Improved Impossible Differential Attacks on Large-Block Rijndael

Qingju Wang; Dawu Gu; Vincent Rijmen; Ya Liu; Jiazhe Chen; Andrey Bogdanov

doi:10.1007/978-3-642-37682-5_10

Improved Impossible Differential Attacks on Large-Block Rijndael

Qingju Wang, Dawu Gu, Vincent Rijmen, Ya Liu, Jiazhe Chen, Andrey Bogdanov

Department of Applied Mathematics and Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

Abstract

In this paper, we present more powerful 6-round impossible differentials for large-block Rijndael-224 and Rijndael-256 than the ones used by Zhang et al. in ISC 2008. Using those, we can improve the previous impossible differential cryptanalysis of both 9-round Rijndael-224 and Rijndael-256. The improvement can lead to 10-round attack on Rijndael-256 as well. With 2198.1 chosen plaintexts, an attack is demonstrated on 9-round Rijndael-224 with 2 195.2 encryptions and 2140.4 bytes memory. Increasing the data complexity to 2216 plaintexts, the time complexity can be reduced to 2130 encryptions and the memory requirements to 2 93.6 bytes. For 9-round Rijndael-256, we provide an attack requiring 2229.3 chosen plaintexts, 2194 encryptions, and 2 139.6 bytes memory. Alternatively, with 2245.3 plaintexts, an attack with a reduced time of 2127.1 encryptions and a memory complexity of 290.9 bytes can be mounted. With 2244.2 chosen plaintexts, we can attack 10-round Rijndael-256 with 2253.9 encryptions and 2186.8 bytes of memory.

Original language	English
Title of host publication	Information Security and Cryptology – ICISC 2012 : 15th International Conference, Seoul, Korea, November 28-30, 2012, Revised Selected Papers
Publisher	Springer
Publication date	2013
Pages	126-140
ISBN (Print)	978-3-642-37681-8
ISBN (Electronic)	978-3-642-37682-5
DOIs	https://doi.org/10.1007/978-3-642-37682-5_10
Publication status	Published - 2013
Event	15th Annual International Conference on Information Security and Cryptology (ICISC 2012) - Seoul, Korea, Republic of Duration: 28 Nov 2012 → 30 Nov 2012 http://www.icisc.org/

Conference

Conference	15th Annual International Conference on Information Security and Cryptology (ICISC 2012)
Country/Territory	Korea, Republic of
City	Seoul
Period	28/11/2012 → 30/11/2012
Internet address	http://www.icisc.org/

Series	Lecture Notes in Computer Science
Volume	7839
ISSN	0302-9743

Keywords

Block cipher
Impossible differential attack
Rijndael
Large block

Access to Document

10.1007/978-3-642-37682-5_10

Cite this

Wang, Q., Gu, D., Rijmen, V., Liu, Y., Chen, J., & Bogdanov, A. (2013). Improved Impossible Differential Attacks on Large-Block Rijndael. In Information Security and Cryptology – ICISC 2012: 15th International Conference, Seoul, Korea, November 28-30, 2012, Revised Selected Papers (pp. 126-140). Springer. Lecture Notes in Computer Science Vol. 7839 https://doi.org/10.1007/978-3-642-37682-5_10

Wang, Qingju ; Gu, Dawu ; Rijmen, Vincent ; Liu, Ya ; Chen, Jiazhe ; Bogdanov, Andrey. / Improved Impossible Differential Attacks on Large-Block Rijndael. Information Security and Cryptology – ICISC 2012: 15th International Conference, Seoul, Korea, November 28-30, 2012, Revised Selected Papers. Springer, 2013. pp. 126-140 (Lecture Notes in Computer Science, Vol. 7839).

@inproceedings{c5f7f7ee80fc45a8afee16bdee73f43f,

title = "Improved Impossible Differential Attacks on Large-Block Rijndael",

abstract = "In this paper, we present more powerful 6-round impossible differentials for large-block Rijndael-224 and Rijndael-256 than the ones used by Zhang et al. in ISC 2008. Using those, we can improve the previous impossible differential cryptanalysis of both 9-round Rijndael-224 and Rijndael-256. The improvement can lead to 10-round attack on Rijndael-256 as well. With 2198.1 chosen plaintexts, an attack is demonstrated on 9-round Rijndael-224 with 2 195.2 encryptions and 2140.4 bytes memory. Increasing the data complexity to 2216 plaintexts, the time complexity can be reduced to 2130 encryptions and the memory requirements to 2 93.6 bytes. For 9-round Rijndael-256, we provide an attack requiring 2229.3 chosen plaintexts, 2194 encryptions, and 2 139.6 bytes memory. Alternatively, with 2245.3 plaintexts, an attack with a reduced time of 2127.1 encryptions and a memory complexity of 290.9 bytes can be mounted. With 2244.2 chosen plaintexts, we can attack 10-round Rijndael-256 with 2253.9 encryptions and 2186.8 bytes of memory. ",

keywords = "Block cipher, Impossible differential attack, Rijndael, Large block",

author = "Qingju Wang and Dawu Gu and Vincent Rijmen and Ya Liu and Jiazhe Chen and Andrey Bogdanov",

