Paper 2023/1846
New Security Proofs and Complexity Records for Advanced Encryption Standard
Abstract
Common block ciphers like AES specified by the NIST or KASUMI (A5/3) of GSM are extensively utilized by billions of individuals globally to protect their privacy and maintain confidentiality in daily communications. However, these ciphers lack comprehensive security proofs against the vast majority of known attacks. Currently, security proofs are limited to differential and linear attacks for both AES and KASUMI. For instance, the consensus on the security of AES is not based on formal mathematical proofs but on intensive cryptanalysis over its reduced rounds spanning several decades. In this work, we introduce new security proofs for AES against another attack method: impossible differential (ID) attacks. We classify ID attacks as reciprocal and nonreciprocal ID attacks. We show that sharp and generic lower bounds can be imposed on the data complexities of reciprocal ID attacks on substitution permutation networks. We prove that the minimum data required for a reciprocal ID attack on AES using a conventional ID characteristic is $2^{66}$ chosen plaintexts whereas a nonreciprocal ID attack involves at least $2^{88}$ computational steps. We mount a nonreciprocal ID attack on 6-round AES for 192-bit and 256-bit keys, which requires only $2^{18}$ chosen plaintexts and outperforms the data complexity of any attack. Given its marginal time complexity, this attack does not pose a substantial threat to the security of AES. However, we have made enhancements to the integral attack on 6-round AES, thereby surpassing the longstanding record for the most efficient attack after a period of 23 years.
Note: The final version of this paper is available for public access at the following link: https://ieeexplore.ieee.org/document/10323405, accompanied by the DOI number 10.1109/ACCESS.2023.3335271. Should citation be necessary, kindly reference the published version and adhere to the copyright regulations by IEEE Access which is as follows. © 2023 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works. This work is partially supported by TÜBİTAK 1001 Project under the grant number 121E228.
Metadata
- Available format(s)
- Category
- Secret-key cryptography
- Publication info
- Published elsewhere. IEEE Access
- DOI
- 10.1109/ACCESS.2023.3335271
- Keywords
- Advanced Encryption Standard (AES)block cipherconfidentialitycryptanalysisimpossible differential attackintegral attackreciprocal attackSubstitution Permutation Network (SPN)
- Contact author(s)
- orhunkara @ iyte edu tr
- History
- 2023-12-22: last of 2 revisions
- 2023-11-30: received
- See all versions
- Short URL
- https://ia.cr/2023/1846
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2023/1846, author = {Orhun Kara}, title = {New Security Proofs and Complexity Records for Advanced Encryption Standard}, howpublished = {Cryptology {ePrint} Archive, Paper 2023/1846}, year = {2023}, doi = {10.1109/ACCESS.2023.3335271}, url = {https://eprint.iacr.org/2023/1846} }