🔐 The Role of AES in Blockchain: Securing Off-Chain Data with Symmetric Encryption

When we talk about blockchain, the first cryptographic concepts that come to mind are usually 🔑 public/private keys and 🖊️ digital signatures. While these asymmetric tools form the bedrock of blockchain's trustless architecture, symmetric encryption—especially AES (Advanced Encryption Standard)—plays a crucial, though often behind-the-scenes, role in enhancing security and privacy.

In this post, we’ll explore how AES fits into blockchain applications, especially when it comes to securing off-chain data.

🔎 Why AES in Blockchain?

Blockchain is transparent, immutable, and decentralized—but these strengths can sometimes conflict with data privacy. That's where AES steps in.

🗄️ 1. Encrypting Off-Chain Data

Most blockchains aren’t built for storing large or sensitive files. AES helps keep that data secure outside the chain, while a reference is stored on the chain.

✅ Key Benefits:

🔐 Protect Sensitive Info (e.g., personal records, IP, medical data)
👁️‍🗨️ Preserve Privacy while ensuring data integrity

💡 Real Use Cases:

🚚 Supply Chain: AES encrypts product data off-chain. Blockchain stores a hash for verification.
🏥 Healthcare: AES encrypts patient records. Access control is managed through blockchain logs.

🛡️ 2. Securing Keys and Credentials

Even though blockchain uses public/private keys for transactions, AES protects:

🗝️ Private keys in wallets (encrypted with AES and unlocked via password)
🔑 API keys in dApps and smart contract integrations

🔗 3. Enhancing Hybrid System Security

Real-world applications often blend blockchain with traditional systems.

☁️ Off-chain storage (e.g., cloud databases) is AES-encrypted.
🧾 Blockchain logs ensure integrity and access traceability.

🧠 AES: A Primer on Symmetric Encryption

AES is a symmetric-key algorithm—the same secret key is used for both encryption and decryption.

🔄 AES Encryption Steps:

🔑 Key Expansion
⚡ Initial Round: AddRoundKey (XOR with first round key)
🔁 Main Rounds:
- 🔄 SubBytes
- ↩️ ShiftRows
- 🧪 MixColumns
- ➕ AddRoundKey
🏁 Final Round (No MixColumns)

🔓 Decryption is the reverse using inverse steps and round keys in reverse order.

🛠️ How AES Secures Blockchain Applications (In Practice)

Here's a typical AES usage flow in blockchain ecosystems:

📄 Sensitive data is identified.
🔐 AES encrypts the data using a secure key.
🗄️ Encrypted data is stored off-chain (e.g., cloud, DB).
📌 A hash or reference is stored on-chain.
✅ Authorized users decrypt using the key.

✨ Example:

A pharmaceutical company encrypts temperature logs with AES. These logs are stored off-chain. A hash is saved on-chain. Regulatory bodies can verify the data by decrypting it with the key.

📐 The Math Behind AES

AES isn’t just secure—it’s mathematically elegant, rooted in algebra and finite field theory.

🧩 Key Concepts:

📘 Galois Fields (GF(2⁸))
📊 Polynomial arithmetic
🧮 Matrix multiplication
✖️ Bitwise XOR

🧠 How it Works:

Operation	Purpose	Math Concept Used
🔁 SubBytes	Confusion (non-linearity)	Inverse in GF(2⁸) + affine transform
↪️ ShiftRows	Diffusion	Permutation
📐 MixColumns	More diffusion	Matrix mult. over GF(2⁸)
➕ AddRoundKey	Adds key material	XOR operation

🧩 Key Expansion uses byte rotations, S-box substitution, and XOR with round constants—all based on polynomial math.

🔐 AES Breakdown (Simplified & Clarified)

1. Finite Fields (GF(2⁸)) – "The Clock" Analogy

⏰ What’s the Clock?

Think of a normal clock, but instead of 12 numbers, ours only goes from 0 to 7.
If you add numbers and go past 7, you wrap around to 0 again. That’s modulo 8 arithmetic.
- E.g., 6 + 3 = 9 → 9 mod 8 = 1.

🔢 Why GF(2⁸)?

