A Simplified Representation of AES View Full Text


Ontology type: schema:Chapter      Open Access: True


Chapter Info

DATE

2014

AUTHORS

Henri Gilbert

ABSTRACT

We show that the so-called super S-box representation of AES – that provides a simplified view of two consecutive AES rounds – can be further simplified. In the untwisted representation of AES presented here, two consecutive AES rounds are viewed as the composition of a non-linear transformation S and an affine transformation R that respectively operate on the four 32-bit columns and on the four 32-bit rows of their 128-bit input. To illustrate that this representation can be helpful for analysing the resistance of AES-like ciphers or AES-based hash functions against some structural attacks, we present some improvements of the known-key distinguisher for the 7-round variant of AES presented by Knudsen and Rijmen at ASIACRYPT 2007. We first introduce a known-key distinguisher for the 8-round variant of AES which constructs a 264-tuple of (input,output) pairs satisfying a simple integral property. While this new 8-round known-key distinguisher is outperformed for 8 AES rounds by known-key differential distinguishers of time complexity 248 and 244 presented by Gilbert and Peyrin at FSE 2010 and Jean, Naya-Plasencia, and Peyrin at SAC 2013, we show that one can take advantage of its specific features to mount a known-key distinguisher for the 10-round AES with independent subkeys and the full AES-128. The obtained 10-round distinguisher has the same time complexity 264 as the 8-round distinguisher it is derived from, but the highlighted input-output correlation property is more intricate and therefore its impact on the security of the 10-round AES when used as a known key primitive, e.g. in a hash function construction, is questionable. The new known-key distinguishers do not affect at all the security of AES when used as a keyed primitive, for instance for encryption or message authentication purposes. More... »

PAGES

200-222

Book

TITLE

Advances in Cryptology – ASIACRYPT 2014

ISBN

978-3-662-45610-1
978-3-662-45611-8

Author Affiliations

Identifiers

URI

http://scigraph.springernature.com/pub.10.1007/978-3-662-45611-8_11

DOI

http://dx.doi.org/10.1007/978-3-662-45611-8_11

DIMENSIONS

https://app.dimensions.ai/details/publication/pub.1035808391


Indexing Status Check whether this publication has been indexed by Scopus and Web Of Science using the SN Indexing Status Tool
Incoming Citations Browse incoming citations for this publication using opencitations.net

JSON-LD is the canonical representation for SciGraph data.

TIP: You can open this SciGraph record using an external JSON-LD service: JSON-LD Playground Google SDTT

