2006 | OriginalPaper | Buchkapitel
Proving the Security of AES Substitution-Permutation Network
verfasst von : Thomas Baignères, Serge Vaudenay
Erschienen in: Selected Areas in Cryptography
Verlag: Springer Berlin Heidelberg
Aktivieren Sie unsere intelligente Suche, um passende Fachinhalte oder Patente zu finden.
Wählen Sie Textabschnitte aus um mit Künstlicher Intelligenz passenden Patente zu finden. powered by
Markieren Sie Textabschnitte, um KI-gestützt weitere passende Inhalte zu finden. powered by
In this paper we study the substitution-permutation network (SPN) on which
AES
is based. We introduce
AES
*
, a SPN identical to
AES
except that fixed S-boxes are replaced by random and independent permutations. We prove that this construction resists linear and differential cryptanalysis with 4 inner rounds only, despite the huge cumulative effect of multipath characteristics that is induced by the symmetries of
AES
. We show that the DP and LP terms both tend towards 1/(2
128
− 1) very fast when the number of round increases. This proves a conjecture by Keliher, Meijer, and Tavares. We further show that
AES
*
. is immune to any iterated attack of order 1 after 10 rounds only, which substantially improves a previous result by Moriai and Vaudenay.