Is there something special about the AES key expansion algorithm that makes it s

Question

Is there something special about the AES key expansion algorithm that makes it secure, or it is a compromise between security and speed? For example, say with a key I expand it by taking pbkdf2(key) or scrypt(key) as the next round, and scrypt(scrypt(key)) as the round after that, until I have all of my subkeys. Would this be more or less secure than the standing key-generation method, and preferred in the case of having a machine which can perform them both in the same amount of time (impossible I know, but it's hypothetical).

Often I hear the key expansion is the weakest part of AES, but conflictingly that it was designed to prevent the use of "weak keys" which its predecessor suffered from.

Explanation / Answer

The AES key schedule is firstly very fast, and build from a component (the s-box) that is used in the main encryption algorithm, too, so it can be implemented easily, sharing code (in software) or chip area (in hardware).

I'm not sure how the AES key schedule avoids "weak keys"

Related Questions

Navigate

• Browse (All)
• Browse I
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.