How to construct pseudorandom permutations from pseudorandom functions
SIAM Journal on Computing - Special issue on cryptography
Matrix multiplication via arithmetic progressions
Journal of Symbolic Computation - Special issue on computational algebraic complexity
Differentially uniform mappings for cryptography
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The Security of Hidden Field Equations (HFE)
CT-RSA 2001 Proceedings of the 2001 Conference on Topics in Cryptology: The Cryptographer's Track at RSA
A Simple Algebraic Representation of Rijndael
SAC '01 Revised Papers from the 8th Annual International Workshop on Selected Areas in Cryptography
Cryptanalysis of the HFE Public Key Cryptosystem by Relinearization
CRYPTO '99 Proceedings of the 19th Annual International Cryptology Conference on Advances in Cryptology
Essential Algebraic Structure within the AES
CRYPTO '02 Proceedings of the 22nd Annual International Cryptology Conference on Advances in Cryptology
Cryptoanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt'88
CRYPTO '95 Proceedings of the 15th Annual International Cryptology Conference on Advances in Cryptology
Structural Cryptanalysis of SASAS
EUROCRYPT '01 Proceedings of the International Conference on the Theory and Application of Cryptographic Techniques: Advances in Cryptology
EUROCRYPT '02 Proceedings of the International Conference on the Theory and Applications of Cryptographic Techniques: Advances in Cryptology
On the Pseudorandomness of Top-Level Schemes of Block Ciphers
ASIACRYPT '00 Proceedings of the 6th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Generic Attacks on Feistel Schemes
ASIACRYPT '01 Proceedings of the 7th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
On the Decorrelated Fast Cipher (DFC) and Its Theory
FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Improved Cryptanalysis of Rijndael
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Solving Underdefined Systems of Multivariate Quadratic Equations
PKC '02 Proceedings of the 5th International Workshop on Practice and Theory in Public Key Cryptosystems: Public Key Cryptography
Structured Design of Substitution-Permutation Encryption Networks
IEEE Transactions on Computers
EUROCRYPT'96 Proceedings of the 15th annual international conference on Theory and application of cryptographic techniques
Efficient algorithms for solving overdefined systems of multivariate polynomial equations
EUROCRYPT'00 Proceedings of the 19th international conference on Theory and application of cryptographic techniques
Environment-independent performance analyses of cryptographic algorithms
ACSC '03 Proceedings of the 26th Australasian computer science conference - Volume 16
New method to determine algebraic expression of Rijndael S-box
InfoSecu '04 Proceedings of the 3rd international conference on Information security
Concatenating Indicators of Flats for Designing Cryptographic Functions
Designs, Codes and Cryptography
Basic Theory in Construction of Boolean Functions with Maximum Possible Annihilator Immunity
Designs, Codes and Cryptography
Survey and benchmark of block ciphers for wireless sensor networks
ACM Transactions on Sensor Networks (TOSN)
Multi-objective optimisation of bijective S-boxes
New Generation Computing - Evolutionary computation
A survey of recent developments in cryptographic algorithms for smart cards
Computer Networks: The International Journal of Computer and Telecommunications Networking
Adaptive loops with kaapi on multicore and grid: applications in symmetric cryptography
Proceedings of the 2007 international workshop on Parallel symbolic computation
Cryptographic strength of ssl/tls servers: current and recent practices
Proceedings of the 7th ACM SIGCOMM conference on Internet measurement
Impossible differential cryptanalysis of reduced-round ARIA and Camellia
Journal of Computer Science and Technology
Differential fault analysis on the ARIA algorithm
Information Sciences: an International Journal
Solving Multiple Right Hand Sides linear equations
Designs, Codes and Cryptography
On the Classification of 4 Bit S-Boxes
WAIFI '07 Proceedings of the 1st international workshop on Arithmetic of Finite Fields
PRESENT: An Ultra-Lightweight Block Cipher
CHES '07 Proceedings of the 9th international workshop on Cryptographic Hardware and Embedded Systems
Specific S-Box Criteria in Algebraic Attacks on Block Ciphers with Several Known Plaintexts
Research in Cryptology
The Dragon Stream Cipher: Design, Analysis, and Implementation Issues
New Stream Cipher Designs
New Stream Cipher Designs
Information Security and Cryptology
Algebraic and Slide Attacks on KeeLoq
Fast Software Encryption
A Meet-in-the-Middle Attack on 8-Round AES
Fast Software Encryption
