Paper 2018/182
Truncated Differential Properties of the Diagonal Set of Inputs for 5-round AES
Lorenzo Grassi and Christian Rechberger
Abstract
In the last couple of years, a new wave of results appeared, proposing and exploiting new properties of round-reduced AES. In this paper we survey and combine some of these results (namely, the multiple-of-n property and the mixture differential cryptanalysis) in a systematic way in order to answer more general questions regarding the probability distribution of encrypted diagonal sets. This allows to analyze this special set of inputs, and report on new properties regarding the probability distribution of the number of different pairs of corresponding ciphertexts are equal in certain anti-diagonal(s) after 5 rounds. An immediate corollary of the multiple-of-8 property is that the variance of such a distribution can be shown to be higher than for a random permutation. Surprisingly, also the mean of the distribution is significantly different from random, something which cannot be explained by the multiple-of-8 property. We propose a theoretical explanation of this, by assuming an APN-like assumption on the S-Box which closely resembles the AES-Sbox. By combining the multiple-of-8 property, the mixture differential approach, and the results just mentioned about the mean and the variance, we are finally able to formulate the probability distribution of the diagonal set after 5-round AES as a sum of independent binomial distributions.
Note: The paper has been re-organized and re-written in a more formal and shorter way.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Major revision. ACISP 2022
- Keywords
- AESTruncated-Differential CryptanalysisDistinguisherAttack
- Contact author(s)
-
lgrassi @ science ru nl
christian rechberger @ iaik tugraz at - History
- 2022-04-25: last of 6 revisions
- 2018-02-14: received
- See all versions
- Short URL
- https://ia.cr/2018/182
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2018/182, author = {Lorenzo Grassi and Christian Rechberger}, title = {Truncated Differential Properties of the Diagonal Set of Inputs for 5-round {AES}}, howpublished = {Cryptology {ePrint} Archive, Paper 2018/182}, year = {2018}, url = {https://eprint.iacr.org/2018/182} }