Skip to main content
SpringerLink
Log in
Book cover

International Conference on Advanced Encryption Standard

AES 2004: Advanced Encryption Standard – AES pp 67–83Cite as

General Principles of Algebraic Attacks and New Design Criteria for Cipher Components

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 3373))

Abstract

This paper is about the design of multivariate public key schemes, as well as block and stream ciphers, in relation to recent attacks that exploit various types of multivariate algebraic relations. We survey these attacks focusing on their common fundamental principles and on how to avoid them. From this we derive new very general design criteria, applicable for very different cryptographic components. These amount to avoiding (if possible) the existence of, in some sense “too simple” algebraic relations. Though many ciphers that do not satisfy this new paradigm probably still remain secure, the design of ciphers will never be the same again.

Work supported by the French Ministry of Research RNRT Project “X-CRYPT”.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Armknecht, F.: Improving Fast Algebraic Attacks. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 65–82. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  2. Armknecht, F., Krause, M.: Algebraic Atacks on Combiners with Memory. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 162–176. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  3. Aoki, K., Vaudenay, S.: On the Use of GF-Inversion as a Cryptographic Primitive. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 234–247. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  4. Anderson, R., Biham, E., Knudsen, L.: Serpent: A Proposal for the Advanced Encryption Standard

    Google Scholar 

  5. Canteaut, A., Videau, M.: Degree of composition of highly nonlinear functions and applications to higher order differential cryptanalysis. In: Knudsen, L.R. (ed.) EUROCRYPT 2002. LNCS, vol. 2332, p. 518. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  6. Cho, J.Y., Pieprzyk, J.: Algebraic Attacks on SOBER-t32 and SOBER-128. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 49–64. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  7. Coppersmith, D., Winograd, S.: Matrix multiplication via arithmetic progressions. J. Symbolic Computation 9, 251–280 (1990)

    Article  MATH  MathSciNet  Google Scholar 

  8. Courtois, N.: Feistel Schemes and Bi-Linear Cryptanalysis. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 23–40. Springer, Heidelberg (2004)

    Google Scholar 

  9. Courtois, N.: The security of Hidden Field Equations (HFE). In: Naccache, D. (ed.) CT-RSA 2001. LNCS, vol. 2020, pp. 266–281. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  10. Courtois, N.: Algebraic Attacks on Combiners with Memory and Several Outputs (June 23, 2003), Available on, http://eprint.iacr.org/2003/125/

  11. Courtois, N.: La sécurité des primitives cryptographiques basées sur les problèmes algébriques multivariables MQ, IP, MinRank, et HFE, PhD thesis, Paris 6 University (September 2001), in French, (available at), http://www.minrank.org/phd.pdf

  12. Courtois, N.: Fast Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 177–194. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  13. Courtois, N.: The Inverse S-box, Non-linear Polynomial Relations and Cryptanalysis of Block Ciphers. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2005. LNCS, vol. 3373, pp. 170–188. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  14. Courtois, N., Patarin, J.: About the XL Algorithm over GF(2). In: Joye, M. (ed.) CT-RSA 2003. LNCS, vol. 2612, pp. 141–157. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  15. Courtois, N., Pieprzyk, J.: Cryptanalysis of Block Ciphers with Overdefined Systems of Equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002); a preprint with a different version of the attack is available at, http://eprint.iacr.org/2002/044/

    Chapter  Google Scholar 

  16. Courtois, N.: Higher Order Correlation Attacks, XL algorithm and Cryptanalysis of Toyocrypt. In: Lee, P.J., Lim, C.H. (eds.) ICISC 2002. LNCS, vol. 2587, pp. 182–199. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  17. Courtois, N., Meier, W.: Algebraic Attacks on Stream Ciphers with Linear Feedback. In: Biham, E. (ed.) EUROCRYPT 2003. LNCS, vol. 2656, pp. 345–359. Springer, Heidelberg (2003); An extended version is available at, http://www.minrank.org/toyolili.pdf

