By Carlos Cid

The Belgian block cipher Rijndael was once selected in 2000 through the U.S. governments nationwide Institute of criteria and know-how (NIST) to be the successor to the knowledge Encryption commonplace. Rijndael used to be for that reason standardized because the complex Encryption usual (AES), that is in all likelihood the worlds most vital block cipher. In 2002, a few new analytical options have been recommended that could have a dramatic influence at the safety of the AES. latest analytical concepts for block ciphers count seriously on a statistical method, while those new ideas are algebraic in nature.

Thus the polynomial a;'' — x has all g" elements of K as a root. The field K = GF((/"') is known as the splitting field of the polynomial a;*^ —x. This polynomial can be used to obtain all irreducible polynomials over F with the required degree. 62 Let F be a finite field of order q. Then the polynomial x ' — a; £ F[a;] is the product of all monic irreducible polynomials in F[a;] whose degree divides n. The number of irreducible polynomials in F[a;] of degree n is given by i^Mdk^, n d\n where /i is the Mohius function, defined by /i(l) = 1, ^{n) = (—l)*^ if n is the product of k distinct primes, and 0 otherwise.

37). T h e main relevance of Grobner bases to cryptology is the problem of solving polynomial equation systems. If we have such a system fi{xi,.. ,Xn) = 0 , . . , / m ( a ; i , . . , a : „ ) = 0, then we can find its solution set by computing the Grobner basis for the ideal / = ( / i , . . , fm) and computing the associated variety V ( / ) . The Grobner basis of / provides implicit solutions to the equation system over the algebraic closure of the field F. A particularly useful monomial ordering for finding solutions to this polynomial equation system in F is the lex ordering, which is an example of an elimination ordering.

A „ ) e P G ( n , F ) }. The subset U can be identified with the affine space F " by using the mapping ( a o , a i , . . , — \ao ao Furthermore, the subset H can be identified with the projective space P G ( n — 1, F) by using the mapping (0, a i , . . , a„) i-^ ( a i , . . , a„)- Thus the projective space P G ( n , F ) can be partitioned into an affinc space U and a projective space H of smaller dimension. The projective part H is known as the hyperplane at infinity of P G ( n , F ) . Given a projective variety W € P G ( n , F ) , the set V = W H U can be considered as an affine variety of F " and is called the affine portion of W.

### Algebraic Aspects of the Advanced Encryption Standard by Carlos Cid

