Improved Single-Key Attacks on 8-Round AES-192 and AES-256
AES is the most widely used block cipher today, and its security is one of the most important issues in cryptanalysis. After 13 years of analysis, related-key attacks were recently found against two of its flavors (AES-192 and AES-256). However, such a strong type of attack is not universally accepted as a valid attack model, and in the more standard single-key attack model at most 8 rounds of these two versions can be currently attacked. In the case of 8-round AES-192, the only known attack (found 10 years ago) is extremely marginal, requiring the evaluation of essentially all the 2128 possible plaintext/ciphertext pairs in order to speed up exhaustive key search by a factor of 16. In this paper we introduce three new cryptanalytic techniques, and use them to get the first non-marginal attack on 8-round AES-192 (making its time complexity about a million times faster than exhaustive search, and reducing its data complexity to about 1/32,000 of the full codebook). In addition, our new techniques can reduce the best known time complexities for all the other combinations of 7-round and 8-round AES-192 and AES-256.
KeywordsTime Complexity Block Cipher Advanced Encryption Standard Memory Complexity Online Phase
- 1.Bahrak, B., Aref, M.R.: Impossible Differential Attack on 7-round AES-128. IET (IEE). J. on Information Security 2(2), 28–32 (2008)Google Scholar
- 2.Biryukov, A., Dunkelman, O., Keller, N., Khovratovich, D., Shamir, A.: Key Recovery Attacks of Practical Complexity on AES-256 Variants With Up To 10 Rounds. In: Gilbert, H. (ed.) Advances in Cryptology – EUROCRYPT 2010. LNCS, vol. 6110, pp. 299–319. Springer, Heidelberg (2010)CrossRefGoogle Scholar
- 5.Daemen, J., Rijmen, V.: AES Proposal: Rijndael, AES proposal (1998)Google Scholar
- 11.Gilbert, H., Minier, M.: A collision attack on 7 rounds of Rijndael. In: Proceedings of the Third AES Candidate Conference (AES3), New York, USA, pp. 230–241 (2000)Google Scholar
- 13.US National Institute of Standards and Technology, Advanced Encryption Standard, Federal Information Processing Standards Publications No. 197 (2001)Google Scholar