Improved Cryptanalysis of Rijndael
نویسندگان
چکیده
We improve the best attack on Rijndael reduced to 6 rounds from complexity 2 to 2. We also present the first known attacks on 7and 8-round Rijndael. The attacks on 8-round Rijndael work for 192bit and 256-bit keys. Finally, we discuss the key schedule of Rijndael and describe a related-key attack that can break 9-round Rijndael with 256-bit keys.
منابع مشابه
Improved Integral Attacks on Rijndael with Large Blocks
In this paper, we present some improved integral attacks on Rijndael whose block sizes are larger than 128 bits. We will introduce some 4-round distinguishers for Rijndael with large blocks proposed by Marine Minier (AFRICACRYPT 2009), and propose a new 4th-order 4-round distinguisher for Rijndael-192. Basing on these distinguishers, together with the partial sum technique proposed by Niels Fer...
متن کاملImproved Impossible Differential Attacks on Large-Block Rijndael
In this paper, we present more powerful 6-round impossible differentials for large-block Rijndael-224 and Rijndael-256 than the ones used by Zhang et al. in ISC 2008. Using those, we can improve the previous impossible differential cryptanalysis of both 9-round Rijndael224 and Rijndael-256. The improvement can lead to 10-round attack on Rijndael-256 as well. With 2 chosen plaintexts, an attack ...
متن کاملImproved Integral Attacks on Rijndael
In this paper, we present some improved integral attacks on Rijndael whose block sizes are larger than 128 bits. We will introduce some 4-round distinguishers for Rijndael with large blocks proposed by Marine Minier (AFRICACRYPT 2009), and propose a new 4th-order 4-round distinguisher for Rijndael-192. Based on these distinguishers, together with the partial sum technique proposed by Niels Ferg...
متن کاملImproved Impossible Differential Cryptanalysis of Rijndael and Crypton
Impossible differential attacks against Rijndael and Crypton have been proposed up to 5-round. In this paper we expand the impossible differential attacks to 6-round. Although we use the same 4-round impossible differential as in five round attacks, we put this impossible differential in the middle of 6-round. That is, we will consider one round before the impossible differential and one more r...
متن کاملImproving Integral Cryptanalysis against Rijndael with Large Blocks
This report presents new four-round integral properties against the Rijndael cipher with block sizes larger than 128 bits. Using higher-order multiset distinguishers and other well-known extensions of those properties, the deduced attacks reach up to 7 and 8 rounds of Rijndael variants with 160 up to 256-bit blocks. For example, a 7-rounds attack against Rijndael-224 has a time complexity equal...
متن کامل