On Cryptographically Significant Mappings over GF(2n)
WAIFI '08 Proceedings of the 2nd international workshop on Arithmetic of Finite Fields
On the Number of Linearly Independent Equations Generated by XL
SETA '08 Proceedings of the 5th international conference on Sequences and Their Applications
On the Higher Order Nonlinearities of Boolean Functions and S-Boxes, and Their Generalizations
SETA '08 Proceedings of the 5th international conference on Sequences and Their Applications
A Five-Round Algebraic Property of the Advanced Encryption Standard
ISC '08 Proceedings of the 11th international conference on Information Security
Algebraic Attacks on the Courtois Toy Cipher
Cryptologia
Secure PRNGs from Specialized Polynomial Maps over Any $\mathbb{F}_{q}$
PQCrypto '08 Proceedings of the 2nd International Workshop on Post-Quantum Cryptography
Algebraic Description and Simultaneous Linear Approximations of Addition in Snow 2.0.
ICICS '08 Proceedings of the 10th International Conference on Information and Communications Security
3D: A Three-Dimensional Block Cipher
CANS '08 Proceedings of the 7th International Conference on Cryptology and Network Security
ASIACRYPT '08 Proceedings of the 14th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Phase transition of multivariate polynomial systems
Mathematical Structures in Computer Science
Information Security and Cryptology --- ICISC 2008
Cube Attacks on Tweakable Black Box Polynomials
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
CT-RSA '09 Proceedings of the The Cryptographers' Track at the RSA Conference 2009 on Topics in Cryptology
Further properties of several classes of Boolean functions with optimum algebraic immunity
Designs, Codes and Cryptography
Cryptographic Properties and Application of a Generalized Unbalanced Feistel Network Structure
ACISP '09 Proceedings of the 14th Australasian Conference on Information Security and Privacy
Interactions between computer algebra (Gröbner bases) and cryptology
Proceedings of the 2009 international symposium on Symbolic and algebraic computation
A five-round algebraic property of AES and its application to the ALPHA-MAC
International Journal of Applied Cryptography
Practical Algebraic Attacks on the Hitag2 Stream Cipher
ISC '09 Proceedings of the 12th International Conference on Information Security
Algebraic Side-Channel Attacks on the AES: Why Time also Matters in DPA
CHES '09 Proceedings of the 11th International Workshop on Cryptographic Hardware and Embedded Systems
Constructing symmetric boolean functions with maximum algebraic immunity
IEEE Transactions on Information Theory
Algebraic immunity of S-boxes based on power mappings: analysis and construction
IEEE Transactions on Information Theory
Linear (Hull) and Algebraic Cryptanalysis of the Block Cipher PRESENT
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
An Analysis of the Compact XSL Attack on BES and Embedded SMS4
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
MIBS: A New Lightweight Block Cipher
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Construction of Rotation Symmetric Boolean Functions with Maximum Algebraic Immunity
CANS '09 Proceedings of the 8th International Conference on Cryptology and Network Security
Improved Meet-in-the-Middle Attacks on AES
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
Quadratic Equations from a Kind of S-boxes
Information Security Applications
Probabilistic versus deterministic algebraic cryptanalysis: a performance comparison
IEEE Transactions on Information Theory
Virtual reality applied to the management, planning and optimization of surgical interventions
BIOCOMPUCHEM'09 Proceedings of the 3rd WSEAS International Conference on Computational Chemistry
Differential properties of power functions
International Journal of Information and Coding Theory
Dial C for cipher: le chiffrement était presque parfait
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
When stream cipher analysis meets public-key cryptography
SAC'06 Proceedings of the 13th international conference on Selected areas in cryptography
High order linearization equation (HOLE) attack on multivariate public key cryptosystems
PKC'07 Proceedings of the 10th international conference on Practice and theory in public-key cryptography
VECPAR'06 Proceedings of the 7th international conference on High performance computing for computational science
A toolbox for cryptanalysis: linear and affine equivalence algorithms
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Algebraic attacks on stream ciphers with linear feedback
EUROCRYPT'03 Proceedings of the 22nd international conference on Theory and applications of cryptographic techniques
Phase transition of multivariate polynomial systems
