Sciweavers

AES
2004
Springer

The Inverse S-Box, Non-linear Polynomial Relations and Cryptanalysis of Block Ciphers

14 years 5 months ago
The Inverse S-Box, Non-linear Polynomial Relations and Cryptanalysis of Block Ciphers
This paper is motivated by the design of AES. We consider a broader question of cryptanalysis of block ciphers having very good non-linearity and diffusion. Can we expect anyway, to attacks such ciphers, clearly designed to render hopeless the main classical attacks ? Recently a lot of attention have been drawn to the existence of multivariate algebraic relations for AES (and other) S-boxes. Then, if the XSL-type algebraic attacks on block ciphers [11] are shown to work well, the answer would be positive. In this paper we show that the answer is certainly positive for many other constructions of ciphers. This is not due to an algebraic attack, but to new types of generalised linear cryptanalysis, highly-nonlinear in flavour. We present several constructions of somewhat special practical block ciphers, seemingly satisfying all the design criteria of AES and using similar S-boxes, and yet being extremely weak. They can be generalised, and evolve into general attacks that can be applied...
Nicolas Courtois
Added 30 Jun 2010
Updated 30 Jun 2010
Type Conference
Year 2004
Where AES
Authors Nicolas Courtois
Comments (0)