Paper 2022/1640
Differential Meet-In-The-Middle Cryptanalysis
Abstract
In this paper we introduce the differential meet-in-the-middle framework, a new cryptanalysis technique for symmetric primitives. Our new cryptanalysis method combines techniques from both meet-in-the- middle and differential cryptanalysis. As such, the introduced technique can be seen as a way of extending meet-in-the-middle attacks and their variants but also as a new way to perform the key recovery part in differential attacks. We apply our approach to SKINNY-128-384 in the single-key model and to AES-256 in the related-key model. Our attack on SKINNY-128-384 permits to break 25 out of the 56 rounds of this variant and improves by two rounds the previous best known attacks. For AES-256 we attack 12 rounds by considering two related keys, thus outperforming the previous best related-key attack on AES-256 with only two related keys by 2 rounds.
Metadata
- Available format(s)
-
PDF
- Category
- Secret-key cryptography
- Publication info
- Published by the IACR in CRYPTO 2023
- Keywords
- differential cryptanalysismeet-in-the-middle cryptanalysisSKINNYAES
- Contact author(s)
-
christina boura @ uvsq fr
nicolas david @ inria fr
patrick derbez @ irisa fr
gregor leander @ rub de
maria naya-plasencia @ inria fr - History
- 2023-06-05: last of 3 revisions
- 2022-11-24: received
- See all versions
- Short URL
- https://ia.cr/2022/1640
- License
-
CC BY
BibTeX
@misc{cryptoeprint:2022/1640,
author = {Christina Boura and Nicolas David and Patrick Derbez and Gregor Leander and María Naya-Plasencia},
title = {Differential Meet-In-The-Middle Cryptanalysis},
howpublished = {Cryptology ePrint Archive, Paper 2022/1640},
year = {2022},
note = {\url{https://eprint.iacr.org/2022/1640}},
url = {https://eprint.iacr.org/2022/1640}
}
