Differential cryptanalysis of the data encryption standard
Differential cryptanalysis of the data encryption standard
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
Improved Cryptanalysis of Rijndael
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Impossible differential cryptanalysis of 7-round advanced encryption standard (AES)
Information Processing Letters - Devoted to the rapid publication of short contributions to information processing
A Meet-in-the-Middle Attack on 8-Round AES
Fast Software Encryption
New Impossible Differential Attacks on AES
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Improved Meet-in-the-Middle Attacks on AES
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
New results on impossible differential cryptanalysis of reduced AES
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Improving the efficiency of impossible differential cryptanalysis of reduced Camellia and MISTY1
CT-RSA'08 Proceedings of the 2008 The Cryptopgraphers' Track at the RSA conference on Topics in cryptology
Hi-index | 0.00 |
The AES block cipher has a 128-bit block length and a user key of 128, 192 or 256 bits, released by NIST for data encryption in the USA; it is an ISO international standard. In 2008, Demirci and Selçuk gave a meet-in-the-middle attack on 7-round AES under 192 key bits. In 2009, Demirci et al. (incorrectly) described a new meet-in-the-middle attack on 7-round AES under 192 key bits. Recently, Dunkelman et al. described an attack on 8-round AES under 192 key bits by taking advantage of the early abort technique and several other observations, including one about the key schedule. In this paper, we show that by exploiting a simple observation on the key schedule, a meet-in-the-middle attack on 8-round AES under 192 key bits can be obtained from Demirci and Selçuk's and Demirci et al.'s work; and a more efficient attack can be obtained when taking into account Dunkelman et al.'s observation on the key schedule. In the single-key attack scenario, attacking 8 rounds is the best currently known cryptanalytic result for AES in terms of the numbers of attacked rounds, and our attack has a practical data complexity when compared with the currently known attacks on 8-round AES under 192 key bits.