TAMC'07 Proceedings of the 4th international conference on Theory and applications of models of computation
On the security of the LILI family of stream ciphers against algebraic attacks
ACISP'07 Proceedings of the 12th Australasian conference on Information security and privacy
Analysis of multivariate hash functions
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
New description of SMS4 by an embedding over GF(28)
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
ICISS'07 Proceedings of the 3rd international conference on Information systems security
Algebraic cryptanalysis of the data encryption standard
Cryptography and Coding'07 Proceedings of the 11th IMA international conference on Cryptography and coding
Improving integral attacks against Rijndael-256 up to 9 rounds
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
A very compact "Perfectly masked" S-box for AES
ACNS'08 Proceedings of the 6th international conference on Applied cryptography and network security
Password recovery for encrypted ZIP archives using GPUs
Proceedings of the 2010 Symposium on Information and Communication Technology
An analysis of the RC4 family of stream ciphers against algebraic attacks
AISC '10 Proceedings of the Eighth Australasian Conference on Information Security - Volume 105
AISC '09 Proceedings of the Seventh Australasian Conference on Information Security - Volume 98
Algebraic cryptanalysis of SMS4: gröbner basis attack and SAT attack compared
ICISC'09 Proceedings of the 12th international conference on Information security and cryptology
Z4-Nonlinearity of a constructed quaternary cryptographic functions class
SETA'10 Proceedings of the 6th international conference on Sequences and their applications
Solving equation systems by agreeing and learning
WAIFI'10 Proceedings of the Third international conference on Arithmetic of finite fields
Upper bound for algebraic immunity on a subclass of Maiorana McFarland class of bent functions
Information Processing Letters
Cryptanalysis of a generalized unbalanced feistel network structure
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Side-channel analysis of the K2 stream cipher
ACISP'10 Proceedings of the 15th Australasian conference on Information security and privacy
Linearity within the SMS4 block cipher
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Algebraic cryptanalysis of curry and flurry using correlated messages
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Algebraic side-channel attacks
Inscrypt'09 Proceedings of the 5th international conference on Information security and cryptology
Hill climbing algorithms and Trivium
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
Cryptographic properties and application of a Generalized Unbalanced Feistel Network structure
Cryptography and Communications
Algebraic techniques in differential cryptanalysis revisited
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
Algebraic precomputations in differential and integral cryptanalysis
Inscrypt'10 Proceedings of the 6th international conference on Information security and cryptology
Automatic search of attacks on round-reduced AES and applications
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
On equivalence classes of boolean functions
ICISC'10 Proceedings of the 13th international conference on Information security and cryptology
An improvement of linearization-based algebraic attacks
InfoSecHiComNet'11 Proceedings of the First international conference on Security aspects in information technology
International Journal of Applied Mathematics and Computer Science
Algebraic analysis of GOST encryption algorithm
Proceedings of the 4th international conference on Security of information and networks
A different algebraic analysis of the ZUC stream cipher
Proceedings of the 4th international conference on Security of information and networks
Algebraic analysis of the SSS stream cipher
Proceedings of the 4th international conference on Security of information and networks
International Journal of Sensor Networks
FOX: a new family of block ciphers
SAC'04 Proceedings of the 11th international conference on Selected Areas in Cryptography
Searching for compact algorithms: CGEN
VIETCRYPT'06 Proceedings of the First international conference on Cryptology in Vietnam
Algebraic attacks on clock-controlled cascade ciphers
INDOCRYPT'06 Proceedings of the 7th international conference on Cryptology in India
SEA: a scalable encryption algorithm for small embedded applications
CARDIS'06 Proceedings of the 7th IFIP WG 8.8/11.2 international conference on Smart Card Research and Advanced Applications
Constructing single- and multi-output boolean functions with maximal algebraic immunity
