Revisiting Related-Key Boomerang attacks on AES using computer-aided tool

Thời gian: 14:00 đến 15:30 Ngày 22/09/2023

Địa điểm: C101, VIASM

Speaker: Phuong Hoa Nguyen (Univ Rennes, CNRS, IRISA, Rennes, France).

Abstract: In recent years, several MILP models were introduced to search automatically for boomerang distinguishers and boomerang at- tacks on block ciphers. However, they can only be used when the key schedule is linear. Here, a new model is introduced to deal with non-linear key schedules as it is the case for AES. This model is more complex and actually it is too slow for exhaustive search. However, when some hints are added to the solver, it found the current best related-key boomerang attack on AES-192 with 2^124 time, 2^124 data, and 2^79.8 memory complexities, which is better than the one presented by Biryukov and Khovratovich at ASIACRYPT 2009 with complexities 2^176/2^123/2^152 respectively. This represents a huge improvement for the time and memory complexity, illustrating the power of MILP in cryptanalysis.

Joint work with Patrick Derbez, Marie Euler, and Pierre-Alain Fouque

Article link: https://ia.cr/2022/725