Skip to main content
Springer Nature Link
Log in

Analyzing Permutations for AES-like Ciphers: Understanding ShiftRows

  • Conference paper
  • First Online:
Topics in Cryptology –- CT-RSA 2015 (CT-RSA 2015)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 9048))

Included in the following conference series:

Abstract

Designing block ciphers and hash functions in a manner that resemble the AES in many aspects has been very popular since Rijndael was adopted as the Advanced Encryption Standard. However, in sharp contrast to the MixColumns operation, the security implications of the way the state is permuted by the operation resembling ShiftRows has never been studied in depth.

Here, we provide the first structured study of the influence of ShiftRows-like operations, or more generally, word-wise permutations, in AES-like ciphers with respect to diffusion properties and resistance towards differential- and linear attacks. After formalizing the concept of guaranteed trail weights, we show a range of equivalence results for permutation layers in this context. We prove that the trail weight analysis when using arbitrary word-wise permutations, with rotations as a special case, reduces to a consideration of a specific normal form. Using a mixed-integer linear programming approach, we obtain optimal parameters for a wide range of AES-like ciphers, and show improvements on parameters for Rijndael-\(192\), Rijndael-\(256\), PRIMATEs-\(80\) and Prøst-\(128\). As a separate result, we show for specific cases of the state geometry that a seemingly optimal bound on the trail weight can be obtained using cyclic rotations only for the permutation layer, i.e. in a very implementation friendly way.

The work of Gregor Leander was funded by the BMBF UNIKOPS project.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Andreeva, E., Bilgin, B., Bogdanov, A., Luykx, A., Mendel, F., Mennink, B., Mouha, N., Wang, Q., Yasuda, K.: PRIMATEs. CAESAR Proposal (2014). http://competitions.cr.yp.to/round1/primatesv1.pdf

  2. Asratian, A.S., Denley, T.M.J., Häggkvist, R.: Bipartite Graphs and Their Applications. Cambridge Tracts in Mathematics. Cambridge University Press (1998)

    Google Scholar 

  3. Barreto, P.S.L.M., Rijmen, V.: The ANUBIS Block Cipher. NESSIE submission (2000). http://www.larc.usp.br/pbarreto/AnubisPage.html

  4. Beierle, C., Jovanovic, P., Lauridsen, M.M., Leander, G., Rechberger, C.: Source code for experimental results (2015). https://github.com/mmeh/understanding-shiftrows

  5. Benadjila, R., Billet, O., Gilbert, H., Macario-Rat, G., Peyrin, T., Robshaw, M., Seurin, Y.: SHA-3 Proposal: ECHO (2010). http://crypto.rd.francetelecom.com/ECHO/

  6. Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. In: Menezes, A., Vanstone, S.A. (eds.) CRYPTO 1990. LNCS, vol. 537, pp. 2–21. Springer, Heidelberg (1991)

    Google Scholar 

  7. Biham, E., Shamir, A.: Differential Cryptanalysis of the Data Encryption Standard. Springer (1993)

    Google Scholar 

  8. Biryukov, A., Khovratovich, D.: PAEQ. CAESAR Proposal (2014). http://competitions.cr.yp.to/round1/paeqv1.pdf

  9. Borghoff, J., Canteaut, A., Güneysu, T., Kavun, E.B., Knezevic, M., Knudsen, L.R., Leander, G., Nikov, V., Paar, C., Rechberger, C., Rombouts, P., Thomsen, S.S., Yalçın, T.: PRINCE – a low-latency block cipher for pervasive computing applications. In: Wang, X., Sako, K. (eds.) ASIACRYPT 2012. LNCS, vol. 7658, pp. 208–225. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  10. Daemen, J., Knudsen, L.R., Rijmen, V.: The block cipher SQUARE. In: Biham, E. (ed.) FSE 1997. LNCS, vol. 1267, pp. 149–165. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  11. Daemen, J., Rijmen, V.: AES Proposal: Rjindael (1998). http://csrc.nist.gov/archive/aes/rijndael/Rijndael-ammended.pdf

