Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Presentation

New Representations of the AES Key Schedule

October 5, 2022

Presenters

Clara Pernot - Inria (Paris)

Description

Abstract: In this talk I will present new representations of the AES key schedule, with some implications to the security of AES-based schemes. In particular, I will show that the AES-128 key schedule can be split into four independent parallel computations operating on 32 bits chunks, up to linear transformation. I will show two consequences of our new representations. First, we will observe that iterating an odd number of key schedule rounds results in a permutation with short cycles. This explains an observation of Khairallah on mixFeed, and leads to a novel attack on ALE. Our new representation also gives efficient ways to combine information from the first subkeys and information from the last subkeys, in order to reconstruct the corresponding master key. This results in small improvements to previous attacks: we improve impossible differential attacks against several variants of AES (and Rijndael), and a square attack against AES-192.

Based on joint work with Gaëtan Leurent, which appeared at Eurocrypt 2021.

Suggested reading: ia.cr/2020/1253

Presented at

Crypto Reading Club meeting on 2022-Oct-05

Parent Project

See: Crypto Reading Club

Related Topics

Security and Privacy: cryptography

Created September 28, 2022, Updated March 22, 2023