2017
DOI: 10.1007/978-3-319-56614-6_10
|View full text |Cite
|
Sign up to set email alerts
|

A New Structural-Differential Property of 5-Round AES

Abstract:  Users may download and print one copy of any publication from the public portal for the purpose of private study or research.  You may not further distribute the material or use it for any profit-making activity or commercial gain  You may freely distribute the URL identifying the publication in the public portal If you believe that this document breaches copyright please contact us providing details, and we will remove access to the work immediately and investigate your claim.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

2
65
0

Year Published

2018
2018
2020
2020

Publication Types

Select...
5
1
1

Relationship

1
6

Authors

Journals

citations
Cited by 61 publications
(67 citation statements)
references
References 15 publications
2
65
0
Order By: Relevance
“…Then, at EUROCRYPT 2016, Sun et al proved that without the details of the S-box, an impossible differential of the AES cannot cover 5 or more rounds [20]. At CRYPTO 2016, Sun et al proposed the first 5-round distinguisher of the AES [19] which was later improved by Grassi et al [12], [13] to cover 5 rounds. However, these distinguishers seem hardly to be used to mount a key recovery attack against the AES.…”
Section: A the State-of-the-art Cryptanalysis Of Aesmentioning
confidence: 99%
“…Then, at EUROCRYPT 2016, Sun et al proved that without the details of the S-box, an impossible differential of the AES cannot cover 5 or more rounds [20]. At CRYPTO 2016, Sun et al proposed the first 5-round distinguisher of the AES [19] which was later improved by Grassi et al [12], [13] to cover 5 rounds. However, these distinguishers seem hardly to be used to mount a key recovery attack against the AES.…”
Section: A the State-of-the-art Cryptanalysis Of Aesmentioning
confidence: 99%
“…Due to their importance, it is not surprising that block ciphers are also among the best understood primitives. In particular the Advanced Encryption Standard (AES) [2] has been scrutinized by cryptanalysts ever since its development in 1998 [19] without any significant security threat discovered for the full cipher (see e. g. [27,26,7,6,23,28,29]).…”
Section: Introductionmentioning
confidence: 99%
“…However, new results on the AES still appear regularly, especially within the last couple of years (e.g. polytopic cryptanalysis [Tie16], "multiple-of-8" distinguisher [GRR17a] and yoyo distinguisher [RBH17]). While those papers do not pose any practical thread to the AES, they do give new insights into the internals of what is arguably the cipher that is responsible for the largest fraction of encrypted data worldwide.…”
Section: Introductionmentioning
confidence: 99%
“…"Multiple-of-8" distinguisher [GRR17a] proposed at Eurocrypt 2017 by Grassi, Rechberger and Rønjom is the first 5-round secret-key distinguisher for AES that exploits a property which is independent of the secret key and of the details of the S-Box. This distinguisher is based on a new structural property for up to 5 rounds of AES: by appropriate choices of a number of input pairs it is possible to make sure that the number of times that the difference of the resulting output pairs lie in a particular subspace is always a multiple of 8.…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation