Re: commutative property of algorithms



@Scott Fluhrer

WTShaw might not have intended to ask about permutation cycles; however,
that does appear to be the answer to his question.  When he says "repeatedly
encrypting with it while moving output bits to input bits", it sounds like
he is talking about the sequence X, E(X), E(E(X)), ..., E^n(X)

When he then ask whether "you pass through all combinations of data", it
sounds like whether, for a fixed key and X, whether all possible 2^128
values can be represented by E^n(X), for some n.  This is precisely the
single-cycle permuation criteria.

And, as AES is known not to be a single cycle permutation for any key, we
know that the answer to his question is "No".
You appear to be correct about whether WTShaw was talking about
permutation cycles. However I cannot understand your argument for why
AES can never be a single cycle for any key. I suppose I will have to
read more about permutation parity...do you have any suggestions?
.



Relevant Pages

  • Re: AES 256 key and anti-key
    ... I don't know how to tell if something like AES is designed in a way ... For any actually file regardless of length not sure how many keys ... only allowing a single cycle is also bad for the way its used.. ... key is supposed to select a block permutation pseudo-randomly. ...
    (sci.crypt)
  • Re: AES 256 key and anti-key
    ... For any actually file regardless of length not sure how many keys ... only allowing a single cycle is also bad for the way its used.. ... have there characteristics I don;t know how you know that AES has ... key is supposed to select a block permutation pseudo-randomly. ...
    (sci.crypt)
  • Re: commutative property of algorithms
    ... ciphers and OTP forming a group. ... permutation wouldn't, in general, and AES seems to ... is because AES always implements an even permutation, ... That also answers the question about changing the sboxes: ...
    (sci.crypt)
  • Re: commutative property of algorithms
    ... Stream cyphers often are commutative, ... Concerning AES, for example since I am somewhat rusty on it these ... permutation wouldn't, in general, and AES seems to ...
    (sci.crypt)
  • Re: AES 256 key and anti-key
    ... assume is a weak cipher in this case 2 values go to same permutation ... test to find a key that has the correct permutation is a break. ... the selection wouldn't be truely random. ... Are they single cycle or what is the cycle structure of the ...
    (sci.crypt)