Coonnffeerreennccee
C oonn
Coom
mppuutteerr
C Teecchhnnoollooggyy
T danDeevveellooppm
D meenntt
Kata kunci: kompleksitas aljabar, ekspresi aljabar, transformasi linier, S-Box, AES.
fungsi: su …
h…c ……
th .
1. Perkenalan
Dalam [1], [8], S-Box non-linear dari Rijndael dianalisis untuk (1)
memberikan sifat kriptografi yang optimal, seperti rasio prop maksimum
…… Sebuah … t,
[9] dan korelasi input-output maksimum [9]. Namun, Rijndael S-Box
masih memiliki properti yang tidak diinginkan dengan deskripsi
……
sederhana di 2 th,at is ju 1 st the sedikit where ,
[2], [7]. Ekspresi aljabar-nya jarang dengan hanya 9 suku, yang 0,1 W
, … e denote by
mengarah ke perhatian serangan aljabar [8], [10] dan serangan Theorem 1: Given a non-singular matrix
interpolasi [13]. Oleh karena itu, ada banyak peneliti yang fokus over , :1, be a linear-transform
pada perbaikan S-Box baru-baru ini [4], [12], [13]. then:,
0,1, … , 2 (2)
Dalam makalah ini, kami akan mengusulkan cara baru untuk
merepresentasikan S-Box umum berdasarkan transformasi linier dan fungsi Proof :
non-linier yang diberikan. Dengan cara ini, kita dapat meningkatkan S-Box By Definition 1, we … have …
tentang kompleksitas ekspresi aljabar dan ukurannya. Kami juga
(3)
membuktikan bahwa S-Box yang diusulkan dalam [1], [4], [12] hanyalah kasus
khusus dari S-Box yang diusulkan.
(4)
The remainder of paper is organized as follows. In section 2,
we propose some of theory results related problems for
representing linear-transform mapping. A
997788--00--77669955--33889922--11//0099 $$2266..0000 EE
© 22000099 IIE
© EE
E 221122
DO CC CTTD
OII 1100..11110099//IIC D..22000099..223355
2 0,1, … , 1, 2 00…0. .0 1
(5)
(11)
2 …2 22
th 8,
: Fo 2 r Examp
as00l the
0 e following
0w 2 002 2 100002001
1000 2 … 22
r h,an
I,n the o 0 t,h 1 e, … 2 d, 1 ,
000 01
i 001 31 be 0 a 0 l 0 in 111
e 1 a 1 r-transform
0 2 (12)
000 1 111 0 0 0 1
1 10 0 0 0 0 12
1 0 0 01 1 ar matrix.
1 11 0 0
(7)
1 1 1 01 1 1 001 0 de i t s an upp ∏ er-triangul 1
0 111 1 1 10 0
0 0 11 1 1 10 1 0 is invertible and is an linear-transform by
0 0 1 1 1 1 Definition 1
Le,mm|a 1 [14-Theorem 2.1.1]: , 8, ct 0 ion function
/ 0 no 1 n-singular ov 1 er , , as th
: For 2 Example 0 e 0 f 0 o 0 llowing
with
| then 2 00 0 0 000 01 1 be b 0 ij 0 00
e 01
0011
1 2 0 0 0
1 … 12 0 11 0 000
000 000 1 0 1
000
22 000000001 0000 13 01 11
2 12 2 0 0 1 00 158 0 100
2 11 2
2 0 34 0 001100000
8). 3 with 10 we
8, ( 8) 00000
10000 000
000 22 00 0(
1010 15)
h|ave
C 8 o,llora|ry 1 2: In the 1 form 22 100
0 01 00 00 1873 110011001010
221133
| | (17)
2
…22
Proof :
Let be a non-singular upper … 10…0 1 (22)
triangular m … 0
…
1 …
0
0 atrix 1…over…
…
(18) 2
… …
0 0 … 1 20, (23)
0| 0 | … 2 0 1 ,1
. Indeed, 2 02…01 0 … 2
(24)
(i) |With | , we have 2, 22, 1 1, … , 2 1
1 (25)
/
0. We have 1
(19) 3. The proposal of structure of S-Box
0,1 ,
In this section, we will present a way to represent S-Box using
linear-transform and a given non-linear function. This S-Box
Let structure has good cryptographic characteristics and it will be
used to replace this classical S-Box component in AES.
