2010
DOI: 10.1007/978-3-642-17401-8_20
|View full text |Cite
|
Sign up to set email alerts
|

Improved Impossible Differential Cryptanalysis of 7-Round AES-128

Abstract: Abstract. Using a new 4-round impossible differential in AES that allows us to exploit the redundancy in the key schedule of AES-128 in a way more effective than previous work, we present a new impossible differential attack on 7 rounds of this block cipher. By this attack, 7-round AES-128 is breakable with a data complexity of about 2 106 chosen plaintexts and a time complexity equivalent to about 2 110 encryptions. This result is better than any previously known attack on AES-128 in the single-key scenario.

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
66
0

Year Published

2011
2011
2023
2023

Publication Types

Select...
6
1
1

Relationship

1
7

Authors

Journals

citations
Cited by 85 publications
(66 citation statements)
references
References 11 publications
0
66
0
Order By: Relevance
“…Select a set of 2 64 plaintexts which have certain fixed values in all but the bytes (0, 2,5,7,8,10,13,15). Call this special set a structure.…”
Section: New Impossible Differential Attack On 7-round Aes-128mentioning
confidence: 99%
See 2 more Smart Citations
“…Select a set of 2 64 plaintexts which have certain fixed values in all but the bytes (0, 2,5,7,8,10,13,15). Call this special set a structure.…”
Section: New Impossible Differential Attack On 7-round Aes-128mentioning
confidence: 99%
“…They required 2 112:2 chosen plaintexts and 2 117:2 memory accesses. The latest result on impossible differential cryptanalysis of AES-128 was proposed by Mala et al [13]. They adopted some techniques to attack on AES-128 with about 2 106:2 chosen plaintexts and 2 110:2 7-round encryptions.…”
Section: Introductionmentioning
confidence: 99%
See 1 more Smart Citation
“…For example, the truncated impossible differential and zero correlation linear hull of AES in [4,27] and Camellia in [28,29]. In other words, if these ciphers adopt some other S-boxes, these distinguishers still hold.…”
Section: Structure and Dual Structurementioning
confidence: 99%
“…With respect to AES, probably the most powerful singlekey recovery methods designed so far are impossible differential cryptanalysis [5,36] and Square attacks [16,22]. Impossible differential cryptanalysis yielded the first attack on the 7-round AES-128 with non-marginal data complexity.…”
Section: Introductionmentioning
confidence: 99%