-1=1{\text{ over }}\operatorname {GF} \left(2^{8}\right)\end{aligned}}}$

一般的には、 ${\displaystyle x^{i}{\bmod {\left(x^{4}+1\right)}}=x^{i{\bmod {4}}}.}$

それで

${\displaystyle {\begin{aligned}a(x)\otimes b(x)&=c(x){\bmod {\left(x^{4}+1\right)}}\\&=\left(c_{6}x^{6}+c_{5}x^{5}+c_{4}x^{4}+c_{3}x^{3}+c_{2}x^{2}+c_{1}x+c_{0}\right){\bmod {\left(x^{4}+1\right)}}\\&=c_{6}x^{6{\bmod {4}}}+c_{5}x^{5{\bmod {4}}}+c_{4}x^{4{\bmod {4}}}+c_{3}x^{3{\bmod {4}}}+c_{2}x^{2{\bmod {4}}}+c_{1}x^{1{\bmod {4}}}+c_{0}x^{0{\bmod {4}}}\\&=c_{6}x^{2}+c_{5}x+c_{4}+c_{3}x^{3}+c_{2}x^{2}+c_{1}x+c_{0}\\&=c_{3}x^{3}+\left(c_{2}\oplus c_{6}\right)x^{2}+\left(c_{1}\oplus c_{5}\right)x+c_{0}\oplus c_{4}\\&=d_{3}x^{3}+d_{2}x^{2}+d_{1}x+d_{0}\end{aligned}}}$

どこ

${\displaystyle d_{0}=c_{0}\oplus c_{4}}$

${\displaystyle d_{1}=c_{1}\oplus c_{5}}$

${\displaystyle d_{2}=c_{2}\oplus c_{6}}$

${\displaystyle d_{3}=c_{3}}$

行列表現

係数、、は次のように表すこともできます。 ${\displaystyle d_{3}}$ ${\displaystyle d_{2}}$ ${\displaystyle d_{1}}$ ${\displaystyle d_{0}}$

${\displaystyle d_{0}=a_{0}\bullet b_{0}\oplus a_{3}\bullet b_{1}\oplus a_{2}\bullet b_{2}\oplus a_{1}\bullet b_{3}}$

${\displaystyle d_{1}=a_{1}\bullet b_{0}\oplus a_{0}\bullet b_{1}\oplus a_{3}\bullet b_{2}\oplus a_{2}\bullet b_{3}}$

${\displaystyle d_{2}=a_{2}\bullet b_{0}\oplus a_{1}\bullet b_{1}\oplus a_{0}\bullet b_{2}\oplus a_{3}\bullet b_{3}}$

${\displaystyle d_{3}=a_{3}\bullet b_{0}\oplus a_{2}\bullet b_{1}\oplus a_{1}\bullet b_{2}\oplus a_{0}\bullet b_{3}}$

の係数を暗号で使用される定数に置き換えると、次のようになります。 ${\displaystyle a(x)}$ ${\displaystyle {\begin{bmatrix}3&1&1&2\end{bmatrix}}}$

${\displaystyle d_{0}=2\bullet b_{0}\oplus 3\bullet b_{1}\oplus 1\bullet b_{2}\oplus 1\bullet b_{3}}$

${\displaystyle d_{1}=1\bullet b_{0}\oplus 2\bullet b_{1}\oplus 3\bullet b_{2}\oplus 1\bullet b_{3}}$

${\displaystyle d_{2}=1\bullet b_{0}\oplus 1\bullet b_{1}\oplus 2\bullet b_{2}\oplus 3\bullet b_{3}}$

${\displaystyle d_{3}=3\bullet b_{0}\oplus 1\bullet b_{1}\oplus 1\bullet b_{2}\oplus 2\bullet b_{3}}$

これは、演算自体がヒル暗号に似ていることを示しています。これは、ラインダールのガロア体上の4つの数値の座標ベクトルに、次の巡回MDS行列を乗算することで実行できます。

