A note on an infeasible linearization of some block ciphers

Riccardo Aragona; Anna Rimoldi; Massimiliano Sala

arXiv:1511.02360·math.GR·April 26, 2019

A note on an infeasible linearization of some block ciphers

Riccardo Aragona, Anna Rimoldi, Massimiliano Sala

PDF

TL;DR

This paper demonstrates that the AES cipher cannot be linearly embedded into a small vector space, highlighting its resistance to certain linearization attacks and emphasizing its cryptographic strength.

Contribution

It proves that linear embedding of AES's round functions into small vector spaces is infeasible, providing two elementary proofs of this fact.

Findings

01

AES cannot be linearly embedded into small vector spaces

02

Embedding AES into a linear cipher requires a huge-dimensional space

03

Linearization of AES is practically infeasible

Abstract

A block cipher can be easily broken if its encryption functions can be seen as linear maps on a small vector space. Even more so, if its round functions can be seen as linear maps on a small vector space. We show that this cannot happen for the AES. More precisely, we prove that if the AES round transformations can be embedded into a linear cipher acting on a vector space, then this space is huge-dimensional and so this embedding is infeasible in practice. We present two elementary proofs.

Peer Reviews

No public reviews on file for this paper yet. If you reviewed it on a platform where reviews are public (OpenReview, ICLR, NeurIPS, ICML), you can paste yours below so the community can read it here.

Videos

No videos yet. Explain this paper in a talk, walkthrough, or lecture? Add one.