Biclique key recovery for ARIA‐256

Chen, Shaozhen; Xu, Tian-min

doi:10.1049/iet-ifs.2012.0353

Cited by 5 publications

(2 citation statements)

References 7 publications

(12 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The only exception is biclique cryptanalysis which was used in 2011 to create the first attack faster than brute force on the full version of AES [Bogdanov et al 2011]. At the time, this new method inspired its straightforward application in many ciphers [C ¸oban et al 2012, Abed et al 2012, de Carvalho and Kowada 2020, as well as the development of variations to apply in others which were not as simple of a task [Khovratovich et al 2012, Chen andXu 2014].…”

Section: Introductionmentioning

confidence: 99%

Revisiting the Biclique Attack on the AES

Carvalho,

Kowada

2023

Anais Do XXIII Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2023)

View full text Add to dashboard Cite

The AES Cipher is one of the most widely used block ciphers throughout the world for the better part of two decades now. Despite its relevancy, there has been no great progress in the attempts at finding exploitable flaws or cryptanalysis techniques that are able to find the secret key in less time than simple exhaustive search for its full version. The only exception is biclique cryptanalysis which was used more than once to recover the secret key in marginally less time than simple brute force. The last improvement happened 8 years ago. This paper finds the best results for all but one of the variations attempted on the AES, through the help of the concept of generator sets for related-key differentials, in terms of time complexity as well as a software that semi-automates tests on general word-based ciphers.

show abstract

Section: Introductionmentioning

confidence: 99%

Revisiting the Biclique Attack on the AES

Carvalho,

Kowada

2023

Anais Do XXIII Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2023)

View full text Add to dashboard Cite

show abstract

“…There had never been an attack faster than brute force for the full round AES until then. In the following years after its initial success, the method was applied to a variety of ciphers such as HIGHT [Hong et al 2011], TWINE [C ¸oban et al 2012], SQUARE [Mala 2014] and ARIA [Chen and Xu 2014]. However, besides Rijndael (the original name of the AES), Biclique Cryptanalysis was applied to no other AES finalist, until the year 2020 when de Carvalho and Kowada [de Carvalho and Kowada 2020] attacked Serpent-256.…”

Section: Introductionmentioning

confidence: 99%

Generator sets for the selection of key differences in the Biclique Attack

Carvalho¹,

Kowada²

2022

Anais Do XXII Simpósio Brasileiro De Segurança Da Informação E De Sistemas Computacionais (SBSeg 2022)

View full text Add to dashboard Cite

Biclique cryptanalysis is the only known method faster than brute force for some block ciphers, such as the AES. The main phase of the attack is the Preparation phase in which the attacker selects the two families of key differences and chooses ways to partition the key space and the cipher. In the versions of biclique cryptanalysis used in literature, the selection of both families of key differences is done over the same set of key bits. We introduce our novel technique that involves a new concept of generator set of key differences where each key difference can be chosen from distinct sets of key bits. This also influences the way that the key space is partitioned, allowing for new possible bicliques with better time or data complexities. To demonstrate the power of this new technique, we present in this work an attack on the Serpent-256 that uses a negligible amount of data and remains close in terms of time complexity when compared to the best biclique attack applied to the cipher.

show abstract