Previous [ 1] [ 2] [ 3] [ 4] [ 5] [ 6] [ 7] [ 8] [ 9] [ 10] [ 11] [ 12] [ 13] [ 14] [ 15]

@

Journal of Information Science and Engineering, Vol. 27 No. 6, pp. 2031-2045 (November 2011)

Improved Integral Attacks on Rijndael*

YAN-JUN LI1,2 AND WEN-LING WU1
1State Key Laboratory of Information Security, Institute of Software
Chinese Academy of Sciences
Beijing, 100190 P.R. China
Graduate University of Chinese Academy of Sciences
Beijing, 100049 P.R. China
2Department of Information Security
Beijing Electronic Science and Technology Institute
Beijing, 100070 P.R. China

In this paper, we present some improved integral attacks on Rijndael whose block sizes are larger than 128 bits. We will introduce some 4-round distinguishers for Rijndael with large blocks proposed by Marine Minier (AFRICACRYPT 2009), and propose a new 4th-order 4-round distinguisher for Rijndael-192. Based on these distinguishers, together with the partial sum technique proposed by Niels Ferguson (FSE 2000), we can apply integral attacks up to 8-round Rijndael-160, 9-round Rijndael-192, and 9-round Rijndael-224. Compared to the square attack proposed by Samuel Galice (AFRICACRYPT 2008), we give different attacks on Rijndael-256 to 8 and 9 rounds. Except the attack on Rijndael-256, all the other results are the best cryptanalytic results on Rijndael with large blocks so far.

Keywords: block cipher, integral attack, Rijndael, partial sum technique, distinguisher

Full Text () Retrieve PDF document (201111_15.pdf)

Received February 11, 2010; revised April 13, 2010; accepted July 13, 2010.
Communicated by Tzong-Chen Wu.
* This paper was supported by the National Natural Science Foundation of China under grants No. 60873259 and 60903212, and Knowledge Innovation Project of The Chinese Academy of Sciences.