Rijndael cipher scheme is an iterated block cipher with a variable block size and a variable key length. You can independently specify the lengths of the data block and the key as 128, 192, or 256 bits.
This section describes the functions operating in various operational modes under the various Rijndael cipher systems. The functions in this section are categorized by their data block sizes of the baseline Rijndael cipher functions:
To specify the key length for these baseline Rijndael cipher schemes, all the functions in this section use the following enumeration
typedef enum {
IppsRijndaelKey128 = 128, // 128-bit key
IppsRijndaelKey192 = 192, // 192-bit key
IppsRijndaelKey256 = 256, // 256-bit key
} IppsRijndaelKeyLength;
The functions for Rijndael128 with the 128-bit key length described in this section are, in fact, American Encryption Standard (AES) cipher functions implemented in the way to comply with the American Standard FIPS 197. All other functions for various other Rijndael block cipher schemes fully comply to the respective cipher schemes documented by Joan Daeman and Vincent Rijmen.
Table “Intel IPP Rijndael Algorithm Functions” lists Intel IPP Rijndael functions:
| Function Base Name | Operation |
|---|---|
| Rijndael128GetSize | Gets the size of the IppsRijndael128Spec context. |
| Rijndael128Init, SafeRijndael128Init | Initialize user-supplied memory as IppsRijndael128Spec context for future use. |
| Rijndael128Pack, Rijndael128Unpack | Packs/unpacks the IppsRijndael128Spec context into/from a user-defined buffer. |
| Rijndael128EncryptECB | Encrypts plaintext message using Rijndael128 algorithm in the ECB encryption mode. |
| Rijndael128DecryptECB | Decrypts byte data stream using Rijndael128 algorithm in the ECB mode. |
| Rijndael128EncryptCBC | Encrypts byte data stream according to Rijndael128 in the CBC mode. |
| Rijndael128DecryptCBC | Decrypts byte data stream according to Rijndael128 in the CBC mode. |
| Rijndael128EncryptCFB | Encrypts byte data stream according to Rijndael128 in the CFB mode. |
| Rijndael128DecryptCFB | Decrypts byte data stream according to Rijndael128 in the CFB mode. |
| Rijndael128EncryptOFB | Encrypts byte data stream according to Rijndael128 in the OFB mode. |
| Rijndael128DecryptOFB | Decrypts byte data stream according to Rijndael128 in the OFB mode. |
| Rijndael128EncryptCTR | Encrypts a variable length data stream according to Rijndael128 in the CTR mode. |
| Rijndael128DecryptCTR | Decrypts a variable length data stream according to Rijndael128 in the CTR mode. |
| Rijndael128EncryptCCM | DEPRECATED. Use Rijndael128CCMEncryptMessage instead of this function. Encrypts a variable length data stream and generates its authentication tag in the CCM mode. |
| Rijndael128DecryptCCM | DEPRECATED. Use Rijndael128CCMDecryptMessage instead of this function. Decrypts and verifies a variable length data stream in the CCM mode. |
| Rijndael128EncryptCCM_u8 | DEPRECATED. Use Rijndael128CCMEncryptMessage instead of this function. Encrypts a variable length data stream and generates its authentication tag in the CCM mode using enhanced interface. |
| Rijndael128DecryptCCM_u8 | DEPRECATED. Use Rijndael128CCMDecryptMessage instead of this function. Decrypts and verifies a variable length data stream in the CCM mode using enhanced interface. |
| Rijndael192GetSize | Gets the size of the IppsRijndael192Spec context. |
| Rijndael192Init | Initializes user-supplied memory as IppsRijndael192Spec context for future use. |
| Rijndael192Pack, Rijndael192Unpack | Packs/unpacks the IppsRijndael192Spec context into/from a user-defined buffer. |
| Rijndael192EncryptECB | Encrypts plaintext message using Rijndael192 algorithm in the ECB encryption mode. |
| Rijndael192DecryptECB | Decrypts byte data stream using Rijndael192 algorithm in the ECB mode. |
| Rijndael192EncryptCBC | Encrypts byte data stream according to Rijndael192 in the CBC mode. |
| Rijndael192DecryptCBC | Decrypts byte data stream according to Rijndael192 in the CBC mode. |