    Chapter  Google Scholar 

  18. Courtois, N., Daum, M., Felke, P.: On the Security of HFE, HFEv- and Quartz. In: Desmedt, Y.G. (ed.) PKC 2003. LNCS, vol. 2567, pp. 337–350. Springer, Heidelberg (2002); The extended version can be found at, http://eprint.iacr.org/2002/138/

    Chapter  Google Scholar 

  19. Daemen, J., Rijmen, V.: AES proposal: Rijndael, http://csrc.nist.gov/encryption/aes/rijndael/Rijndael.pdf

  20. Daemen, J., Rijmen, V.: The Design of Rijndael. In: AES - The Advanced Encryption Standard. Springer, Berlin (2002) ISBN 3-540-42580-2

    Google Scholar 

  21. Daemen, J., Rijmen, V., Preneel, B., Bosselaers, A., De Win, E.: The Cipher SHARK. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039. Springer, Heidelberg (1996)

    Google Scholar 

  22. Faugère, J.-C.: A new efficient algorithm for computing Gröbner bases (F4). Journal of Pure and Applied Algebra 139, 61–88 (1999), See, www.elsevier.com/locate/jpaa

    Article  MATH  MathSciNet  Google Scholar 

  23. Faugère, J.-C.: A new efficient algorithm for computing Gröbner bases without reduction to zero (F5). In: Workshop on Applications of Commutative Algebra, Catania, Italy, April 3-6. ACM Press, New York (2002)

    Google Scholar 

  24. Ferguson, N., Schroeppel, R., Whiting, D.: A simple algebraic representation of Rijndael. In: Vaudenay, S., Youssef, A.M. (eds.) SAC 2001. LNCS, vol. 2259, p. 103. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  25. Golic, J.D.: On the Security of Nonlinear Filter Generators. In: Gollmann, D. (ed.) FSE 1996. LNCS, vol. 1039, pp. 173–188. Springer, Heidelberg (1996)

    Google Scholar 

  26. Harpes, C., Kramer, G., Massey, J.: A Generalization of Linear Cryptanalysis and the Applicability of Matsui’s Piling-up Lemma. In: Guillou, L.C., Quisquater, J.-J. (eds.) EUROCRYPT 1995. LNCS, vol. 921, pp. 24–38. Springer, Heidelberg (1995), http://www.isi.ee.ethz.ch/harpes/GLClong.ps

    Google Scholar 

  27. Hawkes, P., Rose, G.: Rewriting Variables: the Complexity of Fast Algebraic Attacks on Stream Ciphers. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 390–406. Springer, Heidelberg (2004), http://eprint.iacr.org/2004/081/

    Google Scholar 

  28. Jakobsen, T., Knudsen, L.: Attacks on Block Ciphers of Low Algebraic Degree. Journal of Cryptology 14(3), 197–210 (2001)

    MATH  MathSciNet  Google Scholar 

  29. Thomas Jakobsen: Higher-Order Cryptanalysis of Block Ciphers. Ph.D. thesis, Dept. of Math., Technical University of Denmark (1999)

    Google Scholar 

  30. Jakobsen, T.: Cryptanalysis of Block Ciphers with Probabilistic Non-Linear Relations of Low Degree. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 212–222. Springer, Heidelberg (1998)

    Google Scholar 

  31. Joux, A., Faugère, J.-C.: Algebraic Cryptanalysis of Hidden Field Equation (HFE) Cryptosystems Using Gröbner Bases. In: Boneh, D. (ed.) CRYPTO 2003. LNCS, vol. 2729, pp. 44–60. Springer, Heidelberg (2003)

    Google Scholar 

  32. Knudsen, L.R., Robshaw, M.J.B.: Non-Linear Characteristics in Linear Cryptoanalysis. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 224–236. Springer, Heidelberg (1996)