[
  {
    "@context": "https://springernature.github.io/scigraph/jsonld/sgcontext.json", 
    "about": [
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/08", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Information and Computing Sciences", 
        "type": "DefinedTerm"
      }, 
      {
        "id": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/0804", 
        "inDefinedTermSet": "http://purl.org/au-research/vocabulary/anzsrc-for/2008/", 
        "name": "Data Format", 
        "type": "DefinedTerm"
      }
    ], 
    "author": [
      {
        "affiliation": {
          "alternateName": "ANSSI, France", 
          "id": "http://www.grid.ac/institutes/None", 
          "name": [
            "ANSSI, France"
          ], 
          "type": "Organization"
        }, 
        "familyName": "Gilbert", 
        "givenName": "Henri", 
        "id": "sg:person.012771236207.08", 
        "sameAs": [
          "https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012771236207.08"
        ], 
        "type": "Person"
      }
    ], 
    "datePublished": "2014", 
    "datePublishedReg": "2014-01-01", 
    "description": "We show that the so-called super S-box representation of AES \u2013 that provides a simplified view of two consecutive AES rounds \u2013 can be further simplified. In the untwisted representation of AES presented here, two consecutive AES rounds are viewed as the composition of a non-linear transformation S and an affine transformation R that respectively operate on the four 32-bit columns and on the four 32-bit rows of their 128-bit input. To illustrate that this representation can be helpful for analysing the resistance of AES-like ciphers or AES-based hash functions against some structural attacks, we present some improvements of the known-key distinguisher for the 7-round variant of AES presented by Knudsen and Rijmen at ASIACRYPT 2007. We first introduce a known-key distinguisher for the 8-round variant of AES which constructs a 264-tuple of (input,output) pairs satisfying a simple integral property. While this new 8-round known-key distinguisher is outperformed for 8 AES rounds by known-key differential distinguishers of time complexity 248 and 244 presented by Gilbert and Peyrin at FSE 2010 and Jean, Naya-Plasencia, and Peyrin at SAC 2013, we show that one can take advantage of its specific features to mount a known-key distinguisher for the 10-round AES with independent subkeys and the full AES-128. The obtained 10-round distinguisher has the same time complexity 264 as the 8-round distinguisher it is derived from, but the highlighted input-output correlation property is more intricate and therefore its impact on the security of the 10-round AES when used as a known key primitive, e.g. in a hash function construction, is questionable. The new known-key distinguishers do not affect at all the security of AES when used as a keyed primitive, for instance for encryption or message authentication purposes.", 
    "editor": [
      {
        "familyName": "Sarkar", 
        "givenName": "Palash", 
        "type": "Person"
      }, 
      {
        "familyName": "Iwata", 
        "givenName": "Tetsu", 
        "type": "Person"
      }
    ], 
    "genre": "chapter", 
    "id": "sg:pub.10.1007/978-3-662-45611-8_11", 
    "isAccessibleForFree": true, 
    "isPartOf": {
      "isbn": [
        "978-3-662-45610-1", 
        "978-3-662-45611-8"
      ], 
      "name": "Advances in Cryptology \u2013 ASIACRYPT 2014", 
      "type": "Book"
    }, 
    "keywords": [
      "variants", 
      "rounds", 
      "resistance", 
      "improvement", 
      "function", 
      "purpose", 
      "specific features", 
      "features", 
      "impact", 
      "AES", 
      "attacks", 
      "view", 
      "advantages", 
      "independent subkeys", 
      "instances", 
      "simplified view", 
      "composition", 
      "transformation S", 
      "column", 
      "input", 
      "known-key distinguisher", 
      "pairs", 
      "integral properties", 
      "properties", 
      "correlation properties", 
      "representation", 
      "transformation R", 
      "rows", 
      "structural attacks", 
      "hash function construction", 
      "function construction", 
      "simplified representation", 
      "AES-like ciphers", 
      "hash function", 
      "distinguisher", 
      "Knudsen", 
      "differential distinguishers", 
      "Gilbert", 
      "FSE 2010", 
      "jeans", 
      "key primitives", 
      "primitives", 
      "security of AES", 
      "AES round", 
      "cipher", 
      "ASIACRYPT 2007", 
      "subkeys", 
      "construction", 
      "Rijmen", 
      "Peyrin", 
      "AES-128", 
      "security", 
      "encryption", 
      "authentication purposes", 
      "Naya-Plasencia", 
      "full AES-128"
    ], 
    "name": "A Simplified Representation of AES", 
    "pagination": "200-222", 
    "productId": [
      {
        "name": "dimensions_id", 
        "type": "PropertyValue", 
        "value": [
          "pub.1035808391"
        ]
      }, 
      {
        "name": "doi", 
        "type": "PropertyValue", 
        "value": [
          "10.1007/978-3-662-45611-8_11"
        ]
      }
    ], 
    "publisher": {
      "name": "Springer Nature", 
      "type": "Organisation"
    }, 
    "sameAs": [
      "https://doi.org/10.1007/978-3-662-45611-8_11", 
      "https://app.dimensions.ai/details/publication/pub.1035808391"
    ], 
    "sdDataset": "chapters", 
    "sdDatePublished": "2022-11-24T21:18", 
    "sdLicense": "https://scigraph.springernature.com/explorer/license/", 
    "sdPublisher": {
      "name": "Springer Nature - SN SciGraph project", 
      "type": "Organization"
    }, 
    "sdSource": "s3://com-springernature-scigraph/baseset/20221124/entities/gbq_results/chapter/chapter_424.jsonl", 
    "type": "Chapter", 
    "url": "https://doi.org/10.1007/978-3-662-45611-8_11"
  }
]
 

