Security Policy and Mechanism, Block vs Stream Cipher, and AES Key Expansion

Part A: Security Policy and Mechanism

A security policy defines what security goals must be achieved, while a security mechanism defines how those goals are implemented.

Security Policy:

• A set of rules and guidelines that specify what is and isn't allowed in a system
• It is a high-level statement of intent regarding security

Security Mechanism:

• The actual tools, techniques, and procedures used to enforce the security policy
• Includes encryption, access control lists, firewalls, authentication protocols, etc.

Example:

• Policy: "Only authorized employees can access the company's financial database."
• Mechanism: Username/password authentication + role-based access control (RBAC) + encryption of data in transit using TLS.

---

Part B: Difference Between Block Cipher and Stream Cipher

Feature	Block Cipher	Stream Cipher
Input	Encrypts data in fixed-size blocks (e.g., 64 or 128 bits)	Encrypts data one bit or one byte at a time
Speed	Slower for real-time applications	Faster, suitable for real-time streaming
Complexity	More complex implementation	Simpler and requires less code
Error Propagation	Error in one block may affect that entire block	Error affects only the specific bit
Examples	AES, DES, 3DES	RC4, Salsa20, ChaCha20
Key Usage	Same key used for each block	Key combined with a pseudo-random keystream
Use Case	File encryption, database encryption	Wireless communication, SSL/TLS streams

---

Part C: Key Expansion in AES

Key Expansion (also called Key Schedule) is the process of generating multiple round keys from the original cipher key for use in each round of AES encryption.

Overview:

• AES-128 uses a 128-bit key and performs 10 rounds, requiring 11 round keys (one initial + one per round)
• Each round key is 128 bits (4 words of 32 bits each)
• Total words generated = 44 words (for AES-128)

Steps of Key Expansion:

a. The original 128-bit key is divided into 4 words: $W[0], W[1], W[2], W[3]$

b. For each subsequent word $W[i]$ where $i \geq 4$:

• If $i$ is NOT a multiple of 4: $$W[i] = W[i-4] \oplus W[i-1]$$

• If $i$ IS a multiple of 4: $$W[i] = W[i-4] \oplus T(W[i-1])$$

c. The transformation function T involves three operations on $W[i-1]$:

• RotWord: Circular left shift of the 4 bytes by one position
  • e.g., $[B_0, B_1, B_2, B_3] \rightarrow [B_1, B_2, B_3, B_0]$
• SubWord: Each byte is substituted using the AES S-Box (same S-Box used in encryption)
• Rcon XOR: The result is XORed with a round constant $Rcon[i/4]$
  • Rcon values: $Rcon[1] = [01,00,00,00]$, $Rcon[2] = [02,00,00,00]$, etc. (values in GF($2^8$))

Diagrammatic Representation:

Original Key → [W0][W1][W2][W3]
                 ↓
Round 1 Key  → [W4][W5][W6][W7]
                 ↓
Round 2 Key  → [W8][W9][W10][W11]
                 ...
Round 10 Key → [W40][W41][W42][W43]

Where $W[4] = W[0] \oplus T(W[3])$, $W[5] = W[1] \oplus W[4]$, and so on.

Conclusion: Key expansion ensures that each round uses a unique round key derived from the original key, adding complexity and making cryptanalysis significantly harder. The combination of RotWord, SubWord, and Rcon prevents patterns and ensures diffusion across rounds.