AES Encryption/Decryption using Arduino Uno

1. Description

This tutorial shows how to implement AES encryption and decryption on Arduino Uno/standalone ATmega328P-PU microcontroller systems. This technique could help in securing the communication between this type of devices in order to avoid sniffing and replaying signals by a third-party.

Difficulty level: intermediate.


2. AES (Advanced Encryption Standard) basics

This section briefly introduces the AES encryption / decryption algorithms for a general overview of the process.  Detailed explanations and examples are beyond the scope of this tutorial and could be easily found online (see the references section).

AES is a symmetric block cipher with a block length of 128 bits. It allows using three different key lengths: 128, 192 or 256 bits. The encryption/decryption algorithm consists of several rounds of processing; the number of rounds depends on the key length: 10 rounds for 128-bit keys, 12 rounds for 192-bit keys and 14 rounds for 256-bit keys. Except for the last round, all other rounds are identical. Each round of processing (excepting the last one) includes the following steps:

– one single-byte based substitution (SubBytes/InvSubBytes);
– row-wise permutation (ShiftRows/InvSubRows);
– column-wise mixing (MixColumns/InvMixColumns);
– addition of the round key (AddRoundKey).

Note. The last processing round excludes the column-wise mixing step.

The order in which these steps are executed is different for encryption and decryption. A visual overview of the process is presented in the diagram below:

(click to enlarge)

– AES is a block cypher supporting a block length of 128 bits. For a different data length (not multiple of 128 bits block), padding should be used;
– If data length is multiple of 128 bits blocks, AES CBC (Cipher Blocker Chaining) flavor is preferred over AES ECB (Electronic Codebook); CBC adds more complexity but avoids generating identical ciphertext blocks for corresponding identical plaintext blocks (as in the case of ECB): each  ciphertext block is dependent on all plaintext blocks processed up to that point.

3. Parts

– 1 x Arduino Uno R3.

4. Code

The code below implements AES-CBC encryption/decryption of a plaintext using various key lengths (128 bits, 192 bits and 256 bits). encryption/decryption results as well as timing could be observed in the serial monitor.

5. Additional resources

– Advanced Encryption Standard by Example:
– AES Encryption Library for Arduino and Raspberry Pi:

Leave a Reply