Results 1 
6 of
6
Refined analysis of bounds related to linear and differential cryptanalysis for the AES
 Fourth Conference on the Advanced Encryption Standard  AES4, volume 3373 of LNCS
, 2005
"... Abstract. The best upper bounds on the maximum expected linear probability (MELP) and the maximum expected differential probability (MEDP) for the AES, due to Park et al. [23], are 1.075 × 2 −106 and 1.144 × 2 −111, respectively, for T ≥ 4 rounds. These values are simply the 4 th powers of the best ..."
Abstract

Cited by 5 (1 self)
 Add to MetaCart
Abstract. The best upper bounds on the maximum expected linear probability (MELP) and the maximum expected differential probability (MEDP) for the AES, due to Park et al. [23], are 1.075 × 2 −106 and 1.144 × 2 −111, respectively, for T ≥ 4 rounds. These values are simply the 4 th powers of the best upper bounds on the MELP and MEDP for T = 2 [3, 23]. In our analysis we first derive nontrivial lower bounds on the 2round MELP and MEDP, thereby trapping each value in a small interval; this demonstrates that the best 2round upper bounds are quite good. We then prove that these same 2round upper bounds are not tight—and therefore neither are the corresponding upper bounds for T ≥ 4. Finally, we show how a modified version of the KMT2 algorithm (or its dual, KMT2DC), due to Keliher et al. (see [8]), can potentially improve any existing upper bound on the MELP (or MEDP) for any SPN. We use the modified version of KMT2 to improve the upper bound on the AES MELP to 1.778 × 2 −107, for T ≥ 8.
Completion of computation of improved upper bound on the maximum average linear hull probability for Rijndael
 Technical Report, IACR ePrint Archive (http://eprint.iacr.org, Paper # 2004/074
"... ..."
Toward Provable Security Against Differential and Linear Cryptanalysis for Camellia and Related Ciphers
, 2007
"... We present a new algorithm that evaluates provable security against differential and linear cryptanalysis for Feistel ciphers with invertible substitutiondiffusion (SD)based round functions. This algorithm computes an upper bound on the maximum expected differential or linear probability (MEDP or ..."
Abstract

Cited by 1 (0 self)
 Add to MetaCart
We present a new algorithm that evaluates provable security against differential and linear cryptanalysis for Feistel ciphers with invertible substitutiondiffusion (SD)based round functions. This algorithm computes an upper bound on the maximum expected differential or linear probability (MEDP or MELP) based on the number of rounds. We then apply our algorithm to Camellia (minus FL/FL −1). Previously, the best upper bounds for Camellia were 2 −12 (both MEDP and MELP) for 3+ rounds. Our algorithm improves these bounds to 1.065 × 2 −28 (MEDP) and 1.161 × 2 −27 (MELP) for 6+ rounds. This is a first step toward establishing the provable security of Camellia and related ciphers against differential and linear cryptanalysis.
DIFFERENTIAL CRYPTANALYSIS FOR A 3ROUND SPN
"... SPNs (Substitution Permutation Networks) are one of the important architectures used for designing block ciphers. In our study, we applied differential cryptanalysis method for a 3round SPN. We have used a 16bit input as plaintext and 16bit output as ciphertext and chosen the first row of the thi ..."
Abstract
 Add to MetaCart
SPNs (Substitution Permutation Networks) are one of the important architectures used for designing block ciphers. In our study, we applied differential cryptanalysis method for a 3round SPN. We have used a 16bit input as plaintext and 16bit output as ciphertext and chosen the first row of the third Sbox of DES (Data Encryption Standard) for the necessary Sbox and ShiftRows transformation which is used to permute bytes in AES (Advanced Encryption Standard) for permutation of bits for our SPN. As a result, we have obtained 12bit key of 16bit key from the last round of the cipher using differential cryptanalysis method. I.
Novel Memory Efficient Key Expansion Inversion Technique for Cryptography Applications using Extended Hamming Code
"... Abstract—This paper describes about novel key expansion and its inversion technique for private key cryptosystems. Our design uses (8, 4) Extended Hamming Code and its error control logic to produce memory efficient key schedule generation algorithm. A mathematical relationship between 4bit word and ..."
Abstract
 Add to MetaCart
Abstract—This paper describes about novel key expansion and its inversion technique for private key cryptosystems. Our design uses (8, 4) Extended Hamming Code and its error control logic to produce memory efficient key schedule generation algorithm. A mathematical relationship between 4bit word and its corresponding 4bit parity bits is shown. Simplicity, symmetry elimination, diffusion and nonlinearity of the proposed key expansion technique are described as the key schedule generation criteria. Proposed method removes the usage of Sbox to reduce the working memory of the algorithm. High nonlinearity penetration of original input message bits is achieved by applying modulo2 addition of code based key schedules for each round transformations. Security strength among these key schedules is achieved by intentional bit inversions among them with beyond the error correcting limitations of chosen code. Comparative results between proposed design and Rijndael algorithm is illustrated with the aid of Xilinx Simulation tool. This paper concludes that novel key generation technique by Error Control Algorithm of wireless communication channel is an alternative solution to the cryptosystems without Sbox substitution and any lookup tables.
KeyDependent SBox Generation in AES Block Cipher System
, 2008
"... Abstract. Advanced Encryption Standard (AES) block cipher system is widely used in cryptographic applications. A nonlinear substitution operation is the main factor of the AES cipher system strength. The purpose of the proposed approach is to generate the random Sboxes changing for every change o ..."
Abstract
 Add to MetaCart
Abstract. Advanced Encryption Standard (AES) block cipher system is widely used in cryptographic applications. A nonlinear substitution operation is the main factor of the AES cipher system strength. The purpose of the proposed approach is to generate the random Sboxes changing for every change of the secret key. The fact that the Sboxes are randomly keydependent and unknown is the main strength of the new approach, since both linear and differential cryptanalysis require known Sboxes. In the paper, we briefly analyze the AES algorithm, substitution Sboxes, linear and differential cryptanalysis, and describe a randomly keydependent Sbox and inverse Sbox generation algorithm. After that, we introduce the independency measure of the Sbox elements, and experimentally investigate the quality of the generated Sboxes.