#### Year

2004

#### Degree Name

Doctor of Philosophy (PhD)

#### Department

School of Information Technology and Computer Science - Faculty of Informatics

#### Recommended Citation

Song, Beomsik, Observations on the cryptologic properties of the AES algorithm, PhD thesis, School of Information Technology and Computer Science, University of Wollongong, 2004. http://ro.uow.edu.au/theses/176

#### Abstract

The AES algorithm is a symmetric block cipher, which will replace DES for the next few decades. This cipher has been reputed to be secure against conventional cryptanalytic methods, such as DC (Differential Cryptanalysis) and LC (Linear Cryptanalysis), but the simple algebraic structure of the cipher has led to some commentators' concerns about its security. The purpose of this study is to observe the cryptologic properties of the AES algorithm from a new point of view, and to examine the security of this cipher on the basis of these observations. Some well-known research studies on the security of the AES algorithm are reviewed first, classified into four categories. We then discuss the cyclic properties and consistent differential patterns of this cipher using our own observations, which have been introduced in [7, 8, 9]. In terms of the cyclic properties of the AES algorithm, we have observed that every function used in the AES algorithm has a very short period, and that each layer has a short period as well. But we note that although the maximal periods of both the non-linear layer and the linear layer are short, the maximal period is dramatically increased when these two layers are combined. However, more importantly, we have observed that the AES algorithm still has a very unusual cyclic property for certain types of input blocks even in the combined layer, so that input blocks having short periods have simple hidden algebraic relations with their corresponding output blocks. In conjunction with the consistent differential patterns of the AES algorithm, we note that the AES structure is very well designed to be secure against DC and LC, as has previously been known. But we have also observed that it leads to some consistent differential patterns after certain rounds, which can be used for its cryptanalysis.