A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Filters
IMPOSSIBLE DIFFERENTIAL CRYPTANALYSIS OF MINI-AES
2003
Cryptologia
Preserved Fulltext
Impossible differential cryptanalysis is one of the cryptanalysis methods that are applicable to the new Advanced Encryption Standard (AES). ...
In this paper, we present an introduction to the method by applying it on Mini-AES, the mini version of the AES published in Cryptologia recently. ...
A 4-round Impossible Differential of Mini-AES Mini-AES has only 2 rounds [3], which makes it too trivial for an impossible differential attack, so we will consider more rounds of Mini-AES. ...
doi:10.1080/0161-110391891964
fatcat:t2etfwohwnfmhd6knqu4dt2oa4
Linear and differential cryptanalysis of reduced-round AES
2011
Tatra Mountains Mathematical Publications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2019; you can also visit the original URL.
The file type is application/pdf.
The subject of this paper is linear and differential cryptanalysis of two rounds of the Advanced Encryption Standard (AES) with estimation of com- plexity for three-round AES attack. ...
Minimal complexity of linear attack on three-round AES is bigger than d × 260, where d is a small constant. ...
Figure 1 . 1 Linear cryptanalysis of two-round AES, c=4.
Figure 2 . 2 Differential cryptanalysis of two-round AES, c=8.
In the final round, step MixColumns is removed. ...
doi:10.2478/v10127-011-0036-y
fatcat:6qjt57z6a5eqnda6bpncuyofdi
AES Variants Secure against Related-Key Differential and Boomerang Attacks
[chapter]
2011
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2015; you can also visit the original URL.
The file type is application/pdf.
In this paper, we present a framework for protection against the recent related-key differential and boomerang attacks on AES by Biryukov et al. ...
s key schedule is not on-the-fly (which is a requirement for some hardware implementations), we propose an on-the-fly AES key schedule that is resistant against related-key differential and boomerang attacks ...
These proposed key schedules for AES-192 and AES-256 are partially irreversible, by which we mean that, given two round keys, it is hard to derive the rest of the round keys. ...
doi:10.1007/978-3-642-21040-2_13
fatcat:uelij64f4be2bl3rtafjeapsru
Efficient constructions for large‐state block ciphers based on AES New Instructions
2021
IET Information Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
As a result, the authors reveal the constructions such that two rounds of the AES round function is executed in parallel at each step and its outputs are shuffled (called two-round constructions) and are ...
In Haraka-v2 and Pholkos, the AES round function is executed twice in parallel at each step and its outputs are shuffled (called two-round constructions). ...
function in one step and two-round construction that uses two AES round functions in one step. ...
doi:10.1049/ise2.12053
fatcat:mzqzh7yvkvenvgnzy75dfctklm
A method for fault recognition in the last three rounds of Advanced Encryption Standard
2021
Electronics Letters
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2021; you can also visit the original URL.
The file type is application/pdf.
For the fault induced in eighth round, the fault value can be obtained with 188.5 ciphertexts by analyzing the differential features of two Sboxes and MixColumns. ...
Generally, fault can be induced in the last three rounds of AES, and each round has its own fault analysis model respectively [4] . ...
Two ciphertext pairs can be used to distinguish those two kinds of faults: if the two differentials are equal, we can directly output the fault differential, because the probability that the differentials ...
doi:10.1049/ell2.12188
fatcat:qey4emtm65bihgkuf5ysv5qbfy
Impossible Differential Cryptanalysis of Pelican, MT-MAC-AES and PC-MAC-AES
[article]
2009
IACR Cryptology ePrint Archive
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
Then the impossible differential attack on 4-round AES is implemented using a 3-round impossible differential property. ...
In this paper, the impossible differential cryptanalysis is extended to MAC algorithms Pelican, MT-MAC and PC-MAC based on AES and 4-round AES. ...
Property 1 (Impossible Differential Property of 3-round AES). ...
dblp:journals/iacr/WangWX09
fatcat:ygnojgkwpzfbdedaftztknwjg4
The (related-key) impossible boomerang attack and its application to the AES block cipher
2010
Designs, Codes and Cryptography
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
Finally, we apply the impossible boomerang attack to break 6-round AES with 128 key bits and 7-round AES with 192/256 key bits, and using two related keys we apply the related-key impossible boomerang ...
attack to break 8-round AES with 192 key bits and 9-round AES with 256 key bits. ...
round AES-192 and 9-round AES-256 in the two-key related-key attack scenario. ...
doi:10.1007/s10623-010-9421-9
fatcat:k6fj2orwjvaw5kuh4n6rutfboi
Subspace Distinguisher for 5/8 Rounds of the ECHO-256 Hash Function
[chapter]
2011
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
We provide a subspace distinguisher for 5 rounds and collisions for 4 out of 8 rounds of the ECHO-256 hash function. ...
Near-collisions for 4.5/8 rounds of the hash function and compression function results for 7/8 rounds without chosen salt are given in an extended version of this paper [19] . ...
