More Web Proxy on the site http://driver.im/

article

Improved Single-Key Attacks on 8-Round AES-192 and AES-256

Authors:

Adi ShamirAuthors Info & Claims

Journal of Cryptology, Volume 28, Issue 3

Pages 397 - 422

https://doi.org/10.1007/s00145-013-9159-4

Published: 01 July 2015 Publication History

Abstract

AES is the most widely used block cipher today, and its security is one of the most important issues in cryptanalysis. After 13 years of analysis, related-key attacks were recently found against two of its flavors (AES-192 and AES-256). However, such a strong type of attack is not universally accepted as a valid attack model, and in the more standard single-key attack model at most 8 rounds of these two versions can be currently attacked. In the case of 8-round AES-192, the only known attack (found 10 years ago) is extremely marginal, requiring the evaluation of essentially all the 2128 possible plaintext/ciphertext pairs in order to speed up exhaustive key search by a factor of 16. In this paper we introduce three new cryptanalytic techniques, and use them to get the first non-marginal attack on 8-round AES-192 (making its time complexity about a million times faster than exhaustive search, and reducing its data complexity to about 1/32,000 of the full codebook). In addition, our new techniques can reduce the best known time complexities for all the other combinations of 7-round and 8-round AES-192 and AES-256.

References

[1]

A. Biryukov, D. Khovratovich, Related-key cryptanalysis of the full AES-192 and AES-256, in Advances in Cryptography, Proceedings of ASIACRYPT 2009. Lecture Notes in Computer Science, vol. 5912 (Springer, Berlin, 2009), pp. 1-18

[2]

A. Biryukov, D. Khovratovich, I. Nikolic, Distinguisher and related-key attack on the full AES-256, in Advances in Cryptography, Proceedings of CRYPTO 2009. Lecture Notes in Computer Science, vol. 5677 (Springer, Berlin, 2009), pp. 231-249

[3]

A. Biryukov, O. Dunkelman, N. Keller, D. Khovratovich, A. Shamir, Key recovery attacks of practical complexity on AES-256 variants with up to 10 rounds, in Advances in Cryptography, Proceedings of EUROCRYPT 2010. Lecture Notes in Computer, vol. 6110 (Springer, Berlin, 2010), pp. 299-319

[4]

J. Daemen, V. Rijmen, AES proposal: Rijndael, in NIST AES Proposal (1998)

[5]

J. Daemen, V. Rijmen, The Design of Rijndael: AES¿the Advanced Encryption Standard (Springer, Berlin, 2002)

[6]

H. Demirci, A. Aydin Selçuk, A meet-in-the-middle attack on 8-round AES, in Proceedings of Fast Software Encryption 2008. Lecture Notes in Computer Science, vol. 5086 (Springer, Berlin, 2008), pp. 116-126

Digital Library

[7]

H. Demirci, I. Taskin, M. Çoban, A. Baysal, Improved meet-in-the-middle attacks on AES, in Proceedings of INDOCRYPT 2009. Lecture Notes in Computer Science, vol. 5922 (Springer, Berlin, 2009), pp. 144-156

Digital Library

[8]

P. Derbez, P.-A. Fouque, Exhausting Demirci-Selcuk Meet-in-the-Middle Attacks against Reduced-Round AES, pre-proceedings of Fast Software Encryption 2013. Lecture Notes in Computer Science (2013, to appear)

[9]

P. Derbez, P.-A. Fouque, J. Jean, Improved key recovery attacks on reduced-round AES in the single-key setting, in Advances in Cryptology, Eurocrypt 2013 (2013).

[10]

O. Dunkelman, N. Keller, A new attack on the LEX stream cipher, in Advances in Cryptography, Proceedings of ASIACRYPT 2008. Lecture Notes in Computer Science, vol. 5350 (Springer, Berlin, 2008), pp. 539-556.

Digital Library

[11]

N. Ferguson, J. Kelsey, S. Lucks, B. Schneier, M. Stay, D. Wagner, D. Whiting, Improved cryptanalysis of Rijndael, in Proceedings of Fast Software Encryption 2000. Lecture Notes in Computer Science 1978 (Springer, Berlin, 2001), pp. 213-230.

[12]

H. Gilbert, M. Minier, A collision attack on 7 rounds of Rijndael, in Proceedings of the Third AES Candidate Conference (AES3), New York, USA (2000), pp. 230-241

[13]

J. Lu, O. Dunkelman, N. Keller, J. Kim, New impossible differential attacks on AES, in Proceedings of INDOCRYPT 2008. Lecture Notes in Computer Science, vol. 5365 (Springer, Berlin, 2008), pp. 279-293

Digital Library

[14]

H. Mala, M. Dakhilalian, V. Rijmen, M. Modarres-Hashemi, Improved impossible differential crypt-analysis of 7-round AES-128, in Proceedings of INDOCRYPT 2010. Lecture Notes in Computer Science, vol. 6498 (Springer, Berlin, 2010), pp. 282-291

[15]

US National Institute of Standards and Technology, Advanced Encryption Standard, Federal Information Processing Standards Publications, vol. 197 (2001)

[16]

W. Zhang, W. Wu, L. Zhang, D. Feng, Improved related-key impossible differential attacks on reduced-round AES-192, in Proceedings of Selected Areas in Cryptography 2006. Lecture Notes in Computer Science, vol. 4356 (Springer, Berlin, 2007), pp. 15-27

