Linear cryptanalysis method for DES cipher
EUROCRYPT '93 Workshop on the theory and application of cryptographic techniques on Advances in cryptology
The Design of Rijndael
Crytanalysis of DES with a Reduced Number of Rounds: Sequences of Linear Factors in Block Ciphers
CRYPTO '85 Advances in Cryptology
Differential Collisions in SHA-0
CRYPTO '98 Proceedings of the 18th Annual International Cryptology Conference on Advances in Cryptology
FSE '97 Proceedings of the 4th International Workshop on Fast Software Encryption
FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Miss in the Middle Attacks on IDEA and Khufu
FSE '99 Proceedings of the 6th International Workshop on Fast Software Encryption
Improved Cryptanalysis of Rijndael
FSE '00 Proceedings of the 7th International Workshop on Fast Software Encryption
Impossible differential cryptanalysis of 7-round advanced encryption standard (AES)
Information Processing Letters - Devoted to the rapid publication of short contributions to information processing
Chosen-Prefix Collisions for MD5 and Colliding X.509 Certificates for Different Identities
EUROCRYPT '07 Proceedings of the 26th annual international conference on Advances in Cryptology
A Meet-in-the-Middle Attack on 8-Round AES
Fast Software Encryption
New Impossible Differential Attacks on AES
INDOCRYPT '08 Proceedings of the 9th International Conference on Cryptology in India: Progress in Cryptology
Finding Preimages in Full MD5 Faster Than Exhaustive Search
EUROCRYPT '09 Proceedings of the 28th Annual International Conference on Advances in Cryptology: the Theory and Applications of Cryptographic Techniques
The Rebound Attack: Cryptanalysis of Reduced Whirlpool and Grøstl
Fast Software Encryption
Short Chosen-Prefix Collisions for MD5 and the Creation of a Rogue CA Certificate
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Meet-in-the-Middle Preimage Attacks Against Reduced SHA-0 and SHA-1
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Distinguisher and Related-Key Attack on the Full AES-256
CRYPTO '09 Proceedings of the 29th Annual International Cryptology Conference on Advances in Cryptology
Preimage Attacks on One-Block MD4, 63-Step MD5 and More
Selected Areas in Cryptography
Selected Areas in Cryptography
Related-Key Cryptanalysis of the Full AES-192 and AES-256
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Rebound Distinguishers: Results on the Full Whirlpool Compression Function
ASIACRYPT '09 Proceedings of the 15th International Conference on the Theory and Application of Cryptology and Information Security: Advances in Cryptology
Improved Meet-in-the-Middle Attacks on AES
INDOCRYPT '09 Proceedings of the 10th International Conference on Cryptology in India: Progress in Cryptology
The effects of the omission of last round's MixColumns on AES
Information Processing Letters
New results on impossible differential cryptanalysis of reduced AES
ICISC'07 Proceedings of the 10th international conference on Information security and cryptology
Improved meet-in-the-middle attacks on reduced-round DES
INDOCRYPT'07 Proceedings of the cryptology 8th international conference on Progress in cryptology
Known-key distinguishers for some block ciphers
ASIACRYPT'07 Proceedings of the Advances in Crypotology 13th international conference on Theory and application of cryptology and information security
Correlated keystreams in MOUSTIQUE
AFRICACRYPT'08 Proceedings of the Cryptology in Africa 1st international conference on Progress in cryptology
Super-Sbox cryptanalysis: improved attacks for AES-like permutations
FSE'10 Proceedings of the 17th international conference on Fast software encryption
A practical-time related-key attack on the KASUMI cryptosystem used in GSM and 3G telephony
CRYPTO'10 Proceedings of the 30th annual conference on Advances in cryptology
A 3-subset meet-in-the-middle attack: cryptanalysis of the lightweight block cipher KTANTAN
SAC'10 Proceedings of the 17th international conference on Selected areas in cryptography
A single-key attack on the full GOST block cipher
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Meet-in-the-middle preimage attacks on AES hashing modes and an application to whirlpool
FSE'11 Proceedings of the 18th international conference on Fast software encryption
Automatic search of attacks on round-reduced AES and applications
