A Meet-in-the-Middle Attack on 8-Round AES
نویسندگان
چکیده
We present a 5-round distinguisher for AES. We exploit this distinguisher to develop a meet-in-the-middle attack on 7 rounds of AES192 and 8 rounds of AES-256. We also give a time-memory tradeoff generalization of the basic attack which gives a better balancing between different costs of the attack. As an additional note, we state a new squarelike property of the AES algorithm.
منابع مشابه
Meet-in-the-Middle Attack on 8 Rounds of the AES Block Cipher under 192 Key Bits
The AES block cipher has a 128-bit block length and a user key of 128, 192 or 256 bits, released by NIST for data encryption in the USA; it became an ISO international standard in 2005. In 2008, Demirci and Selçuk gave a meet-in-the-middle attack on 7-round AES under 192 key bits. In 2009, Demirci et al. (incorrectly) described a new meetin-the-middle attack on 7-round AES under 192 key bits. S...
متن کاملImproved Meet-in-the-Middle Attacks on AES
This paper studies key-recovery attacks on AES-192 and PRINCE under single-key model by methodology of meet-in-the-middle attack. A new technique named key-dependent sieve is proposed to further reduce the memory complexity of Demirci et al.’s attack at EUROCRYPT 2013, which helps us to achieve 9-round attack on AES-192 by using a 5-round distinguisher; the data, time and memory complexities ar...
متن کاملA Meet-in-the-middle Attack on Round-Reduced mCrypton
The meet-in-the-middle (MITM) attack on AES is a great success. In this paper, we apply the method to the lightweight SPN block cipher mCrypton. We prove that the multiset technique used to analyze AES can not be applied directly to mCrypton due to the scarcity of information. As a solution, we replace the unordered multiset with the ordered sequence. We lower the memory requirement from 2 to 2...
متن کاملImproved Meet-in-the-Middle Attacks on Round-Reduced Crypton-256
The meet-in-the-middle (MITM) attack has prove to be efficient in analyzing the AES block cipher. Its efficiency has been increasing with the introduction of various techniques such as differential enumeration, key-dependent sieve, super-box etc. The recent MITM attack given by Li and Jin has successfully mounted to 10-round AES-256. Crypton is an AES-like block cipher. In this paper, we apply ...
متن کاملKey Recovery Attacks on 3-round Even-Mansour, 8-step LED-128, and Full AES
The Even-Mansour (EM) encryption scheme received a lot of attention in the last couple of years due to its exceptional simplicity and tight security proofs. The original 1-round construction was naturally generalized into r-round structures with one key, two alternating keys, and completely independent keys. In this paper we describe the first key recovery attack on the one-key 3-round version ...
متن کامل