Paper 2012/663

Virtual isomorphisms of ciphers: is AES secure against differential / linear attack?

Alexander Rostovtsev

Abstract

In [eprint.iacr.org/2009/117] method of virtual isomorphisms of ciphers was proposed for cryptanalysis. Cipher is vulnerable to an attack iff isomorphic cipher is vulnerable to this attack. That method is based on conjugation, and it is not practical because all round operations except one become nonlinear. New isomorphism of AES is proposed, its image IAES has only one nonlinear operation IXOR - isomorphic image of XOR of 5 bytes. Maximal probabilities of byte differentials are increased about 10-11 times, maximal biases of linear sums are increased about 3.6 times comparatively to original AES. IAES possesses computable family of differentials of IXOR with two active input bytes, zero output difference and probability 1. Zero output difference decreases the rate of multiplication of active nonlinearities in differential characteristic of IAES.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. AES, cryptanalysis , linear cryptanalysis
Contact author(s)
alexander rostovtsev @ ibks ftk spbstu ru
History
2012-11-28: received
Short URL
https://ia.cr/2012/663
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2012/663,
      author = {Alexander Rostovtsev},
      title = {Virtual isomorphisms of ciphers: is AES secure against differential / linear attack?},
      howpublished = {Cryptology ePrint Archive, Paper 2012/663},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/663}},
      url = {https://eprint.iacr.org/2012/663}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.