AES design - can you help me to understand

Hello

I have been reading this article to learn more about modern cipher design
decisions
http://www.iaik.tugraz.at/aboutus/people/rijmen/ima.pdf
Is what follows a generally correct understanding.
If not please correct me on the main principles involved in
the key-alternating cipher design decision.
Excuse the language that follows.
I am just trying to get the basic idea of the "key-alternating" decision.


Here we go:
DES uses a key dependant transformation in every round?

AES uses a scrambling scheme that alternates between:
[1] The use of a transformation that does not interact with "additional" key
material
[2] Followed by another scrambling operation that does interact with key
dependant information.


Just for discussion, so I can understand:
If one ran DES and AES for and equal number of rounds - say 10:
DES outputs see an "image" of the key 10 times?
AES outputs see an "image" of the key material 5 times?

Suggesting, (keeping all of the other complexities constant)
that DES outputs have a higher probability of leaking
information about the key into the outputs than AES does?
I mean the key material is being used directly and more frequently in DES?

Let's say for argument only, that DES does leak a bit of information about
the
key into its outputs. Then, it seems to follow that AES should leak less key
information, for the same number of rounds, into AES outputs, all other
factors being equal?


PS.
It would be nice [for those deficient with the "notation"]
if someone could demo the ideas from section 3.4
with example data so that the operations specified
therein can be better understood and made concrete?

I thank you for your time.


.

Relevant Pages

  • Re: DMSII Encryption - does it exist?
    ... encryption and is easy to implement. ... I was unaware of TEA, so thanks for pointing it out. ... Isn't there an implementation of DES that is used for the ... There are several public domain implementations of AES (the DES ...
    (comp.sys.unisys)
  • Re: AES design - can you help me to understand
    ... I may have incorrectly assumed that the first was the strategy used in AES? ... And this one may be a key dependant scrambling round similar ... Both AES and DES take your secret key and stretch it with a key ... If you really want to compare DES to another cipher compare it to CAST5 ...
    (sci.crypt)
  • Re: Symmetric encryption: why not use private keys?
    ... There's no danger on that front unless a severe defect is found in AES. ... DES went from becoming the official ... be a century before Moore's Law puts you in any danger. ... IDEA, AES, and other recent ciphers do not suffer ...
    (sci.crypt)
  • Re: Does "bitslice AES" make sense?
    ... > In some applications (e.g ECB mode, key search), a software ... > implementation of DES does benefit from the bitslice ... > I wonder if the same technique is beneficial in the case of AES ... which is compatible with bitslice). ...
    (sci.crypt)
  • RE: The ultimate TOE design
    ... >> expectation) will demolish dreams of a lot of these TOE investments. ... time in us spend by hw crypto, forth - time in us spent by sw crypto: ... des 128: 29 6 ... aes 64: 28 2 ...
    (Linux-Kernel)