AES Round Research Articles

Improved mixture differential attacks on 6-round AES-like ciphers towards time and data complexities

AES is the most widely used symmetric cipher. Many cryptographic primitives are designed following the structure of AES, called AES-like ciphers. Mixture differential cryptanalysis is a structural cryptanalysis technique for AES, which gave the best key recovery attack on 5-round AES in the chosen-plaintext setting and attacks with practical data and memory complexities on round-reduced AES. In this paper, we study the mixture differential attacks on 6 rounds of AES-like ciphers, and propose two improved attacks towards optimizing time and data complexities respectively. As an application to AES, we give the improved mixture differential attack on 6 rounds of AES-128 with time complexity 262.74, reducing by a factor of 210.26 compared with the previous mixture differential attack. For low data complexity, we show the improved 6-round mixture differential attack on AES-128 with data complexity 224.05, reducing by a factor of about 4. We also apply two attacks to 6 super-rounds of Saturnin, one of the second-round candidates in NIST lightweight cryptography standardization process, which is the first security evaluation of Saturnin against mixture differential cryptanalysis.

Weak Keys in Reduced AEGIS and Tiaoxin

AEGIS-128 and Tiaoxin-346 (Tiaoxin for short) are two AES-based primitives submitted to the CAESAR competition. Among them, AEGIS-128 has been selected in the final portfolio for high-performance applications, while Tiaoxin is a third-round candidate. Although both primitives adopt a stream cipher based design, they are quite different from the well-known bit-oriented stream ciphers like Trivium and the Grain family. Their common feature consists in the round update function, where the state is divided into several 128-bit words and each word has the option to pass through an AES round or not. During the 6-year CAESAR competition, it is surprising that for both primitives there is no third-party cryptanalysis of the initialization phase. Due to the similarities in both primitives, we are motivated to investigate whether there is a common way to evaluate the security of their initialization phases. Our technical contribution is to write the expressions of the internal states in terms of the nonce and the key by treating a 128-bit word as a unit and then carefully study how to simplify these expressions by adding proper conditions. As a result, we find that there are several groups of weak keys with 296 keys each in 5-round AEGIS-128 and 8-round Tiaoxin, which allows us to construct integral distinguishers with time complexity 232 and data complexity 232. Based on the distinguisher, the time complexity to recover the weak key is 272 for 5-round AEGIS-128. However, the weak key recovery attack on 8-round Tiaoxin will require the usage of a weak constant occurring with probability 2−32. All the attacks reach half of the total number of initialization rounds. We expect that this work can advance the understanding of the designs similar to AEGIS and Tiaoxin.

Pipelined Hardware Implementation of COPA, ELmD, and COLM

Authenticated encryption algorithms offer privacy, authentication, and data integrity, as well. In recent years, they have received special attention after the call for submissions of Competition for Authenticated Encryption: Security, Applicability, and Robustness (CAESAR) was published. The CAESAR goal is to generate a portfolio with recommendations of authenticated encryption algorithms for three different scenarios: Lightweight, high speed, and defense in deep. ELmD and COPA are two on-line authenticated encryption algorithms submitted to CAESAR; because of their similarities, they were merged as COLM during the third-round of CAESAR. COLM is a finalist in the use case 3 defense in depth . ELmD, COPA, and COLM are based on the ECB-mix-ECB structure, which is highly parallelizable and pipelineable. In this paper, we present optimized single-chip implementations of ELmD, COPA, and COLM using pipelining. For ELmD, we present implementations for eight combinations of its parameters set: For intermediate tags, fixed, variable tag length, and 10 and 6 AES rounds. COLM implementation is for variable tag length without intermediate tags. In the case of COPA, it does not have parameters set. The implementation results with a Xilinx Virtex 6 FPGA show that ELmD is the best option concerning area and speed for single-chip implementation. The area of COPA and COLM are 1.65 and 1.69 times ELmD's respectively. Regarding throughput, the range of our implementations goes from 33.34 Gbits/s for COLM to more than 35 Gbits/s for several versions of ELmD.

