First cryptanalysis of the full AES

December 2, 2009
Dmitry Khovratovich | University of Luxembourg

The Advanced Encryption Standard (AES) is one of the most popular ciphers in the world and is widely used for both commercial and
government purposes. Since it became a standard in 2001, the progress in its cryptanalysis has been very slow. Even the best attacks, which exist only on reduced versions, were impractical.
New attacks are based on ideas from the cryptanalysis of hash functions. We show how the principle of local collisions exhibits non-tivial properties of the full cipher, and how an optimal attack can be explained as a codeword in the linear key schedule . We present a wide range of attacks: from a pure theoretical boomerang to a practical weakness in the ideal-cipher model, which can be demonstrated on a PC

Speaker Details

Dmitry Khovratovich is a PhD student at the University of Luxembourg since December 2006. His supervisor is Prof. Dr. Alex Biryukov. Dmitry obtained his Master degree (diploma with honor) at the Moscow State University in 2005 (Computational Mathematics and Cybernetics Faculty). His research area includes design and analysis of symmetric ciphers and hash functions as well as mathematic background of cryptanalysis. Dmitry has published best attacks on the ciphers AES and RC4.