Structural Cryptanalysis of SASAS

  title={Structural Cryptanalysis of SASAS},
  author={Alex Biryukov and Adi Shamir},
In this paper we consider the security of block ciphers which contain alternate layers of invertible S-boxes and affine mappings (there are many popular cryptosystems which use this structure, including the winner of the AES competition, Rijndael). We show that a five layer scheme with 128 bit plaintexts and 8 bit S-boxes is surprisingly weak even when all the S-boxes and affine mappings are key dependent (and thus completely unknown to the attacker). We tested the attack with an actual… CONTINUE READING


Publications citing this paper.


Publications referenced by this paper.
Showing 1-4 of 4 references


V. Rijmen
Daemen, AES Proposal: Rijndael, 1st AES Conference, • 1998
View 8 Excerpts
Highly Influenced


R. Anderson, E. Biham
Knudsen, Serpent: A Proposal for the AES, 1st AES Conference, • 1998
View 2 Excerpts


J. Daemen, L. Knudsen
Rijmen, The Block Cipher Square, proceedings of FSE’97, LNCS 1267, pp.147–165, Springer-Verlag, • 1997
View 1 Excerpt

Similar Papers

Loading similar papers…