Matrix multiplication via arithmetic progressions
Journal of Symbolic Computation - Special issue on computational algebraic complexity
Almost perfect nonlinear power functions on GF (2n): the Niho case
Information and Computation
The Security of Hidden Field Equations (HFE)
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
Essential Algebraic Structure within the AES
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
On Correlation-Immune Functions
CRYPTO '91 Proceedings of the 11th Annual International Cryptology Conference on Advances in Cryptology
Provable Security Against Differential Cryptanalysis
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Cryptanalysis of Block Ciphers with Probabilistic Non-linear Relations of Low Degree
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
Cryptanalysis of Block Ciphers with Overdefined Systems of Equations
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of Nonlinear Filter Generators
Proceedings of the Third International Workshop on Fast Software Encryption
The Interpolation Attack on Block Ciphers
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Higher order correlation attacks, XL algorithm and cryptanalysis of Toyocrypt
ICISC'02 Proceedings of the 5th international conference on Information security and cryptology
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
General principles of algebraic attacks and new design criteria for cipher components
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
The inverse s-box, non-linear polynomial relations and cryptanalysis of block ciphers
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
Almost perfect nonlinear power functions on GF(2n): the Welch case
IEEE Transactions on Information Theory
On Cryptographically Significant Mappings over GF(2n)
WAIFI '08 Proceedings of the 2nd international workshop on Arithmetic of Finite Fields
Algebraic immunity of S-boxes based on power mappings: analysis and construction
IEEE Transactions on Information Theory
Probabilistic versus deterministic algebraic cryptanalysis: a performance comparison
IEEE Transactions on Information Theory
Algebraic attacks on clock-controlled cascade ciphers
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
Reducing the number of homogeneous linear equations in finding annihilators
SETA'06 Proceedings of the 4th international conference on Sequences and Their Applications
Hi-index | 0.12 |
In this paper we are interested in algebraic immunity of several well known highly-nonlinear vectorial Boolean functions (or S-boxes), designed for block and stream ciphers. Unfortunately, ciphers that use such S-boxes may still be vulnerable to so called “algebraic attacks” proposed recently by Courtois, Pieprzyk, Meier, Armknecht, et al. These attacks are not always feasible in practice but are in general very powerful. They become possible, if we regard the S-boxes, no longer as highly-nonlinear functions of their inputs, but rather exhibit (and exploit) much simpler algebraic equations, that involve both input and the output bits. Instead of complex and “explicit” Boolean functions we have then simple and “implicit” algebraic relations that can be combined to fully describe the secret key of the system. In this paper we look at the number and the type of relations that do exist for several well known components. We wish to correct or/and complete several inexact results on this topic that were presented at FSE 2004. We also wish to bring a theoretical contribution. One of the main problems in the area of algebraic attacks is to prove that some systems of equations (derived from some more fundamental equations), are still linearly independent. We give a complete proof that the number of linearly independent equations for the Rijndael S-box (derived from the basic equation XY = 1) is indeed as reported by Courtois and Pieprzyk. It seems that nobody has so far proven this fundamental statement.