Paper 2025/2213
Simplified Meet-in-the-middle Preimage Attacks on AES-based Hashing
Abstract
The meet-in-the-middle (MITM) attack is a powerful cryptanalytic technique leveraging time-memory tradeoffs to break cryptographic primitives. Initially introduced for block cipher cryptanalysis, it has since been extended to hash functions, particularly preimage attacks on AES-based compression functions. Over the years, various enhancements such as superposition MITM (Bao et al., CRYPTO 2022) and bidirectional propagations have significantly improved MITM attacks, but at the cost of increasing complexity of automated search models. In this work, we propose a unified mixed integer linear programming (MILP) model designed to improve the search for optimal pre-image MITM attacks against AES-based compression functions. Our model generalizes previous approaches by simplifying both the modeling and the corresponding attack algorithm. In particular, it ensures that all identified attacks are valid. The results demonstrate that our framework not only recovers known attacks on AES and Whirlpool but also discovers new attacks with lower memory complexities, and new quantum attacks.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Published by the IACR in CIC 2025
- Keywords
- AES-based hashingMITM attacksQuantum cryptanalysis
- Contact author(s)
-
mathieu degre @ inria fr
patrick derbez @ inria fr
andre schrottenloher @ inria fr - History
- 2025-12-11: approved
- 2025-12-08: received
- See all versions
- Short URL
- https://ia.cr/2025/2213
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2025/2213,
author = {Mathieu Degré and Patrick Derbez and André Schrottenloher},
title = {Simplified Meet-in-the-middle Preimage Attacks on {AES}-based Hashing},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/2213},
year = {2025},
url = {https://eprint.iacr.org/2025/2213}
}