# Understanding Cryptography by Christof Paar and Jan Pelzl - Chapter 4 Solutions - Ex4.15

- 2 mins

## Exercise 4.15

Derive the bit representation for the following round constants within the key schedule:

• RC
• RC
• RC

### Solution

This solution is verified as correct by the official Solutions for Odd-Numbered Questions manual.

Starting from $RC = 01$, $RC[i] = 02 \times RC[i - 1]\,\mathrm{mod}\,P(x)$ where $P(x)$ is the AES polynomial.

As such, the first 10 RC values are as follows:

$R = 1 = 00000001_2 = 01_{16}$ $R = x = 00000010_2 = 02_{16}$ $R = x^2 = 00000100_2 = 04_{16}$ $R = x^3 = 00001000_2 = 08_{16}$ $R = x^4 = 00010000_2 = 10_{16}$ $R = x^5 = 00100000_2 = 20_{16}$ $R = x^6 = 01000000_2 = 40_{16}$ $R = x^7 = 10000000_2 = 80_{16}$ $R = x^4 + x^3 + x + 1 = 00011011_2 = 1B_{16}$ $R = x^5 + x^4 + x^2 + x = 00110110_2 = 36_{16}$

After 8 is where the reduction polynomial comes into play to bring the result back into the field.

I wrote a python script which can calculate any number of RC constants (This uses the Mod2Polynomial class I created for another exercise):