Improved Key Recovery Attacks on Reduced-Round AES with Practical Data and Memory Complexities

Achiya Bar-On, Orr Dunkelman, Nathan Keller, Eyal Ronen, Adi Shamir

Research output: Contribution to journalArticlepeer-review

Abstract

Determining the security of AES is a central problem in cryptanalysis, but progress in this area had been slow and only a handful of cryptanalytic techniques led to significant advancements. At Eurocrypt 2017 Grassi et al. presented a novel type of distinguisher for AES-like structures, but so far all the published attacks which were based on this distinguisher were inferior to previously known attacks in their complexity. In this paper we combine the technique of Grassi et al. with several other techniques in a novel way to obtain the best known key recovery attack on 5-round AES in the single-key model, reducing its overall complexity from about 2 32 to less than 2 22. Extending our techniques to 7-round AES, we obtain the best known attacks on reduced-round AES-192 which use practical amounts of data and memory, breaking the record for such attacks which was obtained in 2000 by the classical Square attack. In addition, we use our techniques to improve the Gilbert–Minier attack (2000) on 7-round AES, reducing its memory complexity from 2 80 to 2 40.

Original languageEnglish
Pages (from-to)1003-1043
Number of pages41
JournalJournal of Cryptology
Volume33
Issue number3
DOIs
StatePublished - 1 Jul 2020

Bibliographical note

Funding Information:
We thank the anonymous reviewers for their comments and suggestions. These have significantly improved the quality of the paper. The research was supported in part by the European Research Council under the ERC starting Grant Agreement No.?757731 (LightCrypt), by the BIU Center for Research in Applied Cryptography and Cyber Security, by the Israel Ministry of Science and Technology, the Center for Cyber, Law, and Policy, by the Israel National Cyber Bureau in the Prime Minister?s Office and by the Israeli Science Foundation through Grants No.?880/18 and No.?1523/14. The second author is a member of the Center for Cyber, Law, and Policy at the University of Haifa. The third author is a member of the BIU Center for Research in Applied Cryptography and Cyber Security. The fourth author is a member of CPIIS.

Publisher Copyright:
© 2019, International Association for Cryptologic Research.

Keywords

  • AES
  • Cryptanalysis
  • Mixture differentials

ASJC Scopus subject areas

  • Software
  • Computer Science Applications
  • Applied Mathematics

Fingerprint

Dive into the research topics of 'Improved Key Recovery Attacks on Reduced-Round AES with Practical Data and Memory Complexities'. Together they form a unique fingerprint.

Cite this