AES is a substitution-permutation network that runs a set of substitution and permutations over multiple rounds. The key for each round is determined by the AES key schedule.
In each round, the block undergoes the following steps:
- SubBytes: an S-box (substitution box), which takes the multiplicative inverse of the byte over the Galois field and applies affine transformation. The resulting state matrix has the property that there is no such that or (in other words, the S-box wouldn’t map to itself nor would it flip all bits).
- ShiftRows: a transposition cipher that rotate each row of the matrix by a certain amount.
- MixColumns: along with ShiftRows, MixColumns diffuse information throughout each column by applying an invertible linear transformation, where each byte affects the output of other bytes of the column.
- AddRoundKey: the round subkey is XORed with the state matrix.
AES can be optimized by turning SubBytes, ShiftRows, and MixColumns into table lookups.