Paper 2008/435
Obtaining and solving systems of equations in key variables only for the small variants of AES
Stanislav Bulygin and Michael Brickenstein
Abstract
This work is devoted to attacking the small scale variants of the Advanced Encryption Standard (AES) via systems that contain only the initial key variables. To this end, we introduce a system of equations that naturally arises in the AES, and then eliminate all the intermediate variables via normal form reductions. The resulting system in key variables only is solved then. We also consider a possibility to apply our method in the meet-in-the-middle scenario especially with several plaintext/ciphertext pairs. We elaborate on the method further by looking for subsystems which contain fewer variables and are overdetermined, thus facilitating solving the large system.
Metadata
- Available format(s)
- PDF PS
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. Unknown where it was published
- Keywords
- AESblock ciphersboolean functionscryptanalysisimplementation
- Contact author(s)
- bulygin @ mathematik uni-kl de
- History
- 2008-10-20: received
- Short URL
- https://ia.cr/2008/435
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2008/435, author = {Stanislav Bulygin and Michael Brickenstein}, title = {Obtaining and solving systems of equations in key variables only for the small variants of {AES}}, howpublished = {Cryptology {ePrint} Archive, Paper 2008/435}, year = {2008}, url = {https://eprint.iacr.org/2008/435} }