AES works with bytes (8 bits = values from 0 to 255). So, we need a number system that can work within that range and has predictable math rules.
That system is called GF(2⁸) — a Galois Field with 2⁸ = 256 elements.
Arithmetic is not normal addition/multiplication — it follows special rules using a predefined irreducible polynomial to wrap values.
Crucially, every non-zero value has a multiplicative inverse, which is needed for both encryption and decryption.

2. Polynomial Representation of Bytes

🎯 What Is This?

A byte like 01100010 = 98 in decimal.
View it as a polynomial: x⁶ + x⁵ + x.

Why?

In MixColumns, bytes are treated as coefficients of polynomials.
Operations like multiplication and modular reduction are done on polynomials using GF(2⁸) arithmetic.

3. Bitwise XOR – AddRoundKey

Example:

Plaintext: 1011 (binary)
Key:       0110 (binary)
XOR:       1101 (result)

🔄 Reversible:

Doing XOR again with the same key brings back the original:

1101 XOR 0110 = 1011 (original)

🧠 Why It's Used:

Efficient and easily reversible.
Introduces the key into the state — each round of AES uses a new round key.

4. SubBytes – Using the S-Box

🧱 What Happens:

Each byte is substituted using a fixed S-box — a 16x16 lookup table of 256 values.
Input byte like 0x01 → check row 0, column 1 → Output is 0xFA.

🔍 Why Does 0x01 Become 0xFA?

It's not random:
1. Multiplicative inverse of the byte in GF(2⁸)
  - 0x01's inverse is itself (since 1 * 1 = 1).
2. Affine transformation:
  - A binary matrix transforms the byte further using GF(2) arithmetic (bitwise XORs).

🔐 Why This Matters:

Adds non-linearity, so attackers can’t easily predict output.
Makes AES secure against linear and differential attacks.

5. ShiftRows – Data Scrambling

🧪 Concept:

AES treats data as a 4x4 matrix (16 bytes). ShiftRows changes the positions of bytes like this:

Before	After ShiftRows
Row 0: A B C D	A B C D (no shift)
Row 1: E F G H	F G H E (shift by 1)
Row 2: I J K L	K L I J (shift by 2)
Row 3: M N O P	P M N O (shift by 3)

🎯 Why?

Diffusion: It spreads out byte influence horizontally across the matrix.
Combined with MixColumns (vertical mixing), this ensures every byte influences many others over rounds.

6. MixColumns – Vertical Mixing

🔄 What Happens:

Each column (4 bytes) of the state is multiplied with a fixed 4x4 matrix:

[02 03 01 01]
[01 02 03 01]
[01 01 02 03]
[03 01 01 02]

Matrix Multiplication:

Let’s say a column is [b0, b1, b2, b3]. The new column becomes:

[
  (02•b0) ⊕ (03•b1) ⊕ b2 ⊕ b3,
  b0 ⊕ (02•b1) ⊕ (03•b2) ⊕ b3,
  ...
]

The • is multiplication in GF(2⁸).
The ⊕ is XOR.

📐 Why Use {01}, {02}, {03}?

They provide good diffusion.
If 1 byte in a column changes, all 4 bytes in that column change after MixColumns.

🔍 What Is Modulo x⁴ + 1?

It ensures results stay within degree 3 (4 bytes).
This is equivalent to how wrapping works in normal modular arithmetic but applied to polynomials.

🔑 Key Expansion – Where Round Keys Come From

AES starts with a main secret key (128, 192, or 256 bits).
It expands this into multiple round keys (1 for each round + 1 for the initial step).

Simplified Steps (128-bit Key):

Split into four 4-byte "words": W0, W1, W2, W3
For i ≥ 4:
- If i is multiple of 4:
- Wi = Wi-4 ⊕ SubWord(RotWord(Wi-1)) ⊕ Rcon[i/4]
- Else:
- Wi = Wi-4 ⊕ Wi-1
SubWord = apply S-box to each byte.
RotWord = rotate bytes (e.g. [a, b, c, d] → [b, c, d, a])
Rcon = predefined round constants like 0x01, 0x02, etc.

📌 Why Expand the Key?

Prevents attackers from analyzing a single key and predicting all rounds.
Ensures each round looks different, even if the same plaintext is encrypted.

🔐 AES Breakdown with Clean Flow

1. Key Expansion Clarity

AES starts with a 128-bit key, split into four 32-bit words: W0, W1, W2, W3.

