Cryptology ePrint Archive: Report 2012/663

Virtual isomorphisms of ciphers: is AES secure against differential / linear attack?

Alexander Rostovtsev

Abstract: In [eprint.iacr.org/2009/117] method of virtual isomorphisms of ciphers was proposed for cryptanalysis. Cipher is vulnerable to an attack iff isomorphic cipher is vulnerable to this attack. That method is based on conjugation, and it is not practical because all round operations except one become nonlinear. New isomorphism of AES is proposed, its image IAES has only one nonlinear operation IXOR - isomorphic image of XOR of 5 bytes. Maximal probabilities of byte differentials are increased about 10-11 times, maximal biases of linear sums are increased about 3.6 times comparatively to original AES. IAES possesses computable family of differentials of IXOR with two active input bytes, zero output difference and probability 1. Zero output difference decreases the rate of multiplication of active nonlinearities in differential characteristic of IAES.

Category / Keywords: secret-key cryptography /

Publication Info: AES, cryptanalysis , linear cryptanalysis

Date: received 23 Nov 2012

Contact author: alexander rostovtsev at ibks ftk spbstu ru

Available format(s): PDF | BibTeX Citation

Version: 20121128:161741 (All versions of this report)

Short URL: ia.cr/2012/663

Discussion forum: Show discussion | Start new discussion