×

Impossible differential cryptanalysis of advanced encryption standard. (English) Zbl 1142.94010

Summary: Impossible differential cryptanalysis is a method recovering secret key, which gets rid of the keys that satisfy impossible differential relations. This paper concentrates on the impossible differential cryptanalysis of Advanced Encryption Standard (AES) and presents two methods for impossible differential cryptanalysis of 7-round AES-192 and 8-round AES-256 combined with time-memory trade-off by exploiting weaknesses in their key schedule. This attack on the reduced to 7-round AES-192 requires about \(2^{94.5}\) chosen plaintexts, demands \(2^{129}\) words of memory, and performs \(2^{157}\) 7-round AES-192 encryptions. Furthermore, this attack on the reduced to 8-round AES-256 requires about \(2^{101}\) chosen plaintexts, demands \(2^{201}\) words of memory, and performs \(2^{228}\) 8-round AES-256 encryptions.

MSC:

94A60 Cryptography

Software:

Square
PDFBibTeX XMLCite
Full Text: DOI

References:

[1] Daemen J, Rijnmen V. AES Proposal: Rijndael. http://csrc.nist.gov/envryption/aes/rijndael
[2] The Advanced Encryption Standard. http://www.nist.gov/aes · Zbl 1130.68047
[3] Daemen J, Rijmen V. The block cipher square. In: Proceedings of Fast Software Encryption’97. Berlin: Springer-Verlag, LNCS, 1997. 1267: 149–165 · Zbl 1385.94025
[4] Biham E, Biryukov A, Shamir A. Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials. In: Proceedings of Eurocrypt’99. Berlin: Springer-Verlag, LNCS, 1999. 1592: 12–23 · Zbl 0927.94013
[5] Wagner D. The boomerang attack. In: Proceedings of Fast Software Encryption’99. Berlin: Springer-Verlag, LNCS, 1999. 1636: 156–170 · Zbl 0942.94022
[6] Biham E, Dunkelman O, Neller N. The rectangle attack-rectangling the Serpent. In: Proceedings of Eurocrypt’01. Berlin: Springer-Verlag, LNCS, 2001. 2045: 340–357 · Zbl 0981.94017
[7] Lucks S. The saturation attack – A bait for Twofish. In: Proceeding of Fast Software Encryption’01. Berlin: Springer-Verlag, LNCS, 2001. 2355: 1–5
[8] Wu W L, Feng D G. Collision attack on reduced-round Camellia. Sci China Ser F-Inf Sci, 2005, 48(1): 78–90 · Zbl 1187.94031 · doi:10.1360/03yf0293
[9] Cheon J, Kim M, Kim K, et al. Improved impossible differential cryptanalysis of Rijndael and Crypton. In: Proceeding of ICICS’2001. Berlin: Springer-Verlag, LNCS, 2002. 2288: 39–49 · Zbl 0994.68576
[10] Phan W. Impossible differential cryptanalysis of 7-round advanced encryption standard. Inf Proc Lett, 2004, 91: 33–38 · Zbl 1177.68087 · doi:10.1016/j.ipl.2004.02.018
[11] Biham E, Dunkelman O, Keller N. Related-key impossible differential attacks on 8-round AES-192. In: Proceeding of CT-RSA 2006. Berlin: Springer-Verlag, LNCS, 2006. 3860: 21–33 · Zbl 1125.94320
[12] Biham E, Keller N. Cryptanalysis of reduced variants of Rijndael. http://csrc.nist.gov/envryption/aes/round2/conf3/aes3papers.html
This reference list is based on information provided by the publisher or from digital mathematics libraries. Its items are heuristically matched to zbMATH identifiers and may contain data conversion errors. In some cases that data have been complemented/enhanced by data from zbMATH Open. This attempts to reflect the references listed in the original paper as accurately as possible without claiming completeness or a perfect matching.