To generate further key words (round keys):

W4 (First word of the second round key):
1. Take W3.
2. Apply RotateWord: Shift its bytes left. If W3 = [a, b, c, d], then RotateWord(W3) = [b, c, d, a].
3. Apply SubBytes to each byte of the rotated word using the S-box: [S(b), S(c), S(d), S(a)].
4. XOR this with the round constant Rcon[1] (e.g., 0x01000000).
5. XOR the result with W0: W4 = W0 XOR SubWord(RotateWord(W3)) XOR Rcon[1]
W5, W6, W7:
These are simple XOR operations:

W5 = W1 XOR W4

W6 = W2 XOR W5

W7 = W3 XOR W6

This continues to generate enough words for all rounds.

Round Key 0 = W0 to W3
Round Key 1 = W4 to W7, etc.

2. Calculating Multiplicative Inverse in GF(2⁸)

To find the multiplicative inverse of a byte (like 0x03) in GF(2⁸):

Convert Hex to Polynomial:

0x03 (binary 00000011) → polynomial x + 1
Use Extended Euclidean Algorithm on:
- a(x) = your byte’s polynomial
- m(x) = irreducible polynomial: x⁸ + x⁴ + x³ + x + 1
Goal:

Find u(x) such that:

a(x) * u(x) ≡ 1 mod m(x)
Result:

u(x) is the inverse of a(x) in GF(2⁸)
Convert u(x) back to binary, then hex.

In practice, this is precomputed and stored in the AES S-box.

3. Affine Transformation: `0x01` → `0xFA`

After finding the multiplicative inverse of a byte, AES applies an affine transformation:

Formula:

y = M * x + v (over GF(2), using XOR)
Matrix M (8×8) and vector v (8×1) are fixed:

M = [1 0 0 0 1 1 1 1]
    [1 1 0 0 0 1 1 1]
    [1 1 1 0 0 0 1 1]
    [1 1 1 1 0 0 0 1]
    [1 1 1 1 1 0 0 0]
    [0 1 1 1 1 1 0 0]
    [0 0 1 1 1 1 1 0]
    [0 0 0 1 1 1 1 1]

v = [0 1 1 0 0 0 1 1]ᵀ

Example: Input: 0x01 → binary 00000001 Multiply M * x, then XOR with v → get transformed binary → convert to hex → 0xFA

4. Modulo `x⁴ + 1` in MixColumns

In MixColumns, each column is treated as a polynomial of degree ≤ 3.

Multiplying two such polynomials gives degree ≤ 6.

To stay within 4 bytes (degree ≤ 3), we reduce modulo x⁴ + 1.

This keeps the structure consistent and ensures efficient polynomial arithmetic in GF(2⁸).

5. MixColumns Matrix

AES uses a fixed 4×4 matrix in MixColumns:

[ 02 03 01 01 ]
[ 01 02 03 01 ]
[ 01 01 02 03 ]
[ 03 01 01 02 ]

These constants (01, 02, 03) represent polynomial multipliers in GF(2⁸).

6. Why Use Small Constants in MixColumns?

Efficiency: Multiplying by 01, 02, or 03 in GF(2⁸) is simple:
- 02 * b = left shift + optional XOR with 0x1B
- 03 * b = 02 * b XOR b
Hardware Friendly: This minimizes computational cost while still achieving strong diffusion.

7. Example: Calculating b'₀ in MixColumns

Given bytes in a column:

b₀ = 0x53, b₁ = 0xCA, b₂ = 0xED, b₃ = 0x23

To compute:

b'₀ = (02 * b₀) XOR (03 * b₁) XOR b₂ XOR b₃

Step-by-step:

02 * 0x53 = left shift = 0xA6
02 * 0xCA = left shift + XOR 0x1B = 0x8F
03 * 0xCA = 0x8F XOR 0xCA = 0x45
Now:

b'₀ = 0xA6 XOR 0x45 XOR 0xED XOR 0x23
       = 0x2D

8. Encrypting the Word "algorithm" Using AES

Why Direct AES on "algorithm" Doesn’t Work:

AES works on 128-bit (16-byte) blocks
"algorithm" = 9 bytes → needs padding
AES needs:
- A secret key
- A mode of operation (e.g., CBC, CTR)
- An initialization vector (IV) or nonce

Hypothetical Example:

Convert "algorithm" to ASCII (hex):

61 6C 67 6F 72 69 74 68 6D
Pad to 16 bytes (e.g., with 0x07 * 7):

61 6C 67 6F 72 69 74 68 6D 07 07 07 07 07 07 07
Use AES key (example):

00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F
Perform AES encryption (10 rounds: SubBytes, ShiftRows, MixColumns, AddRoundKey)

⚠️ Too complex to do manually — use code instead!

