Wikipedia

Advanced Encryption Standard: Difference between revisions

Browse history interactively
← Previous editNext edit →
Content deleted Content added
VisualWikitext
Performance: Source doesn't mention that CPU, or the specifics for any CPU. Rather, the throughput of 'multiple GB/s' is reasonably inferred from the source in that the benchmark results themselves are in the multiple GB/s and require AES encryption.
Tags: Mobile edit Mobile web edit
/
Line 142:
Another attack was blogged by Bruce Schneier<ref>{{cite web |url=http://www.schneier.com/blog/archives/2009/07/another_new_aes.html |title=Another New AES Attack |author=Bruce Schneier |date=2009-07-30 |work=Schneier on Security, A blog covering security and security technology |access-date=2010-03-11 |url-status=live |archive-url=https://web.archive.org/web/20091005183132/http://www.schneier.com/blog/archives/2009/07/another_new_aes.html |archive-date=2009-10-05}}</ref>
on July 30, 2009, and released as a [[preprint]]<ref>{{cite web |url=http://eprint.iacr.org/2009/374 |title=Key Recovery Attacks of Practical Complexity on AES Variants With Up To 10 Rounds |author=Alex Biryukov |author2=Orr Dunkelman |author3=Nathan Keller |author4=Dmitry Khovratovich |author5=Adi Shamir |date=2009-08-19 |access-date=2010-03-11 |archive-url=https://web.archive.org/web/20100128050656/http://eprint.iacr.org/2009/374 |archive-date=28 January 2010 |url-status=live}}</ref>
on August 3, 2009. This new attack, by Alex Biryukov, [[Orr Dunkelman]], [[Nathan Keller]], Dmitry Khovratovich, and [[Adi Shamir]], is against AES-256 that uses only two related keys and 2<sup>39</sup> time to recover the complete 256-bit key of a 9-round version, or 2<sup>45</sup> time for a 10-round version with a stronger type of related subkey attack, or 2<sup>70</sup> time for an 11-round version. 256-bit AES uses 14 rounds, so these attacks are not effective against full AES.
 
The practicality of these attacks with stronger related keys has been criticized,<ref>{{Cite book |title=On Some Symmetric Lightweight Cryptographic Designs |last=Agren |first=Martin |publisher=Dissertation, Lund University |year=2012 |pages=38–39}}</ref> for instance, by the paper on chosen-key-relations-in-the-middle attacks on AES-128 authored by Vincent Rijmen in 2010.<ref>{{cite journal |url=http://eprint.iacr.org/2010/337.pdf |title=Practical-Titled Attack on AES-128 Using Chosen-Text Relations |author=Vincent Rijmen |date=2010 |journal=IACR Cryptology ePrint Archive |url-status=live |archive-url=https://web.archive.org/web/20100702184311/http://eprint.iacr.org/2010/337.pdf |archive-date=2010-07-02}}</ref>
Retrieved from "https://en.wikipedia.org/wiki/Advanced_Encryption_Standard"