Revisiting Gilbert\u2019s known-key distinguisher

Known-key distinguishers have been introduced by Knudsen and Rijmen in 2007 to better understand the security of block ciphers in situations where the key can not be considered to be secret, i.e. the “thing between secret-key model and hash function use-cases”. Trying to find a rigorous model to fit this intuition is still ongoing. The most recent advance by Gilbert (Asiacrypt 2014) describes a new model that—even if it is well justified—seemingly does not match this intuition. AES is often considered as a target of such analyses, simply because AES or its building blocks are used in many settings that go beyond classical encryption. Consider AES-128. Results in the secret-key model cover up to 6 rounds, while results in the chosen-key model reach up to 9 rounds. Gilbert however showed a result in the known-key model that goes even further, covering 10 rounds. Does it mean that the use cases corresponding to the cryptanalysis of hash-function use-cases are inherently less efficient, or is it rather an artifact of the new model? In this paper we give strong evidence for the latter. In Gilbert’s work, two types of arguments or rather conjectures are put forward suggesting that the new model is meaningful. Firstly that the number of “extension rounds” due to the new model is limited to two. And secondly that only a distinguisher that exploits the uniform distribution property can be extended in such way. We disprove both conjectures and arrive at the following results: First, we are also able to show that more than two extension rounds are possible. As a result of this, we describe the first known-key distinguishers on 12 rounds of AES that fit into Gilbert’s model. The second conjecture is disproven by showing that the technique proposed by Gilbert can also be used to extend a known-key distinguisher based on another property: truncated differentials. A potential conclusion of this work would be that the counter-intuitive gap between Gilbert’s known-key model and the chosen-key model is wider than initially thought. We however conclude that results in Gilbert’s model are due to an artifact in the model. To remedy this situation, we propose a refinement of the known-key model which restores its original intent to fit the original intuition.

Efficient Advanced Encryption Standard for Securing Cognitive Radio Networks

During the last decade, the CR (Cognitive Radio) came into view as a major wireless technology to resolve the issue of spectrum secrecy and efficient spectrum utilization. However, due to unlicensed (secondary) users, there are various security threats to the CRN (Cognitive Radio Networks). Some malicious users may access the CRN and mislead the secondary users to vacate the occupied channel, which may stop the communication. In this work, we propose a new cryptographic-based algorithm, CRAES (Cognitive Radio-Advanced Encryption Standard), inspired by the traditional AES to secure the CRN. The data of the primary and secondary users is encrypted at the transmitter and decrypted at the receiver. Unlike the conventional AES, we introduce the data-dependent key-generation and shift-rows process. We also reduce the rounds of AES from 10-6 to improve the computational efficiency without compromising the overall security. The experimental results demonstrate the effectiveness of the proposed CR-AES in terms of better security, reliability, and computational efficiency.

Statistical integral distinguisher with multi-structure and its application on AES-like ciphers

Integral attack is one of the most powerful tools in the field of symmetric ciphers. In order to reduce the time complexity of original integral one, Wang et al. firstly proposed a statistical integral distinguisher at FSE’16. However, they don’t consider the cases that there are several integral properties on output and multiple structures of data should be used at the same time. In terms of such cases, we put forward a new statistical integral distinguisher, which enables us to reduce the data complexity comparing to the traditional integral ones under multiple structures. As illustrations, we use it into the known-key distinguishers on AES-like ciphers including AES and the permutations of Whirlpool, PHOTON and Grostl-256 hash functions based on the Gilbert’s work at ASIACRYPT’14. These new distinguishers are the best ones comparing with previous ones under known-key setting. Moreover, we propose a secret-key distinguisher on 5-round AES under chosen-ciphertext mode. Its data, time and memory complexities are 2114.32 chosen ciphertexts, 2110 encryptions and 233.32 blocks. This is the best integral distinguisher on AES with secret S-box under secret-key setting so far.

Subspace Trail Cryptanalysis and its Applications to AES

We introduce subspace trail cryptanalysis, a generalization of invariant subspace cryptanalysis. With this more generic treatment of subspaces we do no longer rely on specific choices of round constants or subkeys, and the resulting method is as such a potentially more powerful attack vector. Interestingly, subspace trail cryptanalysis in fact includes techniques based on impossible or truncated differentials and integrals as special cases. Choosing AES-128 as the perhaps most studied cipher, we describe distinguishers up to 5-round AES with a single unknown key. We report (and practically verify) competitive key-recovery attacks with very low data-complexity on 2, 3 and 4 rounds of AES. Additionally, we consider AES with a secret S-Box and we present a (generic) technique that allows to directly recover the secret key without finding any information about the secret S-Box. This approach allows to use e.g. truncated differential, impossible differential and integral attacks to find the secret key. Moreover, this technique works also for other AES-like constructions, if some very common conditions on the S-Box and on the MixColumns matrix (or its inverse) hold. As a consequence, such attacks allow to better highlight the security impact of linear mappings inside an AES-like block cipher. Finally, we show that our impossible differential attack on 5 rounds of AES with secret S-Box can be turned into a distinguisher for AES in the same setting as the one recently proposed by Sun, Liu, Guo, Qu and Rijmen at CRYPTO 2016

