Paper 2019/652
The Exchange Attack: How to Distinguish 6 Rounds of AES with $2^{88.2}$ chosen plaintexts
Navid Ghaedi Bardeh and Sondre Rønjom
Abstract
In this paper we present exchange equivalence attacks which is a cryptanalytic attack technique suitable for SPN-like block cipher designs. Our new technique results in a secret-key chosen plaintext distinguisher for 6-round AES. The complexity of the distinguisher is about $2^{88.2}$ in terms of data, memory and computational complexity. The distinguishing attack for AES reduced to 6 rounds is a straight-forward extension of an exchange attack for 5-round AES that requires about $2^{30}$ in terms of chosen plaintexts and computation. This is also a new record for AES reduced to 5 rounds. The main result of this paper is that AES up to at least 6 rounds is biased when restricted to exchange invariant sets of plaintexts.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Preprint. MINOR revision.
- Keywords
- SPNAESExchange Equivalence AttacksExchange Invariant SetsExchange Equivalence ClassSecret-Key modelDifference Cryptanalysis
- Contact author(s)
- Navid bardeh @ uib no
- History
- 2019-09-14: revised
- 2019-06-04: received
- See all versions
- Short URL
- https://ia.cr/2019/652
- License
-
CC BY