Paper 2024/1508

Key Collisions on AES and Its Applications

Kodai Taiyama, University of Hyogo
Kosei Sakamoto, Mitsubishi Electric Corporation
Ryoma Ito, National Institute of Information and Communications Technology
Kazuma Taka, University of Hyogo
Takanori Isobe, University of Hyogo
Abstract

In this paper, we explore a new type of key collisions called target-plaintext key collisions of AES, which emerge as an open problem in the key committing security and are directly converted into single-block collision attacks on Davies-Meyer (DM) hashing mode. For this key collision, a ciphertext collision is uniquely observed when a specific plaintext is encrypted under two distinct keys. We introduce an efficient automatic search tool designed to find target-plaintext key collisions. This tool exploits bit-wise behaviors of differential characteristics and dependencies among operations and internal variables of both data processing and key scheduling parts. This allows us to hierarchically perform rebound-type attacks to identify key collisions. As a result, we demonstrate single-block collision attacks on 2/5/6-round AES-128/192/256-DM and semi-free-start collision attacks on 5/7/9-round AES-128/192/256-DM, respectively. To validate our attacks, we provide an example of fixed-target-plaintext key collision/semi-free-start collisions on 9-round AES-256-DM. Furthermore, by exploiting a specific class of free-start collisions with our tool, we present two-block collision attacks on 3/9-round AES-128/256-DM, respectively.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
A major revision of an IACR publication in ASIACRYPT 2024
Keywords
AESDavies-Meyer hashing modecollisionrebound attacks
Contact author(s)
ad23x032 @ guh u-hyogo ac jp
k sakamoto0728 @ gmail com
itorym @ nict go jp
takanori isobe @ ai u-hyogo ac jp
History
2024-09-30: approved
2024-09-26: received
See all versions
Short URL
https://ia.cr/2024/1508
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2024/1508,
      author = {Kodai Taiyama and Kosei Sakamoto and Ryoma Ito and Kazuma Taka and Takanori Isobe},
      title = {Key Collisions on {AES} and Its Applications},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/1508},
      year = {2024},
      url = {https://eprint.iacr.org/2024/1508}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.