Aes Evaluation criteria Initial criteria: 一 Security-randomness,soundness,effort for practical cryptanalysis -Cost-computational efficiency,no licensing fee,small memory -Algorithm implementation characteristics-flexibility,implementable in both software and hardware,simplicity Final criteria -General security-NIST relies on the cryptanalysis by crypto researchers Ease of software hardware implementation 一 Implementation attacks-finding keys based on implementation characteristics .Timing attacks:an encryption or decryption algorithm often takes slightly different amounts of time on different inputs. Power analysis:the power consumed by a smart card at any particular time during the cryptographic operation is related to the instruction being executed and to the data being processed.For example,multiplication consumes more power than addition,and writing 1s consumes more power than writing 0s -Flexibility (encryption,decryption,keying,and other factors) 44 AES Evaluation Criteria  Initial criteria: ─ Security – randomness, soundness, effort for practical cryptanalysis ─ Cost – computational efficiency, no licensing fee, small memory ─ Algorithm & implementation characteristics – flexibility, implementable in both software and hardware, simplicity  Final criteria ─ General security – NIST relies on the cryptanalysis by crypto researchers ─ Ease of software & hardware implementation ─ Implementation attacks – finding keys based on implementation characteristics ● Timing attacks: an encryption or decryption algorithm often takes slightly different amounts of time on different inputs. ● Power analysis: the power consumed by a smart card at any particular time during the cryptographic operation is related to the instruction being executed and to the data being processed. For example, multiplication consumes more power than addition, and writing 1s consumes more power than writing 0s ─ Flexibility (encryption, decryption, keying, and other factors)