${\displaystyle {\begin{bmatrix}d_{0}\\d_{1}\\d_{2}\\d_{3}\end{bmatrix}}={\begin{bmatrix}2&3&1&1\\1&2&3&1\\1&1&2&3\\3&1&1&2\end{bmatrix}}{\begin{bmatrix}b_{0}\\b_{1}\\b_{2}\\b_{3}\end{bmatrix}}}$

実装例

実際の実装では、2倍の乗算を単一のシフトと条件付き排他的論理和に置き換え、3倍の乗算を2倍の乗算と排他的論理和の組み合わせに置き換えることで、多少簡略化できます。このような実装のC言語の例を以下に示します。

void gmix_column (符号なしchar * r ) {     符号なしchar型a [ 4 ];   符号なしchar b [ 4 ];   符号なしchar c ;   符号なしchar h ;   /* 配列 'a' は入力配列 'r' の単なるコピーです * 配列 'b' は配列 'a' の各要素を 2 倍したものである * ラインダールのガロア体において * a[n] ^ b[n] はラインダールのガロア体の元 n の 3 倍である */  ( c = 0 ; c < 4 ; c ++ )の場合{         a [ c ] = r [ c ];   /* r[c]の上位ビットが設定されている場合はhは0x01に設定され、それ以外の場合は0x00に設定されます */ h = r [ c ] >> 7 ; /* 論理右シフト、ゼロをシフト */      b [ c ] = r [ c ] << 1 ; /* b[c] は8ビット文字なので、上位ビットを暗黙的に削除します。そのため、次の行では0x1bで排他的論理和を取り、0x11bでは行いません。 */      b [ c ] ^= h * 0x1B ; /* ラインダールのガロア体 */      } r [ 0 ] = b [ 0 ] ^ a [ 3 ] ^ a [ 2 ] ^ b [ 1 ] ^ a [ 1 ]; /* 2 * a0 + a3 + a2 + 3 * a1 */            r [ 1 ] = b [ 1 ] ^ a [ 0 ] ^ a [ 3 ] ^ b [ 2 ] ^ a [ 2 ]; /* 2 * a1 + a0 + a3 + 3 * a2 */            r [ 2 ] = b [ 2 ] ^ a [ 1 ] ^ a [ 0 ] ^ b [ 3 ] ^ a [ 3 ]; /* 2 * a2 + a1 + a0 + 3 * a3 */            r [ 3 ] = b [ 3 ] ^ a [ 2 ] ^ a [ 1 ] ^ b [ 0 ] ^ a [ 0 ]; /* 2 * a3 + a2 + a1 + 3 * a0 */           }

AC#の例

// ガロア体 (256) 2バイトの乗算プライベートバイトGMul (バイトa 、バイトb )     { バイトp = 0 ;    for ( intカウンター= 0 ;カウンター< 8 ;カウンター++ )         { (( b & 1 ) != 0 )の場合      { p ^= a ;   } ブールhi_bit_set = ( a & 0x80 ) != 0 ;        a <<= 1 ;   if ( hi_bit_set )  { a ^= 0x1B ; /* x^8 + x^4 + x^3 + x + 1 */    } b >>= 1 ;   } pを返します。 }// 's' はメインの状態行列、 'ss' は 's' と同じ次元の一時行列です。プライベートvoid MixColumns ()  { 配列.Clear ( ss , 0 , ss.Length ) ;​​   ( int c = 0 ; c < 4 ; c ++ )の場合         { ss [ 0 , c ] = (バイト)( GMul ( 0x02 , s [ 0 , c ]) ^ GMul ( 0x03 , s [ 1 , c ]) ^ s [ 2 , c ] ^ s [ 3 , c ]);                ss [ 1 , c ] = (バイト)( s [ 0 , c ] ^ GMul ( 0x02 , s [ 1 , c ]) ^ GMul ( 0x03 , s [ 2 , c ]) ^ s [ 3 , c ]);               ss [ 2 , c ] = (バイト)( s [ 0 , c ] ^ s [ 1 , c ] ^ GMul ( 0x02 , s [ 2 , c ]) ^ GMul ( 0x03 , s [ 3 , c ]));                ss [ 3 , c ] = (バイト)( GMul ( 0x03 , s [ 0 , c ]) ^ s [ 1 , c ] ^ s [ 2 , c ] ^ GMul ( 0x02 , s [ 3 , c ]));               } ss.CopyTo ( s , 0 ) ;​ }

