Paper 2024/315

Alternative Key Schedules for the AES

Christina Boura, Université Paris-Saclay, UVSQ, CNRS, Laboratoire de mathématiques de Versailles, 78000, Versailles, France
Patrick Derbez, Univ Rennes, Inria, CNRS, IRISA, France
Margot Funk, Université Paris-Saclay, UVSQ, CNRS, Laboratoire de mathématiques de Versailles, 78000, Versailles, France
Abstract

The AES block cipher is today the most important and analyzed symmetric algorithm. While all versions of the AES are known to be secure in the single-key setting, this is not the case in the related-key scenario. In this article we try to answer the question whether the AES would resist better differential-like related-key attacks if the key schedule was different. For this, we search for alternative permutation-based key schedules by extending the work of Khoo et al. at ToSC 2017 and Derbez et al. at SAC 2018. We first show that the model of Derbez et al. was flawed. Then, we develop different approaches together with MILP-based tools to find good permutations that could be used as the key schedule for AES-128, AES-192 and AES-256. Our methods permitted to find permutations that outperform the permutation exhibited by Khoo et al. for AES-128. Moreover, our new approach based on two MILP models that call one another allowed us to handle a larger search space and thus to search for alternative key schedules for the two bigger versions of AES. This method permitted us to find permutations for AES-192 and AES-256 that provide better resistance to related-key differential attacks. Most importantly, we showed that these variants can resist full-round boomerang attacks.

Metadata
Available format(s)
PDF
Category
Secret-key cryptography
Publication info
Published elsewhere. Minor revision. ACNS 2024
Keywords
AESkey scheduleMILPrelated-key attacksdifferential cryptanalysis
Contact author(s)
christina boura @ uvsq fr
patrick derbez @ irisa fr
margot funk @ uvsq fr
History
2024-07-04: revised
2024-02-23: received
See all versions
Short URL
https://ia.cr/2024/315
License
Creative Commons Attribution-ShareAlike
CC BY-SA

BibTeX

@misc{cryptoeprint:2024/315,
      author = {Christina Boura and Patrick Derbez and Margot Funk},
      title = {Alternative Key Schedules for the {AES}},
      howpublished = {Cryptology {ePrint} Archive, Paper 2024/315},
      year = {2024},
      url = {https://eprint.iacr.org/2024/315}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.