Python Example (Using `cryptography` Library):

from cryptography.hazmat.primitives.ciphers import Cipher, algorithms, modes
from cryptography.hazmat.primitives import padding
from cryptography.hazmat.backends import default_backend
import os

message = b"algorithm"
key = os.urandom(32)  # AES-256
iv = os.urandom(16)   # 128-bit IV

# Pad the message
padder = padding.PKCS7(algorithms.AES.block_size).padder()
padded = padder.update(message) + padder.finalize()

# Encrypt
cipher = Cipher(algorithms.AES(key), modes.CBC(iv), backend=default_backend())
encryptor = cipher.encryptor()
ciphertext = encryptor.update(padded) + encryptor.finalize()

# Decrypt (for verification)
decryptor = cipher.decryptor()
decrypted_padded = decryptor.update(ciphertext) + decryptor.finalize()
unpadder = padding.PKCS7(algorithms.AES.block_size).unpadder()
plaintext = unpadder.update(decrypted_padded) + unpadder.finalize()

print("Original:", message.decode())
print("Key:", key.hex())
print("IV:", iv.hex())
print("Ciphertext:", ciphertext.hex())
print("Decrypted:", plaintext.decode())

Input and Key Setup

Padded Block 1 (Hex):

61 6c 67 6f 72 69 74 68 6d 07 07 07 07 07 07 07

(This is "algorithm" followed by PKCS#7 padding to make it 16 bytes.)

Hypothetical 128-bit Key (Hex):

00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f

Conceptual Application of AES Operations (First Round)

🔹 Initial Round: AddRoundKey

XOR the 16-byte plaintext block with the 16-byte round key:

Plaintext:   61 6c 67 6f 72 69 74 68 6d 07 07 07 07 07 07 07  
Key:         00 01 02 03 04 05 06 07 08 09 0a 0b 0c 0d 0e 0f  
XOR Result:  61 6d 65 6c 76 6c 72 6f 65 0e 0d 0c 0b 0a 09 08

This is the state after the initial AddRoundKey step.

🔹 Round 1

1. SubBytes

Each byte in the state is substituted using the AES S-box. For example:

Byte 0x61 → S-box value at row 6, column 1 (e.g., 0xCA)
Byte 0x6D → S-box value at row 6, column D

This step applies to all 16 bytes, transforming the state.

2. ShiftRows

The 4×4 state matrix is rearranged by shifting rows:

Before ShiftRows:          After ShiftRows:

[ b0  b1  b2  b3 ]     →   [ b0  b1  b2  b3 ]  (Row 0: No shift)
[ b4  b5  b6  b7 ]     →   [ b5  b6  b7  b4 ]  (Row 1: Left shift by 1)
[ b8  b9 ba  bb ]     →   [ ba  bb  b8  b9 ]  (Row 2: Left shift by 2)
[ bc  bd be  bf ]     →   [ bf  bc  bd  be ]  (Row 3: Left shift by 3)

3. MixColumns

Each column of the matrix is multiplied by a fixed matrix using arithmetic in GF(2⁸). For a column [s0, s1, s2, s3], it becomes:

s'0 = (02 × s0) ⊕ (03 × s1) ⊕ (01 × s2) ⊕ (01 × s3)  
s'1 = (01 × s0) ⊕ (02 × s1) ⊕ (03 × s2) ⊕ (01 × s3)  
s'2 = (01 × s0) ⊕ (01 × s1) ⊕ (02 × s2) ⊕ (03 × s3)  
s'3 = (03 × s0) ⊕ (01 × s1) ⊕ (01 × s2) ⊕ (02 × s3)

Multiplication by 0x02 in GF(2⁸): left shift + conditional XOR with 0x1B
Multiplication by 0x03: (0x02 × byte) ⊕ byte

4. AddRoundKey

The result of MixColumns is XORed with the next round key, generated via the key expansion algorithm.

