Affine equivalence in the AES round function
نویسندگان
چکیده
In this paper, we show that all the coordinate functions of the advanced encryption standard (AES) round function are equivalent under an affine transformation of the input.We also show that such affine relations will always exist if the AES S-box is replaced by any bijective monomial over GF(28). © 2005 Elsevier B.V. All rights reserved.
منابع مشابه
On the Behaviors of Affine Equivalent Sboxes Regarding Differential and Linear Attacks
This paper investigates the effect of affine transformations of the Sbox on the maximal expected differential probability MEDP and linear potential MELP over two rounds of a substitution-permutation network, when the diffusion layer is linear over the finite field defined by the Sbox alphabet. It is mainly motivated by the fact that the 2-round MEDP and MELP of the AES both increase when the AE...
متن کاملA Simplified Representation of AES
We show that the so-called super S-box representation of AES – that provides a simplified view of two consecutive AES rounds – can be further simplified. In the untwisted representation of AES presented here, two consecutive AES rounds are viewed as the composition of a non-linear transformation S and an affine transformation R that respectively operate on the four 32-bit columns and on the fou...
متن کاملChanging probabilities of differentials and linear sums via isomorphisms of ciphers
Ciphers y = C(x, k) and = (, ) are isomorphic if there exists invertible computable in both directions map y ↔ , x ↔ , k ↔ . Cipher is vulnerable if and only if isomorphic cipher is vulnerable. Instead of computing the key of a cipher it is sufficient to find suitable isomorphic cipher and compute its key. If φ is arbitrary substitution and T is round substitution, its conjugate = φTφ...
متن کاملNovel Impossible Differential Cryptanalysis of Zorro Block Cipher
Impossible difference attack is a powerful tool for evaluating the security of block ciphers based on finding a differential characteristic with the probability of exactly zero. The linear layer diffusion rate of a cipher plays a fundamental role in the security of the algorithm against the impossible difference attack. In this paper, we show an efficient method, which is independent of the qua...
متن کاملComplementation-Like and Cyclic Properties of AES Round Functions
While it is known previously that the cycle lengths of individual components of the AES round function are very small, we demonstrate here that the cycle length of the S-box combined with the ShiftRow and MixColumn transformation is at least 10. This result is obtained by providing new invariances of the complete AES round function without the key addition. Furthermore, we consider self-duality...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Discrete Applied Mathematics
دوره 148 شماره
صفحات -
تاریخ انتشار 2005