Abstract:
Nonlinear invariants of round transformations in XSL-schemes are studied. The emphasis is on invariants which may be found by means of the approach suggested at the conference ASIACRYPT 2016. Some known results on the inertia groups of decomposable functions are used to describe conditions on S-boxes and matrices of XSL-schemes which are necessary for the existence of such invariants. It is shown that for a number of schemes these conditions are not satisfied.
Keywords:nonlinear invariant attack, block ciphers, “Kuznyechik”, AES, function decomposition.