Related-key rectangle cryptanalysis of Rijndael-160 and Rijndael-192

In this study, the authors present the first related-key rectangle cryptanalysis of Rijndael-160/160 and Rijndael-192/192. The author's attack on Rijndael-160/160 covers eight rounds. The attack complexities are 2126.5 chosen plaintexts, 2129.28 8-round Rijndael-160/160 encryptions and 2132.82 bytes. Their attack on Rijndael-192/192 covers ten rounds. It requires 2179 chosen plaintexts, 2181.09 10-round Rijndael-192/192 encryptions and 2185.59 bytes memory. These are the currently best cryptanalytic results on Rijndael-160/160 and Rijndael-192/192 in terms of the number of attacked rounds. Furthermore, their results show that the slow diffusion in the key schedule of Rijndael makes it a target for this type of analysis.

[1]  Vincent Rijmen,et al.  Improved Impossible Differential Attacks on Large-Block Rijndael , 2012, ICISC.

[2]  Erik Tews,et al.  Breaking 104 Bit WEP in Less Than 60 Seconds , 2007, WISA.

[3]  Bruce Schneier,et al.  Related-key cryptanalysis of 3-WAY, Biham-DES, CAST, DES-X, NewDES, RC2, and TEA , 1997, ICICS.

[4]  Eli Biham,et al.  Related-Key Boomerang and Rectangle Attacks , 2005, EUROCRYPT.

[5]  Thomas Peyrin,et al.  The PHOTON Family of Lightweight Hash Functions , 2011, IACR Cryptol. ePrint Arch..

[6]  Jongsung Kim,et al.  Related-Key Rectangle Attacks on Reduced AES-192 and AES-256 , 2007, FSE.

[7]  Simon Heron,et al.  Encryption: Advanced Encryption Standard (AES) , 2009 .

[8]  Dengguo Feng,et al.  New Results on Impossible Differential Cryptanalysis of Reduced AES , 2007, ICISC.

[9]  Dengguo Feng,et al.  Improved Related-Key Impossible Differential Attacks on Reduced-Round AES-192 , 2006, Selected Areas in Cryptography.

[10]  Joan Daemen Advanced Encryption Standard , 2011, Encyclopedia of Cryptography and Security.

[11]  Bruce Schneier,et al.  Improved Cryptanalysis of Rijndael , 2000, FSE.

[12]  Marine Minier,et al.  A Collision Attack on 7 Rounds of Rijndael , 2000, AES Candidate Conference.

[13]  Andrey Bogdanov,et al.  PRESENT: An Ultra-Lightweight Block Cipher , 2007, CHES.

[14]  Raphael C.-W. Phan,et al.  New Multiset Attacks on Rijndael with Large Blocks , 2005, Mycrypt.

[15]  Eli Biham,et al.  New Combined Attacks on Block Ciphers , 2005, FSE.

[16]  Vincent Rijmen,et al.  The WHIRLPOOL Hashing Function , 2003 .

[17]  Paulo S. L. M. Barreto,et al.  Whirlwind: a new cryptographic hash function , 2010, Des. Codes Cryptogr..

[18]  Alex Biryukov,et al.  Related-Key Cryptanalysis of the Full AES-192 and AES-256 , 2009, ASIACRYPT.

[19]  Dengguo Feng,et al.  Related-Key Differential-Linear Attacks on Reduced AES-192 , 2007, INDOCRYPT.

[20]  Ali Aydin Selçuk,et al.  A Meet-in-the-Middle Attack on 8-Round AES , 2008, FSE.

[21]  Vincent Rijmen,et al.  The Design of Rijndael: AES - The Advanced Encryption Standard , 2002 .

[22]  Antoine Joux,et al.  Differential Collisions in SHA-0 , 1998, CRYPTO.

[23]  Marine Minier,et al.  Improving Integral Attacks Against Rijndael-256 Up to 9 Rounds , 2008, AFRICACRYPT.

[24]  Eli Biham,et al.  A Related-Key Rectangle Attack on the Full KASUMI , 2005, ASIACRYPT.

[25]  Olivier Billet , .

[26]  Raphael C.-W. Phan,et al.  Impossible differential cryptanalysis of 7-round Advanced Encryption Standard (AES) , 2004, Inf. Process. Lett..

[27]  Florian Mendel,et al.  Symmetric Cryptography , 2009 .

[28]  Alex Biryukov,et al.  The Boomerang Attack on 5 and 6-Round Reduced AES , 2004, AES Conference.

[29]  Marine Minier,et al.  Improving Integral Cryptanalysis against Rijndael with Large Blocks , 2009, ArXiv.

[30]  Eli Biham,et al.  New types of cryptanalytic attacks using related keys , 1994, Journal of Cryptology.

[31]  Alex Biryukov,et al.  Automatic Search for Related-Key Differential Characteristics in Byte-Oriented Block Ciphers: Application to AES, Camellia, Khazad and Others , 2010, EUROCRYPT.

[32]  Jorge Nakahara,et al.  Impossible-Differential Attacks on Large-Block Rijndael , 2007, ISC.

[33]  Frederic P. Miller,et al.  Advanced Encryption Standard , 2009 .

[34]  Eli Biham,et al.  The SHAvite-3 - A New Hash Function , 2009, Symmetric Cryptography.

[35]  Stefan Lucks,et al.  Attacking Seven Rounds of Rijndael under 192-bit and 256-bit Keys , 2000, AES Candidate Conference.

[36]  Alex Biryukov,et al.  Distinguisher and Related-Key Attack on the Full AES-256 , 2009, CRYPTO.

[37]  Eli Biham,et al.  The Rectangle Attack - Rectangling the Serpent , 2001, EUROCRYPT.

[38]  Eli Biham,et al.  Related-Key Impossible Differential Attacks on 8-Round AES-192 , 2006, CT-RSA.

[39]  David A. Wagner,et al.  The Boomerang Attack , 1999, FSE.

[40]  Vincent Rijmen,et al.  The Block Cipher Square , 1997, FSE.

[41]  Bruce Schneier,et al.  Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent , 2000, FSE.

[42]  E. Biham,et al.  The SHAvite-3 Hash Function , 2008 .

[43]  Zheng Yuan New Impossible Differential Attacks on AES , 2010 .

[44]  Adi Shamir,et al.  A Practical-Time Related-Key Attack on the KASUMI Cryptosystem Used in GSM and 3G Telephony , 2010, CRYPTO.

[45]  Wen-Ling Wu,et al.  Improved Integral Attacks on Rijndael , 2011, J. Inf. Sci. Eng..

[46]  Alex Biryukov,et al.  Cryptanalysis of SAFER++ , 2003, CRYPTO.

[47]  Adi Shamir,et al.  A Practical-Time Related-Key Attack on the KASUMI Cryptosystem Used in GSM and 3G Telephony , 2010, Journal of Cryptology.