New attacks against reduced Rijndael‐160
Abstract The first 9‐round meet‐in‐the‐middle (MITM) attack and improved 8‐round impossible differential (ID) attacks on Rijndael‐160 are studied here. For the first 9‐round MITM attack, a new effective attack path is explored by using the generalised δ‐set and the generalised multiset, which are ba...
Saved in:
| Main Authors: | , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Wiley
2022-01-01
|
| Series: | IET Information Security |
| Subjects: | |
| Online Access: | https://doi.org/10.1049/ise2.12038 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Abstract The first 9‐round meet‐in‐the‐middle (MITM) attack and improved 8‐round impossible differential (ID) attacks on Rijndael‐160 are studied here. For the first 9‐round MITM attack, a new effective attack path is explored by using the generalised δ‐set and the generalised multiset, which are based on the property that the difference branch number of MixColumns is 5. With this attack path, a 5‐round MITM distinguisher with a technique of the truncated differential characteristic is proposed, and then the attack on 9‐round Rijndael‐160 is performed. For the improved 8‐round ID attacks, to take advantage of the key‐schedule weaknesses for Rijndael‐160 under key sizes of 160 and 256 bits, some new attack paths are found. With these attack paths, the 5‐round IDs are proposed based on the property of MixColumns above, and then the attacks on the 8‐round Rijndael‐160 under key sizes of 160 and 256 bits are performed. When compared with the currently known attacks, the proposed attacks have lower data, time, and memory complexities. |
|---|---|
| ISSN: | 1751-8709 1751-8717 |