Paper 2022/695

Yet Another Algebraic Cryptanalysis of Small Scale Variants of AES

Marek Bielik, FIT CTU in Prague
Martin Jureček, FIT CTU in Prague
Olha Jurečková, FIT CTU in Prague
Róbert Lórencz, FIT CTU in Prague

This work presents new advances in algebraic cryptanalysis of small scale derivatives of AES. We model the cipher as a system of polynomial equations over GF(2), which involves only the variables of the initial key, and we subsequently attempt to solve this system using Gröbner bases. We show, for example, that one of the attacks can recover the secret key for one round of AES-128 under one minute on a contemporary CPU. This attack requires only two known plaintexts and their corresponding ciphertexts. We also compare the performance of Gröbner bases to a SAT solver, and provide an insight into the propagation of diffusion within the cipher.

Available format(s)
Attacks and cryptanalysis
Publication info
Published elsewhere. SECRYPT 2022
Small Scale Variants of AES Algebraic Cryptanalysis Gröbner Bases
Contact author(s)
mail @ marek onl
martin jurecek @ fit cvut cz
jurecolh @ fit cvut cz
robert lorencz @ fit cvut cz
2022-07-18: last of 5 revisions
2022-06-01: received
See all versions
Short URL
Creative Commons Attribution


      author = {Marek Bielik and Martin Jureček and Olha Jurečková and Róbert Lórencz},
      title = {Yet Another Algebraic Cryptanalysis of Small Scale Variants of AES},
      howpublished = {Cryptology ePrint Archive, Paper 2022/695},
      year = {2022},
      note = {\url{}},
      url = {}
Note: In order to protect the privacy of readers, does not use cookies or embedded third party content.