AES design - can you help me to understand

Hello

I have been reading this article to learn more about modern cipher design
decisions
http://www.iaik.tugraz.at/aboutus/people/rijmen/ima.pdf
Is what follows a generally correct understanding.
If not please correct me on the main principles involved in
the key-alternating cipher design decision.
Excuse the language that follows.
I am just trying to get the basic idea of the "key-alternating" decision.


Here we go:
DES uses a key dependant transformation in every round?

AES uses a scrambling scheme that alternates between:
[1] The use of a transformation that does not interact with "additional" key
material
[2] Followed by another scrambling operation that does interact with key
dependant information.


Just for discussion, so I can understand:
If one ran DES and AES for and equal number of rounds - say 10:
DES outputs see an "image" of the key 10 times?
AES outputs see an "image" of the key material 5 times?

Suggesting, (keeping all of the other complexities constant)
that DES outputs have a higher probability of leaking
information about the key into the outputs than AES does?
I mean the key material is being used directly and more frequently in DES?

Let's say for argument only, that DES does leak a bit of information about
the
key into its outputs. Then, it seems to follow that AES should leak less key
information, for the same number of rounds, into AES outputs, all other
factors being equal?


PS.
It would be nice [for those deficient with the "notation"]
if someone could demo the ideas from section 3.4
with example data so that the operations specified
therein can be better understood and made concrete?

I thank you for your time.


.

Relevant Pages

  • Re: DMSII Encryption - does it exist?
    ... encryption and is easy to implement. ... I was unaware of TEA, so thanks for pointing it out. ... Isn't there an implementation of DES that is used for the ... There are several public domain implementations of AES (the DES ...
    (comp.sys.unisys)
  • Re: AES design - can you help me to understand
    ... I may have incorrectly assumed that the first was the strategy used in AES? ... And this one may be a key dependant scrambling round similar ... Both AES and DES take your secret key and stretch it with a key ... If you really want to compare DES to another cipher compare it to CAST5 ...
    (sci.crypt)
  • Re: 256-bit Camellia vs 256-bit AES - Which is better?
    ... I was mentioning Fiestel Network in general. ... The comment wasn't implied directly on AES and/or DES specifically. ... As such I would still maintain that the essence of Fiestel remains in its simplicity of Encryption and Decryption process which are reversal of the process itself. ...
    (Security-Basics)
  • Re: Symmetric encryption: why not use private keys?
    ... There's no danger on that front unless a severe defect is found in AES. ... DES went from becoming the official ... be a century before Moore's Law puts you in any danger. ... IDEA, AES, and other recent ciphers do not suffer ...
    (sci.crypt)
  • Re: Five ciphers, in series?
    ... >> The weakness of DES was the short key, which many worried about when DES ... not a flaw in the cipher design. ... agree that brute force remains the only practical ... Greg Rose ...
    (sci.crypt)