|
To my understanding a state is a $4 \times 4$ byte array used to store the plaintext. That equates to $128$ bits of data. To encrypt more than $128$ bits of data do I need to setup multiple of these states in order to encrypt all the data and perform the algorithm on those states? Or is there another method? |
||||
|
|
|
No, the state of the AES is the internal state of the block cipher. It is not used to store the plaintext message. After a block encrypt the state of the block cipher isn't required anymore. Generally only the subkeys are kept so they don't have to be recalculated using the key schedule anymore. AES, being a block cipher, is not a generic / secure cipher in itself. To use it as a cipher you need to use a mode of operation. The mode of operation is independent of the block cipher itself, although it of course does depend on some parameter such as the block size. The best known mode of operation to create confidentiality is probably CBC. However you will get much more security when using an authenticated mode of operation such as GCM mode. Now the CBC mode and GCM implementations also require state, and this state needs to be kept up to date. For CBC this is at least a block of plaintext as it is impossible to encrypt partial blocks. For GCM it is possible to encrypt partial blocks because it uses counter mode underneath. However, you would still have to store the intermediate results required to calculate the authentication tag (usually stored at the end of the ciphertext) and at least one block for the key stream used to encrypt. As the input / output of a block cipher is one block, and since there must be some kind of vector to link the blocks into one message, you should expect around two blocks of memory for the state, not including the subkeys. That's not that much and probably insignificant compared to the other memory requirements (in-memory tables) required for a fast software implementation of the cipher itself. |
||||
|
|