Optimised the differential trail of the authenticated encryption algorithm Tiaoxin-346

Tiaoxin-346 is a nonce-based authenticated encryption scheme designed by Ivica Nikolic and has been submitted to the CAESAR competition. Tiaoxin-346 uses three parallel structures of T3, T4, T6 as an important part of the algorithm. In this work, we give the differential analysis. The differential trail designed by designer has 30 active S-boxes (a difference goes six times through two AES rounds) and holds with a probability of at most 2−180. On the base of the forgery attack, we add one round after the last round in the original trail and make the inputs to T3 and T4 have the same difference. We assume the difference can be controlled. Therefore, there is no difference for the state T6. The probability of differential trail is 2−174. By the same method, we add one round before the first round. The probability of differential trail is 2−150. Absolutely, the probabilities are much higher than the designer's.

Optimised the differential trail of the authenticated encryption algorithm Tiaoxin-346

Tiaoxin-346 is a nonce-based authenticated encryption scheme designed by Ivica Nikolić and has been submitted to the CAESAR competition. Tiaoxin-346 uses three parallel structures of T3, T4, T6 as an important part of the algorithm. In this work, we give the differential analysis. The differential trail designed by designer has 30 active S-boxes (a difference goes six times through two AES rounds) and holds with a probability of at most 2−180. On the base of the forgery attack, we add one round after the last round in the original trail and make the inputs to T3 and T4 have the same difference. We assume the difference can be controlled. Therefore, there is no difference for the state T6. The probability of differential trail is 2−174. By the same method, we add one round before the first round. The probability of differential trail is 2−150. Absolutely, the probabilities are much higher than the designer's.

AES-GCM and AEGIS: Efficient and High Speed Hardware Implementations

Authenticated Encryption (AE) is a block cipher mode of operation which provides confidentiality and integrity simultaneously. In terms of the hardware implementation, it produces smaller area compared to two separated algorithms. Therefore, it has become popular and a number of modes have been proposed. This paper presents two efficient hardware implementations for AE schemes, AES-GCM and AEGIS. In terms of AES-GCM, the performance of the system is always determined by the Galois Hash (GHASH) architecture because of the inherent computation feedback. This paper introduces an efficient method for implementing the pipelined Karatsuba Ofman Algorithm (KOA)-based GHASH on FPGAs. In particular, the computation feedback is removed by analyzing the complexity of the computation process. In addition, an efficient AEGIS is also implemented using only five AES rounds. The proposed architectures are evaluated with three different implementations of AES SubBytes (BRAMs-based SubBytes, composite field-based SubBytes, and LUT-based SubBytes) to increase the flexibility of the presented work. The presented architectures are implemented using Xilinx Virtex-5 FPGAs. Our comparison to previous work reveals that our architectures are more performance-efficient (Throughput/Slices).

A Collision Attack on a Double-Block-Length Compression Function Instantiated with 8-/9-Round AES-256

This paper presents the first non-trivial collision attack on the double-block-length compression function presented at FSE 2006 instantiated with round-reduced AES-256: \(f_0(h_0\Vert h_1,M)\Vert f_1(h_0\Vert h_1,M)\) such that $$\begin{aligned} f_0(h_0 \Vert h_1,M)&=E_{h_1\Vert M}(h_0)\oplus h_0 f_1(h_0 \Vert h_1,M)&=E_{h_1\Vert M}(h_0\oplus c)\oplus h_0\oplus c , \end{aligned}$$ where \(\Vert \) represents concatenation, \(E\) is AES-256 and \(c\) is a non-zero constant. The proposed attack is a free-start collision attack. It uses the rebound attack proposed by Mendel et al. It finds a collision with time complexity \(2^{8}\), \(2^{64}\) and \(2^{120}\) for the instantiation with 6-round, 8-round and 9-round AES-256, respectively. The space complexity is negligible. The attack is effective against the instantiation with 6-/8-round AES-256 if the \(16\)-byte constant \(c\) has a single non-zero byte. It is effective against the instantiation with 9-round AES-256 if the constant \(c\) has four non-zero bytes at some specific positions.

