Your browser does not support JavaScript!
http://iet.metastore.ingenta.com
1887

Exact maximum expected differential and linear probability for two-round Advanced Encryption Standard

Exact maximum expected differential and linear probability for two-round Advanced Encryption Standard

For access to this article, please select a purchase option:

Buy article PDF
£12.50
(plus tax if applicable)
Add to cart
Buy Knowledge Pack
10 articles for £75.00
(plus taxes if applicable)
Add to cart

IET members benefit from discounts to all IET publications and free access to E&T Magazine. If you are an IET member, log in to your account and the discounts will automatically be applied.

Learn more about IET membership 

Recommend Title Publication to library

You must fill out fields marked with: *

Librarian details
Name:*
Email:*
Your details
Name:*
Email:*
Department:*
Why are you recommending this title?
Select reason:
 
 
 
 
 
IET Information Security — Recommend this title to your library

Thank you

Your recommendation has been sent to your librarian.

  • Author(s): L. Keliher 1  and  J. Sui 2
    • View affiliations
    • Affiliations: 1: AceCrypt, Department of Mathematics and Computer Science, Mount Allison University, Sackville, Canada
      2: The School of Computer Science, University of Waterloo, Waterloo, Canada
  • Source: Volume 1, Issue 2, June 2007, p. 53 – 57
    DOI:  10.1049/iet-ifs:20060161 , Print ISSN 1751-8709, Online ISSN 1751-8717
© The Institution of Engineering and Technology
Published

The current standard approach to demonstrate provable security of a block cipher against differential and linear cryptanalysis is based on the maximum expected differential and linear probability (MEDP and MELP) over a sequence of core cipher rounds. Often information about these values for a small number of rounds leads to significant insights concerning the security of the cipher for larger numbers of rounds, including the full cipher. Recent results have tightened the bounds on the MEDP and MELP for the two-round Advanced Encryption Standard (AES), but no previous approach has determined them exactly. An algorithm that computes the exact MEDP and MELP for the two-round AES is presented, and the computational results of our algorithm are provided. In addition to resolving this outstanding question for the AES, these exact values also lead to improved upper bounds on the MEDP and MELP for four or more AES rounds.

Inspec keywords: cryptography; probability

Other keywords: maximum expected differential probability; two-round advanced encryption standard; block cipher; maximum expected linear probability

Subjects: Other topics in statistics; Other topics in statistics; Cryptography; Cryptography theory

References

    1. 1)
      • Matsui, M.: `Linear cryptanalysis method for DES cipher', Proc. Advances in Cryptology EUROCRYPT'93, LNCS, 765, 1994, Springer, p. 386 397.
    2. 2)
      • Nyberg, K.: `Linear approximation of block ciphers', Proc. Advances in Cryptology –EUROCRYPT'94, LNCS, 950, 1995, Springer, p. 439 444.
    3. 3)
      • Biham, E.: `On Matsui's linear cryptanalysis', Proc. Advances in Cryptology EUROCRYPT'94, LNCS, 950, 1995, Springer, p. 341 355.
    4. 4)
      • Keliher, L., Meijer, H., Tavares, S.: `New method for upper bounding the maximum average linear hull probability for SPNs', Proc. Advances in Cryptology EUROCRYPT 2001, LNCS, 2045, 2001, Springer, p. 420 436.
    5. 5)
      • Daemen, J., Rijmen, V.: `Understanding two-round differentials in AES', Proc. Security and Cryptography for Networks (SCN 2006), LNCS, 4116, 2006, Springer, p. 78 94.
    6. 6)
      • Keliher, L.: `Refined analysis of bounds related to linear and differential cryptanalysis for the AES', Proc. 4th Conf. on The Advanced Encryption Standard (AES4), LNCS, 3373, 2005, Springer, p. 42 57.
    7. 7)
      • K. Nyberg , L. Knudsen . Provable security against a differential attack. J. Cryptol. , 1
    8. 8)
      • Vaudenay, S.: `On the security of CS-Cipher', Proc. Fast Software Encryption (FSE'99), LNCS, 1636, 1999, Springer, p. 260 274.
    9. 9)
      • Lai, X., Massey, J., Murphy, S.: `Markov ciphers and differential cryptanalysis', Proc. Advances in Cryptology EUROCRYPT'91, LNCS, 547, 1991, Springer, p. 17 38.
    10. 10)
    11. 11)
      • Keliher, L., Meijer, H., Tavares, S.: `Improving the upper bound on the maximum average linear hull probability for Rijndael', Proc. Workshop on Selected Areas in Cryptography (SAC 2001), LNCS, 2259, 2001, Springer, p. 112 128.
    12. 12)
      • Park, S., Sung, S.H., Lee, S., Lim, J.: `Improving the upper bound on the maximum differential and the maximum linear hull probability for SPN structures and AES', Proc. Fast Software Encryption (FSE 2003), LNCS, 2887, 2003, Springer, p. 247 260.
    13. 13)
      • J.-S. Kang , S. Hong , S. Lee , O. Yi , C. Park , J. Lim . Practical and provable security against differential and linear cryptanalysis for substitution-permutation networks. ETRI J. , 4
    14. 14)
      • J. Daemen , V. Rijmen . (2002) The design of Rijndael: AES the Advanced Encryption Standard.
    15. 15)
      • Park, S., Sung, S.H., Chee, S., Yoon, E.-J., Lim, J.: `On the security of Rijndael-like structures against differential and linear cryptanalysis', Proc. Advances in Cryptology (ASIACRYPT 2002), LNCS, 2501, 2002, Springer, p. 176 191.
    16. 16)
    17. 17)
      • F. Sano , K. Ohkuma , H. Shimizu , S. Kawamura . On the security of nested SPN cipher against the differential and linear cryptanalysis. IEICE Trans. Fundam. Electron. Commun. Comp. Sci. , 1
    18. 18)
      • Hong, S., Lee, S., Lim, J., Sung, J., Cheon, D.: `Provable security against differential and linear cryptanalysis for the SPN structure', Proc. Fast Software Encryption (FSE 2000), LNCS, 1978, 2001, Springer, p. 273 283.
http://iet.metastore.ingenta.com/content/journals/10.1049/iet-ifs_20060161
Loading

Related content

content/journals/10.1049/iet-ifs_20060161
pub_keyword,iet_inspecKeyword,pub_concept
6
6
Loading
Print this page
This is a required field
Please enter a valid email address