(Also lomonster.com and clomont.com)

Chris Lomont's AES Page



Created using Realsoft3D and GIF Construction Set by Chris Lomont

AES - Advanced Encryption Standard


NEW! June 2005

Source version 1.0. See the readme.txt file for what was changed. The older version (0.9) is available here.

Now the interface is much easier to use, and supports ECB and CBC block chaining modes. I plan to implement CFB, OFB, CTR, EAX, and GCM modes soon. Unfortunately, I do not have user defined IV (Initialization Vector) code in yet.

AES is the new US government private key encryption standard (FIPS-197), designed to replace DES. Here is some (free) source code to implement AES, and it is pretty fast.

There are two versions, a slow, direct version implemented in Rijndael.cpp and Rijndael.h, and a fast optimized version in AES.cpp and AES.h. In the fast one the setup and key expansion are not yet optimized, but the encrypt and decrypt are about as fast as I can get them. The Tables below show cycles counts needed to encrypt or decrypt one block of data for the different versions and key and block length combinations defined by the standard.

See the header files or test harness to see how to use the source. 

Testing for the 0.9 version of the source is below, and was done on a PIII 800 MHZ, 128 MB RAM, using Windows 2000, with service pack 1 applied. Code was compiled on Visual C++ 6.0, service pack 4, with default settings for release and debug builds. A 4 cycle better performance over these times can be achieved by turning off exception handling. The cycle counts are averaged from loops of 100,000 runs over each different combination.

A Zipfile with code, VC++.NET 2003 makefiles and test harness.

Legalese: I am not responsible for any damage these downloads cause, etc. Basically you should never trust people on the web.... However, I have used these programs on my system with no problems. If you have any comments, suggestions, or bugs, contact me on my contact page. me.


Fast Version:

(key, block)

(min, avg) encrypt 
(min, avg) decrypt 





























Slow Version:

These cycle counts are probably inaccurate due to Windows 2000 using time slices during the run since the cycle counts are so high. But they show relative cycle counts for the unoptimized version of AES.

(key, block)

(min) encrypt 
(min, avg) decrypt