Advertisement

Springer Nature is making SARS-CoV-2 and COVID-19 research free. View research | View latest news | Sign up for updates

Improved impossible differential cryptanalysis of large-block Rijndael

  • 177 Accesses

  • 1 Citations

Abstract

Rijndael is a substitution-permutation network (SPN) block cipher for the AES development process. Its block and key sizes range from 128 to 256 bits in steps of 32 bits, which can be denoted by Rijndael-b-k, where b and k are the block and key sizes, respectively. Among them, Rijndael-128-128/192/256, that is, AES, has been studied by many researchers, and the security of other large-block versions of Rijndael has been exploited less frequently. However, more attention has been paid to large-block versions of block ciphers with the fast development of quantum computers. In this paper, we propose improved impossible differential attacks on 10-round Rijndael-256-256, 10-round Rijndael-224-256, and 9-round Rijndael-224-224 using precomputation tables, redundancies of key schedules, and multiple impossible differentials. For 10-round Rijndael-256-256, the data, time, and memory complexities of our attack were approximately 2244.4 chosen plaintexts, 2240.1 encryptions, and 2181.4 blocks, respectively. For 10-round Rijndael-224-256, the data, time, and memory complexities of our attack were approximately 2214.4 chosen plaintexts, 2241.3 encryptions, and 2183.4 blocks, respectively. For 9-round Rijndael-224-224, the data, time, and memory complexities of our attack are approximately 2214.4 chosen plaintexts, 2113.4 encryptions, and 287.4 blocks, respectively, or 2206.6 chosen plaintexts, 2153.6 encryptions, and 2111.6 blocks, respectively. To the best of our knowledge, our results are currently the best on Rijndael-256-256 and Rijndael-224-224/256.

This is a preview of subscription content, log in to check access.

References

  1. 1

    Daemen J, Rijmen V. The design of Rijndael: AES, the advanced encryption standard. In: Information Security and Cryptography. Berlin: Springer, 2002

  2. 2

    Daor J, Daemen J, Rijmen V. AES Proposal: Rijndael. http://jda.noekeon.org/, 1999

  3. 3

    Phan R C W. Impossible differential cryptanalysis of 7-round Advanced Encryption Standard (AES). Inf Processing Lett, 2004, 91: 33–38

  4. 4

    Biham E, Dunkelman O, Keller N. Related-key impossible differential attacks on 8-round AES-192. In: Proceedings of Cryptographers’ Track at the RSA Conference — CT-RSA 2006. Berlin: Springer, 2006. 21–33

  5. 5

    Biryukov A. The Boomerang attack on 5 and 6-round reduced AES. In: Proceedings of International Conference on Advanced Encryption Standard — AES 2004. Berlin: Springer, 2004. 11–15

  6. 6

    Biryukov A, Khovratovich D. Related-key cryptanalysis of the full AES-192 and AES-256. In: Advances in Cryptology — ASIACRYPT 2009. Berlin: Springer, 2009. 1–18

  7. 7

    Biryukov A, Khovratovich D, Nikolic I. Distinguisher and related-key attack on the full AES-256. In: Advances in Cryptology — CRYPTO 2009. Berlin: Springer, 2009. 231–249

  8. 8

    Demirci H, Selçuk A A. A meet-in-the-middle attack on 8-round AES. In: Fast Software Encryption — FSE 2008. Berlin: Springer, 2008. 5086: 116–126

  9. 9

    Gilbert H, Minier M. A collision attack on 7 rounds of Rijndael. In: Proceedings of the 3rd Advanced Encryption Standard Candidate Conference, New York, 2000. 230–241

  10. 10

    Lu J, Dunkelman O, Keller N, et al. New impossible differential attacks on AES. In: Progress in Cryptology — INDOCRYPT 2008. Berlin: Springer, 2008. 279–293

  11. 11

    Informatik T. Attacking seven rounds of Rijndael under 192-bit and 256-bit keys. In: Proceedings of the 3rd Advanced Encryption Standard Candidate Conference, New York, 2000. 215–229

  12. 12

    Zhang W, Wu W, Feng D. New results on impossible differential cryptanalysis of reduced AES. In: Proceedings of International Conference on Information Security and Cryptology — ICISC 2007. Berlin: Springer, 2007. 4817: 239–250

  13. 13

    Zhang W, Wu W, Zhang L, et al. Improved related-key impossible differential attacks on reduced-round AES-192. In: Selected Areas in Cryptography — SAC 2006. Berlin: Springer, 2007. 15–27

  14. 14

    Biham E, Biryukov A, Shamir A. Cryptanalysis of skipjack reduced to 31 rounds using impossible differentials. In: Advances in Cryptology — EUROCRYPT 1999. Berlin: Springer, 1999. 12–23

  15. 15

    Daemen J, Knudsen L R, Rijmen V. The block cipher square. In: Fast Software Encryption — FSE 1997. Berlin: Springer, 1997. 149–165

  16. 16

    Biryukov A, Shamir A. Structural cryptanalysis of SASAS. In: Advances in Cryptology — EUROCRYPT 2001. Berlin: Springer, 2001. 395–405

