Impossible differential cryptanalysis of advanced encryption standard

Impossible differential cryptanalysis is a method recovering secret key, which gets rid of the keys that satisfy impossible differential relations. This paper concentrates on the impossible differential cryptanalysis of Advanced Encryption Standard (AES) and presents two methods for impossible diffe...

Full description

Saved in:
Bibliographic Details
Published in:Science China. Information sciences 2007-06, Vol.50 (3), p.342-350
Main Authors: Chen, Jie, Hu, YuPu, Zhang, YueYu
Format: Article
Language:English
Subjects:
Cryptography
不可微分密码分析
先进加密标准
分组密码
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Impossible differential cryptanalysis is a method recovering secret key, which gets rid of the keys that satisfy impossible differential relations. This paper concentrates on the impossible differential cryptanalysis of Advanced Encryption Standard (AES) and presents two methods for impossible differential cryptanalysis of 7-round AES-192 and 8-round AES-256 combined with time-memory trade-off by exploiting weaknesses in their key schedule. This attack on the reduced to 7-round AES-192 requires about 294.5 chosen plaintexts, demands 2129 words of memory, and performs 2157 7-round AES-192 encryptions. Furthermore, this attack on the reduced to 8-round AES-256 requires about 2^101 chosen plaintexts, demands 2^201 words of memory, and performs 2^228 8-round AES-256 encryptions.
ISSN:1009-2757
1674-733X
1862-2836
1869-1919
DOI:10.1007/s11432-007-0035-4