Re: Cohen's paper on byte order

From: Mok-Kong Shen (
Date: 05/20/03

Date: Tue, 20 May 2003 11:35:48 +0200

Brian Gladman wrote:
> In my view AES implementations in software are tested using the external
> byte array interface at which the bit sequence test vectors are applied or
> read using a big-endian transformation to arrays of bytes.

As I expressed previously, the document descirbes
'only' an abstract algorithm for the 'human' readers.
Hence the bit sequences referred to in the document
are to be understood to be in the ordering of his
'logical' view. The hex digits are equivalent to bit
sequences according to the common convention of
re-writing. In the proper domain of the document the
issue of endian-ness thus clearly and simply doesn't
even exist. (There are there only bit sequences, no
interpretation as binary integers whatever.) Only
when one starts to do implementation, i.e. to map
an 8-bit units which AES calls a 'byte' in Fig.2
to a byte in the terminology of the particular
implementor does the issue of endian-ness pops up.
But the writers of the document obviously (and
in my view correctly) assume that the implementors
are capable enough to realize the abstract algorithm
properly in their cocrete codes with due regard
to the (under circumstances idiosyncrytic) properties
of their specific hardware. Thus any claim of
'deficiency' of the AES document in the context of
this thread is bogous in my opinion.

M. K. Shen

Relevant Pages

  • Re: Cohens paper on byte order
    ... > interoperate with all other corect implementations, ... What I meant by this is that if implementations were to formally encode AES ... work with those that now exist since these all use an octet array interface. ... tidying up a small hole in the FIPS. ...
  • Re: [RFC][PATCH 2/2] Twofish cipher x86_64-asm optimized
    ... / assembler) and comparing results. ... I'm quite a newbie when it comes to kernel programming. ... but my reference for this module was the aes assembler ... As the Crypto API now allows multiple implementations to be registered ...
  • Re: Cohens paper on byte order
    ... > that mapping is and re-map if that doesn't suit him ... AES, but that is a nonstandard supplement to the ... standard AES specification. ... communicating with other AES implementations, ...
  • Re: create file, fail if already open
    ... Additional characters may follow these sequences. ... Based on the existence of this footnote and on the c89 text, ... safe to say that implementations that don't themselves use a flag, say, ...
  • Re: Cohens paper on byte order
    ... > be a mapping of the message bits into bits of the block buffer ... > same order for the AES bit indices as the bit-stream indices. ... > different ways for different protocol implementations, ...