🔁 Rounds 2–9

These rounds repeat the same four steps:

SubBytes → ShiftRows → MixColumns → AddRoundKey

🔚 Final Round (Round 10)

The final round omits the MixColumns step and consists of:

SubBytes → ShiftRows → AddRoundKey

✅ Final Output

After 10 rounds, the resulting 16-byte state becomes the ciphertext for the first block of the message "algorithm".

Why I Can't Show the Actual Ciphertext

SubBytes: Requires S-box lookup for each byte
MixColumns: Involves GF(2⁸) multiplication for all 4 columns
Key Expansion: Needs to generate all 11 round keys from the initial key

Doing these computations by hand is tedious, error-prone, and not ideal for this format. Software implementations are designed to handle these operations efficiently and accurately.

Example (If You Used Python)

If you ran the Python code we discussed earlier, you would see output like this (note: values will differ due to random key/IV):

Original Message: algorithm
Key: 8a6d7f2b1e03c95270a4f6d13b8c5e9a17284639d0b5f8a7e1c49362f57a0d1b
IV:  3c1a5f8e2b7d0a194e6c38a5d2f1b097
Ciphertext: f3a2b8c1d4e9a7205b1c8f3a6d9e2b4c
Decrypted Message: algorithm

Note: The ciphertext will be different each time unless you use the same key, IV, and plaintext.

Summary

To get the actual ciphertext for "algorithm" using AES:

Choose a 128-bit key.
Apply padding (if needed).
Decide on an AES mode (e.g., ECB, CBC, CTR).
Use an implementation (like Python's pycryptodome) to perform encryption.

Sure! Here's a clean conclusion along with the real-world applications of AES encryption to wrap up everything we've covered:

✅ Conclusion

AES (Advanced Encryption Standard) is a robust and efficient symmetric encryption algorithm used worldwide to secure digital data. It operates on 128-bit blocks and uses key sizes of 128, 192, or 256 bits, depending on the desired security level.

Through a series of 10 rounds (for AES-128), AES performs multiple mathematical operations — including substitution (SubBytes), permutation (ShiftRows), mixing (MixColumns), and key-dependent transformation (AddRoundKey) — to convert plaintext into ciphertext.

Understanding the internal workings of AES, such as XOR operations, finite field arithmetic (GF(2⁸)), and key expansion, provides valuable insight into how modern encryption ensures data confidentiality.

While performing AES manually is impractical due to its complexity, the conceptual understanding helps demystify the algorithm's strength and design — proving that encryption is not just about secrecy, but also about structured, layered transformation.

🌐 Real-World Applications of AES Encryption

AES is widely adopted due to its balance of security, speed, and simplicity. Some key applications include:

Secure Communications
- Used in HTTPS (SSL/TLS) to encrypt web traffic
- Employed in email encryption (e.g., PGP/GPG)
- Protects messages in instant messaging apps like Signal and WhatsApp
Data Storage and Protection
- Encrypts sensitive data in databases
- Used for file-level and disk-level encryption (e.g., BitLocker, FileVault)
- Cloud services like Google Drive or Dropbox use AES to encrypt stored files
Wireless Security
- Forms the basis of encryption in Wi-Fi standards (WPA2/WPA3)
- Prevents unauthorized access to networks
Mobile and Embedded Devices
- Used to secure data on smartphones, tablets, and IoT devices
- Helps implement end-to-end encryption
Banking and Finance
- Protects transactions, PINs, and customer data in online banking systems
- Used in ATMs, credit card systems, and financial APIs
Government and Military
- AES-256 is approved for encrypting Top Secret information by the U.S. National Security Agency (NSA)
- Ensures secure communications and data exchange between defense agencies

💬 Got Curious About the Math Behind AES?
If you're interested in diving deeper into the mathematics behind AES — like how the S-box is built using finite fields, how MixColumns works with polynomial multiplication in GF(2⁸), or how the key expansion algorithm derives round keys — feel free to leave a comment saying "Need more math!" 🧠✨

I'd be happy to break it down even further in a simple, step-by-step way!
🔐💡 Let’s explore the magic that keeps our digital world secure.