Cryptology ePrint Archive: Report 2010/322
Improved Single-Key Attacks on 8-round AES
Orr Dunkelman and Nathan Keller and Adi Shamir
Abstract: AES is the most widely used block cipher today,
and its security is one of the most important issues in cryptanalysis.
After 13 years of analysis, related-key attacks were recently found against two
of its flavors (AES-192 and AES-256). However, such a strong type of
attack is not universally accepted as a valid attack model,
and in the more standard single-key attack model
at most 8 rounds of these two versions can be currently attacked.
In the case of 8-round AES-192, the only known attack
(found 10 years ago) is extremely marginal, requiring the evaluation
of essentially all the 2^{128} possible plaintext/ciphertext pairs in order
to speed up exhaustive key search by a factor of 16. In this paper we introduce
three new cryptanalytic techniques,
and use them to get the first non-marginal attack on 8-round AES-192
(making its time complexity about a million times faster than exhaustive search,
and reducing its data complexity to about 1/32,000 of the full codebook).
In addition, our new techniques can reduce the best known time
complexities for all the other combinations of 7-round and 8-round AES-192
and AES-256.
Category / Keywords: secret-key cryptography / AES, cryptanalysis, single-key attacks, multiset tabulation, differential enumeration, key bridging
Date: received 31 May 2010, last revised 29 Apr 2011
Contact author: orr dunkelman at weizmann ac il
Available format(s): PDF | BibTeX Citation
Version: 20110429:062059 (All versions of this report)
Short URL: ia.cr/2010/322
[ Cryptology ePrint archive ]