Download the RDF metadata as:  json-ld nt turtle xml License info

HOW TO GET THIS DATA PROGRAMMATICALLY:

JSON-LD is a popular format for linked data which is fully compatible with JSON.

curl -H 'Accept: application/ld+json' 'https://scigraph.springernature.com/pub.10.1007/978-3-662-45611-8_11'

N-Triples is a line-based linked data format ideal for batch operations.

curl -H 'Accept: application/n-triples' 'https://scigraph.springernature.com/pub.10.1007/978-3-662-45611-8_11'

Turtle is a human-readable linked data format.

curl -H 'Accept: text/turtle' 'https://scigraph.springernature.com/pub.10.1007/978-3-662-45611-8_11'

RDF/XML is a standard XML format for linked data.

curl -H 'Accept: application/rdf+xml' 'https://scigraph.springernature.com/pub.10.1007/978-3-662-45611-8_11'


 

This table displays all metadata directly associated to this object as RDF triples.

120 TRIPLES      22 PREDICATES      81 URIs      74 LITERALS      7 BLANK NODES

Subject Predicate Object
1 sg:pub.10.1007/978-3-662-45611-8_11 schema:about anzsrc-for:08
2 anzsrc-for:0804
3 schema:author N2b9817e4ccb14a26a040297bceb15c27
4 schema:datePublished 2014
5 schema:datePublishedReg 2014-01-01
6 schema:description We show that the so-called super S-box representation of AES – that provides a simplified view of two consecutive AES rounds – can be further simplified. In the untwisted representation of AES presented here, two consecutive AES rounds are viewed as the composition of a non-linear transformation S and an affine transformation R that respectively operate on the four 32-bit columns and on the four 32-bit rows of their 128-bit input. To illustrate that this representation can be helpful for analysing the resistance of AES-like ciphers or AES-based hash functions against some structural attacks, we present some improvements of the known-key distinguisher for the 7-round variant of AES presented by Knudsen and Rijmen at ASIACRYPT 2007. We first introduce a known-key distinguisher for the 8-round variant of AES which constructs a 264-tuple of (input,output) pairs satisfying a simple integral property. While this new 8-round known-key distinguisher is outperformed for 8 AES rounds by known-key differential distinguishers of time complexity 248 and 244 presented by Gilbert and Peyrin at FSE 2010 and Jean, Naya-Plasencia, and Peyrin at SAC 2013, we show that one can take advantage of its specific features to mount a known-key distinguisher for the 10-round AES with independent subkeys and the full AES-128. The obtained 10-round distinguisher has the same time complexity 264 as the 8-round distinguisher it is derived from, but the highlighted input-output correlation property is more intricate and therefore its impact on the security of the 10-round AES when used as a known key primitive, e.g. in a hash function construction, is questionable. The new known-key distinguishers do not affect at all the security of AES when used as a keyed primitive, for instance for encryption or message authentication purposes.
7 schema:editor N6e2dfc4d48844b84aa17b5eb3cc29ec5
8 schema:genre chapter
9 schema:isAccessibleForFree true
10 schema:isPartOf N6727d5d163274212b53cb25b38fadf00
11 schema:keywords AES
12 AES round
13 AES-128
14 AES-like ciphers
15 ASIACRYPT 2007
16 FSE 2010
17 Gilbert
18 Knudsen
19 Naya-Plasencia
