Status of attacks on AES?
Whyte, William
WWhyte at ntru.com
Mon Jun 5 05:36:44 EDT 2006
> Isn't what you are referring to called "secure number of rounds"? In other
> words the number of rounds after which no known attack exists that can break
> the cipher faster than brute-forcing the key?
>
> It looks like I have no choice but to invent a new term, "PRF rounds" - the
> number of rounds after which each function that defines the value of each
> bit of the block/state/output is a pseudo-random function (PRF) of all the
> bits of the block/state/key/input, in other words a function
> indistinguishable from random by any existing general purpose randomness
> tests. Of course dedicate randomness tests exploiting the cipher structure
> and utilising a significant amount of computational resources could be
> effective in distinguishing a larger number of rounds from random, but
> that's in the area of the "secure number of rounds" research.
Can you briefly explain how you determine the PRF rounds value?
William
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list