Advertisement

Understanding Two-Round Differentials in AES

  • Joan Daemen
  • Vincent Rijmen
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4116)

Abstract

In this paper we study the probability of differentials and characteristics over 2 rounds of the AES with the objective to understand how the components of the AES round transformation interact in this respect. We extend and correct the analysis of the differential properties of the multiplicative inverse in GF(2 n ) given in [9]. We study the number of characteristics with EDP >0 whose probability adds up to the probability of a differential and derive formulas that allow to produce a close estimate of this number for any differential. We use the properties discovered in our study to explain the differentials with the maximum EDP values and describe the impact of the linear transformation in the AES S-box in this respect.

Keywords

Vector Space Activity Pattern Linear Transformation Advanced Encryption Standard Hypergeometric Distribution 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Biham, E., Shamir, A.: Differential Cryptanalysis of DES-like Cryptosystems. Journal of Cryptology 4(1), 3–72 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Daemen, J., Rijmen, V.: The design of Rijndael — AES, The Advanced Encryption Standard. Springer, Heidelberg (2002)zbMATHGoogle Scholar
  3. 3.
    Keliher, L.: Refined analysis of bounds related to linear and differential cryptanalysis for the AES. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2005. LNCS, vol. 3373, pp. 42–57. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  4. 4.
    Keliher, L., Sui, J.: Exact maximum expected differential and linear probability for 2-round advanced encryption standard (AES). Cryptology ePrint archive, Report 2005/321 (2005), http://eprint.iacr.org
  5. 5.
    Knudsen, L.R.: Truncated and higher order differentials. In: Preneel, B. (ed.) FSE 1994. LNCS, vol. 1008, pp. 196–211. Springer, Heidelberg (1995)Google Scholar
  6. 6.
    Lai, X., Massey, J.L., Murphy, S.: Markov Ciphers and Differential Cryptanalysis. In: Davies, D.W. (ed.) EUROCRYPT 1991. LNCS, vol. 547, pp. 17–38. Springer, Heidelberg (1991)Google Scholar
  7. 7.
    Lidl, R., Niederreiter, H.: Introduction to finite fields and their applications. Cambridge University Press, Cambridge (1986) (reprinted 1988)zbMATHGoogle Scholar
  8. 8.
  9. 9.
    Nyberg, K.: Differentially uniform mappings for cryptography. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 55–64. Springer, Heidelberg (1994)Google Scholar
  10. 10.
    Park, S., Sung, S.H., Chee, S., Yoon, E.-J., Lim, J.: On the security of Rijndael-like structures against differential and linear cryptanalysis. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 176–191. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  11. 11.
    Park, S., Sung, S.H., Lee, S., Lim, J.: Improving the upper bound on the maximum differential and the maximum linear hull probability for SPN structures and AES. In: Johansson, T. (ed.) FSE 2003. LNCS, vol. 2887, pp. 247–260. Springer, Heidelberg (2003)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Joan Daemen
    • 1
  • Vincent Rijmen
    • 2
    • 3
  1. 1.STMicroelectronicsBelgium
  2. 2.IAIK, Graz University of Technology 
  3. 3.Cryptomathic A/S 

Personalised recommendations