Rijndael for AES Vincent Rijmen Joan Daemen COSIC Proton World - - PDF document

rijndael for aes
SMART_READER_LITE
LIVE PREVIEW

Rijndael for AES Vincent Rijmen Joan Daemen COSIC Proton World - - PDF document

Jan 20, 2024 466 likes •517 views

Rijndael for AES Vincent Rijmen Joan Daemen COSIC Proton World Security Intrinsic security: no algorithm has been broken Implementation attacks (e.g., DPA): Table-lookup and XOR operations only Rijndael lends itself to secure

slide-1
SLIDE 1

1

Rijndael for AES

Joan Daemen Proton World

Vincent Rijmen COSIC

Thursday, April 20, 2000 3rd AES workshop 2

Security

Intrinsic security: no algorithm has been

broken

Implementation attacks (e.g., DPA):

Table-lookup and XOR operations only Rijndael lends itself to secure implementations

  • n smart cards
slide-2
SLIDE 2

2

Thursday, April 20, 2000 3rd AES workshop 3

Relative efficiency

# blocks MARS RC6 Serpent Twofish Pentium Many

13 9 38 12

4

28 15 33 27

1

46 22 36 25

6805 Many

30 28 110 23

4

52 45 107 23

1

114 91 100 22

“Equivalent number of Rijndael rounds”

Thursday, April 20, 2000 3rd AES workshop 4

Design Philosophy

Simplicity Symmetry Parallelism Mutual independence of components

impact of replacing a component on security

analysis is limited

Rijndael is easily extendible

block length, key length, number of rounds

slide-3
SLIDE 3

3

Thursday, April 20, 2000 3rd AES workshop 5

Speed on unknown platforms

“Unknown platforms”:

parallel processors, vulnerable platforms, high key agility

No arithmetical operations No data-dependent rotations Light key schedule

Thursday, April 20, 2000 3rd AES workshop 6

Conclusions

In the many surveys, Rijndael comes out

sometimes ahead of the pack

  • ften among the best

NEVER problematic

VERSATILITY makes Rijndael best candidate