Block Ciphers and Systems of Quadratic Equations

  • Alex Biryukov
  • Christophe De Cannière
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2887)


In this paper we compare systems of multivariate polynomials, which completely define the block ciphers Khazad, Misty1, Kasumi, Camellia, Rijndael and Serpent in the view of a potential danger of an algebraic re-linearization attack.


Block ciphers multivariate quadratic equations linearization Khazad Misty Camellia Rijndael Serpent 


  1. 1.
    Anderson, R., Biham, E., Knudsen, L.: Serpent: A proposal for the advanced encryption standard, Available from
  2. 2.
    Aoki, K., Ichikawa, T., Kanda, M., Matsui, M., Moriai, S., Nakajima, J., Tokita, T.: Camellia: A 128-bit block cipher suitable for multiple platforms. Submission to NESSIE (September 2000), Available from
  3. 3.
    Barreto, P., Rijmen, V.: The KHAZAD legacy-level block cipher. Submission to NESSIE (September 2000), Available from
  4. 4.
    Courtois, N., Klimov, A., Patarin, J., Shamir, A.: Efficient algorithms for solving overdefined systems of multivariate polynomial equations. In: Preneel, B. (ed.) EUROCRYPT 2000. LNCS, vol. 1807, pp. 392–407. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  5. 5.
    Courtois, N., Pieprzyk, J.: Cryptanalysis of block ciphers with overdefined systems of equations. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 267–287. Springer, Heidelberg (2002), Earlier version available from CrossRefGoogle Scholar
  6. 6.
    Daemen, J., Rijmen, V.: AES proposal: Rijndael. Selected as the Advanced Encryption Standard, Available from
  7. 7.
    Murphy, S., Robshaw, M.: Essential algebraic structure within the AES. In: Yung, M. (ed.) CRYPTO 2002. LNCS, vol. 2442, pp. 17–38. Springer, Heidelberg (2002) NES/DOC/RHU/WP5/022/1CrossRefGoogle Scholar
  8. 8.
    Shamir, A., Kipnis, A.: Cryptanalysis of the HFE public key cryptosystem. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 19–30. Springer, Heidelberg (1999)Google Scholar
  9. 9.
    Takeda, E.: ”Misty1”. Submission to NESSIE (September 2000), Available from
  10. 10.
    Third Generation Partnership Project, 3GPP KASUMI evaluation report, tech. rep., Security Algorithms Group of Experts, SAGE (2001), Available from

Copyright information

© Springer-Verlag Berlin Heidelberg 2003

Authors and Affiliations

  • Alex Biryukov
    • 1
  • Christophe De Cannière
    • 1
  1. 1.Dept. ESAT/SCD-COSICKatholieke Universiteit LeuvenLeuven-HeverleeBelgium

Personalised recommendations