Proving the Security of AES Substitution-Permutation Network

Baignères, Thomas; Vaudenay, Serge

doi:10.1007/11693383_5

Baignères, Thomas; Vaudenay, Serge

2005

Download

Formats

Format
BibTeX
MARC
MARCXML
DublinCore
EndNote
NLM
RefWorks
RIS

Files

Abstract

In this paper we study the substitution-permutation network (SPN) on which Rijndael is based. We introduce Rijndael*, a SPN identical to Rijndael except that fixed S-boxes are replaced by random and independent permutations. We prove that this construction resists linear and differential cryptanalysis with 4 inner rounds only, despite the huge cumulative effect of multipath characteristics that is induced by the symmetries of Rijndael. We show that the DP and LP terms both tend towards 1/(2¹²⁸-1) very fast when the number of round increases. This proves a conjecture by Keliher, Meijer, and Tavares. We further show that Rijndael* is immune to any iterated attack of order 1 after 10 rounds only, which substantially improves a previous result by Moriai and Vaudenay.

Details

Title Proving the Security of AES Substitution-Permutation Network

Author(s) Baignères, Thomas ; Vaudenay, Serge

Published in Selected Areas in Cryptography, 12th International Workshop, SAC 2005

Series Lecture Notes in Computer Science, 3897

Pages 65-81

Conference Selected Areas in Cryptography, 12th International Workshop, SAC 2005, Kingston, ON, Canada, August 11-12, 2005

Date 2005

Keywords

Differential Cryptanalysis; Linear Cryptanalysis; Differentials; Linear Hulls; Provable Security; Rijndael

DOI https://doi.org/10.1007/11693383_5

Other identifier(s) DAR: 8549
View record in Web of Science

Additional link URL

Laboratories LASEC

Record Appears in Scientific production and competences > I&C - School of Computer and Communication Sciences > IINFCOM > LASEC - Security and Cryptography Laboratory
Peer-reviewed publications
Conference Papers
Work produced at EPFL
Published

Record creation date 2006-07-14

Actions

Preview

Select file: