Three different versions of the Advanced Encryption Standard (AES) have been standardized, which use keys of bit length 128, 192, and 256 respectively. They also use different numbers of rounds: 10, 12, and 14 rounds respectively. But my understanding is that the three versions of AES are otherwise extremely similar.
- How much additional information would need to be specified in order to create a new version of AES with a different key length? Do the key length and the number of rounds pretty much nail down the whole algorithm in sufficient detail that you can just say "Okay, my new version of AES has key length 64 bits and you use 8 rounds", and it's obvious how to fill in the rest of the details? Or do you need to do a lot more work? (I know that Rijndael also allows key sizes 160 and 224 bits, but I'm wondering about going beyond those bounds.)
- Would such a new version of AES require extensive new cryptanalysis, or would it just be a simple matter of plugging the new bit length and number of rounds into already-known formulas in order to estimate the hardness of decryption?
I know that there are more version-specific details beyond just the bit length and the number of rounds, such as the key schedule, but I'm not familiar with what those details are.