AES-Like Ciphers: Are Special S-Boxes Better Then Random Ones? (Virtual Isomorphisms Again)

Provided by: International Association for Cryptologic Research
Topic: Security
Format: PDF
In method of virtual isomorphisms of ciphers was applied for differential/linear cryptanalysis of AES. It was shown that AES seems to be weak against those attacks. That result can be generalized to AES-like ciphers, which diffusion map is a block matrix, and its block size is the same as the S-box size. S-box is possibly weak if it is affine equivalent to a substitution that has the same cycling type as an affine substitution. Class of possibly weak S-boxes is very large; the users do not know is there an S-box that is not possibly weak.

Find By Topic