year = "2013",

doi = "10.1007/978-3-642-37682-5_10",

language = "English",

isbn = "978-3-642-37681-8",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "126--140",

booktitle = "Information Security and Cryptology – ICISC 2012",

note = "15th Annual International Conference on Information Security and Cryptology (ICISC 2012) ; Conference date: 28-11-2012 Through 30-11-2012",

url = "http://www.icisc.org/",

}

Wang, Q, Gu, D, Rijmen, V, Liu, Y, Chen, J & Bogdanov, A 2013, Improved Impossible Differential Attacks on Large-Block Rijndael. in Information Security and Cryptology – ICISC 2012: 15th International Conference, Seoul, Korea, November 28-30, 2012, Revised Selected Papers. Springer, Lecture Notes in Computer Science, vol. 7839, pp. 126-140, 15th Annual International Conference on Information Security and Cryptology (ICISC 2012), Seoul, Korea, Republic of, 28/11/2012. https://doi.org/10.1007/978-3-642-37682-5_10

Improved Impossible Differential Attacks on Large-Block Rijndael. / Wang, Qingju; Gu, Dawu; Rijmen, Vincent; Liu, Ya; Chen, Jiazhe; Bogdanov, Andrey.

Information Security and Cryptology – ICISC 2012: 15th International Conference, Seoul, Korea, November 28-30, 2012, Revised Selected Papers. Springer, 2013. p. 126-140 (Lecture Notes in Computer Science, Vol. 7839).

Research output: Chapter in Book/Report/Conference proceeding › Article in proceedings › Research › peer-review

TY - GEN

T1 - Improved Impossible Differential Attacks on Large-Block Rijndael

AU - Wang, Qingju

AU - Gu, Dawu

AU - Rijmen, Vincent

AU - Liu, Ya

AU - Chen, Jiazhe

AU - Bogdanov, Andrey

PY - 2013

Y1 - 2013

N2 - In this paper, we present more powerful 6-round impossible differentials for large-block Rijndael-224 and Rijndael-256 than the ones used by Zhang et al. in ISC 2008. Using those, we can improve the previous impossible differential cryptanalysis of both 9-round Rijndael-224 and Rijndael-256. The improvement can lead to 10-round attack on Rijndael-256 as well. With 2198.1 chosen plaintexts, an attack is demonstrated on 9-round Rijndael-224 with 2 195.2 encryptions and 2140.4 bytes memory. Increasing the data complexity to 2216 plaintexts, the time complexity can be reduced to 2130 encryptions and the memory requirements to 2 93.6 bytes. For 9-round Rijndael-256, we provide an attack requiring 2229.3 chosen plaintexts, 2194 encryptions, and 2 139.6 bytes memory. Alternatively, with 2245.3 plaintexts, an attack with a reduced time of 2127.1 encryptions and a memory complexity of 290.9 bytes can be mounted. With 2244.2 chosen plaintexts, we can attack 10-round Rijndael-256 with 2253.9 encryptions and 2186.8 bytes of memory.

AB - In this paper, we present more powerful 6-round impossible differentials for large-block Rijndael-224 and Rijndael-256 than the ones used by Zhang et al. in ISC 2008. Using those, we can improve the previous impossible differential cryptanalysis of both 9-round Rijndael-224 and Rijndael-256. The improvement can lead to 10-round attack on Rijndael-256 as well. With 2198.1 chosen plaintexts, an attack is demonstrated on 9-round Rijndael-224 with 2 195.2 encryptions and 2140.4 bytes memory. Increasing the data complexity to 2216 plaintexts, the time complexity can be reduced to 2130 encryptions and the memory requirements to 2 93.6 bytes. For 9-round Rijndael-256, we provide an attack requiring 2229.3 chosen plaintexts, 2194 encryptions, and 2 139.6 bytes memory. Alternatively, with 2245.3 plaintexts, an attack with a reduced time of 2127.1 encryptions and a memory complexity of 290.9 bytes can be mounted. With 2244.2 chosen plaintexts, we can attack 10-round Rijndael-256 with 2253.9 encryptions and 2186.8 bytes of memory.

KW - Block cipher

KW - Impossible differential attack

KW - Rijndael

KW - Large block

U2 - 10.1007/978-3-642-37682-5_10

DO - 10.1007/978-3-642-37682-5_10

M3 - Article in proceedings

SN - 978-3-642-37681-8

T3 - Lecture Notes in Computer Science

SP - 126

EP - 140

BT - Information Security and Cryptology – ICISC 2012

PB - Springer

T2 - 15th Annual International Conference on Information Security and Cryptology (ICISC 2012)

Y2 - 28 November 2012 through 30 November 2012

ER -

Wang Q, Gu D, Rijmen V, Liu Y, Chen J, Bogdanov A. Improved Impossible Differential Attacks on Large-Block Rijndael. In Information Security and Cryptology – ICISC 2012: 15th International Conference, Seoul, Korea, November 28-30, 2012, Revised Selected Papers. Springer. 2013. p. 126-140. (Lecture Notes in Computer Science, Vol. 7839). https://doi.org/10.1007/978-3-642-37682-5_10

Improved Impossible Differential Attacks on Large-Block Rijndael

Abstract

Conference

Keywords

Access to Document

Fingerprint

Cite this