Paper 2012/663
Virtual isomorphisms of ciphers: is AES secure against differential / linear attack?
Alexander Rostovtsev
Abstract
In [eprint.iacr.org/2009/117] method of virtual isomorphisms of ciphers was proposed for cryptanalysis. Cipher is vulnerable to an attack iff isomorphic cipher is vulnerable to this attack. That method is based on conjugation, and it is not practical because all round operations except one become nonlinear. New isomorphism of AES is proposed, its image IAES has only one nonlinear operation IXOR - isomorphic image of XOR of 5 bytes. Maximal probabilities of byte differentials are increased about 10-11 times, maximal biases of linear sums are increased about 3.6 times comparatively to original AES. IAES possesses computable family of differentials of IXOR with two active input bytes, zero output difference and probability 1. Zero output difference decreases the rate of multiplication of active nonlinearities in differential characteristic of IAES.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. AES, cryptanalysis , linear cryptanalysis
- Contact author(s)
- alexander rostovtsev @ ibks ftk spbstu ru
- History
- 2012-11-28: received
- Short URL
- https://ia.cr/2012/663
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2012/663, author = {Alexander Rostovtsev}, title = {Virtual isomorphisms of ciphers: is {AES} secure against differential / linear attack?}, howpublished = {Cryptology {ePrint} Archive, Paper 2012/663}, year = {2012}, url = {https://eprint.iacr.org/2012/663} }