Score:1

Can you decode aes by hand if you have the key?

us flag

I made a javascript aes encryption program and I do have the key to what I encrypted. Is there a way to use that key and figure out what was encrpyted without help of a program? I encrypted "Hello" with the key 2892 and got EQ/9Yt/IvIAmtF0wKYbb3+XYUOKuKlxJ. Is there a way to apply the key to the characters and fully decode what it says without making a program to do it for me? This is just so I can practice and yes I do know that I already have the text.

SAI Peregrinus avatar
si flag
"Hello" isn't 128 bits. 2892 isn't 128, 192, or 256 bits. AES is only defined for block sizes of 128 bits, and for key sizes of 128, 192, or 256 bits. Whatever you used, it wasn't (just) AES. It may have been a mode of operation using AES, but it definitely wasn't pure AES. Not that anyone encrypts anything without a mode of operation, that'd be silly, but you have to know which mode was used to decrypt.
Score:5
in flag

It would take you a while, but yes. You'd have to print out several tables that calculate things for you like $GF(256)$ field multiplication and inversion, but you could do it. It would be slow and tedious for sure, but doable.

us flag
Well, you don't *have* to print them out...
Fractalice avatar
in flag
Instead of inversion you'd just print the S-box. Also, probably even glued with multiplications by 1, 2, 3. The rest is arranging things rightly and xoring (with subkeys too). Writing things in hex could help, so that xoring is only a 16x16 table (which can be easily learnt).
Score:2
ca flag

The easiest way to look "under the hood" of AES is likely one of the many AES in Excel spreadsheets that are floating around: https://www.nayuki.io/page/aes-cipher-internals-in-excel

You will also need to sort out how the initial message was padded because the AES block size is 128-bits, and "Hello" is not 128-bits. There is a value to going through the s-box mathematics and the flow, but I would not suggest that anyone do the cipher completely by hand.

kelalaka avatar
in flag
FYI, The base article goes long before that http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.107.5405 The site to download may require WebArchive.
b degnan avatar
ca flag
@kelalaka ooh, good link
kelalaka avatar
in flag
You can write a better answer with that; The first educative try to ..... Hand calculations are error-prone... Using Excel will help you follow the calculations... And some extract from the abstract would be nice, too ( if the aim was understanding, etc.. ).
b degnan avatar
ca flag
@kelalaka I will if I get a few moments free. Too many external pressures recently.
Score:0
us flag

It would be very long (if it is even feasible) given that it continues at least ten rounds.

If you want to do something manageable, you can practice with the simplified aes, which is made precisely for practicing by hand tasks. It continues only two rounds and reduced parameters.

If you want to decode the real AES, my advice is to try to do one round of it and see if it is manageable with its real parameters.

Chrᴉz remembers Monica avatar
us flag
Please add some content to answer the actual question: Is it possible to decrypt aes by hand? Otherwise, this should be a comment, not an answer
Score:0
in flag

As others have said, yes, you can do it by hand. I'm not aware of any task a conventional (ie not quantic) computer can do and you cannot. However, it could be that some tasks they can perform in one second would take a human an entire life.

Also, as pointed in one comment, what you have here is not "pure" AES. AES takes 128 bits blocks, and keys of varied size (64, 128, 256). Your input, assuming UTF-8 encoding, would be 32 bits long (and usually would be padded), your key assuming UTF-8 is also 32 bits long (could also have been using as 16 bits integer). And your output is 32 "characters", which assuming UTF-8 is 256 bits. Your output, very surprisingly, is also entirely made of "printable characters" (letters, symbols and digits). It is very unlikely that AES would have such an output (except maybe some of the bad modes that are to be avoided). I thus highly suspect your output is encoded using... something... It "looks like" Base64 (it is compatible with its default charset), except it's too long to encode 128 bits.

Conclusion: yes it can be done, but don't try comparing what you'd do by hand with what you have here. Here, some extra processing has been done.

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.