Nowy atak na AES-256

2009-07-02 00:00:00 +0100

Nowy atak na szyfr AES-192 oraz AES-256 opublikowany przez Biryukova i Khovratovicha pozwala na zredukowanie złożoności łamania tego ostatniego do $2^{119}$ łatwiej niż najlepszy znany dotąd atak Biryukov-Khovratovich-Nikolić. Oba są atakami z użyciem kluczy pokrewnych (related key).

Abstract: In this paper we present two related-key attacks on the full AES. For AES-256 we show the first key recovery attack that works for all the keys and has complexity $2^{119}$, while the recent attack by Biryukov-Khovratovich-Nikolic works for a weak key class and has higher complexity. The second attack is the first cryptanalysis of the full AES-192. Both our attacks are boomerang attacks, which are based on the recent idea of finding local collisions in block ciphers and enhanced with the boomerang switching techniques to gain free rounds in the middle.

Alex Biryukov and Dmitry Khovratovich, “Related-key Cryptanalysis of the Full AES-192 and AES-256”, 29 maja 2009