BKDRJNDL.RVW 20091129 "The Design of Rijndael", Joan Daemen/Vincent Rijmen, 2002, 3-540-42580-2 %A Joan Daemen %A Vincent Rijmen %C 233 Spring St., New York, NY 10013 %D 2002 %G 3-540-42580-2 %I Springer-Verlag %O 212-460-1500 800-777-4643 service-ny@springer-sbm.com %O http://www.amazon.com/exec/obidos/ASIN/3540425802/robsladesinterne http://www.amazon.co.uk/exec/obidos/ASIN/3540425802/robsladesinte-21 %O http://www.amazon.ca/exec/obidos/ASIN/3540425802/robsladesin03-20 %O Audience s- Tech 3 Writing 1 (see revfaq.htm for explanation) %P 238 p. %T "The Design of Rijndael: AES - The Advanced Encryption Standard" This book, written by the authors of the Rijndael encryption algorithm, (the engine underlying the Advanced Encryption Standard) explains how Rijndael works, discusses some implementation factors, and presents the approach to its design. Daemen and Rijmen note the linear and differential cryptanalytic attacks to which DES (the Data Encryption Standard) was subject, the design strategy that resulted from their analysis, the possibilities of reduce round attacks, and the details of related ciphers. Chapter one is a history of the AES assessment and decision process. It is interesting to note the requirements specified, particularly the fact that AES was intended to protect "sensitive but unclassified" material. Background in regard to mathematical and block cipher concepts is given in chapter two. The specifications of Rijndael sub- functions and rounds are detailed in chapter three. Chapter four notes implementation considerations in small platforms and dedicated hardware. The design philosophy underlying the work is outlined in chapter five: much of it concentrates on simplicity and symmetry. Differential and linear cryptanalysis mounted against DES is examined in chapter six. Chapter seven reviews the use of correlation matrices in cryptanalysis. If differences between pairs of plaintext can be calculated as they propagate through the boolean functions used for intermediate and resultant ciphertext, then chapter eight shows how this can be used as the basis of differential cryptanalysis. Using the concepts from these two chapters, chapter nine examines how the wide trail design diffuses cipher operations and data to prevent strong linear correlations or differential propagation. There is also formal proof of Rijndael's resistant construction. Chapter ten looks at a number of cryptanalytic attacks and problems (including the infamous weak and semi-weak keys of DES) and notes the protections provided in the design of Rijndael. Cryptographic algorithms that made a contribution to, or are descended from, Rijndael are described in chapter eleven. This book is intended for serious students of cryptographic algorithm design: it is highly demanding text, and requires a background in the formal study of number theory and logic. Given that, it does provide some fascinating examination of both the advanced cryptanalytic attacks, and the design of algorithms to resist them. copyright Robert M. Slade, 2009 BKDRJNDL.RVW 20091129