Cited By

Leurent GPernot C(2025)New Representations of the AES Key ScheduleJournal of Cryptology10.1007/s00145-024-09522-538:1Online publication date: 1-Mar-2025
https://dl.acm.org/doi/10.1007/s00145-024-09522-5
Yang QSong LZhang NShi DWang LZhao JHu LWeng J(2024)Optimizing Rectangle and Boomerang Attacks: A Unified and Generic Framework for Key RecoveryJournal of Cryptology10.1007/s00145-024-09499-137:2Online publication date: 10-Apr-2024
https://dl.acm.org/doi/10.1007/s00145-024-09499-1
Song LZhang NYang QShi DZhao JHu LWeng J(2022)Optimizing Rectangle Attacks: A Unified and Generic Framework for Key RecoveryAdvances in Cryptology – ASIACRYPT 202210.1007/978-3-031-22963-3_14(410-440)Online publication date: 5-Dec-2022
https://dl.acm.org/doi/10.1007/978-3-031-22963-3_14
Show More Cited By

Improved Single-Key Attacks on 8-Round AES-192 and AES-256

Recommendations

Related-key rectangle attacks on reduced AES-192 and AES-256
FSE'07: Proceedings of the 14th international conference on Fast Software Encryption

This paper examines the security of AES-192 and AES-256 against a related-key rectangle attack. We find the following new attacks: 8-round reduced AES-192 with 2 related keys, 10-round reduced AES-192 with 64 or 256 related keys and 9-round reduced AES-...
Meet-in-the-middle attacks on 10-round AES-256

Meet-in-the-middle attack on AES is proposed by Demirci and Selçuk at FSE 2008, and improved greatly by Dunkelman et al. at ASIACRYPT 2010 and Derbez et al. at EUROCRYPT 2013 with various time/memory/data tradeoff techniques. At FSE 2014, Li et al. give ...
Improved related-key impossible differential attacks on reduced-round AES-192
SAC'06: Proceedings of the 13th international conference on Selected areas in cryptography

In this paper, we present several new related-key impossible differential attacks on 7- and 8-round AES-192, following the work of Eli Biham et al. [6] and Jakimoski et al. [10]. We choose another relation of the related keys, start attacks from the ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image Journal of Cryptology

Journal of Cryptology Volume 28, Issue 3

July 2015

348 pages

ISSN:0933-2790

Issue’s Table of Contents

Copyright © Copyright © 2015 International Association for Cryptologic Research.

Publisher

Springer-Verlag

Berlin, Heidelberg

Publication History

Published: 01 July 2015

Author Tags

Qualifiers

Article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 23 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Leurent GPernot C(2025)New Representations of the AES Key ScheduleJournal of Cryptology10.1007/s00145-024-09522-538:1Online publication date: 1-Mar-2025
https://dl.acm.org/doi/10.1007/s00145-024-09522-5
Yang QSong LZhang NShi DWang LZhao JHu LWeng J(2024)Optimizing Rectangle and Boomerang Attacks: A Unified and Generic Framework for Key RecoveryJournal of Cryptology10.1007/s00145-024-09499-137:2Online publication date: 10-Apr-2024
https://dl.acm.org/doi/10.1007/s00145-024-09499-1
Song LZhang NYang QShi DZhao JHu LWeng J(2022)Optimizing Rectangle Attacks: A Unified and Generic Framework for Key RecoveryAdvances in Cryptology – ASIACRYPT 202210.1007/978-3-031-22963-3_14(410-440)Online publication date: 5-Dec-2022
https://dl.acm.org/doi/10.1007/978-3-031-22963-3_14
Leurent GPernot C(2021)New Representations of the AES Key ScheduleAdvances in Cryptology – EUROCRYPT 202110.1007/978-3-030-77870-5_3(54-84)Online publication date: 17-Oct-2021
https://dl.acm.org/doi/10.1007/978-3-030-77870-5_3
Cui JZhong HShi RWang J(2015)Related-key cryptanalysis on 7-round AES-128/192International Journal of Electronic Security and Digital Forensics10.1504/IJESDF.2015.0696097:2(166-178)Online publication date: 1-May-2015
https://dl.acm.org/doi/10.1504/IJESDF.2015.069609
Bogdanov AIsobe TRay ILi NKruegel C(2015)White-Box Cryptography RevisitedProceedings of the 22nd ACM SIGSAC Conference on Computer and Communications Security10.1145/2810103.2813699(1058-1069)Online publication date: 12-Oct-2015
https://dl.acm.org/doi/10.1145/2810103.2813699
Baysal AŞahin S(2015)RoadRunneRRevised Selected Papers of the 4th International Workshop on Lightweight Cryptography for Security and Privacy - Volume 954210.1007/978-3-319-29078-2_4(58-76)Online publication date: 10-Sep-2015
https://dl.acm.org/doi/10.1007/978-3-319-29078-2_4
Akshima Chang DGhosh MGoel ASanadhya S(2015)Improved Meet-in-the-Middle Attacks on 7 and 8-Round ARIA-192 and ARIA-256Proceedings of the 16th International Conference on Progress in Cryptology -- INDOCRYPT 2015 - Volume 946210.1007/978-3-319-26617-6_11(198-217)Online publication date: 6-Dec-2015
https://dl.acm.org/doi/10.1007/978-3-319-26617-6_11

View Options

View options

Media

Figures

Other

Tables

View Issue’s Table of Contents