Improved Boomerang Attacks on 6-Round AES

Augustin Bariant; Orr Dunkelman; Nathan Keller; Gaëtan Leurent; Victor Mollimard

Paper 2024/977

Improved Boomerang Attacks on 6-Round AES

Augustin Bariant

, Inria, Paris, France, ANSSI, Paris, France

Orr Dunkelman

, University of Haifa, Haifa, Israel

Nathan Keller

, Bar Ilan University, Ramat Gan, Israel

Gaëtan Leurent

, Inria, Paris, France

Victor Mollimard

, University of Haifa, Haifa, Israel

Abstract

The boomerang attack is a cryptanalytic technique which allows combining two short high-probability differentials into a distinguisher for a large number of rounds. Since its introduction by Wagner in 1999, it has been applied to many ciphers. One of the best-studied targets is a 6-round variant of AES, on which the boomerang attack is outperformed only by the dedicated Square attack. Recently, two new variants of the boomerang attack were presented: retracing boomerang (Eurocrypt'20) and truncated boomerang (Eurocrypt'23). These variants seem incompatible: the former achieves lower memory complexity by throwing away most of the data in order to force dependencies, while the latter achieves lower time complexity by using large structures, which inevitably leads to a large memory complexity. In this paper we show that elements of the two techniques can be combined to get `the best of the two worlds' – the practical memory complexity of the retracing attack and the lower time complexity of the truncated attack. We obtain an attack with data complexity of $2^{57}$ (compared to $2^{59}$ and $2^{55}$ of truncated and retracing boomerang, respectively), memory complexity of $2^{33}$ (compared to $2^{59}$ and $2^{31}$), and time complexity of $2^{61}$ (compared to $2^{61}$ and $2^{80}$). This is the second-best attack on 6-round AES, after the Square attack.

Metadata

Available format(s): PDF
Category: Attacks and cryptanalysis
Publication info: Preprint.
Keywords: AES Boomerang attack
Contact author(s): augustin bariant @ ssi gouv fr
orrd @ cs haifa ac il
Nathan Keller @ biu ac il
gaetan leurent @ inria fr
victor mollimard @ gmail com
History: 2024-06-18: approved; 2024-06-17: received; See all versions
Short URL: https://ia.cr/2024/977
License: CC0

BibTeX

@misc{cryptoeprint:2024/977,
      author = {Augustin Bariant and Orr Dunkelman and Nathan Keller and Gaëtan Leurent and Victor Mollimard},
      title = {Improved Boomerang Attacks on 6-Round {AES}},
      howpublished = {Cryptology ePrint Archive, Paper 2024/977},
      year = {2024},
      note = {\url{https://eprint.iacr.org/2024/977}},
      url = {https://eprint.iacr.org/2024/977}
}