CRYPTO'11 Proceedings of the 31st annual conference on Advances in cryptology
Finding collisions in the full SHA-1
CRYPTO'05 Proceedings of the 25th annual international conference on Advances in Cryptology
How to break MD5 and other hash functions
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Collisions of SHA-0 and reduced SHA-1
EUROCRYPT'05 Proceedings of the 24th annual international conference on Theory and Applications of Cryptographic Techniques
Key recovery attacks of practical complexity on AES-256 variants with up to 10 rounds
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
EUROCRYPT'10 Proceedings of the 29th Annual international conference on Theory and Applications of Cryptographic Techniques
Biclique cryptanalysis of the full AES
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Biclique cryptanalysis of the full AES
ASIACRYPT'11 Proceedings of the 17th international conference on The Theory and Application of Cryptology and Information Security
Biclique cryptanalysis of reduced-round piccolo block cipher
ISPEC'12 Proceedings of the 8th international conference on Information Security Practice and Experience
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Narrow-Bicliques: cryptanalysis of full IDEA
EUROCRYPT'12 Proceedings of the 31st Annual international conference on Theory and Applications of Cryptographic Techniques
Three-subset meet-in-the-middle attack on reduced XTEA
AFRICACRYPT'12 Proceedings of the 5th international conference on Cryptology in Africa
Security analysis of the lightweight block ciphers XTEA, LED and piccolo
ACISP'12 Proceedings of the 17th Australasian conference on Information Security and Privacy
Length-preserving bit-stream-based JPEG encryption
Proceedings of the on Multimedia and security
Biclique attack on the full HIGHT
ICISC'11 Proceedings of the 14th international conference on Information Security and Cryptology
Zero correlation linear cryptanalysis with reduced data complexity
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Bicliques for preimages: attacks on skein-512 and the SHA-2 family
FSE'12 Proceedings of the 19th international conference on Fast Software Encryption
Bicliques for permutations: collision and preimage attacks in stronger settings
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
ASIACRYPT'12 Proceedings of the 18th international conference on The Theory and Application of Cryptology and Information Security
On bruteforce-like cryptanalysis: new meet-in-the-middle attacks in symmetric cryptanalysis
ICISC'12 Proceedings of the 15th international conference on Information Security and Cryptology
The SHA-3 competition: lessons learned
Proceedings of the 6th International Conference on Security of Information and Networks
A new data hiding method via revision history records on collaborative writing platforms
ACM Transactions on Multimedia Computing, Communications, and Applications (TOMCCAP)
Cryptanalysis of block cipher Piccolo suitable for cloud computing
The Journal of Supercomputing
| Hi-index | 0.00 |
Since Rijndael was chosen as the Advanced Encryption Standard (AES), improving upon 7-round attacks on the 128-bit key variant (out of 10 rounds) or upon 8-round attacks on the 192/256-bit key variants (out of 12/14 rounds) has been one of the most difficult challenges in the cryptanalysis of block ciphers for more than a decade. In this paper, we present the novel technique of block cipher cryptanalysis with bicliques, which leads to the following results: The first key recovery method for the full AES-128 with computational complexity 2126.1. The first key recovery method for the full AES-192 with computational complexity 2189.7. The first key recovery method for the full AES-256 with computational complexity 2254.4. Key recovery methods with lower complexity for the reduced-round versions of AES not considered before, including cryptanalysis of 8-round AES-128 with complexity 2124.9. Preimage search for compression functions based on the full AES versions faster than brute force. In contrast to most shortcut attacks on AES variants, we do not need to assume related-keys. Most of our techniques only need a very small part of the codebook and have low memory requirements, and are practically verified to a large extent. As our cryptanalysis is of high computational complexity, it does not threaten the practical use of AES in any way.