Improved Key Recovery Attacks on Reduced-Round AES in the Single-Key Setting

详细信息    查看全文

• 作者：Patrick Derbez (18)
  Pierre-Alain Fouque (18) (19)
  Jérémy Jean (18)
  
• 刊名：Lecture Notes in Computer Science
• 出版年：2013
• 出版时间：2013
• 年：2013
• 卷：7881
• 期：1
• 页码：388-404
• 全文大小：331KB
• 参考文献：1. Aoki, K., Sasaki, Y.: Meet-in-the-Middle Preimage Attacks Against Reduced SHA-0 and SHA-1 . In: Halevi: [19], pp. 70-9
  2. Bahrak, B., Aref, M.R.: A Novel Impossible Differential Cryptanalysis of AES . In: WEWoRc (2007)
  3. Biham, E., Keller, N.: Cryptanalysis of Reduced Variants of Rijndael . Tech. rep., Computer Science Department, Technion -Israel Institute of Technology (2000)
  4. Biryukov, A., Dunkelman, O., Keller, N., Khovratovich, D., Shamir, A.: Key Recovery Attacks of Practical Complexity on AES-256 Variants with up to 10 Rounds. In: Gilbert:[17], pp. 299-19
  5. Biryukov, A., Khovratovich, D.: Related-Key Cryptanalysis of the Full AES-192 and AES-256. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol.?5912, pp. 1-8. Springer, Heidelberg (2009) CrossRef
  6. Biryukov, A., Khovratovich, D., Nikolic, I.: Distinguisher and Related-Key Attack on the Full AES-256 . In: Halevi: [19], pp. 231-49
  7. Biryukov, A., Nikolic, I.: Automatic Search for Related-Key Differential Characteristics in Byte-Oriented Block Ciphers: Application to AES , Camellia, Khazad and Others. In: Gilbert: [17], pp. 322-44
  8. Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique Cryptanalysis of the Full AES. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol.?7073, pp. 344-71. Springer, Heidelberg (2011) CrossRef
  9. Bouillaguet, C., Derbez, P., Fouque, P.-A.: Automatic Search of Attacks on Round-Reduced AES and Applications. In: Rogaway, P. (ed.) CRYPTO 2011. LNCS, vol.?6841, pp. 169-87. Springer, Heidelberg (2011) CrossRef
  10. Daemen, J., Knudsen, L.R., Rijmen, V.: The Block Cipher SQUARE. In: Biham, E. (ed.) FSE 1997. LNCS, vol.?1267, pp. 149-65. Springer, Heidelberg (1997) CrossRef
  11. Daemen, J., Rijmen, V.: AES proposal: Rijndael (1998)
  12. Demirci, H., Sel?uk, A.A.: A Meet-in-the-Middle Attack on 8-Round AES. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol.?5086, pp. 116-26. Springer, Heidelberg (2008) CrossRef
  13. Demirci, H., Ta?k?n, ?., ?oban, M., Baysal, A.: Improved Meet-in-the-Middle Attacks on AES. In: Roy, B., Sendrier, N. (eds.) INDOCRYPT 2009. LNCS, vol.?5922, pp. 144-56. Springer, Heidelberg (2009) CrossRef
  14. Derbez, P., Fouque, P.-A., Jean, J.: Faster Chosen-Key Distinguishers on Reduced-Round AES. In: Galbraith, S., Nandi, M. (eds.) INDOCRYPT 2012. LNCS, vol.?7668, pp. 225-43. Springer, Heidelberg (2012) CrossRef
  15. Dunkelman, O., Keller, N., Shamir, A.: Improved Single-Key Attacks on 8-Round AES-192 and AES-256. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol.?6477, pp. 158-76. Springer, Heidelberg (2010) CrossRef
  16. Ferguson, N., Kelsey, J., Lucks, S., Schneier, B., Stay, M., Wagner, D., Whiting, D.L.: Improved Cryptanalysis of Rijndael. In: Schneier, B. (ed.) FSE 2000. LNCS, vol.?1978, pp. 213-30. Springer, Heidelberg (2001) CrossRef
  17. Gilbert, H. (ed.): EUROCRYPT 2010. LNCS, vol.?6110. Springer, Heidelberg (2010)
  18. Gilbert, H., Minier, M.: A Collision Attack on 7 Rounds of Rijndael . In: AES Candidate Conference, pp. 230-41 (2000)
  19. Halevi, S. (ed.): CRYPTO 2009. LNCS, vol.?5677. Springer, Heidelberg (2009)
  20. Lu, J., Dunkelman, O., Keller, N., Kim, J.: New Impossible Differential Attacks on AES. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol.?5365, pp. 279-93. Springer, Heidelberg (2008) CrossRef
  21. Mala, H., Dakhilalian, M., Rijmen, V., Modarres-Hashemi, M.: Improved Impossible Differential Cryptanalysis of 7-Round AES-128. In: Gong, G., Gupta, K.C. (eds.) INDOCRYPT 2010. LNCS, vol.?6498, pp. 282-91. Springer, Heidelberg (2010) CrossRef
  22. Mendel, F., Rechberger, C., Schl?ffer, M., Thomsen, S.S.: The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Gr?stl . In: Dunkelman, O. (ed.) FSE 2009. LNCS, vol.?5665, pp. 260-76. Springer, Heidelberg (2009) CrossRef
  23. NIST: Advanced Encryption Standard (AES ), FIPS 197. Tech. Rep., NIST (November 2001)
  24. Wei, Y., Lu, J., Hu, Y.: Meet-in-the-Middle Attack on 8 Rounds of the AES Block Cipher under 192 Key Bits. In: Bao, F., Weng, J. (eds.) ISPEC 2011. LNCS, vol.?6672, pp. 222-32. Springer, Heidelberg (2011) CrossRef
  
• 作者单位：Patrick Derbez (18)
  Pierre-Alain Fouque (18) (19)
  Jérémy Jean (18)
  
  18. école Normale Supérieure, 45 Rue d’Ulm, 75005, Paris, France
  19. Université de Rennes, France
  
• ISSN：1611-3349

文摘

In this paper, we revisit meet-in-the-middle attacks on AES in the single-key model and improve on Dunkelman, Keller and Shamir attacks at Asiacrypt 2010. We present the best attack on 7 rounds of AES-128 where data/time/memory complexities are below 2100. Moreover, we are able to extend the number of rounds to reach attacks on 8 rounds for both AES-192 and AES-256. This gives the best attacks on those two versions with a data complexity of 2107 chosen-plaintexts, a memory complexity of 296 and a time complexity of 2172 for AES-192 and 2196 for AES-256. Finally, we also describe the best attack on 9 rounds of AES-256 with 2120 chosen plaintexts and time and memory complexities of 2203. All these attacks have been found by carefully studying the number of reachable multisets in Dunkelman et al. attacks.