Status of attacks on AES?
John R. Black
John.Black at Colorado.EDU
Wed May 10 12:01:57 EDT 2006
On Thu, May 04, 2006 at 10:30:40AM -0500, Marcos el Ruptor wrote:
>
> http://defectoscopy.com/forum/viewtopic.php?t=3
>
> Expect new attacks soon enough.
>
I skimmed this. The start of the article says that after 3 rounds AES
achieves perfect diffusion?!
A simple square attack (that I teach in class in about 60 mins) recovers
the key of 4-round AES with 256 chosen-plaintexts. The six-round attack
isn't too much harder.
Square (the cipher that preceded Rijndael and is very similar) was 8 rounds
to get past the 6-round attack. During the AES vetting process they went
to 10 rounds for extra assurance (as much as anyone gets assurances from
the black art of blockcipher design).
john//
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list