A Zero-Dimensional Gröbner Basis for AES-128

  • Johannes Buchmann
  • Andrei Pyshkin
  • Ralf-Philipp Weinmann
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4047)

Abstract

We demonstrate an efficient method for computing a Gröbner basis of a zero-dimensional ideal describing the key-recovery problem from a single plaintext/ciphertext pair for the full AES-128. This Gröbner basis is relative to a degree-lexicographical order. We investigate whether the existence of this Gröbner basis has any security implications for the AES.

Keywords

block ciphers Gröbner bases AES Rijndael 

References

  1. 1.
    Bayer, D., Stillman, M.: On the complexity of computing syzygies. Journal of Symbolic Computation 6(2/3), 135–147 (1988)MATHCrossRefMathSciNetGoogle Scholar
  2. 2.
    Becker, T., Weispfenning, V.: Gröbner Bases – A Computational Approach to Commutative Algebra. Springer, Heidelberg (1991)Google Scholar
  3. 3.
    Buchberger, B.: Ein Algorithmus zum Auffinden der Basiselemente des Restklassenringes nach einem nulldimensionalen Polynomideal. PhD thesis, University of Innsbruck, Austria (1965)Google Scholar
  4. 4.
    Buchberger, B.: A criterion for Detecting Unnecessary Reductions in the Construction of Groebner Bases, London, UK, Johannes Kepler University Linz, vol. 72, pp. 3–21. Springer, Heidelberg (1979)Google Scholar
  5. 5.
    Buchmann, J., Pyshkin, A., Weinmann, R.-P.: Block Ciphers Sensitive to Gröbner Basis Attacks. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 313–331. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  6. 6.
    Cid, C., Leurent, G.: An analysis of the XSL Algorithm. In: Roy, B. (ed.) ASIACRYPT 2005. LNCS, vol. 3788, pp. 333–352. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  7. 7.
    Collart, S., Kalkbrener, M., Mall, D.: Converting Bases with the Gröbner Walk. Journal of Symbolic Computation 24(3/4), 465–469 (1997)MATHCrossRefMathSciNetGoogle Scholar
  8. 8.
    Courtois, N., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  9. 9.
    Cox, D.A., Little, J.B., O’Shea, D.: Ideals, Varieties, and Algorithms, 2nd edn., p. 536. Springer, New York (1996)MATHGoogle Scholar
  10. 10.
    Faugère, J.-C.: A New Efficient Algorithm for Computing Gröbner bases (F4). Journal of Pure and Applied Algebra 139(1-3), 61–88 (1999)MATHCrossRefMathSciNetGoogle Scholar
  11. 11.
    Faugère, J.-C.: A new efficient algorithm for computing Gröbner bases without reduction to zero (F5). In: Symbolic and Algebraic Computation – ISSAC 2002, pp. 75–83. ACM, New York (2002)CrossRefGoogle Scholar
  12. 12.
    Faugère, J.-C., Gianni, P., Lazard, D., Mora, T.: Efficient Computation of Zero-Dimensional Gröbner Bases by Change of Ordering. Journal of Symbolic Computation 16(4), 329–344 (1993)MATHCrossRefMathSciNetGoogle Scholar
  13. 13.
    Ferguson, N., Schroeppel, R., Whiting, D.: A Simple Algebraic Representation of Rijndael. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, pp. 103–111. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  14. 14.
    Kalkbrener, M.: On the Complexity of Gröbner Bases Conversion. Journal of Symbolic Computation 28(1-2), 265–273 (1999)MATHCrossRefMathSciNetGoogle Scholar
  15. 15.
    Murphy, S., Robshaw, M.: Further Comments on the Structure of Rijndael. AES Comment to NIST (August. 2000)Google Scholar
  16. 16.
    Murphy, S., Robshaw, M.J.B.: Essential Algebraic Structure within the AES. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 1–16. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  17. 17.
    National Institute of Standards and Technology. FIPS-197: Advanced Encryption Standard (November 2001), Available at, http://csrc.nist.gov/publications/fips/

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Johannes Buchmann
    • 1
  • Andrei Pyshkin
    • 1
  • Ralf-Philipp Weinmann
    • 1
  1. 1.Fachbereich InformatikTechnische Universität DarmstadtDarmstadtGermany

Personalised recommendations