Paper 2023/1846

New Security Proofs and Complexity Records for Advanced Encryption Standard

Orhun Kara, IZTECH Izmir Institute of Technology
Abstract

Common block ciphers like AES specified by the NIST or KASUMI (A5/3) of GSM are extensively utilized by billions of individuals globally to protect their privacy and maintain confidentiality in daily communications. However, these ciphers lack comprehensive security proofs against the vast majority of known attacks. Currently, security proofs are limited to differential and linear attacks for both AES and KASUMI. For instance, the consensus on the security of AES is not based on formal mathematical proofs but on intensive cryptanalysis over its reduced rounds spanning several decades. In this work, we introduce new security proofs for AES against another attack method: impossible differential (ID) attacks. We classify ID attacks as reciprocal and nonreciprocal ID attacks. We show that sharp and generic lower bounds can be imposed on the data complexities of reciprocal ID attacks on substitution permutation networks. We prove that the minimum data required for a reciprocal ID attack on AES using a conventional ID characteristic is $2^{66}$ chosen plaintexts whereas a nonreciprocal ID attack involves at least $2^{88}$ computational steps. We mount a nonreciprocal ID attack on 6-round AES for 192-bit and 256-bit keys, which requires only $2^{18}$ chosen plaintexts and outperforms the data complexity of any attack. Given its marginal time complexity, this attack does not pose a substantial threat to the security of AES. However, we have made enhancements to the integral attack on 6-round AES, thereby surpassing the longstanding record for the most efficient attack after a period of 23 years.

Note: The final version of this paper is available for public access at the following link: https://ieeexplore.ieee.org/document/10323405, accompanied by the DOI number 10.1109/ACCESS.2023.3335271. Should citation be necessary, kindly reference the published version and adhere to the copyright regulations by IEEE Access which is as follows. © 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. This work is partially supported by TÜBİTAK 1001 Project under the grant number 121E228.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. IEEE Access
DOI
10.1109/ACCESS.2023.3335271
Keywords
Advanced Encryption Standard (AES)block cipherconfidentialitycryptanalysisimpossible differential attackintegral attackreciprocal attackSubstitution Permutation Network (SPN)
Contact author(s)
orhunkara @ iyte edu tr
History
2023-12-22: last of 2 revisions
2023-11-30: received
See all versions
Short URL
https://ia.cr/2023/1846
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/1846,
      author = {Orhun Kara},
      title = {New Security Proofs and  Complexity Records for Advanced Encryption Standard},
      howpublished = {Cryptology ePrint Archive, Paper 2023/1846},
      year = {2023},
      doi = {10.1109/ACCESS.2023.3335271},
      note = {\url{https://eprint.iacr.org/2023/1846}},
      url = {https://eprint.iacr.org/2023/1846}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.