A meet-in-the-middle attack on 8-round AES
Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
116 - 126
MetadataShow full item record
Please cite this item using this persistent URLhttp://hdl.handle.net/11693/26879
We present a 5-round distinguisher for AES. We exploit this distinguisher to develop a meet-in-the-middle attack on 7 rounds of AES-192 and 8 rounds of AES-256. We also give a time-memory tradeoff generalization of the basic attack which gives a better balancing between different costs of the attack. As an additional note, we state a new square-like property of the AES algorithm. © 2008 Springer-Verlag Berlin Heidelberg.