20 Peyrin
21 Rijmen
22 advantages
23 attacks
24 authentication purposes
25 cipher
26 column
27 composition
28 construction
29 correlation properties
30 differential distinguishers
31 distinguisher
32 encryption
33 features
34 full AES-128
35 function
36 function construction
37 hash function
38 hash function construction
39 impact
40 improvement
41 independent subkeys
42 input
43 instances
44 integral properties
45 jeans
46 key primitives
47 known-key distinguisher
48 pairs
49 primitives
50 properties
51 purpose
52 representation
53 resistance
54 rounds
55 rows
56 security
57 security of AES
58 simplified representation
59 simplified view
60 specific features
61 structural attacks
62 subkeys
63 transformation R
64 transformation S
65 variants
66 view
67 schema:name A Simplified Representation of AES
68 schema:pagination 200-222
69 schema:productId N2cae9bcd02e14f74878b863091de9675
70 Ne58563d74ece4352a3d51302109df0d4
71 schema:publisher Nd77015b33dc8417cb61342f057af42f3
72 schema:sameAs https://app.dimensions.ai/details/publication/pub.1035808391
73 https://doi.org/10.1007/978-3-662-45611-8_11
74 schema:sdDatePublished 2022-11-24T21:18
75 schema:sdLicense https://scigraph.springernature.com/explorer/license/
76 schema:sdPublisher N14d443e074254aa9944aac96cf91f375
77 schema:url https://doi.org/10.1007/978-3-662-45611-8_11
78 sgo:license sg:explorer/license/
79 sgo:sdDataset chapters
80 rdf:type schema:Chapter
81 N0bc2015710b14f9aa6f2ce2c607decc8 schema:familyName Iwata
82 schema:givenName Tetsu
83 rdf:type schema:Person
84 N14d443e074254aa9944aac96cf91f375 schema:name Springer Nature - SN SciGraph project
85 rdf:type schema:Organization
86 N2b9817e4ccb14a26a040297bceb15c27 rdf:first sg:person.012771236207.08
87 rdf:rest rdf:nil
88 N2cae9bcd02e14f74878b863091de9675 schema:name doi
89 schema:value 10.1007/978-3-662-45611-8_11
90 rdf:type schema:PropertyValue
91 N4a2b7215518b47a28f21cb92a78c13f4 schema:familyName Sarkar
92 schema:givenName Palash
93 rdf:type schema:Person
94 N6727d5d163274212b53cb25b38fadf00 schema:isbn 978-3-662-45610-1
95 978-3-662-45611-8
96 schema:name Advances in Cryptology – ASIACRYPT 2014
97 rdf:type schema:Book
98 N6e2dfc4d48844b84aa17b5eb3cc29ec5 rdf:first N4a2b7215518b47a28f21cb92a78c13f4
99 rdf:rest N8baa2d1616db40b6986e2034dea8fe27
100 N8baa2d1616db40b6986e2034dea8fe27 rdf:first N0bc2015710b14f9aa6f2ce2c607decc8
101 rdf:rest rdf:nil
102 Nd77015b33dc8417cb61342f057af42f3 schema:name Springer Nature
103 rdf:type schema:Organisation
104 Ne58563d74ece4352a3d51302109df0d4 schema:name dimensions_id
105 schema:value pub.1035808391
106 rdf:type schema:PropertyValue
107 anzsrc-for:08 schema:inDefinedTermSet anzsrc-for:
108 schema:name Information and Computing Sciences
109 rdf:type schema:DefinedTerm
110 anzsrc-for:0804 schema:inDefinedTermSet anzsrc-for:
111 schema:name Data Format
112 rdf:type schema:DefinedTerm
113 sg:person.012771236207.08 schema:affiliation grid-institutes:None
114 schema:familyName Gilbert
115 schema:givenName Henri
116 schema:sameAs https://app.dimensions.ai/discover/publication?and_facet_researcher=ur.012771236207.08
117 rdf:type schema:Person
118 grid-institutes:None schema:alternateName ANSSI, France
119 schema:name ANSSI, France
120 rdf:type schema:Organization
 




Preview window. Press ESC to close (or click here)


...