Paper 2019/770

Practical Attacks on Reduced-Round AES

Navid Ghaedi Bardeh and Sondre Rønjom

Abstract

In this paper we investigate the security of 5-round AES against two different attacks in an adaptive setting. We present a practical key-recovery attack on 5-round AES with a secret s-box that requires $2^{32}$ adaptively chosen ciphertexts, which is as far as we know a new record. In addition, we present a new and practical key-independent distinguisher for 5-round AES which requires $2^{27.2}$ adaptively chosen ciphertexts. While the data complexity of this distinguisher is in the same range as the current best 5-round distinguisher, it exploits new structural properties of 5-round AES.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. AFRICACRYPT 2019
DOI
10.1007/978-3-030-23696-0
Keywords
AESZero-differenceSecret-key distinguisherDifferentialSecret S-box
Contact author(s)
navid bardeh @ uib no
History
2019-07-03: revised
2019-07-02: received
See all versions
Short URL
https://ia.cr/2019/770
License
Creative Commons Attribution
CC BY

BibTeX

@misc{cryptoeprint:2019/770,
      author = {Navid Ghaedi Bardeh and Sondre Rønjom},
      title = {Practical Attacks on Reduced-Round {AES}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2019/770},
      year = {2019},
      doi = {10.1007/978-3-030-23696-0},
      url = {https://eprint.iacr.org/2019/770}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.