    Google Scholar 

  33. Lee, D.H., Kim, J., Hong, J., Han, J.W., Moon, D.: Algebraic Attacks on Summation Generators. In: Roy, B., Meier, W. (eds.) FSE 2004. LNCS, vol. 3017, pp. 34–48. Springer, Heidelberg (2004) (to appear), http://eprint.iacr.org/2003/229/

    Chapter  Google Scholar 

  34. Lidl, R., Niederreiter, H.: Finite Fields. In: Encyclopedia of Mathematics and its applications, vol. 20. University Press, Cambridge

    Google Scholar 

  35. Menezes, A.J., van Oorschot, P.C., Scott, A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996)

    Book  Google Scholar 

  36. Matsumoto, T., Imai, H.: Public Quadratic Polynomial-tuples for efficient signature-verification and message-encryption. In: Günther, C.G. (ed.) EUROCRYPT 1988. LNCS, vol. 330, pp. 419–453. Springer, Heidelberg (1988)

    Google Scholar 

  37. Meier, W., Pasalic, E., Carlet, C.: Algebraic Attacks and Decomposition of Boolean Functions. In: Cachin, C., Camenisch, J.L. (eds.) EUROCRYPT 2004. LNCS, vol. 3027, pp. 474–491. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  38. Murphy, S., Robshaw, M.: Essential Algebraic Structure within the AES. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, p. 1. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  39. Nyberg, K.: Differentially Uniform Mappings for Cryptography. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 55–64. Springer, Heidelberg (1994)

    Google Scholar 

  40. Patarin, J.: Cryptanalysis of the Matsumoto and Imai Public Key Scheme of Eurocrypt 1988. In: Coppersmith, D. (ed.) CRYPTO 1995. LNCS, vol. 963, pp. 248–261. Springer, Heidelberg (1995)

    Google Scholar 

  41. Patarin, J.: Hidden Fields Equations (HFE) and Isomorphisms of Polynomials (IP): two new families of Asymm. Algorithms. In: Maurer, U.M. (ed.) EUROCRYPT 1996. LNCS, vol. 1070, pp. 33–48. Springer, Heidelberg (1996)

    Google Scholar 

  42. Shamir, A., Kipnis, A.: Cryptanalysis of the HFE Public Key Cryptosystem. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, p. 19. Springer, Heidelberg (1999); The paper can be found at, http://www.hfe.info

    Google Scholar 

  43. Shamir, A., Patarin, J., Courtois, N., Klimov, A.: Efficient Algorithms for solving Overdefined Systems of Multivariate Polynomial Equations. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 392–407. Springer, Heidelberg (2000)

    Chapter  Google Scholar 

  44. Shannon, C.E.: Communication theory of secrecy systems. Bell System Technical Journal 28, 704 (1949)

    Google Scholar 

  45. Wang, D.: Elimination Methods. In: Texts and Monographs in Symbolic Computation, p. XIII. Springer, Heidelberg (2001) ISBN 3-211-83241-6

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Axalto Cryptographic Research & Advanced Security, 36-38 rue de la Princesse, BP 45, 78430, Louveciennes Cedex, France

    Nicolas T. Courtois

Authors
  1. Nicolas T. Courtois
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Cryptology and IT Security Research Group, Ruhr-University of Bochum Germany, P.O. Box,  

    Hans Dobbertin

  2. ESAT/COSIC, K.U. Leuven, Kasteelpark Arenberg 10, B-3001, Leuven-Heverlee, Belgium

    Vincent Rijmen

  3. Horst Görtz Institut für Sicherheit in der Informationstechnik, Ruhr-University of Bochum, Universitätsstrasse 150, 44780, Bochum, Germany

    Aleksandra Sowa

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Courtois, N.T. (2005). General Principles of Algebraic Attacks and New Design Criteria for Cipher Components. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds) Advanced Encryption Standard – AES. AES 2004. Lecture Notes in Computer Science, vol 3373. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11506447_7

Download citation

  • DOI: https://doi.org/10.1007/11506447_7

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-26557-3

  • Online ISBN: 978-3-540-31840-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation