Paper 2016/141

On low degree polynomials in 2-round AES

Igor Semaev

Abstract

Recent observations on polynomial structures of AES-like round functions are analysed in this note. We present computational evidence that input/output bits of AES-like 2-round transform up to $40$-bit, constructed with $8$-bit AES S-boxes, do not satisfy any relations of degree $3$. So it is very unlikely that actual AES 2-round transform admits any relations of degree $\leq 3$.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Preprint.
Keywords
AESlow degree polynomials
Contact author(s)
igor @ ii uib no
History
2016-02-16: received
Short URL
https://ia.cr/2016/141
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2016/141,
      author = {Igor Semaev},
      title = {On low degree polynomials in 2-round {AES}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2016/141},
      year = {2016},
      url = {https://eprint.iacr.org/2016/141}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.