Automatic boomerang attacks search on Rijndael

Abstract

Abstract Boomerang attacks were introduced in 1999 by Wagner (The boomerang attack. In: Knudsen LR, editor. FSE’99. vol. 1636 of LNCS. Heidelberg: Springer; 1999. p. 156–70) as a powerful tool in differential cryptanalysis of block ciphers, especially dedicated to ciphers with good short differentials. They have been generalized to the related-key case by Biham et al. (Related-key boomerang and rectangle attacks. In: Cramer R, editor. Advances in Cryptology - EUROCRYPT 2005, 24th Annual International Conference on the Theory and Applications of Cryptographic Techniques, Aarhus, Denmark, May 22–26, 2005, Proceedings. vol. 3494 of Lecture Notes in Computer Science. Springer; 2005. p. 507–25. doi: 10.1007/11426639_30). In this article, we show how to adapt the model proposed in 2020 by Delaune et al. (Catching the fastest boomerangs application to SKINNY. IACR Trans Symm Cryptol. 2020;2020(4):104–29) for related-key boomerang attacks on the block cipher SKINNY to the Rijndael case. Rijndael is composed of 25 instances that could be seen as generalizations of the Advanced Encryption Standard. We detail our models and present the results we obtain concerning related-key boomerang attacks on Rijndael. Notably, we present a nine-round attack against Rijndael-128-160, which has 11 rounds and beats all previous cryptanalytic results against Rijdael-128-160.