Paper 2012/280

Improved ``Partial Sums"-based Square Attack on AES

Michael Tunstall

Abstract

The Square attack as a means of attacking reduced round variants of AES was described in the initial description of the Rijndael block cipher. This attack can be applied to AES, with a relatively small number of chosen plaintext-ciphertext pairs, reduced to less than six rounds in the case of AES-128 and seven rounds otherwise and several extensions to this attack have been described in the literature. In this paper we describe new variants of these attacks that have a smaller time complexity than those present in the literature. Specifically, we demonstrate that the quantity of chosen plaintext-ciphertext pairs can be halved producing the same reduction in the time complexity. We also demonstrate that the time complexity can be halved again for attacks applied to AES-128 and reduced by a smaller factor for attacks applied to AES-192. This is achieved by eliminating hypotheses on-the-fly when bytes in consecutive subkeys are related because of the key schedule.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
tunstall @ cs bris ac uk
History
2012-05-29: received
Short URL
https://ia.cr/2012/280
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2012/280,
      author = {Michael Tunstall},
      title = {Improved ``Partial Sums"-based Square Attack on AES},
      howpublished = {Cryptology ePrint Archive, Paper 2012/280},
      year = {2012},
      note = {\url{https://eprint.iacr.org/2012/280}},
      url = {https://eprint.iacr.org/2012/280}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.