MixColumn() のテストベクトル

16進数		小数点
前に	後	前に	後
63 47 a2 f0	5d e0 70 bb	99 71 162 240	93 224 112 187
f2 0a 22 5c	9f dc 58 9d	242 10 34 92	159 220 88 157
01 01 01 01	01 01 01 01	1 1 1 1	1 1 1 1
c6 c6 c6 c6	c6 c6 c6 c6	198 198 198 198	198 198 198 198
d4 d4 d4 d5	d5 d5 d7 d6	212 212 212 213	213 213 215 214
2d 26 31 4c	4d 7e bd f8	45 38 49 76	77 126 189 248

逆ミックス列

MixColumns 操作には次の逆操作があります (数値は小数です)。

${\displaystyle {\begin{bmatrix}b_{0}\\b_{1}\\b_{2}\\b_{3}\end{bmatrix}}={\begin{bmatrix}14&11&13&9\\9&14&11&13\\13&9&14&11\\11&13&9&14\end{bmatrix}}{\begin{bmatrix}d_{0}\\d_{1}\\d_{2}\\d_{3}\end{bmatrix}}}$

または：

${\displaystyle {\begin{aligned}b_{0}&=14\bullet d_{0}\oplus 11\bullet d_{1}\oplus 13\bullet d_{2}\oplus 9\bullet d_{3}\\b_{1}&=9\bullet d_{0}\oplus 14\bullet d_{1}\oplus 11\bullet d_{2}\oplus 13\bullet d_{3}\\b_{2}&=13\bullet d_{0}\oplus 9\bullet d_{1}\oplus 14\bullet d_{2}\oplus 11\bullet d_{3}\\b_{3}&=11\bullet d_{0}\oplus 13\bullet d_{1}\oplus 9\bullet d_{2}\oplus 14\bullet d_{3}\end{aligned}}}$

ガロア乗算ルックアップ テーブル

一般的に、ガロア乗算を実装するのではなく、Rijndael 実装では、事前に計算されたルックアップ テーブルを使用して、2、3、9、11、13、および 14 によるバイト乗算を実行します。

例えばC#ではこれらのテーブルはByte[256]配列に格納できます。

p * 3

結果は次のように得られます。

結果 = table_3[(int)p]

これらのルックアップ テーブルの最も一般的な例は次のとおりです。

2倍する:

0x00,0x02,0x04,0x06,0x08,0x0a,0x0c,0x0e,0x10,0x12,0x14,0x16,0x18,0x1a,0x1c,0x1e,0x20,0x22,0x24,0x26,0x28,0x2a,0x2c,0x2e,0x30,0x32,0x34,0x36,0x38,0x3a,0x3c,0x3e,0x40,0x42,0x44,0x46,0x48,0x4a,0x4c,0x4e,0x50,0x52,0x54,0x56,0x58,0x5a,0x5c,0x5e,0x60,0x62,0x64,0x66,0x68,0x6a,0x6c,0x6e,0x70,0x72,0x74,0x76,0x78,0x7a,0x7c,0x7e,0x80,0x82,0x84,0x86,0x88,0x8a,0x8c,0x8e,0x90,0x92,0x94,0x96,0x98,0x9a,0x9c,0x9e,0xa0,0xa2,0xa4,0xa6,0xa8,0xaa,0xac,0xae,0xb0,0xb2,0xb4,0xb6,0xb8,0xba,0xbc,0xbe,0xc0,0xc2,0xc4,0xc6,0xc8,0xca,0xcc,0xce,0xd0,0xd2,0xd4,0xd6,0xd8,0xda,0xdc,0xde,0xe0,0xe2,0xe4,0xe6,0xe8,0xea,0xec,0xee,0xf0,0xf2,0xf4,0xf6,0xf8,0xfa,0xfc,0xfe,0x1b,0x19,0x1f,0x1d,0x13,0x11,0x17,0x15,0x0b,0x09,0x0f,0x0d,0x03,0x01,0x07,0x05,0x3b,0x39,0x3f,0x3d,0x33,0x31,0x37,0x35,0x2b,0x29,0x2f,0x2d,0x23,0x21,0x27,0x25,0x5b,0x59,0x5f,0x5d,0x53,0x51,0x57,0x55,0x4b,0x49,0x4f,0x4d,0x43,0x41,0x47,0x45,0x7b,0x79,0x7f,0x7d,0x73,0x71,0x77,0x75,0x6b,0x69,0x6f,0x6d,0x63,0x61,0x67,0x65,0x9b,0x99,0x9f,0x9d,0x93,0x91,0x97,0x95,0x8b,0x89,0x8f,0x8d,0x83,0x81,0x87,0x85,0xbb、0xb9、0xbf、0xbd、0xb3、0xb1、0xb7、0xb5、0xab、0xa9、0xaf、0xad、0xa3、0xa1、0xa7、0xa5、0xdb、0xd9、0xdf、0xdd、0xd3、0xd1、0xd7、0xd5、0xcb、0xc9、0xcf、0xcd、0xc3、0xc1、0xc7、0xc5、0xfb、0xf9、0xff、0xfd、0xf3、0xf1、0xf7、0xf5、0xeb、0xe9、0xef、0xed、0xe3、0xe1、0xe7、0xe5

