New Representations of the AES Key Schedule - INRIA - Institut National de Recherche en Informatique et en Automatique Accéder directement au contenu
Communication Dans Un Congrès Année : 2021

New Representations of the AES Key Schedule

Résumé

In this paper we present a new representation of the AES key schedule, with some implications to the security of AES-based schemes. In particular, we show that the AES-128 key schedule can be split into four independent parallel computations operating on 32 bits chunks, up to linear transformation. Surprisingly, this property has not been described in the literature after more than 20 years of analysis of AES. We show two consequences of our new representation, improving previous cryptanalysis results of AES-based schemes. First, we observe that iterating an odd number of key schedule rounds results in a function with short cycles. This explains an observation of Khairallah on mixFeed, a second-round candidate in the NIST lightweight competition. Our analysis actually shows that his forgery attack on mixFeed succeeds with probability 0.44 (with data complexity 220GB), breaking the scheme in practice. The same observation also leads to a novel attack on ALE, another AES-based AEAD scheme. Our new representation also gives efficient ways to combine information from the first sub-keys and information from the last sub-keys, in order to reconstruct the corresponding master keys. In particular we improve previous impossible differential attacks against AES-128.
Fichier principal
Vignette du fichier
2020-1253.pdf (510.32 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)

Dates et versions

hal-03529224 , version 1 (17-01-2022)

Identifiants

Citer

Gaëtan Leurent, Clara Pernot. New Representations of the AES Key Schedule. EUROCRYPT 2021 - 40th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Oct 2021, Zagreb, Croatia. pp.54-84, ⟨10.1007/978-3-030-77870-5_3⟩. ⟨hal-03529224⟩

Collections

INRIA INRIA2 ANR
45 Consultations
70 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More