binary blobs, gnu, fsf and s-boxes
Yay for GNU Freedom. Recently I ran over a discussion where there were some concerns about the viability of using “binary blobs” in an implementation of the AES algorithm.
Sure, there’s a table in it, 256 elements wide, with some weird numbers in it. What is that table? It’s an S-Box, one of the central pieces of every algorithm that’s based on the Feistel cipher. AES is such an algorithm.
When looking in the the spec (FIPS-197), you can see (on page 16) that they’re defined just like that: a table of values to use. Where do this numbers come from? Probably some NSA office, where some mad scientist (just like you’d image, probably) took the hints from page 26 of the proposal (or not) and shuffled a box with 256 numbers, and carefully placed them in a 16x16 square (think of lottery)…
Seriously, those guys tend to know things about crypto that they prefer to not talk about. And they knew 1975, 15 years before the rest of the world figured it out, that random placement of those numbers in that square is not a good idea, as proved by their work on DES.
So please, those numbers are necessary, and they’re necessarily in this order (as otherwise you’d get a different algorithm), and they very likely in exactly that layout for a good reason. Reading up on crypto algorithms even tells you what to do with them, and the current form and shape of such arrays is more than enough for modification…
But why would you want to modify it?