Skip to main content

Improving the Biclique Cryptanalysis of AES

Part of the Lecture Notes in Computer Science book series (LNSC,volume 9144)

Abstract

Biclique attack is currently the only key-recovery attack on the full AES with a single key. Bogdanov et al. applied it to all the three versions of AES by constructing bicliques with size \(2^8\times 2^8\) and reducing the number of S-boxes computed in the matching phase. Their results were improved later by better selections of differential characteristics in the biclique construction. In this paper, we improve the biclique attack by increasing the biclique size to \(2^{16}\times 2^8\) and \(2^{16}\times 2^{16}\). We have a biclique attack on each of the following AES versions:

  • AES-128 with time complexity \(2^{126.13}\) and data complexity \(2^{56}\),

  • AES-128 with time complexity \(2^{126.01}\) and data complexity \(2^{72}\),

  • AES-192 with time complexity \(2^{189.91}\) and data complexity \(2^{48}\), and

  • AES-256 with time complexity \(2^{254.27}\) and data complexity \(2^{40}\).

Our results have the best time complexities among all the existing key-recovery attacks with data less than the entire code book.

Keywords

This is a preview of subscription content, log in via an institution.

Buying options

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Abed, F., Forler, C., List, E., Lucks, S., Wenzel, J.: A framework for automated independent-biclique cryptanalysis. In: Moriai, S. (ed.) FSE 2013. LNCS, vol. 8424, pp. 561–582. Springer, Heidelberg (2014)

    Google Scholar 

  2. Bahrak, B., Aref, M.R.: Impossible differential attack on seven-round AES-128. Information Security, IET 2(2), 28–32 (2008)

    Article  Google Scholar 

  3. Biham, E., Dunkelman, O., Keller, N.: Related-key impossible differential attacks on 8-round AES-192. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 21–33. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  4. Biryukov, A., Dunkelman, O., Keller, N., Khovratovich, D., Shamir, A.: Key recovery attacks of practical complexity on AES-256 variants with up to 10 rounds. In: Gilbert, H. (ed.) EUROCRYPT 2010. LNCS, vol. 6110, pp. 299–319. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  5. Biryukov, A., Khovratovich, D.: Related-key cryptanalysis of the full AES-192 and AES-256. In: Matsui, M. (ed.) ASIACRYPT 2009. LNCS, vol. 5912, pp. 1–18. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  6. Biryukov, A., Khovratovich, D., Nikolić, I.: Distinguisher and related-key attack on the full AES-256. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 231–249. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  7. Bogdanov, A., Chang, D., Ghosh, M., Sanadhya, S.K.: Bicliques with minimal data and time complexity for AES. In: Lee, J., Kim, J. (eds.) Information Security and Cryptology-ICISC 2014. LNCS, pp. 160–174. Springer, Heidelberg (2015)

    Google Scholar 

  8. Bogdanov, A., Kavun, E., Paar, C., Rechberger, C., Yalcin, T.: Better than brute-force–optimized hardware architecture for efficient biclique attacks on AES-128. In: ECRYPT Workshop, SHARCS-Special Purpose Hardware for Attacking Cryptographic Systems (2012)

    Google Scholar 

  9. Bogdanov, A., Khovratovich, D., Rechberger, C.: Biclique cryptanalysis of the full AES. In: Lee, D.H., Wang, X. (eds.) ASIACRYPT 2011. LNCS, vol. 7073, pp. 344–371. Springer, Heidelberg (2011)

    Chapter  Google Scholar 

  10. Canteaut, A., Naya-Plasencia, M., Vayssière, B.: Sieve-in-the-middle: improved MITM attacks. In: Canetti, R., Garay, J.A. (eds.) CRYPTO 2013, Part I. LNCS, vol. 8042, pp. 222–240. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  11. Chen, Sz, Xu, Tm: Biclique attack of the full ARIA-256. IACR Cryptology ePrint Archive 2012, 11 (2012)

    Google Scholar 

  12. Çoban, M., Karakoç, F., Boztaş, Ö.: Biclique cryptanalysis of TWINE. In: Pieprzyk, J., Sadeghi, A.-R., Manulis, M. (eds.) CANS 2012. LNCS, vol. 7712, pp. 43–55. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  13. Daemen, J., Rijmen, V.: The design of Rijndael: AES - the advanced encryption standard. Springer Science & Business Media (2002)

    Google Scholar 

  14. Dunkelman, O., Keller, N., Shamir, A.: Improved single-key attacks on 8-round AES-192 and AES-256. In: Abe, M. (ed.) ASIACRYPT 2010. LNCS, vol. 6477, pp. 158–176. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  15. Gorski, M., Lucks, S.: New related-key boomerang attacks on AES. In: Chowdhury, D.R., Rijmen, V., Das, A. (eds.) INDOCRYPT 2008. LNCS, vol. 5365, pp. 266–278. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  16. Hong, D., Koo, B., Kwon, D.: Biclique attack on the full HIGHT. In: Kim, H. (ed.) ICISC 2011. LNCS, vol. 7259, pp. 365–374. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  17. Jakimoski, G., Desmedt, Y.: Related-key differential cryptanalysis of 192-bit key AES variants. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 208–221. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  18. Khovratovich, D., Leurent, G., Rechberger, C.: Narrow-bicliques: cryptanalysis of full IDEA. In: Pointcheval, D., Johansson, T. (eds.) EUROCRYPT 2012. LNCS, vol. 7237, pp. 392–410. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  19. Khovratovich, D., Rechberger, C., Savelieva, A.: Bicliques for preimages: attacks on skein-512 and the SHA-2 family. In: Canteaut, A. (ed.) FSE 2012. LNCS, vol. 7549, pp. 244–263. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

  20. Li, L., Jia, K., Wang, X.: Improved single-key attacks on 9-round AES-192/256. In: Cid, C., Rechberger, C. (eds.) FSE 2014. LNCS, vol. 8540, pp. 127–146. Springer, Heidelberg (2015)

    Chapter  Google Scholar 

  21. Mala, H.: Biclique-based cryptanalysis of the block cipher \(\text{ SQUARE }\). Information Security, IET 8(3), 207–212 (2014)

    Article  Google Scholar 

  22. Mala, H., Dakhilalian, M., Rijmen, V., Modarres-Hashemi, M.: Improved impossible differential cryptanalysis of 7-round \(\text{ AES }\)-128. In: Progress in Cryptology-INDOCRYPT 2010, pp. 282–291. Springer (2010)

    Google Scholar 

  23. Wang, Y., Wu, W., Yu, X.: Biclique cryptanalysis of reduced-round piccolo block cipher. In: Ryan, M.D., Smyth, B., Wang, G. (eds.) ISPEC 2012. LNCS, vol. 7232, pp. 337–352. Springer, Heidelberg (2012)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

Authors

Corresponding authors

Correspondence to Biaoshuai Tao or Hongjun Wu .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Tao, B., Wu, H. (2015). Improving the Biclique Cryptanalysis of AES. In: Foo, E., Stebila, D. (eds) Information Security and Privacy. ACISP 2015. Lecture Notes in Computer Science(), vol 9144. Springer, Cham. https://doi.org/10.1007/978-3-319-19962-7_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-19962-7_3

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-19961-0

  • Online ISBN: 978-3-319-19962-7

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics