Paper 2012/477
Improved Key Recovery Attacks on Reduced-Round AES in the Single-Key Setting
Patrick Derbez, Pierre-Alain Fouque, and Jérémy Jean
Abstract
In this paper, we revisit meet-in-the-middle attacks on AES in the single-key model and improve on Dunkelman, Keller and Shamir attacks of Asiacrypt 2010. We present the best attack on 7 rounds of AES-128 where data/time/memory complexities are below $2^{100}$. Moreover, we are able to extend the number of rounds to reach attacks on 8 rounds for both AES-192 and AES-256. This gives the best attacks on those two versions with a data complexity of $2^{107}$ chosen-plaintexts, a memory complexity of $2^{96}$ and a time complexity of $2^{172}$ for AES-192 and $2^{196}$ for AES-256. Finally, we also describe the best attack on 9 rounds of AES-256 with $2^{120}$ chosen-plaintexts and time and memory complexities of $2^{203}$. All these attacks have been found by carefully studying the number of reachable multisets in Dunkelman et al. attacks.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- AESCryptanalysis
- Contact author(s)
- Jeremy Jean @ ens fr
- History
- 2012-08-21: received
- Short URL
- https://ia.cr/2012/477
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2012/477,
author = {Patrick Derbez and Pierre-Alain Fouque and Jérémy Jean},
title = {Improved Key Recovery Attacks on Reduced-Round {AES} in the Single-Key Setting},
howpublished = {Cryptology {ePrint} Archive, Paper 2012/477},
year = {2012},
url = {https://eprint.iacr.org/2012/477}
}
