FSE 2010: Fast Software Encryption pp 365-383

Super-Sbox Cryptanalysis: Improved Attacks for AES-Like Permutations

  • Henri Gilbert
  • Thomas Peyrin
Part of the Lecture Notes in Computer Science book series (LNCS, volume 6147)


In this paper, we improve the recent rebound and start-from-the-middle attacks on AES-like permutations. Our new cryptanalysis technique uses the fact that one can view two rounds of such permutations as a layer of big Sboxes preceded and followed by simple affine transformations. The big Sboxes encountered in this alternative representation are named Super-Sboxes. We apply this method to two second-round SHA-3 candidates Grøstl and ECHO, and obtain improvements over the previous cryptanalysis results for these two schemes. Moreover, we improve the best distinguisher for the AES block cipher in the known-key setting, reaching 8 rounds for the 128-bit version.


hash function cryptanalysis AES Grøstl ECHO 

Copyright information

© Springer-Verlag Berlin Heidelberg 2010

Authors and Affiliations

  • Henri Gilbert
    • 1
  • Thomas Peyrin
    • 2
  1. 1.Orange LabsFrance
  2. 2.IngenicoFrance

Personalised recommendations