On some probabilistic approximations for AES-like s-boxes

Several recently proposed block ciphers such as AES, Camellia, Shark, Square and Hierocrypt use s-boxes that are based on the inversion mapping over GF(2n)GF(2n). In order to hide the simple algebraic structure in this mapping, an affine transformation over F2F2 is usually used after the output of the s-box. In some ciphers, an additional affine transformation is used before the input of the s-box as well. In this paper, we study the algebraic properties of a simple approximation in the form s(x)=ax-1+bs(x)=ax-1+b, a,b∈GF(2n)a,b∈GF(2n) for such s-boxes. The implication of this result on the cryptanalysis of these ciphers remains an open problem.