  17. 17

    Grover L K. A fast quantum mechanical algorithm for database search. In: Proceedings of Annual ACM Symposium on the Theory of Computing — STOC 1996. New York: ACM, 1996. 24: 212–219

  18. 18

    Knudsen L R. DEAL — A 128-bit block cipher. Complexity, 1998

  19. 19

    Lu J, Kim J, Keller N, et al. Improving the efficiency of impossible differential cryptanalysis of reduced Camellia and MISTY1. In: Cryptographers’ Track at the RSA Conference — CT-RSA 2008. Berlin: Springer, 2008. 370–386

  20. 20

    Boura C, Naya-Plasencia M, Suder V. Scrutinizing and improving impossible differential attacks: applications to CLEFIA, Camellia, LBlock and Simon. In: Advances in Cryptology — ASIACRYPT 2014. Berlin: Springer, 2014. 179–199

  21. 21

    Tolba M, Abdelkhalek A, Youssef A M. Impossible differential cryptanalysis of reduced-round skinny. In: Progress in Cryptology — AFRICACRYPT 2017. Cham: Springer, 2017. 117–134

  22. 22

    Kim J, Hong S, Lim J. Impossible differential cryptanalysis using matrix method. Discrete Math, 2010, 310: 988–1002

  23. 23

    Luo Y, Lai X, Wu Z, et al. A unified method for finding impossible differentials of block cipher structures. Inf Sci, 2014, 263: 211–220

  24. 24

    Luo Y, Lai X. Improvement for finding impossible differentials of block cipher structures. IACR Cryptology ePrint Archive, 2017, 2017: 1209

  25. 25

    Sasaki Y, Todo Y. New impossible differential search tool from design and cryptanalysis aspects. In: Advances in Cryptology — EUROCRYPT 2017. Cham: Springer, 2017. 185–215

  26. 26

    Ding Y L, Wang X Y, Wang N, et al. Improved automatic search of impossible differentials for camellia with FL/FL−1 layers. Sci China Inf Sci, 2018, 61: 038103

  27. 27

    Nakahara J, Pavao I C. Impossible-differential attacks on large-block Rijndael. In: Proceedings of International Conference on Information Security — ISC 2007. Berlin: Springer, 2007. 104–117

  28. 28

    Zhang L, Wu W, Park J H, et al. Improved impossible differential attacks on large-block Rijndael. In: Proceedings of International Conference on Information Security — ISC 2008. Berlin: Springer, 2008. 298–315

  29. 29

    Wang Q, Gu D, Rijmen V, et al. Improved impossible differential attacks on large-block Rijndael. In: Proceedings of International Conference on Information Security and Cryptology — ICISC 2012. Berlin: Springer, 2012. 298–315

  30. 30

    Minier M. Improving impossible-differential attacks against Rijndael-160 and Rijndael-224. Design Code Cryptogr, 2016, 82: 1–13

  31. 31

    Boura C, Minier M, Naya-Plasencia M, et al. Improved impossible differential attacks against round-reduced LBlock. Cryptogr Secur, 2014

  32. 32

    Derbez P. Note on Impossible Differential Attacks. In: Fast Software Encryption — FSE 2016. Berlin: Springer, 2016. 416–427

  33. 33

    Li Y J, Wu W L. Improved integral attacks on Rijndael. J Inf Sci Eng, 2011, 27: 2031–2045

  34. 34

    Dunkelman O, Keller N. A new attack on the LEX stream cipher. In: Advances in Cryptology — ASIACRYPT 2008. Berlin: Springer, 2008. 539–556

  35. 35

    Dunkelman O, Keller N, Shamir A. Improved single-key attacks on 8-round AES-192 and AES-256. In: Advances in Cryptology — ASIACRYPT 2010. Berlin: Springer, 2010. 158–176

Download references

Acknowledgements

This work was supported by National Natural Science Foundation of China (Grant Nos. 61402288, 61772129, 61601292, 61672347, 61472250), Foundation of Science and Technology on Information Assurance Laboratory (Grant No. KJ-17-008), Shanghai Natural Science Foundation (Grant Nos. 15ZR1400300, 16ZR1401100), Opening Project of the Shanghai Key Laboratory of Integrated Administration Technologies for Information Security (Grant No. AGK201703), Opening Project of the Shanghai Key Laboratory of Scalable Computing and Systems, National Cryptography Development Fund, and Fundamental Research Funds for the Central Universities.

Author information

Correspondence to Ya Liu.

Rights and permissions

Reprints and Permissions

About this article

Verify currency and authenticity via CrossMark

Cite this article

Liu, Y., Shi, Y., Gu, D. et al. Improved impossible differential cryptanalysis of large-block Rijndael. Sci. China Inf. Sci. 62, 32101 (2019). https://doi.org/10.1007/s11432-017-9365-4

Download citation

Keywords

  • block cipher
  • Rijndael
  • precomputation tables
  • impossible differentials
  • multiple impossible differential attacks