What mode in EVP for AES-128 should I use for cryptanalysis of AES?

Luce

3/3/24, 5:16 PM

I've been trying to use AES from OpenSSL and got to know that I need to use the EVP-based implementations rather than the AES_*.

I need to use AES-128 implementation to generate bitstreams, essentially passing various keys, and plaintexts to analyze the ciphertext generated for cryptanalysis of the algorithm. I went through the Question, How do I decide what mode to use? which linked to the NIST documentation and an answer. I unfortunately am unable to decide on what implementation would be good for me to use.

I will be using plaintexts of the order of 2^14- 2^16 bits. I wish to know what would be the best implementation to use.

(TLDR: Need to use AES-128 implementations for cryptanalysis for academia, not sure which implementation from EVP_AES to use, will be using large plain texts)

0 + 8

aes

block-cipher

modes-of-operation

user253751

3/3/24, 7:05 PM

well what are you trying to analyze?

Luce

3/3/24, 9:20 PM

@user253751 the pattern of the ensuing bitstream, its linear complexity, and doing further analysis

Maarten Bodewes

3/3/24, 9:33 PM

Ensuing bit stream using what? AES is a block cipher. There are things like Monte Carlo tests but I wonder [how useful those would be](https://crypto.stackexchange.com/questions/68680/whats-the-reason-for-monte-carlo-tests-for-block-ciphers). [Linear complexity](https://en.wikipedia.org/wiki/Linear_cryptanalysis) is a property of the mathematical definition of a block cipher, you don't need any implementation for that. That leaves "further analysis". I would propose you do that after gaining some more understanding about how block ciphers operate.

Maarten Bodewes

3/3/24, 9:36 PM

By the way, no idea why you have a specific set of plaintext, but I wonder why you would not just write 2 KiB to 8 KiB.

Luce

3/3/24, 9:43 PM

Since I am working with 128-bit keys, I want to use plaintext of the order of 4n^2 ideally, which amounts to 2^16 bits. As for "further analysis" I wish to compute the Maximal Order Complexity, the end goal is to check how vulnerability in the keys and the plaintext used affect the weakness of the ciphertext. I shall read through the posts about the Monte Carlo tests linked.

Maarten Bodewes

3/4/24, 2:23 AM

AES is considered secure. You won't get any results. If you want to start anywhere, you probably want to use a reduced round version. For that you need the source code, not any high level function.

Luce

3/5/24, 1:54 PM

Thank you, I will look into it,

user253751

3/6/24, 11:47 AM

@Luce AES is a block cipher. To encrypt a bitstream with a block cipher, you use a mode. If you are talking about streams this implies you have already chosen some specific mode. AES encrypts blocks; AES-CBC (for example) encrypts streams. (And then you also need a padding scheme in order to round up the stream length so it's a multiple of the block size.)

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: What mode in EVP for AES-128 should I use for cryptanalysis of AES?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.