Re: Cohen's paper on byte order

From: Eugene Starokoltsev (
Date: 04/06/03

From: (Eugene Starokoltsev)
Date: 6 Apr 2003 05:54:09 -0700

"Douglas A. Gwyn" <> wrote in message news:<>...
> Mok-Kong Shen wrote:
> > But is that a problem 'specific' to AES??
> Yes! Haven't you been paying attention? Other
> protocol specs for information interchange are
> careful to spell out all the details necessary
> for correct communication of the formatted data.
> AES does not. It is missing an essential
> component. Putting it another way, it was an
> excess of abstraction to change the specification
> from the original one, that concerned bits in
> storage, into one about abstract mathematical
> objects without a definite mapping between the
> abstract objects and actual storage objects.
> The connection with reality was thereby lost.

I can't agree with you. Indeed AES is just a solid block to create
strong cryptographic systems. AES does not define a lot of essential
components for reliable secure unambiguous communication, starting
from modes of operation and ending by characters encoding. But it is
not a defect of AES as a standard - you just need to use another
standards together with AES or define yours.

AES is defined on a sequences of 128 bits only as data and a sequence
of 128, 192 or 156 bits as a key. This definition is very unambiguous
and consistent - exectly what I need from a standard. In addition,
Rijndael structure is so as all combinations of bit and byte
endiannesses in the communacation channel and endianness of the
hardware executing the algorithm lead to implementations of equal
complexity - it was a goal of Rijndael's authors.

Note that "external interface" of SHA-1 is defined on bit sequences
only too.

BTW thinking of "files" as just sequences of bytes is common for Unix
world but is not a universal constant. So the "reality" is not a
well-defined term :)

Relevant Pages

  • Re: Cohens paper on byte order
    ... > Brian Gladman wrote: ... >> will claim that we can move bytes as bit sequences between machines without ... place it into AES FIPS as a requirement for implementation interface. ... AES is not information-exchange standard as it does not specify how ...
  • Re: Cohens paper on byte order
    ... > In my view AES implementations in software are tested using the external ... > byte array interface at which the bit sequence test vectors are applied or ... Hence the bit sequences referred to in the document ... an 8-bit units which AES calls a 'byte' in Fig.2 ...
  • Re: Cohens paper on byte order
    ... than early implementers of AES seem to have decided, ... of bit sequences. ... You further confused the issue in your rehash by ...
  • Re: Cohens paper on byte order
    ... sequences - there are sequences of bits written left to right and numbered ... Now let us assume that it is going to be treated as a little endian number - ... All that people want is that the FIPS should actually make it clear that AES ...
  • Re: Cohens paper on byte order
    ... > Why not make manufacturer t's depiction look like this: ... between different hardware. ... and as such is NOT in the proper domain of AES. ... > for this in the AES standard. ...