3倍する:

0x00,0x03,0x06,0x05,0x0c,0x0f,0x0a,0x09,0x18,0x1b,0x1e,0x1d,0x14,0x17,0x12,0x11,0x30,0x33,0x36,0x35,0x3c,0x3f,0x3a,0x39,0x28,0x2b,0x2e,0x2d,0x24,0x27,0x22,0x21,0x60,0x63,0x66,0x65,0x6c,0x6f,0x6a,0x69,0x78,0x7b,0x7e,0x7d,0x74,0x77,0x72,0x71,0x50,0x53,0x56,0x55,0x5c,0x5f,0x5a,0x59,0x48,0x4b,0x4e,0x4d,0x44,0x47,0x42,0x41,0xc0,0xc3,0xc6,0xc5,0xcc,0xcf,0xca,0xc9,0xd8,0xdb,0xde,0xdd,0xd4,0xd7,0xd2,0xd1,0xf0,0xf3,0xf6,0xf5,0xfc,0xff,0xfa,0xf9,0xe8,0xeb,0xee,0xed,0xe4,0xe7,0xe2,0xe1,0xa0,0xa3,0xa6,0xa5,0xac,0xaf,0xaa,0xa9,0xb8,0xbb,0xbe,0xbd,0xb4,0xb7,0xb2,0xb1,0x90,0x93,0x96,0x95,0x9c,0x9f,0x9a,0x99,0x88,0x8b,0x8e,0x8d,0x84,0x87,0x82,0x81,0x9b,0x98,0x9d,0x9e,0x97,0x94,0x91,0x92,0x83,0x80,0x85,0x86,0x8f,0x8c,0x89,0x8a,0xab,0xa8,0xad,0xae,0xa7,0xa4,0xa1,0xa2,0xb3,0xb0,0xb5,0xb6,0xbf,0xbc,0xb9,0xba,0xfb、0xf8、0xfd、0xfe、0xf7、0xf4、0xf1、0xf2、0xe3、0xe0、0xe5、0xe6、0xef、0xec、0xe9、0xea、0xcb、0xc8、0xcd、0xce、0xc7、0xc4、0xc1、0xc2、0xd3、0xd0、0xd5、0xd6、0xdf、0xdc、0xd9、0xda、0x5b,0x58,0x5d,0x5e,0x57,0x54,0x51,0x52,0x43,0x40,0x45,0x46,0x4f,0x4c,0x49,0x4a,0x6b,0x68,0x6d,0x6e,0x67,0x64,0x61,0x62,0x73,0x70,0x75,0x76,0x7f,0x7c,0x79,0x7a,0x3b,0x38,0x3d,0x3e,0x37,0x34,0x31,0x32,0x23,0x20,0x25,0x26,0x2f,0x2c,0x29,0x2a,0x0b,0x08,0x0d,0x0e,0x07,0x04,0x01,0x02,0x13,0x10,0x15,0x16,0x1f,0x1c,0x19,0x1a

