Cryptology ePrint Archive: Report 2019/770

Practical Attacks on Reduced-Round AES

Navid Ghaedi Bardeh and Sondre Rønjom

Abstract: In this paper we investigate the security of 5-round AES against two different attacks in an adaptive setting. We present a practical key-recovery attack on 5-round AES with a secret s-box that requires $2^{32}$ adaptively chosen ciphertexts, which is as far as we know a new record. In addition, we present a new and practical key-independent distinguisher for 5-round AES which requires $2^{27.2}$ adaptively chosen ciphertexts. While the data complexity of this distinguisher is in the same range as the current best 5-round distinguisher, it exploits new structural properties of 5-round AES.

Category / Keywords: secret-key cryptography / AES, Zero-difference, Secret-key distinguisher, Differential, Secret S-box

Original Publication (in the same form): AFRICACRYPT 2019
DOI: 10.1007/978-3-030-23696-0

Date: received 2 Jul 2019, last revised 3 Jul 2019

Contact author: navid bardeh at uib no

Available format(s): PDF | BibTeX Citation

Version: 20190703:064618 (All versions of this report)

Short URL: ia.cr/2019/770