Low-Data Complexity Attacks on AES

Charles Bouillaguet 1 Patrick Derbez 2 Orr Dunkelman 1 Pierre-Alain Fouque 2 Nathan Keller Vincent Rijmen
2 CASCADE - Construction and Analysis of Systems for Confidentiality and Authenticity of Data and Entities
DI-ENS - Département d'informatique de l'École normale supérieure, Inria Paris-Rocquencourt, CNRS - Centre National de la Recherche Scientifique : UMR 8548
Abstract : The majority of current attacks on reduced-round variants of block ciphers seeks to maximize the number of rounds that can be broken, using less data than the entire codebook and less time than exhaustive key search. In this paper, we pursue a different approach, restricting the data available to the adversary to a few plaintext/ciphertext pairs. We argue that consideration of such attacks (which received little attention in recent years) improves our understanding of the security of block ciphers and of other cryptographic primitives based on block ciphers. In particular, these attacks can be leveraged to more complex attacks, either on the block cipher itself or on other primitives (e.g., stream ciphers, MACs, or hash functions) that use a small number of rounds of the block cipher as one of their components. As a case study, we consider the Advanced Encryption Standard (AES)-the most widely used block cipher. The AES round function is used in many cryptographic primitives, such as the hash functions Lane, SHAvite-3, and Vortex or the message authentication codes ALPHA-MAC, Pelican, and Marvin. We present attacks on up to four rounds of AES that require at most three known/chosen plaintexts. We then apply these attacks to cryptanalyze an AES-based stream cipher (which follows the leak extraction methodology), and to mount the best known plaintext attack on six-round AES.
Type de document :
Article dans une revue
IEEE Transactions on Information Theory, Institute of Electrical and Electronics Engineers, 2012, 58 (11), pp.7002 - 7017. 〈10.1109/TIT.2012.2207880〉
Liste complète des métadonnées

https://hal.inria.fr/hal-01111659
Contributeur : Brigitte Briot <>
Soumis le : vendredi 30 janvier 2015 - 17:06:02
Dernière modification le : jeudi 11 janvier 2018 - 06:22:10

Identifiants

Collections

Citation

Charles Bouillaguet, Patrick Derbez, Orr Dunkelman, Pierre-Alain Fouque, Nathan Keller, et al.. Low-Data Complexity Attacks on AES . IEEE Transactions on Information Theory, Institute of Electrical and Electronics Engineers, 2012, 58 (11), pp.7002 - 7017. 〈10.1109/TIT.2012.2207880〉. 〈hal-01111659〉

Partager

Métriques

Consultations de la notice

126