MixColumns Properties and Attacks on (round-reduced) AES with a Single Secret S-Box

In this paper, we present new key-recovery attacks on AES with a single secret S-Box. Several attacks for this model have been proposed in literature, the most recent ones at Crypto’16 and FSE’17. Both these attacks exploit a particular property of the MixColumns matrix to recover the secret-key.

[1]  Vincent Rijmen,et al.  New Insights on AES-Like SPN Ciphers , 2016, CRYPTO.

[2]  Vincent Rijmen,et al.  Linear hulls with correlation zero and linear cryptanalysis of block ciphers , 2014, Des. Codes Cryptogr..

[3]  Christian Rechberger,et al.  Subspace Trail Cryptanalysis and its Applications to AES , 2017, IACR Trans. Symmetric Cryptol..

[4]  Shi Bai,et al.  An Improved Compression Technique for Signatures Based on Learning with Errors , 2014, CT-RSA.

[5]  Stefan Kölbl,et al.  Security of the AES with a Secret S-Box , 2015, FSE.

[6]  Eli Biham,et al.  Cryptanalysis of reduced variants of RIJNDAEL , 2000 .

[7]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[8]  Lars R. Knudsen,et al.  Cryptanalysis of PRESENT-like ciphers with secret S-boxes , 2011, IACR Cryptol. ePrint Arch..

[9]  Vincent Rijmen,et al.  The Block Cipher Square , 1997, FSE.

[10]  Bart Mennink,et al.  Optimal PRFs from Blockcipher Designs , 2017, IACR Trans. Symmetric Cryptol..

[11]  Konstantinos Panagiotou,et al.  Internal DLA: Efficient Simulation of a Physical Growth Model - (Extended Abstract) , 2014, ICALP.

[12]  Vadim Lyubashevsky,et al.  Lattice Signatures Without Trapdoors , 2012, IACR Cryptol. ePrint Arch..

[13]  Alex Biryukov,et al.  Cryptographic Schemes Based on the ASASA Structure: Black-Box, White-Box, and Public-Key (Extended Abstract) , 2014, ASIACRYPT.

[14]  Mitsuru Matsui,et al.  Linear Cryptanalysis Method for DES Cipher , 1994, EUROCRYPT.

[15]  Henri Gilbert,et al.  A Chosen Plaintext Attack of the 16-round Khufu Cryptosystem , 1994, CRYPTO.

[16]  Bart Preneel,et al.  AEGIS: A Fast Authenticated Encryption Algorithm , 2013, Selected Areas in Cryptography.

[17]  Vincent Rijmen,et al.  The Design of Rijndael , 2002, Information Security and Cryptography.

[18]  Eli Biham,et al.  Differential Cryptanalysis of the Data Encryption Standard , 1993, Springer New York.

[19]  Christian Rechberger,et al.  A New Structural-Differential Property of 5-Round AES , 2017, EUROCRYPT.

[20]  Serge Vaudenay,et al.  On the Weak Keys of Blowfish , 1996, FSE.

[21]  Gregor Leander,et al.  Differential-Linear Cryptanalysis Revisited , 2014, FSE.

[22]  Alex Biryukov,et al.  Structural Cryptanalysis of SASAS , 2001, Journal of Cryptology.

[23]  Eli Biham,et al.  Cryptanalysis of Skipjack reduced to 31 rounds using impossible differentials , 1999 .

[24]  Matthew J. B. Robshaw,et al.  Small Scale Variants of the AES , 2005, FSE.