Fast Chosen-Key Distinguish Attacks on Round-Reduced AES-192

Chunbo Zhu; Gaoli Wang; Boyu Zhu

doi:10.1007/978-3-030-21548-4_31

Fast Chosen-Key Distinguish Attacks on Round-Reduced AES-192

Chunbo Zhu
, Gaoli Wang^*
, Boyu Zhu

^*Corresponding author for this work

Software Engineering Institute

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

1 Scopus citations

Abstract

The open-key attack is a very popular research topic in the symmetric-key community recently. In this paper, we focus on the security of AES-192 in one of its settings, namely the chosen-key setting. First, thanks to the linear relations between most of AES-192 subkeys, we construct an 8-round chosen-key distinguishers for it using the meet-in-the-middle idea and the SuperSbox technique. Then we turn this distinguisher into a key-recovery attack with a time complexity of one 8-round AES-192 encryption. Using the same approaches and with more efforts on exploiting the weak key schedule of this variant, 9-round chosen-key distinguishers is constructed and the master key is recovered afterwards at the cost of one 9-round AES-192 encryption. These results have been experimentally confirmed and two examples can be found in the appendix. While our work may not pose a threat to the security of AES-192 in a traditional way as those single-key recovery attacks do, we believe it do prove a non-trivial weakness in its key schedule to some extent and thus undermines its expectation as an ideal building block for hash functions.

Original language	English
Title of host publication	Information Security and Privacy - 24th Australasian Conference, ACISP 2019, Proceedings
Editors	Julian Jang-Jaccard, Fuchun Guo
Publisher	Springer Verlag
Pages	573-587
Number of pages	15
ISBN (Print)	9783030215477
DOIs	https://doi.org/10.1007/978-3-030-21548-4_31
State	Published - 2019
Event	24th Australasian Conference on Information Security and Privacy, ACISP 2019 - Christchurch, New Zealand Duration: 3 Jul 2019 → 5 Jul 2019

Publication series

Name	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume	11547 LNCS
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	24th Australasian Conference on Information Security and Privacy, ACISP 2019
Country/Territory	New Zealand
City	Christchurch
Period	3/07/19 → 5/07/19

Keywords

AES
Chosen-key distinguisher
Key recovery
Practical attacks

Access to Document

10.1007/978-3-030-21548-4_31

Cite this

Zhu, C., Wang, G., & Zhu, B. (2019). Fast Chosen-Key Distinguish Attacks on Round-Reduced AES-192. In J. Jang-Jaccard, & F. Guo (Eds.), Information Security and Privacy - 24th Australasian Conference, ACISP 2019, Proceedings (pp. 573-587). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11547 LNCS). Springer Verlag. https://doi.org/10.1007/978-3-030-21548-4_31

Zhu, Chunbo ; Wang, Gaoli ; Zhu, Boyu. / Fast Chosen-Key Distinguish Attacks on Round-Reduced AES-192. Information Security and Privacy - 24th Australasian Conference, ACISP 2019, Proceedings. editor / Julian Jang-Jaccard ; Fuchun Guo. Springer Verlag, 2019. pp. 573-587 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).

@inproceedings{3a5dadd3536f4578acdd77bd51b8fe6a,

title = "Fast Chosen-Key Distinguish Attacks on Round-Reduced AES-192",

abstract = "The open-key attack is a very popular research topic in the symmetric-key community recently. In this paper, we focus on the security of AES-192 in one of its settings, namely the chosen-key setting. First, thanks to the linear relations between most of AES-192 subkeys, we construct an 8-round chosen-key distinguishers for it using the meet-in-the-middle idea and the SuperSbox technique. Then we turn this distinguisher into a key-recovery attack with a time complexity of one 8-round AES-192 encryption. Using the same approaches and with more efforts on exploiting the weak key schedule of this variant, 9-round chosen-key distinguishers is constructed and the master key is recovered afterwards at the cost of one 9-round AES-192 encryption. These results have been experimentally confirmed and two examples can be found in the appendix. While our work may not pose a threat to the security of AES-192 in a traditional way as those single-key recovery attacks do, we believe it do prove a non-trivial weakness in its key schedule to some extent and thus undermines its expectation as an ideal building block for hash functions.",

keywords = "AES, Chosen-key distinguisher, Key recovery, Practical attacks",

author = "Chunbo Zhu and Gaoli Wang and Boyu Zhu",

note = "Publisher Copyright: {\textcopyright} 2019, Springer Nature Switzerland AG.; 24th Australasian Conference on Information Security and Privacy, ACISP 2019 ; Conference date: 03-07-2019 Through 05-07-2019",