ICALP'06 Proceedings of the 33rd international conference on Automata, Languages and Programming - Volume Part II
An analysis of the XSL algorithm
ASIACRYPT'05 Proceedings of the 11th international conference on Theory and Application of Cryptology and Information Security
Open problems related to algebraic attacks on stream ciphers
WCC'05 Proceedings of the 2005 international conference on Coding and Cryptography
On bent and highly nonlinear balanced/resilient functions and their algebraic immunities
AAECC'06 Proceedings of the 16th international conference on Applied Algebra, Algebraic Algorithms and Error-Correcting Codes
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
The ANF of the composition of addition and multiplication mod 2n
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Small scale variants of the AES
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
Two attacks against the HBB stream cipher
FSE'05 Proceedings of the 12th international conference on Fast Software Encryption
HIGHT: a new block cipher suitable for low-resource device
CHES'06 Proceedings of the 8th international conference on Cryptographic Hardware and Embedded Systems
New cryptographic applications of boolean function equivalence classes
ACISP'05 Proceedings of the 10th Australasian conference on Information Security and Privacy
Block ciphers sensitive to gröbner basis attacks
CT-RSA'06 Proceedings of the 2006 The Cryptographers' Track at the RSA conference on Topics in Cryptology
A zero-dimensional gröbner basis for AES-128
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Upper bounds on algebraic immunity of boolean power functions
FSE'06 Proceedings of the 13th international conference on Fast Software Encryption
Differential cryptanalysis of PP-1 cipher
Annales UMCS, Informatica - Cryptography and data protection
ECRYPT: the cryptographic research challenges for the next decade
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
SCN'04 Proceedings of the 4th international conference on Security in Communication Networks
Resistance of SNOW 2.0 against algebraic attacks
CT-RSA'05 Proceedings of the 2005 international conference on Topics in Cryptology
A three rounds property of the AES
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
Some algebraic aspects of the advanced encryption standard
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
General principles of algebraic attacks and new design criteria for cipher components
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
Representations and rijndael descriptions
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
The inverse s-box, non-linear polynomial relations and cryptanalysis of block ciphers
AES'04 Proceedings of the 4th international conference on Advanced Encryption Standard
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Results on algebraic immunity for cryptographically significant boolean functions
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Faster variants of the MESH block ciphers
INDOCRYPT'04 Proceedings of the 5th international conference on Cryptology in India
Algebraic attacks on combiners with memory and several outputs
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
Dragon: a fast word based stream cipher
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
All in the XL family: theory and practice
ICISC'04 Proceedings of the 7th international conference on Information Security and Cryptology
ISPEC'10 Proceedings of the 6th international conference on Information Security Practice and Experience
Reducing the number of homogeneous linear equations in finding annihilators
SETA'06 Proceedings of the 4th international conference on Sequences and Their Applications
Growth of the ideal generated by a quadratic boolean function
PQCrypto'10 Proceedings of the Third international conference on Post-Quantum Cryptography
Efficient computation of algebraic immunity for algebraic and fast algebraic attacks
EUROCRYPT'06 Proceedings of the 24th annual international conference on The Theory and Applications of Cryptographic Techniques
Algebraic attacks on clock-controlled stream ciphers
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
On exact algebraic [non-]immunity of s-boxes based on power functions
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
Fault attacks on combiners with memory
SAC'05 Proceedings of the 12th international conference on Selected Areas in Cryptography
Characterisations of extended resiliency and extended immunity of s-boxes
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Integral cryptanalysis of reduced FOX block cipher
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Increasing block sizes using feistel networks: the example of the AES
