How to calculate the Inverse of random AES S-BOX (asuming we don't know how the S-BOX built)?

joni

4/29/23, 3:13 AM

I'm recently studying cryptography, and I have a task for collecting the s-boxes for AES, and then implementing that s-boxes for encrypting & decrypting, but most of the S-boxes I found are not including the inverse of it.

I know that most of it gives the calculation on how to construct the s-box and the inverse, but I don't think I can make it in time if I do that.

So, I wonder is any method of calculating the inverse of random AES S-BOXes?

139

0 + 0

s-boxes

aes

Daniel S

4/29/23, 7:49 AM

In python: if `S` is an ordered list of S-box entries `SInverse=[S.index(i) for i in range(256)]`

Score:2

Crypto

kelalaka

4/29/23, 7:29 PM

The SageMath has a great S-Box package that is heavily used by S-Box designers. If you are going to learn/play with S-Boxes you may benefit from this package.

With Sbox Package (Try online)

from sage.crypto.sbox import SBox

#must be power of two otherwise error
p = Permutations(range(16)).random_element()

S = SBox(p);
print("The permutation        ", S)
print("The inverse permutation", S.inverse())

SageMath currently using Python3, so one can write their version very easily either in Python or SageMath (Try online);

P = Permutations(range(16)).random_element()

print("The permutation        ", P)

InverseP=[P.index(i) for i in range(16)]
print("The inverse permutation", InverseP)

As we can see the S-Box package is much better, for example, the construction checks that the size is equal to a power of 2 or not.

Note: I've used random permutations to guarantee that the inverse exists.

As we can see from the Sbox package source

m = self.input_size()
L = [self(i) for i in range(1<<m)]
return SBox([L.index(i) for i in range(1<<m)], big_endian=self._big_endian)

SageMath converts S-Box into a List, takes the inverse on the list then constructs a S-Box on the list. As we can see the inverse - if exist - is not magic.

0 + 0

Cat Dragon

6/15/24, 6:31 AM

Hi, Can your answer in [this question](https://crypto.stackexchange.com/questions/63095/how-we-can-calculate-aes-inverse-sbox) be considered an alternative answer?

kelalaka

6/15/24, 10:42 AM

@CatDragon Sure, different questions and different approaches to the same subject.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: How to calculate the Inverse of random AES S-BOX (asuming we don't know how the S-BOX built)?

TH: จะคำนวณค่าผกผันของ AES S-BOX แบบสุ่มได้อย่างไร (โดยที่เราไม่รู้ว่า S-BOX สร้างขึ้นอย่างไร)

RO: Cum se calculează inversul AES S-BOX aleatoriu (presupunând că nu știm cum a construit S-BOX)?

RU: Как рассчитать инверсию случайного AES S-BOX (при условии, что мы не знаем, как построен S-BOX)?

VI: Làm cách nào để tính Nghịch đảo của AES S-BOX ngẫu nhiên (giả sử chúng ta không biết cách S-BOX được chế tạo)?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.