Cryptology ePrint Archive: Report 2010/537

Meet-in-the-Middle Attack on 8 Rounds of the AES Block Cipher under 192 Key Bits

Yongzhuang Wei and Jiqiang Lu and Yupu Hu

Abstract: The AES block cipher has a 128-bit block length and a user key of 128, 192 or 256 bits, released by NIST for data encryption in the USA; it became an ISO international standard in 2005. In 2008, Demirci and Selccuk gave a meet-in-the-middle attack on 7-round AES under 192 key bits. In 2009, Demirci et al. (incorrectly) described a new meet-in-the-middle attack on 7-round AES under 192 key bits. Subsequently, Dunkelman et al. described an attack on 8-round AES under 192 key bits by taking advantage of several advanced techniques, including one about the key schedule. In this paper, we show that by exploiting a simple observation on the key schedule, a meet-in-the-middle attack on 8-round AES under 192 key bits can be obtained from Demirci and Selccuk's and Demirci et al.'s work; and a more efficient attack can be obtained when taking into account Dunkelman et al.'s observation on the key schedule. In the single-key attack scenario, attacking 8 rounds is the best currently known cryptanalytic result for AES in terms of the numbers of attacked rounds, and our attack has a dramatically smaller data complexity than the currently known attacks on 8-round AES under 192 key bits.

Category / Keywords: secret-key cryptography / Block cipher, Advanced Encryption Standard, Meet-in-middle attack

Date: received 20 Oct 2010

Contact author: lvjiqiang at hotmail com

Available format(s): PDF | BibTeX Citation

Version: 20101025:150632 (All versions of this report)

Short URL:

Discussion forum: Show discussion | Start new discussion

[ Cryptology ePrint archive ]