9 を掛けます:

0x00,0x09,0x12,0x1b,0x24,0x2d,0x36,0x3f,0x48,0x41,0x5a,0x53,0x6c,0x65,0x7e,0x77,0x90,0x99,0x82,0x8b,0xb4,0xbd,0xa6,0xaf,0xd8,0xd1,0xca,0xc3,0xfc,0xf5,0xee,0xe7,0x3b,0x32,0x29,0x20,0x1f,0x16,0x0d,0x04,0x73,0x7a,0x61,0x68,0x57,0x5e,0x45,0x4c,0xab,0xa2,0xb9,0xb0,0x8f,0x86,0x9d,0x94,0xe3,0xea,0xf1,0xf8,0xc7,0xce,0xd5,0xdc,0x76,0x7f,0x64,0x6d,0x52,0x5b,0x40,0x49,0x3e,0x37,0x2c,0x25,0x1a,0x13,0x08,0x01,0xe6,0xef,0xf4,0xfd,0xc2,0xcb,0xd0,0xd9,0xae,0xa7,0xbc,0xb5,0x8a,0x83,0x98,0x91,0x4d,0x44,0x5f,0x56,0x69,0x60,0x7b,0x72,0x05,0x0c,0x17,0x1e,0x21,0x28,0x33,0x3a,0xdd,0xd4,0xcf,0xc6,0xf9,0xf0,0xeb,0xe2,0x95,0x9c,0x87,0x8e,0xb1,0xb8,0xa3,0xaa,0xec,0xe5,0xfe,0xf7,0xc8,0xc1,0xda,0xd3,0xa4,0xad,0xb6,0xbf,0x80,0x89,0x92,0x9b,0x7c,0x75,0x6e,0x67,0x58,0x51,0x4a,0x43,0x34,0x3d,0x26,0x2f,0x10,0x19,0x02,0x0b,0xd7,0xde,0xc5,0xcc,0xf3,0xfa,0xe1,0xe8,0x9f,0x96,0x8d,0x84,0xbb,0xb2,0xa9,0xa0,0x47,0x4e,0x55,0x5c,0x63,0x6a,0x71,0x78,0x0f,0x06,0x1d,0x14,0x2b,0x22,0x39,0x30,0x9a,0x93,0x88,0x81,0xbe,0xb7,0xac,0xa5,0xd2,0xdb,0xc0,0xc9,0xf6,0xff,0xe4,0xed,0x0a,0x03,0x18,0x11,0x2e,0x27,0x3c,0x35,0x42,0x4b,0x50,0x59,0x66,0x6f,0x74,0x7d,0xa1,0xa8,0xb3,0xba,0x85,0x8c,0x97,0x9e,0xe9,0xe0,0xfb,0xf2,0xcd,0xc4,0xdf,0xd6,0x31,0x38,0x23,0x2a,0x15,0x1c,0x07,0x0e,0x79,0x70,0x6b,0x62,0x5d,0x54,0x4f,0x46

11 を掛ける (0xB):

