On the Order of Round Components in the AES
نویسنده
چکیده
This paper analyses all 24 possible round constructions using different combinations of the four round components of the AES cipher: SubBytes, ShiftRows, AddRoundKey and MixColumns. We investigate how the different round orderings affect the security of AES against differential, linear, multiset, impossible differential and boomerang attacks. The cryptographic strenght of each cipher variant was measured by the size of each distinguisher, their probability or correlation value and the number of active S-boxes. Our analyses indicate that all these permutations of the AES components have similar cryptographic strength (concerning these five attacks), although there are implementation advantages for certain permutations.
منابع مشابه
Novel Impossible Differential Cryptanalysis of Zorro Block Cipher
Impossible difference attack is a powerful tool for evaluating the security of block ciphers based on finding a differential characteristic with the probability of exactly zero. The linear layer diffusion rate of a cipher plays a fundamental role in the security of the algorithm against the impossible difference attack. In this paper, we show an efficient method, which is independent of the qua...
متن کاملComplementation-Like and Cyclic Properties of AES Round Functions
While it is known previously that the cycle lengths of individual components of the AES round function are very small, we demonstrate here that the cycle length of the S-box combined with the ShiftRow and MixColumn transformation is at least 10. This result is obtained by providing new invariances of the complete AES round function without the key addition. Furthermore, we consider self-duality...
متن کاملTotal break of Zorro using linear and differential attacks
An AES-like lightweight block cipher, namely Zorro, was proposed in CHES 2013. While it has a 16-byte state, it uses only 4 S-Boxes per round. This weak nonlinearity was widely criticized, insofar as it has been directly exploited in all the attacks on Zorro reported by now, including the weak key, reduced round, and even full round attacks. In this paper, using some properties discovered by Wa...
متن کاملHardware Implementation of Dynamic S-BOX to Use in AES Cryptosystem
One of the major cipher symmetric algorithms is AES. Its main feature is to use S-BOX step, which is the only non-linear part of this standard possessing fixed structure. During the previous studies, it was shown that AES standard security was increased by changing the design concepts of S-BOX and production of dynamic S-BOX. In this paper, a change of AES standard security is studied by produc...
متن کاملEnhanced Flush+Reload Attack on AES
In cloud computing, multiple users can share the same physical machine that can potentially leak secret information, in particular when the memory de-duplication is enabled. Flush+Reload attack is a cache-based attack that makes use of resource sharing. T-table implementation of AES is commonly used in the crypto libraries like OpenSSL. Several Flush+Reload attacks on T-table implementat...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- I. J. Network Security
دوره 9 شماره
صفحات -
تاریخ انتشار 2009