Improved Impossible Differential Attacks on Large-Block Rijndael

  • Lei Zhang
  • Wenling Wu
  • Je Hong Park
  • Bon Wook Koo
  • Yongjin Yeom
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5222)


In this paper, we present some improved impossible differential attacks on large-block Rijndael whose block sizes are larger than 128 bits. First of all, we present some important observations which help us to significantly improve the impossible differential attacks on large-block Rijndael proposed by Nakahara-Pavão (ISC 2007). Then we introduce some new impossible differentials for large-block Rijndael. Utilizing these longer impossible differential distinguishers, together with the technique of changing the order of MixColumns and AddRoundKey operations proposed by Zhang-Wu-Feng (ICISC 2007), we can apply impossible differential attacks up to 7-round Rijndael-160, 8-round Rijndael-192, and 9-round Rijndael-224/256. As far as we know, except the attack on Rijndael-256, all the other results are the best cryptanalytic results on large-block Rijndael.


Rijndael Block cipher Impossible differential distinguisher Impossible differential attack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    National Institute of Standards and Technology. FIPS-197: Advanced Encryption Standard (AES) (November 2001)Google Scholar
  2. 2.
    Biham, E., Dunkelman, O., Keller, N.: Related-key impossible differential attacks on 8-round AES-192. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 21–33. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Biham, E., Keller, N.: Cryptanalysis of reduced variants of Rijadeal. Official public comment for Round 2 of the AES development effort (2000)Google Scholar
  4. 4.
    Biryukov, A.: The boomerang attack on 5 and 6 round reduced AES. In: Dobbertin, H., Rijmen, V., Sowa, A. (eds.) AES 2005. LNCS, vol. 3373, pp. 11–15. Springer, Heidelberg (2005)Google Scholar
  5. 5.
    Cheon, J.H., Kim, M.J., Kim, K., Lee, J.-Y., Kang, S.W.: Improved impossible differential cryptanlaysis of Rijndael and Crypton. In: Kim, K.-c. (ed.) ICISC 2001. LNCS, vol. 2288, pp. 39–49. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  6. 6.
    Daemen, J., Rijmen, V.: AES Proposal: Rijndae. In: 1st AES Conference, California, USA (1998)Google Scholar
  7. 7.
    Daemen, J., Rijmen, V.: The Design of Rijndael. Springer, Heidelberg (2001)Google Scholar
  8. 8.
    Demirci, H., Selçuk, A.A.: A meet-in-the-middle attack on 8-round AES. In: Nyberg, K. (ed.) FSE 2008. LNCS, vol. 5086, pp. 116–126. Springer, Heidelberg (2008)Google Scholar
  9. 9.
    Ferguson, N., Kelsey, J., Lucks, S., Schneier, B., Stay, M., Wager, D., Whiting, D.: Improved cryptanalysis of Rijndael. In: Schneier, B. (ed.) FSE 2000. LNCS, vol. 1978, pp. 213–230. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  10. 10.
    Galice, S., Minier, M.: Improving integral attacks against Rijndael-256 up to 9 rounds. In: Vaudenay, S. (ed.) AFRICACRYPT 2008. LNCS, vol. 5023, pp. 1–15. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  11. 11.
    Gilbert, H., Minier, M.: A collision attack on 7 rounds of Rijndael. In: Proc. of 3rd AES Candidate Conference (2000)Google Scholar
  12. 12.
    Jakimoski, G., Desmedt, Y.: Related-key differential cryptanalysis of 192-bit key AES variants. In: Matsui, M., Zuccherato, R. (eds.) SAC 2003. LNCS, vol. 3006, pp. 208–221. Springer, Heidelberg (2004)Google Scholar
  13. 13.
    Jakimoski, G., Subbalakshmi, K.P.: On efficient message authentication via block cipher desing techniques. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 232–248. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  14. 14.
    Kim, J., Hong, S., Preneel, B.: Related-key rectangle attacks on reduced AES-192 and AES-256. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 225–241. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  15. 15.
    Kim, J., Hong, S., Sung, J., Lee, C., Lee, S.: Impossible differential cryptanalysis for block cipher structures. In: Johansson, T., Maitra, S. (eds.) INDOCRYPT 2003. LNCS, vol. 2904, pp. 82–96. Springer, Heidelberg (2003)Google Scholar
  16. 16.
    Knudsen, L.R., Rechberger, C., Thomsen, S.S.: The Grindahl hash functions. In: Biryukov, A. (ed.) FSE 2007. LNCS, vol. 4593, pp. 39–57. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  17. 17.
    Lu, J., Kim, J., Keller, N., Dunkelman, O.: Improving the efficiency of impossible differential cryptanalysis of reduced Camellia and MISTY1. In: Malkin, T. (ed.) CT-RSA 2008. LNCS, vol. 4964, pp. 370–386. Springer, Heidelberg (2008)CrossRefGoogle Scholar
  18. 18.
    Lucks, S.: Attacking seven rounds of Rijndael under 192-bit and 256-bit keys. In: Proc. of 3rd AES Candidate Conference (2000)Google Scholar
  19. 19.
    Nakahara Jr., J., de Freitas, D.S., Phan, R.C.-W.: New multiset attacks on Rijndael with large blocks. In: Dawson, E., Vaudenay, S. (eds.) Mycrypt 2005. LNCS, vol. 3715, pp. 277–295. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  20. 20.
    Nakahara Jr., J., Pavão, I.C.: Impossible-differential attacks on large-block Rijndael. In: Garay, J.A., Lenstra, A.K., Mambo, M., Peralta, R. (eds.) ISC 2007. LNCS, vol. 4779, pp. 104–117. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  21. 21.
    Peyrin, T.: Cryptanalysis of Grindahl. In: Kurosawa, K. (ed.) ASIACRYPT 2007. LNCS, vol. 4833, pp. 551–567. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  22. 22.
    Phan, R.C.-W.: Impossible differential cryptanalysis of 7 round Advanced Encryption Standard (AES). Information Processing Letters 91, 33–38 (2004)CrossRefMathSciNetGoogle Scholar
  23. 23.
    Zhang, W., Wu, W., Feng, D.: New result on impossible differential cryptanalysis of reduced AES. In: Nam, K.-H., Rhee, G. (eds.) ICISC 2007. LNCS, vol. 4817, pp. 239–250. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  24. 24.
    Zhang, W., Wu, W., Zhang, L., Feng, D.: Improved related-key impossible differential attacks on reduced-round AES-192. In: Biham, E., Youssef, A.M. (eds.) SAC 2006. LNCS, vol. 4356, pp. 15–27. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  25. 25.
    Zhang, W., Zhang, L., Wu, W., Feng, D.: Related-key differential-linear attacks on reduced AES-192. In: Srinathan, K., Pandu Rangan, C., Yung, M. (eds.) INDOCRYPT 2007. LNCS, vol. 4859, pp. 73–85. Springer, Heidelberg (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2008

Authors and Affiliations

  • Lei Zhang
    • 1
    • 2
  • Wenling Wu
    • 1
  • Je Hong Park
    • 3
  • Bon Wook Koo
    • 3
  • Yongjin Yeom
    • 3
  1. 1.State Key Laboratory of Information Security, Institute of SoftwareChinese Academy of SciencesBeijingP.R. China
  2. 2.State Key Laboratory of Information SecurityGraduate University of Chinese Academy of SciencesBeijingP.R. China
  3. 3.Electronics and Telecommunications Research Institute DaejeonKorea

Personalised recommendations