Skip to main content


Weitere Artikel dieser Ausgabe durch Wischen aufrufen

03.07.2019 | Ausgabe 12/2019

Designs, Codes and Cryptography 12/2019

More accurate results on the provable security of AES against impossible differential cryptanalysis

Designs, Codes and Cryptography > Ausgabe 12/2019
Qian Wang, Chenhui Jin
Wichtige Hinweise
Communicated by C. Carlet.
This work was supported by National Natural Science Foundation of China (Grant Nos. 61272488, 61402523, 61772547, 61802438 and 61602514).

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.


Whether there exist longer impossible differentials than existing ones for a block cipher, is an important problem in the provable security evaluation of a block cipher against impossible differential cryptanalysis. In this paper, we give more accurate results for this problem for the AES. After investigating the differential properties of both the S-box and the linear layer of AES, we theoretically prove that there do not exist impossible concrete differentials longer than 4 rounds for AES by proving that any concrete differential is possible for the 5-round AES, under the only assumption that the round keys are independent and uniformly random. We use a tool, called “(wd)-Dependent Tree (DT)”, to show how any concrete differential \(\varDelta X \rightarrow \varDelta Z\) can be connected in the middle of the 5-round AES by some DTs. Our method might shed some light on bounding the length of impossible differentials with the differential properties of the S-boxes considered for some SPN block ciphers.

Bitte loggen Sie sich ein, um Zugang zu diesem Inhalt zu erhalten

Über diesen Artikel

Weitere Artikel der Ausgabe 12/2019

Designs, Codes and Cryptography 12/2019 Zur Ausgabe

Premium Partner