On low degree polynomials in 2-round AES
نویسنده
چکیده
Recent observations on polynomial structures of AES-like round functions are analysed in this note. We present computational evidence that input/output bits of AESlike 2-round transform up to 40-bit, constructed with 8-bit AES S-boxes, do not satisfy any relations of degree 3. So it is very unlikely that actual AES 2-round transform admits any relations of degree ≤ 3.
منابع مشابه
Randomizing Polynomials: A New Representation with Applications to Round-Efficient Secure Computation
Motivated by questions about secure multi-party computation, we introduce and study a new natural representation of functions by polynomials, which we term randomizing polynomials. “Standard” low-degree polynomials over a finite field are easy to compute witha small number of communication rounds in virtually any setting for secure computation. However, most Boolean functions cannot be evaluate...
متن کاملSYMAES: A Fully Symbolic Polynomial System Generator for AES-128⋆
SYMAES is a software tool that generates a system of polynomials in GF(2), corresponding to the round transformation and key schedule of the block cipher AES-128 [1]. Most of the existing polynomial system generators for AES are typically used under the assumption that the plaintext and ciphertext bits are known, and therefore are treated as constants. Although some of the generators, such as t...
متن کاملKey Recovery Attacks of Practical Complexity on AES-256 Variants with up to 10 Rounds
AES is the best known and most widely used block cipher. Its three versions (AES-128, AES-192, and AES-256) differ in their key sizes (128 bits, 192 bits and 256 bits) and in their number of rounds (10, 12, and 14, respectively). While for AES-128, there are no known attacks faster than exhaustive search, AES-192 and AES-256 were recently shown to be breakable by attacks which require 2 and 2 t...
متن کاملBiclique Cryptanalysis of the Full AES
Since Rijndael was chosen as the Advanced Encryption Standard (AES), improving upon 7-round attacks on the 128-bit key variant (out of 10 rounds) or upon 8-round attacks on the 192/256-bit key variants (out of 12/14 rounds) has been one of the most difficult challenges in the cryptanalysis of block ciphers for more than a decade. In this paper, we present the novel technique of block cipher cry...
متن کاملThe Effects of the Omission of Last Round's MixColumns on AES
The Advanced Encryption Standard (AES) is the most widely deployed block cipher. It follows the modern iterated block cipher approach, iterating a simple round function multiple times. The last round of AES slightly differs from the others, as a linear mixing operation (called MixColumns) is omitted from it. Following a statement of the designers, it is widely believed that the omission of the ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2016 شماره
صفحات -
تاریخ انتشار 2016