Essential Algebraic Structure within the AES
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
About the XL algorithm over GF(2)
CT-RSA'03 Proceedings of the 2003 RSA conference on The cryptographers' track
Small scale variants of the AES
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
All in the XL family: theory and practice
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
PRESENT: An Ultra-Lightweight Block Cipher
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Specific S-Box Criteria in Algebraic Attacks on Block Ciphers with Several Known Plaintexts
Research in Cryptology
Algebraic Attacks on the Courtois Toy Cipher
Cryptologia
Cryptographic Properties and Application of a Generalized Unbalanced Feistel Network Structure
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
An Analysis of the Compact XSL Attack on BES and Embedded SMS4
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
MIBS: A New Lightweight Block Cipher
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
New description of SMS4 by an embedding over GF(28)
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Algebraic cryptanalysis of SMS4: gröbner basis attack and SAT attack compared
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Algebraic cryptanalysis of curry and flurry using correlated messages
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Cryptographic properties and application of a Generalized Unbalanced Feistel Network structure
Cryptography and Communications
Algebraic precomputations in differential and integral cryptanalysis
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Automatic search of attacks on round-reduced AES and applications
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Searching for compact algorithms: CGEN
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Constructing single- and multi-output boolean functions with maximal algebraic immunity
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
Block ciphers sensitive to gröbner basis attacks
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
A zero-dimensional gröbner basis for AES-128
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Growth of the ideal generated by a quadratic boolean function
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
On the relation between the MXL family of algorithms and Gröbner basis algorithms
Journal of Symbolic Computation
EPCBC: a block cipher suitable for electronic product code encryption
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
An analysis of XSL Applied to BES
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Hi-index | 0.00 |
The XSL “algorithm” is a method for solving systems of multivariate polynomial equations based on the linearization method. It was proposed in 2002 as a dedicated method for exploiting the structure of some types of block ciphers, for example the AES and Serpent. Since its proposal, the potential for algebraic attacks against the AES has been the source of much speculation. Although it has attracted a lot of attention from the cryptographic community, currently very little is known about the effectiveness of the XSL algorithm. In this paper we present an analysis of the XSL algorithm, by giving a more concise description of the method and studying it from a more systematic point of view. We present strong evidence that, in its current form, the XSL algorithm does not provide an efficient method for solving the AES system of equations.