A meet-in-the-middle attack on 8-round AES
International Workshop on Fast Software Encryption FSE 2008: Fast Software Encryption
116 - 126
Item Usage Stats
We present a 5-round distinguisher for AES. We exploit this distinguisher to develop a meet-in-the-middle attack on 7 rounds of AES-192 and 8 rounds of AES-256. We also give a time-memory tradeoff generalization of the basic attack which gives a better balancing between different costs of the attack. As an additional note, we state a new square-like property of the AES algorithm. © 2008 Springer-Verlag Berlin Heidelberg.