Impossible differential attack (IDA) uses impossible differential characteristics extracted from enough plaintext pairs to retrieve subkeys of the first and the last several rounds of AES. In this paper, a general IDA on 7-round AES is proposed. Such attack takes the number of all-zero columns of the 7th and the 6th round as parameters (α,β). And a trade-off relation between the number of plaintexts and times of encryptions in the process of the attack is derived, which makes only some values of (α,β) allowed in the attack for different key length.
The copyright of the original papers published on this site belongs to IEICE. Unauthorized use of the original or translated papers is prohibited. See IEICE Provisions on Copyright for details.
Copy
Meiling ZHANG, Weiguo ZHANG, Jingmei LIU, Xinmei WANG, "General Impossible Differential Attack on 7-Round AES" in IEICE TRANSACTIONS on Fundamentals,
vol. E93-A, no. 1, pp. 327-330, January 2010, doi: 10.1587/transfun.E93.A.327.
Abstract: Impossible differential attack (IDA) uses impossible differential characteristics extracted from enough plaintext pairs to retrieve subkeys of the first and the last several rounds of AES. In this paper, a general IDA on 7-round AES is proposed. Such attack takes the number of all-zero columns of the 7th and the 6th round as parameters (α,β). And a trade-off relation between the number of plaintexts and times of encryptions in the process of the attack is derived, which makes only some values of (α,β) allowed in the attack for different key length.
URL: https://global.ieice.org/en_transactions/fundamentals/10.1587/transfun.E93.A.327/_p
Copy
@ARTICLE{e93-a_1_327,
author={Meiling ZHANG, Weiguo ZHANG, Jingmei LIU, Xinmei WANG, },
journal={IEICE TRANSACTIONS on Fundamentals},
title={General Impossible Differential Attack on 7-Round AES},
year={2010},
volume={E93-A},
number={1},
pages={327-330},
abstract={Impossible differential attack (IDA) uses impossible differential characteristics extracted from enough plaintext pairs to retrieve subkeys of the first and the last several rounds of AES. In this paper, a general IDA on 7-round AES is proposed. Such attack takes the number of all-zero columns of the 7th and the 6th round as parameters (α,β). And a trade-off relation between the number of plaintexts and times of encryptions in the process of the attack is derived, which makes only some values of (α,β) allowed in the attack for different key length.},
keywords={},
doi={10.1587/transfun.E93.A.327},
ISSN={1745-1337},
month={January},}
Copy
TY - JOUR
TI - General Impossible Differential Attack on 7-Round AES
T2 - IEICE TRANSACTIONS on Fundamentals
SP - 327
EP - 330
AU - Meiling ZHANG
AU - Weiguo ZHANG
AU - Jingmei LIU
AU - Xinmei WANG
PY - 2010
DO - 10.1587/transfun.E93.A.327
JO - IEICE TRANSACTIONS on Fundamentals
SN - 1745-1337
VL - E93-A
IS - 1
JA - IEICE TRANSACTIONS on Fundamentals
Y1 - January 2010
AB - Impossible differential attack (IDA) uses impossible differential characteristics extracted from enough plaintext pairs to retrieve subkeys of the first and the last several rounds of AES. In this paper, a general IDA on 7-round AES is proposed. Such attack takes the number of all-zero columns of the 7th and the 6th round as parameters (α,β). And a trade-off relation between the number of plaintexts and times of encryptions in the process of the attack is derived, which makes only some values of (α,β) allowed in the attack for different key length.
ER -