Paper 2002/111

On Linear Redundancy in the AES S-Box

Joanne Fuller and William Millan

Abstract

We show the existence of a previously unknown linear redundancy property of the only nonlinear component of the AES block cipher. It is demonstrated that the outputs of the 8*8 Rijndael s-box (based on inversion in a finite field) are all equivalent under affine transformation. The method used to discover these affine relations is novel and exploits a new fundamental result on the invariance properties of local connection structure of affine equivalence classes. As well as increasing existing concerns about the security of the AES, these results may also have serious consequences for many other ciphers recently proposed for standardisation.

Metadata
Available format(s)
PS
Publication info
Published elsewhere. Unknown where it was published
Keywords
boolean functionsAES
Contact author(s)
fuller @ isrc qut edu au
History
2002-08-05: received
Short URL
https://ia.cr/2002/111
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2002/111,
      author = {Joanne Fuller and William Millan},
      title = {On Linear Redundancy in the AES S-Box},
      howpublished = {Cryptology ePrint Archive, Paper 2002/111},
      year = {2002},
      note = {\url{https://eprint.iacr.org/2002/111}},
      url = {https://eprint.iacr.org/2002/111}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.