AES密码算法S盒的线性冗余研究

Research on the Linear Redundancy in the AES S Box

本文借助有限域上的迹变换,证明了有限域GF(2n)上的幂双射xk的坐标函数的非零线性组合都线性等价,且等价变换共有2n-1个;证明了AES算法的S盒的坐标函数的非零线性组合都线性等价,且在添加0元后,本文构造的坐标函数的给定线性组合到其它线性组合的等价变换全体构成{0,1}n同构的群.本文还给出了AES算法的S盒的最低坐标函数到其它坐标函数的等价变换,它们构成了等价变换群的一组基.本文还证明了Fuller J和Millan W构造的等价变换之和都不再是坐标函数的线性组合之间的等价变换.

It's proved that the nonzero linear combinations of the coordinates ( NLCC for short) of a bijective monomial in a finite field of characteristic two are linearly equivalent, and the number of equivalent transformations is equal to the number of nonzero elements in the finite field. It's prove that the NLCCs of S-boxes of AES are linear equivalent, and the group formed by the zero transformation and all transformations constructed in this paper for equivalence of a given NLCC to NLCCs under the pointvrise addition of transformations is isomorphic to additive group of the finite field.The equivalent transformations of the least significant coordinate to 8 coordinates are given,which is a base of this group. It's proved also that the sum of equivalent transformations of coordinates constructed by Fuller J and Millan W is not an equivalent transformation of two NLCCs of S-boxes of AES.