Improved preimage attacks on hash modes of 8-round AES-256

We observe the slow diffusion of the AES key schedule for 256-bit keys and find weakness which can be used in the preimage attack on its Davies-Meyer mode. Our preimage attack works for 8 rounds of AES-256 with the computational complexity of 2124.9. It is comparable with Bogdanov et al.'s biclique-based preimage attack on AES-256, which is applicable up to full rounds but has the computational complexity more than 2126.5. We also extend our result to the preimage attack on some well-known double-block-length hash modes assuming the underlying block cipher is 8-round AES-256, whose computational complexity is 2252.9.

Exploiting the Incomplete Diffusion Feature: A Specialized Analytical Side-Channel Attack Against the AES and Its Application to Microcontroller Implementations

Algebraic side-channel attack (ASCA) is a typical technique that relies on a general solver to solve the equations of a cipher and its side-channel leaks. It falls under analytical side-channel attack and can recover the entire key at once. Many ASCAs are proposed against the AES, and they utilize the Grobner basis-based, SAT-based, or optimizer-based solver. The advantage of the general solver approach is its generic feature, which can be easily applied to different cryptographic algorithms. The disadvantage is that it is difficult to take into account the specialized properties of the targeted cryptographic algorithms. The results vary depending on what type of solver is used, and the time complexity is quite high when considering the error-tolerant attack scenarios. Thus, we were motivated to find a new approach that would lessen the influence of the general solver and reduce the time complexity of ASCA. This paper proposes a new analytical side-channel attack on AES by exploiting the incomplete diffusion feature in one AES round. We named our technique incomplete diffusion analytical side-channel analysis (IDASCA). Different from previous ASCAs, IDASCA adopts a specialized approach to recover the secret key of AES instead of the general solver. Extensive attacks are performed against the software implementation of AES on an 8-bit microcontroller. Experimental results show that: 1) IDASCA can exploit the side-channel leaks in all AES rounds using a single power trace; 2) it has less time complexity and more robustness than previous ASCAs, especially when considering the error-tolerant attack scenarios; and 3) it can calculate the reduced key search space of AES for the given amount of side-channel leaks. IDASCA can also interpret the mechanism behind previous ASCAs on AES from a quantitative perspective, such as why ASCA can work under unknown plaintext/ciphertext scenarios and what are the extreme cases in ASCAs.

A Performance and Area Efficient ASIP for Higher-Order DPA-Resistant AES

Masking is a common method used in embedded systems to prevent differential power analysis (DPA) attack. However, first-order masking cannot prevent higher-order DPA attacks. To enhance security, higher-order masking should be implemented. Hardware accelerator based higher-order masking has higher performance, but it consumes large area. General purpose processor (GPP) based higher-order masking is area-efficient, but it is unable to meet performance requirements. To handle this problem, we propose a novel high-order DPA-resistant ASIP. We develop three performance and area-efficient methods to extend the instruction set for a 32-bit LEON3 processor, with the goal of reducing execution cycles and code sizes. First, we reorder the execution sequence of SubBytes and ShiftRows. We partition new critical pathlthe masked SubBytes followed by the masked MixColumns, and transform computations from $GF(2^8)$ to $GF(2^4)^2$ that efficiently reduces the area. We reused our previous technique, which moved the map and the inverse map functions outside the AES round. Second, we develop an algorithm to search for an optimal transformation matrix of the map function to reduce the critical path of the masked MixColumns. Third, we reuse first-order masked SubBytes for higher-order masked SubBytes to optimize area without compromising performance. The experimental results show that our third-order masking design reduces around 8/9 execution cycles of GPP based reference design and reduces 70.5% area of hardware accelerator based reference design. We have realized a highly secure ASIP with third-order masking that dramatically reduces execution cycles from 197–470 K to only 3.3 K compared with state-of-the-art software implementations.

Improved Single-Key Attacks on 8-Round AES-192 and AES-256

AES is the most widely used block cipher today, and its security is one of the most important issues in cryptanalysis. After 13 years of analysis, related-key attacks were recently found against two of its flavors (AES-192 and AES-256). However, such a strong type of attack is not universally accepted as a valid attack model, and in the more standard single-key attack model at most 8 rounds of these two versions can be currently attacked. In the case of 8-round AES-192, the only known attack (found 10 years ago) is extremely marginal, requiring the evaluation of essentially all the 2128 possible plaintext/ciphertext pairs in order to speed up exhaustive key search by a factor of 16. In this paper we introduce three new cryptanalytic techniques, and use them to get the first non-marginal attack on 8-round AES-192 (making its time complexity about a million times faster than exhaustive search, and reducing its data complexity to about 1/32,000 of the full codebook). In addition, our new techniques can reduce the best known time complexities for all the other combinations of 7-round and 8-round AES-192 and AES-256.