| Rijndael192EncryptCFB | Encrypts byte data stream according to Rijndael192 in the CFB mode. |
| Rijndael192DecryptCFB | Decrypts byte data stream according to Rijndael192 in the CFB mode. |
| Rijndael192EncryptOFB | Encrypts byte data stream according to Rijndael192 in the OFB mode. |
| Rijndael192DecryptOFB | Decrypts byte data stream according to Rijndael192 in the OFB mode. |
| Rijndael192EncryptCTR | Encrypts a variable length data stream according to Rijndael192 in the CTR mode. |
| Rijndael192DecryptCTR | Decrypts a variable length data stream according to Rijndael192 in the CTR mode. |
| Rijndael256GetSize | Gets the size of the IppsRijndael256Spec context. |
| Rijndael256Init | Initializes user-supplied memory as IppsRijndael256Spec context for future use. |
| Rijndael256Pack, Rijndael256Unpack | Packs/unpacks the IppsRijndael256Spec context into/from a user-defined buffer. |
| Rijndael256EncryptECB | Encrypts plaintext message using Rijndael256 algorithm in the ECB encryption mode. |
| Rijndael256DecryptECB | Decrypts byte data stream using Rijndael256 algorithm in the ECB mode. |
| Rijndael256EncryptCBC | Encrypts byte data stream according to Rijndael256 in the CBC mode. |
| Rijndael256DecryptCBC | Decrypts byte data stream according to Rijndael256 in the CBC mode. |
| Rijndael256EncryptCFB | Encrypts byte data stream according to Rijndael256 in the CFB mode. |
| Rijndael256DecryptCFB | Decrypts byte data stream according to Rijndael256 in the CFB mode. |
| Rijndael256EncryptOFB | Encrypts byte data stream according to Rijndael256 in the OFB mode. |
| Rijndael256DecryptOFB | Decrypts byte data stream according to Rijndael256 in the OFB mode. |
| Rijndael256EncryptCTR | Encrypts a variable length data stream according to Rijndael256 in the CTR mode. |
| Rijndael256DecryptCTR | Decrypts a variable length data stream according to Rijndael256 in the CTR mode. |
1 Obsolete. Use AES-CCM Functions.
Throughout this section, the functions for Rijndael128 baseline cipher schemes employ the context IppsRijndael128Spec, the functions for Rijndael192 baseline cipher schemes employ the context IppsRijndael192Spec, and the functions for Rijndael256 baseline cipher schemes employ the context IppsRijndael256Spec. They serve as operational vehicles to carry not only a set of round keys and a set of round inverse keys at the same time, but also the key management information.
Once the respective initialization function generates the round keys, the functions for ECB, CBC, CFB, and other modes are ready for the execution of either encrypting or decrypting the streaming data with the specified padding scheme.
The Intel IPP versions 5.3 or lower employed the implementation of AES (that is, Rijndael128) based on the use of large pre-calculated tables (S-boxes). This implementation provides the best performance. However, the research done in recent years proved vulnerability of this solution to various attacks, for example, timing and cache-behavior attacks. To provide a proper level of protection, IPP 6.0 introduces a safe implementation of the AES algorithm. Though 1.3 times slower than the existing one, the safe implementation is invulnerable to the known implementations of timing and cache-behavior attacks. To use Rijndael128 functions with the safe implementation of the algorithm, call initialization function SafeRijndael128Init. If performance is the priority, call Rijndael128Init.
The application code for conducting a typical encryption under CBC mode using the AES scheme, that is, the Rijndael128 with a 128-bit key, should follow the sequence of operations as outlined below:
The IppsRijndael128Spec, IppsRijndael192Spec, and IppsRijndael224Spec contexts are position-dependent. The Rijndael128Pack/Rijndael128Unpack, Rijndael192Pack/Rijndael192Unpack, and Rijndael256Pack/Rijndael256Unpack functions transform the respective position-dependent context to a position-independent form and vice versa.
Copyright © 2000 - 2011, Intel Corporation. All rights reserved.