0x00,0x0b,0x16,0x1d,0x2c,0x27,0x3a,0x31,0x58,0x53,0x4e,0x45,0x74,0x7f,0x62,0x69,0xb0,0xbb,0xa6,0xad,0x9c,0x97,0x8a,0x81,0xe8,0xe3,0xfe,0xf5,0xc4,0xcf,0xd2,0xd9,0x7b,0x70,0x6d,0x66,0x57,0x5c,0x41,0x4a,0x23,0x28,0x35,0x3e,0x0f,0x04,0x19,0x12,0xcb,0xc0,0xdd,0xd6,0xe7,0xec,0xf1,0xfa,0x93,0x98,0x85,0x8e,0xbf,0xb4,0xa9,0xa2,0xf6,0xfd,0xe0,0xeb,0xda,0xd1,0xcc,0xc7,0xae,0xa5,0xb8,0xb3,0x82,0x89,0x94,0x9f,0x46,0x4d,0x50,0x5b,0x6a,0x61,0x7c,0x77,0x1e,0x15,0x08,0x03,0x32,0x39,0x24,0x2f,0x8d,0x86,0x9b,0x90,0xa1,0xaa,0xb7,0xbc,0xd5,0xde,0xc3,0xc8,0xf9,0xf2,0xef,0xe4,0x3d,0x36,0x2b,0x20,0x11,0x1a,0x07,0x0c,0x65,0x6e,0x73,0x78,0x49,0x42,0x5f,0x54,0xf7,0xfc,0xe1,0xea,0xdb,0xd0,0xcd,0xc6,0xaf,0xa4,0xb9,0xb2,0x83,0x88,0x95,0x9e,0x47,0x4c,0x51,0x5a,0x6b,0x60,0x7d,0x76,0x1f,0x14,0x09,0x02,0x33,0x38,0x25,0x2e,0x8c,0x87,0x9a,0x91,0xa0,0xab,0xb6,0xbd,0xd4,0xdf,0xc2,0xc9,0xf8,0xf3,0xee,0xe5,0x3c,0x37,0x2a,0x21,0x10,0x1b,0x06,0x0d,0x64,0x6f,0x72,0x79,0x48,0x43,0x5e,0x55,0x01,0x0a,0x17,0x1c,0x2d,0x26,0x3b,0x30,0x59,0x52,0x4f,0x44,0x75,0x7e,0x63,0x68,0xb1,0xba,0xa7,0xac,0x9d,0x96,0x8b,0x80,0xe9,0xe2,0xff,0xf4,0xc5,0xce,0xd3,0xd8,0x7a,0x71,0x6c,0x67,0x56,0x5d,0x40,0x4b,0x22,0x29,0x34,0x3f,0x0e,0x05,0x18,0x13,0xca,0xc1,0xdc,0xd7,0xe6,0xed,0xf0,0xfb,0x92,0x99,0x84,0x8f,0xbe,0xb5,0xa8,0xa3

13 (0xD) を掛けます:

0x00,0x0d,0x1a,0x17,0x34,0x39,0x2e,0x23,0x68,0x65,0x72,0x7f,0x5c,0x51,0x46,0x4b,0xd0,0xdd,0xca,0xc7,0xe4,0xe9,0xfe,0xf3,0xb8,0xb5,0xa2,0xaf,0x8c,0x81,0x96,0x9b,0xbb、0xb6、0xa1、0xac、0x8f、0x82、0x95、0x98、0xd3、0xde、0xc9、0xc4、0xe7、0xea、0xfd、0xf0、0x6b,0x66,0x71,0x7c,0x5f,0x52,0x45,0x48,0x03,0x0e,0x19,0x14,0x37,0x3a,0x2d,0x20,0x6d,0x60,0x77,0x7a,0x59,0x54,0x43,0x4e,0x05,0x08,0x1f,0x12,0x31,0x3c,0x2b,0x26,0xbd,0xb0,0xa7,0xaa,0x89,0x84,0x93,0x9e,0xd5,0xd8,0xcf,0xc2,0xe1,0xec,0xfb,0xf6,0xd6,0xdb,0xcc,0xc1,0xe2,0xef,0xf8,0xf5,0xbe,0xb3,0xa4,0xa9,0x8a,0x87,0x90,0x9d,0x06,0x0b,0x1c,0x11,0x32,0x3f,0x28,0x25,0x6e,0x63,0x74,0x79,0x5a,0x57,0x40,0x4d,0xda、0xd7、0xc0、0xcd、0xee、0xe3、0xf4、0xf9、0xb2、0xbf、0xa8、0xa5、0x86、0x8b、0x9c、0x91、0x0a,0x07,0x10,0x1d,0x3e,0x33,0x24,0x29,0x62,0x6f,0x78,0x75,0x56,0x5b,0x4c,0x41,0x61,0x6c,0x7b,0x76,0x55,0x58,0x4f,0x42,0x09,0x04,0x13,0x1e,0x3d,0x30,0x27,0x2a,0xb1,0xbc,0xab,0xa6,0x85,0x88,0x9f,0x92,0xd9,0xd4,0xc3,0xce,0xed,0xe0,0xf7,0xfa,0xb7,0xba,0xad,0xa0,0x83,0x8e,0x99,0x94,0xdf,0xd2,0xc5,0xc8,0xeb,0xe6,0xf1,0xfc,0x67,0x6a,0x7d,0x70,0x53,0x5e,0x49,0x44,0x0f,0x02,0x15,0x18,0x3b,0x36,0x21,0x2c,0x0c,0x01,0x16,0x1b,0x38,0x35,0x22,0x2f,0x64,0x69,0x7e,0x73,0x50,0x5d,0x4a,0x47,0xdc,0xd1,0xc6,0xcb,0xe8,0xe5,0xf2,0xff,0xb4,0xb9,0xae,0xa3,0x80,0x8d,0x9a,0x97

