How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
Markov ciphers and alternating groups
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The Design of Rijndael
Toward Provable Security of Substitution-Permutation Encryption Networks
SAC '98 Proceedings of the Selected Areas in Cryptography
Improving the Upper Bound on the Maximum Average Linear Hull Probability for Rijndael
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
Differential Cryptanalysis of the Full 16-Round DES
CRYPTO '92 Proceedings of the 12th Annual International Cryptology Conference on Advances in Cryptology
The First Experimental Cryptanalysis of the Data Encryption Standard
CRYPTO '94 Proceedings of the 14th Annual International Cryptology Conference on Advances in Cryptology
New Method for Upper Bounding the Maximum Average Linear Hull Probability for SPNs
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
ASIACRYPT '99 Proceedings of the International Conference on the Theory and Applications of Cryptology and Information Security: Advances in Cryptology
On the Pseudorandomness of Top-Level Schemes of Block Ciphers
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Security of Rijndael-Like Structures against Differential and Linear Cryptanalysis
ASIACRYPT '02 Proceedings of the 8th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
New Structure of Block Ciphers with Provable Security against Differential and Linear Cryptanalysis
Proceedings of the Third International Workshop on Fast Software Encryption
FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Provable Security against Differential and Linear Cryptanalysis for the SPN Structure
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
New Results on the Pseudorandomness of Some Blockcipher Constructions
FSE '01 Revised Papers from the 8th International Workshop on Fast Software Encryption
The Round Functions of RIJNDAEL Generate the Alternating Group
FSE '02 Revised Papers from the 9th International Workshop on Fast Software Encryption
Modern Computer Algebra
Markov ciphers and differential cryptanalysis
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
EUROCRYPT'91 Proceedings of the 10th annual international conference on Theory and application of cryptographic techniques
The security of many-round Luby-Rackoff pseudo-random permutations
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Refined analysis of bounds related to linear and differential cryptanalysis for the AES
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
Group theoretic properties of Rijndael-like ciphers
Discrete Applied Mathematics
Dial C for cipher: le chiffrement était presque parfait
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
KFC - The Krazy Feistel Cipher
ASIACRYPT'06 Proceedings of the 12th international conference on Theory and Application of Cryptology and Information Security
| Hi-index | 0.00 |
In this paper we study the substitution-permutation network (SPN) on which AES is based. We introduce AES*, a SPN identical to AES except that fixed S-boxes are replaced by random and independent permutations. We prove that this construction resists linear and differential cryptanalysis with 4 inner rounds only, despite the huge cumulative effect of multipath characteristics that is induced by the symmetries of AES. We show that the DP and LP terms both tend towards 1/(2128−1) very fast when the number of round increases. This proves a conjecture by Keliher, Meijer, and Tavares. We further show that AES*. is immune to any iterated attack of order 1 after 10 rounds only, which substantially improves a previous result by Moriai and Vaudenay.