Meet-in-the-Middle Attacks on AES

This thesis is dedicated to the cryptanalysis of the AES (Advanced Encryption Standard) which is one of the most widely deployed block ciphers. We present a new technique to solve a particular kind of equations designed to attack the AES. This technique relies on both the linear algebra and the "Meet-in-the-Middle" technique and, for any system of equations, leads to many solvers with different but predictable complexity. Thus we built a program in order to find the fastest solver. Initially we applied it directly to the systems of equations describing round-reduced versions of the AES and found new attacks when the data available to the adversary is very limited, improving the previous ones manually found by others researchers. As the technique is generic, we were able to use this program to study different models as faults or chosen-key attacks and different cryptographic primitives as both the message authentication code Pelican-MAC and the stream cipher LEX. Finally, we show a generalization of the attacks of Demirci and Selcuk published at the FSE2008 conference, together with an algorithm that allowed us to find the best attacks of this class, with some of them belonging to the best known ones. This algorithm relies on the previous program in order to determine the number of values assumed by a subset of key and state bytes as well as the complexity of enumerating them.