Review of the Advanced Encryption Standard

The field of cryptography continues to advance at a very rapid pace, leading to new insights that may impact the security properties of cryptographic algorithms. The Crypto Publication Review Board ("the Board") has been established to identify publications to be reviewed. This report subjects the first standard to the review process: Federal Information Processing Standard (FIPS) 197, which defines the Advanced Encryption Standard (AES).

[1]  William C. Barker,et al.  TECHNOLOGY ADMINISTRATION , 2004 .

[2]  Hongjun Wu,et al.  Improving the Biclique Cryptanalysis of AES , 2015, ACISP.

[3]  David Brumley,et al.  Remote timing attacks are practical , 2003, Comput. Networks.

[4]  Morris J. Dworkin,et al.  SP 800-38B. Recommendation for Block Cipher Modes of Operation: the CMAC Mode for Authentication , 2005 .

[5]  Alex Biryukov,et al.  Distinguisher and Related-Key Attack on the Full AES-256 , 2009, CRYPTO.

[6]  Kenneth G. Paterson,et al.  Analyzing Multi-key Security Degradation , 2017, ASIACRYPT.

[7]  Adi Shamir,et al.  Improved Key Recovery Attacks on Reduced-Round AES with Practical Data and Memory Complexities , 2019, Journal of Cryptology.

[8]  Elaine B. Barker,et al.  Report on the Development of the Advanced Encryption Standard (AES) , 2001, Journal of research of the National Institute of Standards and Technology.

[9]  Li Yang White Box Cryptography , 2022 .

[10]  P. Kocher,et al.  Differential power analysis, advances in cryptology-CRYPTO'99 , 1999 .

[11]  Alex Biryukov,et al.  Related-Key Cryptanalysis of the Full AES-192 and AES-256 , 2009, ASIACRYPT.

[12]  Karthikeyan Bhargavan,et al.  On the Practical (In-)Security of 64-bit Block Ciphers: Collision Attacks on HTTP over TLS and OpenVPN , 2016, CCS.

[13]  Chris Fallin,et al.  Flipping bits in memory without accessing them: An experimental study of DRAM disturbance errors , 2014, 2014 ACM/IEEE 41st International Symposium on Computer Architecture (ISCA).

[14]  Elaine B. Barker,et al.  Transitioning the Use of Cryptographic Algorithms and Key Lengths , 2019 .

[15]  Christian Rechberger,et al.  New and Old Limits for AES Known-Key Distinguishers , 2017 .

[16]  Atul Luykx,et al.  Multi-key Security: The Even-Mansour Construction Revisited , 2015, CRYPTO.

[17]  Alex Biryukov,et al.  Key Recovery Attacks of Practical Complexity on AES Variants With Up To 10 Rounds , 2010, IACR Cryptol. ePrint Arch..

[18]  Keting Jia,et al.  Improved Single-Key Attacks on 9-Round AES-192/256 , 2014, FSE.

[19]  Mihir Bellare,et al.  A Theoretical Treatment of Related-Key Attacks: RKA-PRPs, RKA-PRFs, and Applications , 2003, EUROCRYPT.

[20]  Elaine B. Barker,et al.  Recommendation for pair-wise key establishment using integer factorization cryptography , 2019 .

[21]  Eli Biham,et al.  New Data-Efficient Attacks on Reduced-Round IDEA , 2011, IACR Cryptol. ePrint Arch..

[22]  Michael Hamburg,et al.  Accelerating AES with Vector Permute Instructions , 2009, CHES.

[23]  Jérémy Jean,et al.  Improved Key Recovery Attacks on Reduced-Round AES in the Single-Key Setting , 2013, IACR Cryptol. ePrint Arch..

[24]  Daniel J. Bernstein,et al.  Cache-timing attacks on AES , 2005 .

[25]  Tor Helleseth,et al.  Yoyo Tricks with AES , 2017, ASIACRYPT.

[26]  JinChenhui,et al.  Meet-in-the-middle attacks on 10-round AES-256 , 2016 .

[27]  Gaëtan Leurent,et al.  New Representations of the AES Key Schedule , 2020, IACR Cryptol. ePrint Arch..

[28]  David A. Cooper,et al.  Guidelines for the selection, configuration, and use of Transport Layer Security (TLS) implementations , 2005 .

[29]  G. Leander,et al.  Weak-Key Distinguishers for AES , 2020, SAC.

[30]  Elaine B. Barker,et al.  Transitioning the use of cryptographic algorithms and key lengths , 2011 .

[31]  Elaine B. Barker Recommendation for Key Management, Part 1: General , 2016 .

[32]  Andrew R. Regenscheid,et al.  NIST Cryptographic Standards and Guidelines Development Process , 2016 .

[33]  Andrey Bogdanov,et al.  Biclique Cryptanalysis of the Full AES , 2011, ASIACRYPT.

[34]  Paul C. Kocher,et al.  Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems , 1996, CRYPTO.

[35]  John T. Scott,et al.  The economic impacts of the advanced encryption standard, 1996?2017 , 2018 .

[36]  Elaine B. Barker,et al.  Recommendation for cryptographic key generation , 2012 .

[37]  Peter Schwabe,et al.  Faster and Timing-Attack Resistant AES-GCM , 2009, CHES.

[38]  Andrey Bogdanov,et al.  Bicliques with Minimal Data and Time Complexity for AES , 2014, ICISC.

[39]  James F. Dray,et al.  Interfaces for Personal Identity Verification , 2005 .

[40]  D. L. Parnas,et al.  On the criteria to be used in decomposing systems into modules , 1972, Software Pioneers.

[41]  Shay Gueron,et al.  Intel's New AES Instructions for Enhanced Performance and Security , 2009, FSE.

[42]  Siva Sai Yerubandi,et al.  Differential Power Analysis , 2002 .