Related-Key Differential-Linear Attacks on Reduced AES-192

  • Wentao Zhang
  • Lei Zhang
  • Wenling Wu
  • Dengguo Feng
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4859)


In this paper, we study the security of AES-192 against related-key differential-linear cryptanalysis, which is the first attempt using this technique. Among our results, we present two variant attacks on 7-round AES-192 and one attack on 8 rounds using a 5-round related-key differential-linear distinguisher. One key point of the construction of the distinguisher is the special property of MC operation of AES. Compared with the best known results of related-key impossible differential attacks and related-key rectangle attacks on AES-192, the results presented in this paper are not better than them, but the work is a new attempt, and we hope further work may be done to derive better results in the future.


AES cryptanalysis related-key differential-linear attack 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Biham, E.: New Types of Cryptanalytic Attacks Using Related Keys. Journal of Cryptology 7(4), 229–246 (1994)zbMATHCrossRefGoogle Scholar
  2. 2.
    Biham, E., Dunkelman, O., Keller, N.: Related-Key Impossible Differential Attacks on 8-Round AES-192. In: Pointcheval, D. (ed.) CT-RSA 2006. LNCS, vol. 3860, pp. 21–33. Springer, Heidelberg (2006)CrossRefGoogle Scholar
  3. 3.
    Biham, E., Dunkelman, O., Keller, N.: Related-Key Boomerang and Rectangle Attacks. In: EUROCRYPT 2005. LNCS, vol. 3557, pp. 507–525. Springer, Heidelberg (2005)Google Scholar
  4. 4.
    Biham, E., Shamir, A.: Differential cryptanalysis of DES-like cryptosystems. Journal of Cryptology 4(1), 3–72 (1991)zbMATHCrossRefMathSciNetGoogle Scholar
  5. 5.
    Biham, E., Biryukov, A., Shamir, A.: Cryptanalysis of Skipjack Reduced to 31 Rounds. In: Stern, J. (ed.) EUROCRYPT 1999. LNCS, vol. 1592, pp. 12–23. Springer, Heidelberg (1999)Google Scholar
  6. 6.
    Biham, E., Dunkelman, O., Keller, N.: Enhancing Differential-Linear Cryptanalysis. In: Zheng, Y. (ed.) ASIACRYPT 2002. LNCS, vol. 2501, pp. 254–266. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  7. 7.
    Jakimoski, G., Desmedt, Y.: Related-Key Differential Cryptanalysis of 192-bit Key AES Variants. In: Matsui, M., Zuccherato, R.J. (eds.) SAC 2003. LNCS, vol. 3006, pp. 208–221. Springer, Heidelberg (2004)Google Scholar
  8. 8.
    Kim, J., Hong, S., Preneel, B.: Related-Key Rectangle Attacks on Reduced AES-192 and AES-256. In: Encryption 2007. LNCS, vol. 4593, pp. 225–241. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  9. 9.
    Langford, S.K., Hellman, M.E.: Differential-linear cryptanalysis. In: Desmedt, Y.G. (ed.) CRYPTO 1994. LNCS, vol. 839, pp. 17–25. Springer, Heidelberg (1994)Google Scholar
  10. 10.
    Matsui, M.: Linear Cryptanalysis Method for DES Cipher. In: Helleseth, T. (ed.) EUROCRYPT 1993. LNCS, vol. 765, pp. 386–397. Springer, Heidelberg (1994)CrossRefGoogle Scholar
  11. 11.
    National Institute of Standards and Technology. Advanced Encryption Standard (AES), FIPS Publication 197 (November 26, 2001), Available at
  12. 12.
    Wagner, D.: The Boomerang Attack. In: Knudsen, L.R. (ed.) FSE 1999. LNCS, vol. 1636, pp. 156–170. Springer, Heidelberg (1999)CrossRefGoogle Scholar
  13. 13.
    Zhang, W., Wu, W., Zhang, L., Feng, D.: Improved Related-Key Impossible Differential Attacks on Reduced-Round AES-192. In: Cryptography 2006. LNCS, vol. 4356, pp. 15–27 (2007)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Wentao Zhang
    • 1
  • Lei Zhang
    • 2
  • Wenling Wu
    • 2
  • Dengguo Feng
    • 2
  1. 1.State Key Laboratory of Information Security, Graduate University of Chinese Academy of Sciences, Beijing 100049P.R. China
  2. 2.State Key Laboratory of Information Security, Institute of Software, Chinese Academy of Sciences, Beijing 100080P.R. China

Personalised recommendations