Cryptology ePrint Archive: Report 2012/663
Virtual isomorphisms of ciphers: is AES secure against differential / linear attack?
Abstract: In [eprint.iacr.org/2009/117] method of virtual isomorphisms of ciphers was proposed for cryptanalysis. Cipher is vulnerable to an attack iff isomorphic cipher is vulnerable to this attack. That method is based on conjugation, and it is not practical because all round operations except one become nonlinear. New isomorphism of AES is proposed, its image IAES has only one nonlinear operation IXOR - isomorphic image of XOR of 5 bytes. Maximal probabilities of byte differentials are increased about 10-11 times, maximal biases of linear sums are increased about 3.6 times comparatively to original AES. IAES possesses computable family of differentials of IXOR with two active input bytes, zero output difference and probability 1. Zero output difference decreases the rate of multiplication of active nonlinearities in differential characteristic of IAES.
Category / Keywords: secret-key cryptography /
Publication Info: AES, cryptanalysis , linear cryptanalysis
Date: received 23 Nov 2012
Contact author: alexander rostovtsev at ibks ftk spbstu ru
Available formats: PDF | BibTeX Citation
Version: 20121128:161741 (All versions of this report)
Discussion forum: Show discussion | Start new discussion
[ Cryptology ePrint archive ]