  12. Daemen, J., Rijmen, V.: The wide trail design strategy. In: Honary, B. (ed.) Cryptography and Coding 2001. LNCS, vol. 2260, p. 222. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  13. Fleischmann, E., Forler, C., Gorski, M., Lucks, S.: Twister – a framework for secure and fast hash functions. In: Bao, F., Li, H., Wang, G. (eds.) ISPEC 2009. LNCS, vol. 5451, pp. 257–273. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  14. Gauravaram, P., Knudsen, L.R., Matusiewicz, K., Mendel, F., Rechberger, C., Schläffer, M., Thomsen, S.S.: Grøstl - a SHA-3 Candidate (2011). http://www.groestl.info/

  15. Guo, J., Peyrin, T., Poschmann, A.: The PHOTON family of lightweight hash functions. In: Rogaway, P. (ed.) Advances in Cryptology – CRYPTO 2011. LNCS, vol. 6841, pp. 222–239. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  16. Guo, J., Peyrin, T., Poschmann, A., Robshaw, M.: The LED block cipher. In: Preneel, B., Takagi, T. (eds.) CHES 2011. LNCS, vol. 6917, pp. 326–341. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  17. IBM. ILOG CPLEX Optimizer, 1997–2014. http://www-01.ibm.com/software/commerce/optimization/cplex-optimizer/

  18. Indesteege, S., Andreeva, E., De Cannière, C., Dunkelman, O., Käper, E., Nikova, S., Preneel, B., Tischhauser, E.: The LANE hash function. Submission to NIST (2008). http://www.cosic.esat.kuleuven.be/publications/article-1181.pdf

  19. Nakahara Jr., J.: 3D: a three-dimensional block cipher. In: Franklin, M.K., Hui, L.C.K., Wong, D.S. (eds.) CANS 2008. LNCS, vol. 5339, pp. 252–267. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  20. Kavun, E.B., Lauridsen, M.M., Leander, G., Rechberger, C., Schwabe, P., Yalçn, T.: Prøst. CAESAR Proposal (2014). http://proest.compute.dtu.dk

  21. Lim, C.H., Korkishko, T.: mCrypton – a lightweight block cipher for security of low-cost RFID tags and sensors. In: Song, J.-S., Kwon, T., Yung, M. (eds.) WISA 2005. LNCS, vol. 3786, pp. 243–258. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  22. MacWilliams, F.J., Sloane, N.J.A.: The Theory of Error-Correcting Codes. North-Holland Publishing Company, 2nd edn. (1978)

    Google Scholar 

  23. Matsui, M.: Linear cryptanalysis method for DES cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)

    Chapter  Google Scholar 

  24. Mouha, N., Wang, Q., Gu, D., Preneel, B.: Differential and linear cryptanalysis using mixed-integer linear programming. In: Wu, C.-K., Yung, M., Lin, D. (eds.) Inscrypt 2011. LNCS, vol. 7537, pp. 57–76. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  25. Markku-Juhani, O.: Saarinen. STRIBOBr 1. CAESAR Proposal (2014). http://competitions.cr.yp.to/round1/stribobr1.pdf

  26. Shannon, C.: Communication Theory of Secrecy Systems. Bell System Technical Journal 28, 656–715 (1949)

    Article  MATH  MathSciNet  Google Scholar 

  27. Dominic, J.A.: Welsh. Codes and cryptography. Clarendon Press (1988)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Horst Görtz Institute for IT Security, Ruhr-Universität Bochum, Bochum, Germany

    Christof Beierle & Gregor Leander

  2. Fakultät für Informatik und Mathematik, Universität Passau, Passau, Germany

    Philipp Jovanovic

  3. DTU Compute, Technical University of Denmark, Lyngby, Denmark

    Martin M. Lauridsen & Christian Rechberger

Authors
  1. Christof Beierle
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Philipp Jovanovic
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Martin M. Lauridsen
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Gregor Leander
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Christian Rechberger
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Martin M. Lauridsen .

Editor information

Editors and Affiliations

  1. Aalto University School of Science, Espoo, Finland

    Kaisa Nyberg

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Beierle, C., Jovanovic, P., Lauridsen, M.M., Leander, G., Rechberger, C. (2015). Analyzing Permutations for AES-like Ciphers: Understanding ShiftRows. In: Nyberg, K. (eds) Topics in Cryptology –- CT-RSA 2015. CT-RSA 2015. Lecture Notes in Computer Science(), vol 9048. Springer, Cham. https://doi.org/10.1007/978-3-319-16715-2_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-16715-2_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-16714-5

  • Online ISBN: 978-3-319-16715-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation