Feasible Attack on the 13-round AES-256
نویسندگان
چکیده
In this note we present the first attack with feasible complexity on the 13-round AES-256. The attack runs in the related-subkey scenario with four related keys, in 2 time, data, and memory.
منابع مشابه
Key Recovery Attacks of Practical Complexity on AES-256 Variants with up to 10 Rounds
AES is the best known and most widely used block cipher. Its three versions (AES-128, AES-192, and AES-256) differ in their key sizes (128 bits, 192 bits and 256 bits) and in their number of rounds (10, 12, and 14, respectively). While for AES-128, there are no known attacks faster than exhaustive search, AES-192 and AES-256 were recently shown to be breakable by attacks which require 2 and 2 t...
متن کاملRelated-Key Impossible Differential Attacks on Reduced-Round AES-256
In this paper we examine the strength of AES-256 against the related-key impossible differential attack, following the work in [1] and [2]. Firstly, we present a carefully chosen relation between the related keys, which can be extended to 8-round(even more rounds) subkey differences. Then, we construct a 5.5-round related-key impossible differential. Using the differential, we present an attack...
متن کاملA Collision Attack on a Double-Block-Length Compression Function Instantiated with Round-Reduced AES-256
This paper presents the first non-trivial collision attack on the double-block-length compression function presented at FSE 2006 instantiated with round-reduced AES-256: f0(h0∥h1,M)∥f1(h0∥h1,M) such that f0(h0∥h1,M) = Eh1∥M (h0)⊕ h0 , f1(h0∥h1,M) = Eh1∥M (h0 ⊕ c)⊕ h0 ⊕ c , where ∥ represents concatenation, E is AES-256 and c is a non-zero constant. The proposed attack is a free-start collision ...
متن کاملImproved Meet-in-the-Middle Attacks on Round-Reduced Crypton-256
The meet-in-the-middle (MITM) attack has prove to be efficient in analyzing the AES block cipher. Its efficiency has been increasing with the introduction of various techniques such as differential enumeration, key-dependent sieve, super-box etc. The recent MITM attack given by Li and Jin has successfully mounted to 10-round AES-256. Crypton is an AES-like block cipher. In this paper, we apply ...
متن کاملThe Rectangle Attack - Rectangling the Serpent
Serpent is one of the 5 AES finalists. The best attack published so far analyzes up to 9 rounds. In this paper we present attacks on 7-round, 8-round, and 10-round variants of Serpent. We attack a 7round variant with all key lengths, and 8and 10-round variants with 256-bit keys. The 10-round attack on the 256-bit keys variants is the best published attack on the cipher. The attack enhances the ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
- IACR Cryptology ePrint Archive
دوره 2010 شماره
صفحات -
تاریخ انتشار 2010