Understanding Cryptography by Christof Paar and Jan Pelzl - Chapter 4 Solutions - Ex4.15

- 2 mins

Exercise 4.15

Derive the bit representation for the following round constants within the key schedule:


This solution is verified as correct by the official Solutions for Odd-Numbered Questions manual.

Starting from , where is the AES polynomial.

As such, the first 10 RC values are as follows:

After 8 is where the reduction polynomial comes into play to bring the result back into the field.

I wrote a python script which can calculate any number of RC constants (This uses the Mod2Polynomial class I created for another exercise):

# coding: utf-8
from gf import Mod2Polynomial

if __name__ == "__main__":
    template = u"R[{}] = {} = {}₂ = {}₁₆"
    reduction_polynomial = Mod2Polynomial([1, 1, 0, 1, 1, 0, 0, 0, 1])
    poly = Mod2Polynomial([1])
    p02 = Mod2Polynomial([0, 1])
    print template.format(1, poly, poly.get_binary_representation(), "01")
    for i in range(2, 11):
        previous = poly
        poly = (previous * p02) % reduction_polynomial
        bin_rep = poly.get_binary_representation()
        print template.format(i, poly, bin_rep, hex(int(bin_rep, 2)).lstrip("-0x").zfill(2).upper())

Thomas Busby

Thomas Busby

I write about computing stuff

comments powered by Disqus
rss facebook twitter github youtube mail spotify instagram linkedin google google-plus pinterest medium vimeo stackoverflow reddit quora