Xiaoli Dong, Jun Liu, Yongzhuang Wei, Wen Gao, Jie Chen
{"title":"带值限制的 AES 中间人攻击","authors":"Xiaoli Dong, Jun Liu, Yongzhuang Wei, Wen Gao, Jie Chen","doi":"10.1007/s10623-024-01396-9","DOIUrl":null,"url":null,"abstract":"<p>In meet-in-the-middle (MITM) attacks, the sizes of the precomputation tables determine the effectiveness. In this paper, value constraints are presented to reduce the size of the precomputation table in MITM attacks on AES. Based on a differential property of linear combinations of multiple S-boxes, value constraints related to input or output in four and five rounds of AES are explored. Meanwhile, with these value constraints, a method of setting up non-linear equations is proposed to reduce the sizes of the precomputation tables by decreasing the number of byte parameters. Compared with the existing results, their sizes can be reduced by <span>\\(2^8\\)</span>, <span>\\(2^{16}\\)</span>, or <span>\\(2^{24}\\)</span>. Finally, some attacks are improved with lower time and memory complexities.</p>","PeriodicalId":11130,"journal":{"name":"Designs, Codes and Cryptography","volume":null,"pages":null},"PeriodicalIF":1.4000,"publicationDate":"2024-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Meet-in-the-middle attacks on AES with value constraints\",\"authors\":\"Xiaoli Dong, Jun Liu, Yongzhuang Wei, Wen Gao, Jie Chen\",\"doi\":\"10.1007/s10623-024-01396-9\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<p>In meet-in-the-middle (MITM) attacks, the sizes of the precomputation tables determine the effectiveness. In this paper, value constraints are presented to reduce the size of the precomputation table in MITM attacks on AES. Based on a differential property of linear combinations of multiple S-boxes, value constraints related to input or output in four and five rounds of AES are explored. Meanwhile, with these value constraints, a method of setting up non-linear equations is proposed to reduce the sizes of the precomputation tables by decreasing the number of byte parameters. Compared with the existing results, their sizes can be reduced by <span>\\\\(2^8\\\\)</span>, <span>\\\\(2^{16}\\\\)</span>, or <span>\\\\(2^{24}\\\\)</span>. Finally, some attacks are improved with lower time and memory complexities.</p>\",\"PeriodicalId\":11130,\"journal\":{\"name\":\"Designs, Codes and Cryptography\",\"volume\":null,\"pages\":null},\"PeriodicalIF\":1.4000,\"publicationDate\":\"2024-04-18\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Designs, Codes and Cryptography\",\"FirstCategoryId\":\"100\",\"ListUrlMain\":\"https://doi.org/10.1007/s10623-024-01396-9\",\"RegionNum\":2,\"RegionCategory\":\"数学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, THEORY & METHODS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Designs, Codes and Cryptography","FirstCategoryId":"100","ListUrlMain":"https://doi.org/10.1007/s10623-024-01396-9","RegionNum":2,"RegionCategory":"数学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}
引用次数: 0
摘要
在中间连接(MITM)攻击中,预计算表的大小决定了攻击的有效性。本文提出了在 AES 的 MITM 攻击中减少预计算表大小的值约束。基于多个 S 盒线性组合的微分特性,探讨了与 AES 四轮和五轮输入或输出相关的值约束。同时,利用这些值约束,提出了一种建立非线性方程的方法,通过减少字节参数的数量来减小预计算表的大小。与现有结果相比,它们的大小可以减少(2^8)、(2^{16}\)或(2^{24}\)。最后,一些攻击得到了改进,时间和内存复杂度都降低了。
Meet-in-the-middle attacks on AES with value constraints
In meet-in-the-middle (MITM) attacks, the sizes of the precomputation tables determine the effectiveness. In this paper, value constraints are presented to reduce the size of the precomputation table in MITM attacks on AES. Based on a differential property of linear combinations of multiple S-boxes, value constraints related to input or output in four and five rounds of AES are explored. Meanwhile, with these value constraints, a method of setting up non-linear equations is proposed to reduce the sizes of the precomputation tables by decreasing the number of byte parameters. Compared with the existing results, their sizes can be reduced by \(2^8\), \(2^{16}\), or \(2^{24}\). Finally, some attacks are improved with lower time and memory complexities.
期刊介绍:
Designs, Codes and Cryptography is an archival peer-reviewed technical journal publishing original research papers in the designated areas. There is a great deal of activity in design theory, coding theory and cryptography, including a substantial amount of research which brings together more than one of the subjects. While many journals exist for each of the individual areas, few encourage the interaction of the disciplines.
The journal was founded to meet the needs of mathematicians, engineers and computer scientists working in these areas, whose interests extend beyond the bounds of any one of the individual disciplines. The journal provides a forum for high quality research in its three areas, with papers touching more than one of the areas especially welcome.
The journal also considers high quality submissions in the closely related areas of finite fields and finite geometries, which provide important tools for both the construction and the actual application of designs, codes and cryptographic systems. In particular, it includes (mostly theoretical) papers on computational aspects of finite fields. It also considers topics in sequence design, which frequently admit equivalent formulations in the journal’s main areas.
Designs, Codes and Cryptography is mathematically oriented, emphasizing the algebraic and geometric aspects of the areas it covers. The journal considers high quality papers of both a theoretical and a practical nature, provided they contain a substantial amount of mathematics.