Revisiting AES Related-Key Differential Attacks with Constraint Programming
نویسندگان
چکیده
The Advanced Encryption Standard (AES) is one of the most studied symmetric encryption schemes. During the last years, several attacks have been discovered in different adversary models. In this paper, we focus on related-key differential attacks, where the adversary may introduce differences in plaintext pairs and also in keys. We show that Constraint Programming (CP) can be used to model these attacks, and that it allows us to efficiently find all optimal related-key differential characteristics for AES-128, AES-192 and AES-256. In particular, we improve the best related-key differential for the whole AES-256 and give the best related-key differential on 10 rounds of AES-192, which is the differential trail with the longest path. Those results allow us to improve existing related-key distinguishers, basic related-key attacks and q-multicollisions on AES-256.
منابع مشابه
Transposition of AES Key Schedule
In this paper, we point out a new weakness of the AES key schedule by revisiting an old observation exploited by many known attacks. We also discover a major cause for this weakness is that the column-by-column word-wise property in the key schedule matches nicely with the MixColumns operation in the cipher’s diffusion layer. Then we propose a new key schedule by minor modification to increase ...
متن کاملAutomatic Search for Related-Key Differential Characteristics in Byte-Oriented Block Ciphers: Application to AES, Camellia, Khazad and Others
While differential behavior of modern ciphers in a single secret key scenario is relatively well understood, and simple techniques for computation of security lower bounds are readily available, the security of modern block ciphers against related-key attacks is still very ad hoc. In this paper we make a first step towards provable security of block ciphers against related-key attacks by presen...
متن کاملStructural Evaluation of AES and Chosen-Key Distinguisher of 9-Round AES-128
While the symmetric-key cryptography community has now a good experience on how to build a secure and efficient fixed permutation, it remains an open problem how to design a key-schedule for block ciphers, as shown by the numerous candidates broken in the related-key model or in a hash function setting. Provable security against differential and linear cryptanalysis in the related-key scenario ...
متن کاملImproved Related-Key Impossible Differential Attacks on Reduced-Round AES-192
In this paper, we present several new related-key impossible differential attacks on 7and 8-round AES-192, following the work of Eli Biham and Orr Dunkelman et al. [1]. We choose another relation of the two related keys, start attacks from the very beginning(instead of the third round in [1]) so as to improve the data and time complexities of their attacks. Furthermore, we point out and correct...
متن کاملRelated-Key Impossible Differential Attacks on Reduced-Round AES-256
In this paper we examine the strength of AES-256 against the related-key impossible differential attack, following the work in [1] and [2]. Firstly, we present a carefully chosen relation between the related keys, which can be extended to 8-round(even more rounds) subkey differences. Then, we construct a 5.5-round related-key impossible differential. Using the differential, we present an attack...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2017 شماره
صفحات -
تاریخ انتشار 2017