/ 0…0 0,1
I n21AES,
( which
any is denoted
8-bit byte isinconsidered
hexadecimal
and by 0 11 ) inas an
processed
element in . This field is defined in terms
of the irreducible polynomial
⇒ | 1| | | 22
1 1 (21)
. The origin, al AES 0 S-Box [1] is a
2 2 2 2 combination of a powe 0 r, function 0 and an affine
surjection , where
(28)
221144
From the above description, the algebraic expression of the 1 0
original AES S-Box can be written as 0 0
follows: 48 00 00 1 00 00 00 00 0
01 00 10 00 00 00 0
(32)
0 0 00
25 5 (29)
00 00 01 0 00 0
09 05 69301 0 00 0 0 0
000 0 00 01 01 00 1
hexadecimal notation to represent the value In this case, the proposed S-Box is exactly the S- Box in
16 Please (in
note that in We
decimal). our also
paper, wethat,
know will the
usealgebraic
the original AES [1]
expression of the original AES S-Box is so simple that only 9 terms Case 2: : be a linear-transform as
are involved, while the maximum number of terms is 255. In the follows
following section, we will present an approach to can archive this 2,2,2,2,20
optimal value. 1, 32 , 6,, 122, 214,, 4182, 906, , 1092 0. By 0 The 0 ore 0 m 1, we have
221155
Ta 2 bl,e 1 2. , Th 2 eo.c,mp
AES [1] (1, 2, 4, 8, 16, 32, 64, 128) ~1/2 112 4 9 terms
Cui L S-Box [4] (31, 62, 124, 248, 241, 227, 199, 143) ~1/2 112 4 253 terms Whole
Gray S-Box [12] (1, 3, 6, 12, 24, 48, 96, 192) ~1/2 112 4 255 terms Whole
Proposed S-Box
477
056 55
[6]. Dang Hai Van, Nguyen Thanh Binh, Tran Minh Triet,
4. Conclusion Tran Ngoc Bao, Nguyen Ho Minh Duc, SSM: Scalable Substitution
Matrix Cipher, Special Issue on Theories and Applications of
In this paper, we propose a n 8 ew way to represent S- Computer Science, Journal of Science and Technology, Vietnam
Box based on linear-transform and a given non-linear function to Academy of Science and Technology, ISSN 0866 708X, Vol 46,
No5A, 2008. pp. 165-178.
increase the complexity of algebraic expression and other
cryptographic characteristics of
[7]. J. Daemen, V. Rijmen, B. Preneel, A. Bosselaers, and
the original AES S-Box ( ) , the proposed S-Box
E.D. Win, “The cipher SHARK,” FSE 1996, LNCS, vol.1039, pp.99
structure can be used to replace this classical S-Box component in – 111, 1996
AES. Furthermore, the proposed S-Box structure not only can be [8]. N. Ferguson, R. Schroeppel, and D. Whiting, “The
used as the S-Box component to increase the complexity of inverse S-box, non-linear polynomial relations and cryptanalysis
algebraic expression of AES but also used in other block cipher of block ciphers,” AES-2004,
systems such as Hill cipher [5], [14], SSM [6],... LNCS,vol.3373, pp.170–188, 2004.
[9]. J. Daemen, Cipher and hash function design strategies
based on linear and differential cryptanalysis, Ph.D. thesis,
K.U.Leuven, 1995.
5. References [10]. N.T. Courtois and J. Pieprzyk, “Cryptanalysis of block
ciphers with overdefined systems of equations,” ASIACRYPT
[1]. J. Daemen and V. Rijmen. AES proposal: Rijndael. AES 2002, LNCS, vol.2501, pp.267–287, 2002. [11]. T. Jakobsen and
algorithm submission, 1999. L.R. Knudsen, “The interpolation
[2]. S. Murphy and M. J. Robshaw. Essential algebraic attack on block ciphers,” Fast Software Encryption, LNCS, vol.1267,
structure within the AES. In Crypto’02, LNCS 2442, pp. 1–16, 2002 pp.28–40, Springer-Verlag, 1997.
[12]. M.T. Tran, D.K. Bui, and A.D. Duong, “Gray sbox for
[3]. J. Rosenthal. A polynomial description of the Rijndael advanced encryption standard,” 2008 International Conference on
Advanced Encryption Standard. Journal of Algebra and its Applications, Computational Intelligence and Security (CIS’08), 2008
2(2):223–236, 2003
[4]. L. Cui and Y. Cao. A new S-box structure named Affine- [13]. J. Liu, B. Wai, X. Cheng, and X. Wang. An AES S-box
Power-Affine. International Journal of Innovative Computing, to increase complexity and cryptographic analysis. In Proceedings
Information and Control, 3(3), 2007 of the 19th International Conference on Advanced Information
[5]. Bao Ngoc Tran, “On Generating Key-matrix for Matrix Networking and Applications (AINA’05) Volume 1, pages 724–728,
Cipher and Applications”, Proceeding of Addendum Contributions to 2005
the 2008 IEEE International Conference on Research, Innovation & [14]. Jeffrey Overbey, William Traves, and Jerzy Wojdylo,
Vision for the Future (RIVF “On the Keyspace of the Hill Cipher”,
2008), Ho Chi Minh City, Vietnam, July 13-17, 2008, pp. 196-199. Cryptologia. 29:1 (2005): 59-72.
221166