SuperBox The SuperBox has first been used by the designers of AES in the differential analysis of two AES rounds [6] . ...
doi:10.1007/978-3-642-19574-7_25
fatcat:zfw4jnlcaffb3hoge6bshjnwwm
Key Recovery Attacks of Practical Complexity on AES-256 Variants with up to 10 Rounds
[chapter]
2010
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
One of our attacks uses only two related keys and 2 39 time to recover the complete 256-bit key of a 9-round version of AES-256 (the best previous attack on this variant required 4 related keys and 2 120 ...
We show attacks on reduced-round variants of AES-256 with up to 10 rounds with complexity which is feasible. ...
Attacks on 10 Round Variants of AES-256 In this section we describe two attacks on the 10-round variant of AES-256. ...
doi:10.1007/978-3-642-13190-5_15
fatcat:imjhqrpk6zb6dgsjzgcmtdwfyq
New Key-Recovery Attack on Reduced-Round AES
2022
IACR Transactions on Symmetric Cryptology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2022; you can also visit the original URL.
The file type is application/pdf.
This results in a new key-recovery attack on 7-round AES which is the first attack on 7-round AES by exploiting the zero-difference property. ...
A new fundamental 4-round property of AES, called the zero-difference property, was introduced by Rønjom, Bardeh and Helleseth at Asiacrypt 2017. ...
We describe a new 7-round related-differential characteristic for AES, which embeds 4-round related differentials. ...
doi:10.46586/tosc.v2022.i2.43-62
dblp:journals/tosc/BardehR22
fatcat:ynpe3af7wfci3kahjzkhszyage
Subspace Trail Cryptanalysis and its Applications to AES
2017
IACR Transactions on Symmetric Cryptology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Finally, we show that our impossible differential attack on 5 rounds of AES with secret S-Box can be turned into a distinguisher for AES in the same setting as the one recently proposed by Sun, Liu, Guo ...
Choosing AES-128 as the perhaps most studied cipher, we describe distinguishers up to 5-round AES with a single unknown key. ...
Algorithm 4: Attack for 5-round of AES using Impossible Differential -Pseudo Code.
Table 3 : 3 Comparison of attacks on round-reduced AES with secret S-Box. full rounds and the final round. ...
doi:10.46586/tosc.v2016.i2.192-225
fatcat:7xxvgajoyfhc3cdalrzfxm7j3i
Subspace Trail Cryptanalysis and its Applications to AES
2017
IACR Transactions on Symmetric Cryptology
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2020; you can also visit the original URL.
The file type is application/pdf.
Finally, we show that our impossible differential attack on 5 rounds of AES with secret S-Box can be turned into a distinguisher for AES in the same setting as the one recently proposed by Sun, Liu, Guo ...
Choosing AES-128 as the perhaps most studied cipher, we describe distinguishers up to 5-round AES with a single unknown key. ...
2 rounds of AES, giving bound on the maximum differential probability. ...
doi:10.13154/tosc.v2016.i2.192-225
dblp:journals/tosc/GrassiRR16
fatcat:rm7yye34gvg3dc7s6jpo3hv72e
Plateau characteristics
2007
IET Information Security
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
In the case of the AES, for most keys there are two-round characteristics with fixed-key probability equal to 32/2 32 while the Maximum Expected Differential Probability (MEDP) of two-round differentials ...
In this paper we prove that for a large group of ciphers, including the AES, all two-round characteristics are plateau characteristics. ...
of two and more rounds of the AES. ...
doi:10.1049/iet-ifs:20060099
fatcat:kgtll5hydzgidncpthvzvy3dqm
Automatic Search for Related-Key Differential Characteristics in Byte-Oriented Block Ciphers: Application to AES, Camellia, Khazad and Others
[chapter]
2010
Lecture Notes in Computer Science
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2017; you can also visit the original URL.
The file type is application/pdf.
We show the best relatedkey differential characteristics for 5, 11, and 14 rounds of AES-128, AES-192, and AES-256 respectively. ...
We use the optimal differential characteristics to design the best related-key and chosen key attacks on AES-128 (7 out of 10 rounds), AES-192 (full 12 rounds), byte-Camellia (full 18 rounds) and Khazad ...
In AES-128 there are no 6-round related-key differential characteristics. For AES-192 we found differential characteristics up to 11 rounds out of 12. ...
doi:10.1007/978-3-642-13190-5_17
fatcat:iz6eqelxtbbmtg25pjrprvprkq
Data based Transposition to Enhance Data Avalanche and Differential Data Propagation in Advanced Encryption Standard
2013
International Journal of Computer Applications
Preserved Fulltext
A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is application/pdf.
In advanced Encryption Standard (AES) the transposition of data is facilitated by shift row and mix column operations. In Matrix Array Symmetric ...
In symmetric block ciphers, substitution and transposition operations are performed in multiple rounds to transform plaintext blocks into ciphertext blocks. ...
The differential propagation of data through round outputs in AES and modified AES are presented here. ...
doi:10.5120/11445-7039
fatcat:7j7qfmk6dbbktigjshoabgnpjm
« Previous
Showing results 1 — 15 out of 63,098 results