For the block cipher RIJNDAEL with a block length of 128 bits group theoretic properties of the round functions are derived. Especially it is shown that these round functions generate the alternating group.The notation of the RIJNDAEL round function components will be similar to the RIJNDAEL definition given in [1]. One exception will be that the states are not given in a matrix form. They are given as 128-bit-or 16-byte-vectors, where the correspondence to the matrices in [1] is defined row by row from left to right. The round functions R k are defined by ∀k ∈ {0, 1} 128 ∀x ∈ {0, 1} 128 : R k (x) := k ⊕ mc(rs(s(x))), J. Daemen and V.
We provide conditions for which the round functions of an -bit Rijndael-like block cipher generate the alternating group on the set {0, 1} . These conditions show that the class of Rijndael-like ciphers whose round functions generate the alternating group on their message space is large, and includes both the actual Rijndael and the block cipher used by the compression function of the WHIRLPOOL hash function. The result indicates that there is no trapdoor design for a Rijndael-like cipher based on the imprimitivity of the group action of its proper round functions which is difficult to detect.
SIT Gesellschaft fiir S ysteme der Informationstechnik mbH 0-1252 Griinheide (Mark), Germany Charlottenside 7 Abstract; hi c a d of thc 16 DES rounds we have a permutation of @-bitblocks. According to the corresponding key-block there are 248 possible permutations per round. In this paper we will prove that these permutations generate the alternating group. The main parts of the paper are the proof that the generated group is 3-transitive, and the application of a result from p. J. Cameron based on the classification of finite simple groups. A corollary concerning n-round functions generalizes the result
Abstract.While it is known previously that the cycle lengths of individual components of the AES round function are very small, we demonstrate here that the cycle length of the S-box combined with the ShiftRow and MixColumn transformation is at least 10205 . This result is obtained by providing new invariances of the complete AES round function without the key addition. Furthermore, we consider self-duality properties of the AES round function and derive a property analogous to the complementation property of the DES round function. These results confirm the assessments given in other publications that the AES components have several unexpected structural properties.
This paper includes some relalions between differential cryptanalysis and group theory. The main result is the following: If the one-round functions of :UI r-round iterated, cipher generate the rdternating or the symmetric group, then for all corresponding Markov ciphers the chains of differences are irreducible and aperiodic. As an application it will be shown that if the hypothesis of stochastic equivalence holds for any of these corresponding Uvkov ciphers, then the DES and the IDEA(32) 'we secure against a differential cryptanalysis attack after sufficiently m,my rounds for these Mmkov ciphers. The section about IDEA(32) includes the result that the one-round functions of this algorithm generate the altemqting group.The theoretic foundations in group theory and Markov chains are described for instance in [Wie 641 and [Fel 581.
Properties of Markov Chains and Markov CiphersLet us recall some definitions and properties of Markov chains. The definitions follow the notations of [LMM 911. In this section we will briefly review parts of this paper.A sequence of discrete random variables vo,vl ,. .., v, is a Markov chain if for 0 I i < r (where r = -is allowed):A Markov chain is called homogeneous if P ( V~+~ = PI vi = a) is independent of i for all pairs (a$).Let I 7 = ipu[ denote the transition probability matrix of a finite homogeneous Markov chain with M states and p;i the transition probabilities.
We show that the round functions of the KASUMI block cipher for odd and even round type generate the alternating group on the message space. Moreover, under the assumption of independent round keys, we prove that also the KASUMI two-round functions and the KASUMI encryption functions generate the alternating group.
To cite this article: Ralph Wernsdorf (1984) On the connectedness of the set of efficient points n convex optimization problems with multiple or random Objectives, Mathematische Operationsforschung und Statistik. Series Optimization, 15:3, 379-387,
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.