A comprehensive study of multiple deductions-based algebraic trace driven cache attacks on AES

Existing trace driven cache attacks (TDCAs) can only analyze the cache events in the first two rounds or the last round of AES, which limits the efficiency of the attacks. Recently, Zhao et al. proposed the multiple deductions-based algebraic side-channel attack (MDASCA) to cope with the errors in leakage measurements and to exploit new leakage models. Their preliminary results showed that MDASCA can improve TDCAs and attack the AES implemented with a compact lookup table of 256 bytes. This paper performs a comprehensive study of MDASCA-based TDCAs (MDATDCA) on most of the AES implementations that are widely used. First, the key recovery in TDCA is depicted by an abstract model regardless of the specific attack techniques. Then, the previous work of TDCAs on AES is classified into three types and its limitations are analyzed. How to utilize the cache events with MDATDCA is presented and the overhead is also calculated. To evaluate MDATDCA on AES, this paper constructs a mathematical model to estimate the maximal number of leakage rounds that can be utilized and the minimal number of cache traces required for a successful MDATDCA. Extensive experiments are conducted under different implementations, attack scenarios and key lengths of AES. The experimental results are consistent with the theoretical analysis. Many improvements are achieved. For the first time, we show that TDCAs on AES-192 and AES-256 become possible with the MDATDCA technique. Our work attests that combining TDCAs with algebraic techniques is a very efficient way to improve cache attacks.

Research of Cache Timing Template Attacks on AES

Due to the impact of micro-architectures and operating systems,the execution time of different S-Box lookups in block ciphers have some variance,which may cause the leakages of the S-Box lookup indexes.Utilizing the "byte oriented and divide and conquer" strategy in side channel analysis,this paper analyzes the resistance of AES implementations against Cache timing template attacks.First,the mechanism of different Cache access time is analyzed,and two Cache timing attacks are provided(collision-based and template-based).Second,the model of Cache timing external template attack is built,and a new template matching algorithm is proposed which is based on Pearson correlation factor.Two real attacks on the first and the last round of AES are launched successfully.To overcome the requirement of a template platform in external template attacks,an internal template attack is proposed and applied to AES.Finally,several extended attacks on AES are conducted under different settings,operating systems,Cache initial states,and crypto libraries.The experimental results are compared with the previous work,and an effective countermeasure is also suggested.

Check and Balance in Foreign policy-making: Role and Influence of US Congress in the process of Free Trade Agreement

At FDTC'05 and CISC-W'10, the authors showed that if they decrease the number of rounds of AES and Triple-DES by using the fault injections, it is possible to recover the secret key of the target algorithms, respectively. In this paper, we propose a key recovery attack on HMAC by using the main idea of these attacks. This attack is applicable to HMAC based on MD-family hash functions and can recover the secret key with the negligible computational complexity. Particularly, the attack result on HMAC-SHA-2 is the first known key recovery attack result on this algorithm.

General Impossible Differential Attack on 7-Round AES

Impossible differential attack (IDA) uses impossible differential characteristics extracted from enough plaintext pairs to retrieve subkeys of the first and the last several rounds of AES. In this paper, a general IDA on 7-round AES is proposed. Such attack takes the number of all-zero columns of the 7th and the 6th round as parameters (α, β). And a trade-off relation between the number of plaintexts and times of encryptions in the process of the attack is derived, which makes only some values of (α, β) allowed in the attack for different key length.

Impossible differential cryptanalysis of Advanced Encryption Standard

Impossible differential cryptanalysis is a method recovering secret key, which gets rid of the keys that satisfy impossible differential relations. This paper concentrates on the impossible differential cryptanalysis of Advanced Encryption Standard (AES) and presents two methods for impossible differential cryptanalysis of 7-round AES-192 and 8-round AES-256 combined with time-memory trade-off by exploiting weaknesses in their key schedule. This attack on the reduced to 7-round AES-192 requires about 294.5 chosen plaintexts, demands 2129 words of memory, and performs 2157 7-round AES-192 encryptions. Furthermore, this attack on the reduced to 8-round AES-256 requires about 2101 chosen plaintexts, demands 2201 words of memory, and performs 2228 8-round AES-256 encryptions.