Algebraic Aspects of the Advanced Encryption Standard ” by Carlos

In their book the authors give an algebraic perspective of the Advanced Encryption Standard (AES). The cipher Rijndael won the AES competition in 2000 after three years of considerations. Unlike many block ciphers known at that time and proposed nowadays, AES-Rijndael has very explicit algebraic description. The rich algebraic structure of the cipher attracted cryptologists from the moment of appearance of Rijndael. The excellent book of Cid et. al. gives exactly an overview of properties of Rijndael from the algebraic point of view. The book is structured as follows. It contains seven chapters and an appendix, among which the first three are introductory, the next three are the core of the book, and there is also a concluding chapter. After giving a short introduction to the topic and historic remarks in Chapter 1, the authors move to giving the necessary algebraic background in Chapter 2. This chapter contains all the algebraic notions one needs for understanding the follow-up chapters. The chapter covers such fundamental topics as groups, rings, and fields; univariate, including the Lagrange Interpolation Formula, and multivariate, including the notion of the polynomial ordering, polynomial rings. Further, necessary notions from linear and matrix algebra are presented using linear and matrix parts of the AES description as examples. As is usual for cryptology, one is dealing with finite fields as an underlying object. So the topic of the finite fields is considered next: which finite fields exist out there and how one works with them efficiently. A quite significant part of the book is devoted to algebraic attacks on the AES, therefore the notion of a Gröbner basis is a central notion for that. The section “Varieties and Gröbner bases” gives a succinct overview of this important area. After providing the reader with necessary tools, the book continues with the actual description of the AES in Chapter 3. While giving a description of the AES, the authors make sure that the algebraic essence of the cipher is seen and the underlying algebraic features are emphasized. In particular, the reader realizes the fact that the nonlinear S-Box transformation in the AES is essentially an inversion operation over the field GF (28), unlike the usual way of defining an S-Box via a look-up table, so that underlying algebraic structure is usually not apparent. The chapter ends with an introduction to the small scale variants of the AES: a handy tool for algebraic attacks considered later on. The next Chapter 4 is devoted to the algebraic properties of the AES. In particular, linear