The all-subkeys recovery (ASR) attack is an extension of the meet-in-the-middle attack, which allows evaluating the security of a block cipher without analyzing its key scheduling function. Combining the ASR attack with some advanced techniques such as the function reduction and the repetitive ASR attack, we show the improved ASR attacks on the 7-round reduced FOX64 and FOX128. Moreover, the im...

We investigate two attacks on the PRINCE block cipher in the most realistic scenario, when the attacker only has a minimal amount of known plaintext available. The first attack is called Accelerated Exhaustive Search, and is able to recover the key for up to the full 12-round PRINCE with a complexity slightly lower than the security claim given by the designers. The second attack is a meet-in-t...

In this paper, we present preimage attacks on up to 43step SHA-256 (around 67% of the total 64 steps) and 46-step SHA-512 (around 57.5% of the total 80 steps), which significantly increases the number of attacked steps compared to the best previously published preimage attack working for 24 steps. The time complexities are 2, 2 for finding pseudo-preimages and 2, 2 compression function operatio...

The block cipher family for lightweight devices, KTANTAN, is analyzed in this paper. We propose a new cryptanalysis method which improves results of Meet-in-the-Middle attacks on KTANTAN. We show KTANTAN32/48/64 can be broken by using this new method in time complexities of 2, 2 and 2 in terms of full-round KTANTANn encryptions respectively, which are better than the previous analysis results w...

In this paper, we study the meet-in-the-middle attack against block cipher ARIA. We find some new 3-round and 4-round distinguishing properties of ARIA. Based on the 3-round distinguishing property, we can apply the meet-in-the-middle attack with up to 6 rounds for all versions of ARIA. Based on the 4-round distinguishing property, we can mount a successful attack on 8-round ARIA-256. Furthermo...

The standard technique to attack triple encryption is the meet-in-the-middle attack. In this paper, more eecient attacks are presented. Compared to meet-in-the-middle, our attacks either greatly reduce the number of single encryptions to be done, or somewhat reduce the overall number of steps. Especially, about 2 108 steps of computation are suucient to break three-key triple DES. If one concen...

We present a 5-round distinguisher for AES. We exploit this distinguisher to develop a meet-in-the-middle attack on 7 rounds of AES192 and 8 rounds of AES-256. We also give a time-memory tradeoff generalization of the basic attack which gives a better balancing between different costs of the attack. As an additional note, we state a new squarelike property of the AES algorithm.

This work is devoted to attacking the small scale variants of the Advanced Encryption Standard (AES) via systems that contain only the initial key variables. To this end, we introduce a system of equations that naturally arises in the AES, and then eliminate all the intermediate variables via normal form reductions. The resulting system in key variables only is solved then. We also consider a p...

Many information systems store their objects in a relational database. If the object schema or the relational schema of an application can change often or in an independent way, it is useful to let a persistent framework manage the connection between objects and relations. MORM is a model for describing meet-in-the-middle mappings between objects and relations, to support the transparent manage...

Object-oriented application development often involves storing application objects in a relational database. Sometimes it is desirable to develop the persistent classes and the relational database in an independent way, and to use an object persistent manager to connect them in a suitable way. This paper introduces MORM, a model for describing meet-in-the-middle mappings between object schemas ...