2013 | OriginalPaper | Chapter
Improved Key Recovery Attacks on Reduced-Round AES in the Single-Key Setting
Authors : Patrick Derbez, Pierre-Alain Fouque, Jérémy Jean
Published in: Advances in Cryptology – EUROCRYPT 2013
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
In this paper, we revisit meet-in-the-middle attacks on
AES
in the single-key model and improve on Dunkelman, Keller and Shamir attacks at
Asiacrypt
2010. We present the best attack on 7 rounds of
AES-128
where data/time/memory complexities are below 2
100
. Moreover, we are able to extend the number of rounds to reach attacks on 8 rounds for both
AES-192
and
AES-256
. This gives the best attacks on those two versions with a data complexity of 2
107
chosen-plaintexts, a memory complexity of 2
96
and a time complexity of 2
172
for
AES-192
and 2
196
for
AES-256
. Finally, we also describe the best attack on 9 rounds of
AES-256
with 2
120
chosen plaintexts and time and memory complexities of 2
203
. All these attacks have been found by carefully studying the number of reachable multisets in Dunkelman et al. attacks.