Cryptology ePrint Archive: Report 2010/257

Feasible Attack on the 13-round AES-256

Alex Biryukov and Dmitry Khovratovich

Abstract: In this note we present the first attack with feasible complexity on the 13-round AES-256. The attack runs in the related-subkey scenario with four related keys, in 2^{76} time, data, and memory.

Category / Keywords: secret-key cryptography / aes, cryptanalysis, related keys, boomerang attack

Date: received 5 May 2010

Contact author: khovratovich at gmail com, alex cryptan@gmail com

Available format(s): PDF | BibTeX Citation

Version: 20100505:100710 (All versions of this report)

Short URL:

[ Cryptology ePrint archive ]