year = "2019",

doi = "10.1007/978-3-030-21548-4\_31",

language = "英语",

isbn = "9783030215477",

series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",

publisher = "Springer Verlag",

pages = "573--587",

editor = "Julian Jang-Jaccard and Fuchun Guo",

booktitle = "Information Security and Privacy - 24th Australasian Conference, ACISP 2019, Proceedings",

address = "德国",

}

Zhu, C, Wang, G & Zhu, B 2019, Fast Chosen-Key Distinguish Attacks on Round-Reduced AES-192. in J Jang-Jaccard & F Guo (eds), Information Security and Privacy - 24th Australasian Conference, ACISP 2019, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 11547 LNCS, Springer Verlag, pp. 573-587, 24th Australasian Conference on Information Security and Privacy, ACISP 2019, Christchurch, New Zealand, 3/07/19. https://doi.org/10.1007/978-3-030-21548-4_31

Fast Chosen-Key Distinguish Attacks on Round-Reduced AES-192. / Zhu, Chunbo; Wang, Gaoli; Zhu, Boyu.
Information Security and Privacy - 24th Australasian Conference, ACISP 2019, Proceedings. ed. / Julian Jang-Jaccard; Fuchun Guo. Springer Verlag, 2019. p. 573-587 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 11547 LNCS).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › peer-review

TY - GEN

T1 - Fast Chosen-Key Distinguish Attacks on Round-Reduced AES-192

AU - Zhu, Chunbo

AU - Wang, Gaoli

AU - Zhu, Boyu

PY - 2019

Y1 - 2019

N2 - The open-key attack is a very popular research topic in the symmetric-key community recently. In this paper, we focus on the security of AES-192 in one of its settings, namely the chosen-key setting. First, thanks to the linear relations between most of AES-192 subkeys, we construct an 8-round chosen-key distinguishers for it using the meet-in-the-middle idea and the SuperSbox technique. Then we turn this distinguisher into a key-recovery attack with a time complexity of one 8-round AES-192 encryption. Using the same approaches and with more efforts on exploiting the weak key schedule of this variant, 9-round chosen-key distinguishers is constructed and the master key is recovered afterwards at the cost of one 9-round AES-192 encryption. These results have been experimentally confirmed and two examples can be found in the appendix. While our work may not pose a threat to the security of AES-192 in a traditional way as those single-key recovery attacks do, we believe it do prove a non-trivial weakness in its key schedule to some extent and thus undermines its expectation as an ideal building block for hash functions.

AB - The open-key attack is a very popular research topic in the symmetric-key community recently. In this paper, we focus on the security of AES-192 in one of its settings, namely the chosen-key setting. First, thanks to the linear relations between most of AES-192 subkeys, we construct an 8-round chosen-key distinguishers for it using the meet-in-the-middle idea and the SuperSbox technique. Then we turn this distinguisher into a key-recovery attack with a time complexity of one 8-round AES-192 encryption. Using the same approaches and with more efforts on exploiting the weak key schedule of this variant, 9-round chosen-key distinguishers is constructed and the master key is recovered afterwards at the cost of one 9-round AES-192 encryption. These results have been experimentally confirmed and two examples can be found in the appendix. While our work may not pose a threat to the security of AES-192 in a traditional way as those single-key recovery attacks do, we believe it do prove a non-trivial weakness in its key schedule to some extent and thus undermines its expectation as an ideal building block for hash functions.

KW - AES

KW - Chosen-key distinguisher

KW - Key recovery

KW - Practical attacks

UR - https://www.scopus.com/pages/publications/85068698211

U2 - 10.1007/978-3-030-21548-4_31

DO - 10.1007/978-3-030-21548-4_31

M3 - 会议稿件

AN - SCOPUS:85068698211

SN - 9783030215477

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 573

EP - 587

BT - Information Security and Privacy - 24th Australasian Conference, ACISP 2019, Proceedings

A2 - Jang-Jaccard, Julian

A2 - Guo, Fuchun

PB - Springer Verlag

T2 - 24th Australasian Conference on Information Security and Privacy, ACISP 2019

Y2 - 3 July 2019 through 5 July 2019

ER -

Zhu C, Wang G, Zhu B. Fast Chosen-Key Distinguish Attacks on Round-Reduced AES-192. In Jang-Jaccard J, Guo F, editors, Information Security and Privacy - 24th Australasian Conference, ACISP 2019, Proceedings. Springer Verlag. 2019. p. 573-587. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)). doi: 10.1007/978-3-030-21548-4_31

Fast Chosen-Key Distinguish Attacks on Round-Reduced AES-192

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Fingerprint

Cite this