14 を掛ける (0xE):

0x00,0x0e,0x1c,0x12,0x38,0x36,0x24,0x2a,0x70,0x7e,0x6c,0x62,0x48,0x46,0x54,0x5a,0xe0,0xee,0xfc,0xf2,0xd8,0xd6,0xc4,0xca,0x90,0x9e,0x8c,0x82,0xa8,0xa6,0xb4,0xba,0xdb、0xd5、0xc7、0xc9、0xe3、0xed、0xff、0xf1、0xab、0xa5、0xb7、0xb9、0x93、0x9d、0x8f、0x81、0x3b,0x35,0x27,0x29,0x03,0x0d,0x1f,0x11,0x4b,0x45,0x57,0x59,0x73,0x7d,0x6f,0x61,0xad,0xa3,0xb1,0xbf,0x95,0x9b,0x89,0x87,0xdd,0xd3,0xc1,0xcf,0xe5,0xeb,0xf9,0xf7,0x4d,0x43,0x51,0x5f,0x75,0x7b,0x69,0x67,0x3d,0x33,0x21,0x2f,0x05,0x0b,0x19,0x17,0x76,0x78,0x6a,0x64,0x4e,0x40,0x52,0x5c,0x06,0x08,0x1a,0x14,0x3e,0x30,0x22,0x2c,0x96,0x98,0x8a,0x84,0xae,0xa0,0xb2,0xbc,0xe6,0xe8,0xfa,0xf4,0xde,0xd0,0xc2,0xcc,0x41,0x4f,0x5d,0x53,0x79,0x77,0x65,0x6b,0x31,0x3f,0x2d,0x23,0x09,0x07,0x15,0x1b,0xa1,0xaf,0xbd,0xb3,0x99,0x97,0x85,0x8b,0xd1,0xdf,0xcd,0xc3,0xe9,0xe7,0xf5,0xfb,0x9a,0x94,0x86,0x88,0xa2,0xac,0xbe,0xb0,0xea,0xe4,0xf6,0xf8,0xd2,0xdc,0xce,0xc0,0x7a,0x74,0x66,0x68,0x42,0x4c,0x5e,0x50,0x0a,0x04,0x16,0x18,0x32,0x3c,0x2e,0x20,0xec,0xe2,0xf0,0xfe,0xd4,0xda,0xc8,0xc6,0x9c,0x92,0x80,0x8e,0xa4,0xaa,0xb8,0xb6,0x0c,0x02,0x10,0x1e,0x34,0x3a,0x28,0x26,0x7c,0x72,0x60,0x6e,0x44,0x4a,0x58,0x56,0x37,0x39,0x2b,0x25,0x0f,0x01,0x13,0x1d,0x47,0x49,0x5b,0x55,0x7f,0x71,0x63,0x6d,0xd7,0xd9,0xcb,0xc5,0xef,0xe1,0xf3,0xfd,0xa7,0xa9,0xbb,0xb5,0x9f,0x91,0x83,0x8d

参考文献

• FIPS PUB 197: 公式 AES 標準 ( PDFファイル)

Retrieved from "https://en.wikipedia.org/w/index.php?title=Rijndael_MixColumns&oldid=1305163682"