Paper 2020/546
MixColumns Coefficient Property and Security of the AES with A Secret S-Box
Xin An, Kai Hu, and Meiqin Wang
Abstract
The MixColumns operation is an important component providing diffusion for the AES. The branch number of it ensures that any continuous four rounds of the AES have at least 25 active S-Boxes, which makes the AES secure against the differential and linear cryptanalysis. However, the choices of the coefficients of the MixColumns matrix may undermine the AES security against some novel-type attacks. A particular property of the AES MixColumns matrix coefficient has been noticed in recent papers that \emph{each row or column of the matrix has elements that sum to zero}. Several attacks have been developed taking advantage of the coefficient property. In this paper we investigate further the influence of the specific coefficient property on the AES security. Our target, which is also one of the targets of the previous works, is a 5-round AES variant with a secret S-Box. We will show how we take advantage of the coefficient property to extract the secret key directly without any assistance of the S-Box information. Compared with the previous similar attacks, the present attacks here are the best in terms of the complexity under the chosen-plaintext scenario.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Africacrypt 2020
- Keywords
- AESMixColumnsExchange AttackKey Recovery AttackSecret S-Box
- Contact author(s)
-
anxin19 @ mail sdu edu cn
hukai @ mail sdu edu cn
mqwang @ sdu edu cn - History
- 2020-05-15: received
- Short URL
- https://ia.cr/2020/546
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2020/546, author = {Xin An and Kai Hu and Meiqin Wang}, title = {{MixColumns} Coefficient Property and Security of the {AES} with A Secret S-Box}, howpublished = {Cryptology {ePrint} Archive, Paper 2020/546}, year = {2020}, url = {https://eprint.iacr.org/2020/546} }