Cryptography and Security
On the relation between the MXL family of algorithms and Gröbner basis algorithms
Journal of Symbolic Computation
Cryptographic analysis of all 4 × 4-bit s-boxes
SAC'11 Proceedings of the 18th international conference on Selected Areas in Cryptography
An automatic, time-based, secure pairing protocol for passive RFID
RFIDSec'11 Proceedings of the 7th international conference on RFID Security and Privacy
EPCBC: a block cipher suitable for electronic product code encryption
CANS'11 Proceedings of the 10th international conference on Cryptology and Network Security
COSADE'12 Proceedings of the Third international conference on Constructive Side-Channel Analysis and Secure Design
Public-Key cryptography from new multivariate quadratic assumptions
PKC'12 Proceedings of the 15th international conference on Practice and Theory in Public Key Cryptography
Linear fault analysis of block ciphers
ACNS'12 Proceedings of the 10th international conference on Applied Cryptography and Network Security
The 128-bit blockcipher CLEFIA
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
An analysis of XSL Applied to BES
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Algebraic immunity of S-boxes and augmented functions
FSE'07 Proceedings of the 14th international conference on Fast Software Encryption
Cryptanalysis of WG-7: a lightweight stream cipher
Cryptography and Communications
A methodology for differential-linear cryptanalysis and its applications
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Solving quadratic equations with XL on parallel architectures
CHES'12 Proceedings of the 14th international conference on Cryptographic Hardware and Embedded Systems
Security margin evaluation of SHA-3 contest finalists through SAT-Based attacks
CISIM'12 Proceedings of the 11th IFIP TC 8 international conference on Computer Information Systems and Industrial Management
On the algebraic attack against summation type keystream generators
International Journal of Information and Computer Security
Solving polynomial systems over finite fields: improved analysis of the hybrid approach
Proceedings of the 37th International Symposium on Symbolic and Algebraic Computation
Computer Methods and Programs in Biomedicine
S-box construction from non-permutation power functions
Proceedings of the 6th International Conference on Security of Information and Networks
Light-weight primitive, feather-weight security: a cryptanalytic knock-out
Proceedings of the Workshop on Embedded Systems Security
COSADE'13 Proceedings of the 4th international conference on Constructive Side-Channel Analysis and Secure Design
A new model for error-tolerant side-channel cube attacks
CHES'13 Proceedings of the 15th international conference on Cryptographic Hardware and Embedded Systems
Algebraic attacks on a class of stream ciphers with unknown output function
Designs, Codes and Cryptography
| Hi-index | 0.18 |
Several recently proposed ciphers, for example Rijndael and Serpent, are built with layers of small S-boxes interconnected by linear key-dependent layers. Their security relies on the fact, that the classical methods of cryptanalysis (e.g. linear or differential attacks) are based on probabilistic characteristics, which makes their security grow exponentially with the number of rounds Nr.In this paper we study the security of such ciphers under an additional hypothesis: the S-box can be described by an overdefined system of algebraic equations (true with probability 1). We show that this is true for both Serpent (due to a small size of S-boxes) and Rijndael (due to unexpected algebraic properties). We study general methods known for solving overdefined systems of equations, such as XL from Eurocrypt'00, and show their inefficiency. Then we introduce a new method called XSL that uses the sparsity of the equations and their specific structure.The XSL attack uses only relations true with probability 1, and thus the security does not have to grow exponentially in the number of rounds. XSL has a parameter P, and from our estimations is seems that P should be a constant or grow very slowly with the number of rounds. The XSL attack would then be polynomial (or subexponential) in Nr, with a huge constant that is double-exponential in the size of the S-box. The exact complexity of such attacks is not known due to the redundant equations. Though the presented version of the XSL attack always gives always more than the exhaustive search for Rijndael, it seems to (marginally) break 256-bit Serpent. We suggest a new criterion for design of S-boxes in block ciphers: they should not be describable by a system of polynomial equations that is too small or too overdefined.