Paper 2015/212

Analyzing Permutations for AES-like Ciphers: Understanding ShiftRows

Christof Beierle, Philipp Jovanovic, Martin M. Lauridsen, Gregor Leander, and Christian Rechberger


Designing block ciphers and hash functions in a manner that resemble the AES in many aspects has been very popular since Rijndael was adopted as the Advanced Encryption Standard. However, in sharp contrast to the MixColumns operation, the security implications of the way the state is permuted by the operation resembling ShiftRows has never been studied in depth. Here, we provide the first structured study of the influence of ShiftRows-like operations, or more generally, word-wise permutations, in AES-like ciphers with respect to diffusion properties and resistance towards differential- and linear attacks. After formalizing the concept of guaranteed trail weights, we show a range of equivalence results for permutation layers in this context. We prove that the trail weight analysis when using arbitrary word-wise permutations, with rotations as a special case, reduces to a consideration of a specific normal form. Using a mixed-integer linear programming approach, we obtain optimal parameters for a wide range of AES-like ciphers, and show improvements on parameters for Rijndael-192, Rijndael-256, PRIMATEs-80 and Prøst-128. As a separate result, we show for specific cases of the state geometry that a seemingly optimal bound on the trail weight can be obtained using cyclic rotations only for the permutation layer, i.e. in a very implementation friendly way.

Available format(s)
Secret-key cryptography
Publication info
Published elsewhere. MINOR revision.CT-RSA 2015
AESAES-likedifferential cryptanalysislinear cryptanalysisdiffusionoptimizationmixed-integer linear programming
Contact author(s)
mmeh @ dtu dk
2016-01-05: revised
2015-03-06: received
See all versions
Short URL
Creative Commons Attribution


      author = {Christof Beierle and Philipp Jovanovic and Martin M.  Lauridsen and Gregor Leander and Christian Rechberger},
      title = {Analyzing Permutations for AES-like Ciphers: Understanding ShiftRows},
      howpublished = {Cryptology ePrint Archive, Paper 2015/212},
      year = {2015},
      doi = {10.1007/978-3-319-16715-2_3},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.