## CryptoDB

### Zheng Yuan

#### Publications

Year
Venue
Title
2015
EPRINT
2010
EPRINT
Some new near $5$ rounds impossible differential properties of AES are first presented in this paper, in which active bytes of $1^{st}$ round or $5^{th}$ round are in different columns and in favor of extension. Additionally, we first propose the complexities expressions of an universal impossible differential attack, which can help us to rapidly search appropriate impossible differential paths. More importantly, our near $5$ rounds impossible differential properties and complexities expressions lead to a series of new impossible differential attacks on 7 rounds AES-128, 7-9 rounds AES-192, and 8-12 rounds AES-256.
2010
EPRINT
An distinguisher was constructed by utilizing a 2-round collision differential path of ALPHA-MAC, with about $2^{65.5}$ chosen messages and $2^{65.5}$ queries. Then, this distinguisher was used to recover the internal state(\cite{Yuan1},\cite{Yuan2}). However, a flaw is found in the internal state recovery attack. The complexity of recovering the internal state is up to $2^{81}$ exhaustive search. And the complexity of the whole attack will be up to $2^{67}$ chosen messages and $2^{81}$ exhaustive search. To repair the flaw, a modified 2-round differential path of ALPHA-MAC is present and a new distinguisher based on this path is proposed. Finally, an attack with about $2^{65.5}$ chosen messages and $2^{65.5}$ queries is obtained under the new distinguisher.
2010
EPRINT
By the birthday attack, a new distinguisher with an inner partial collision is first presented. Using the distinguisher can attack on MAC/HMAC based on a dedicated compression function framework proposed in ChinaCrypt2008, with $2^{16.5}$ data complexity and $2^{16.5}$ MAC queries. More important, using the new distinguishing attack can recover the secret key of NMAC with the data complexities of $2^{16.5}$.
2009
CRYPTO
2008
EPRINT
In this paper, we first present a new distinguisher on the CBC-MAC based on a block cipher in Cipher Block Chaining (CBC) mode. It can also be used to distinguish other CBC-like MACs from random functions. The main results of this paper are on the second-preimage attack on CBC-MAC and CBC-like MACs include TMAC, OMAC, CMAC, PC-MAC and MACs based on three-key encipher CBC mode. Instead of exhaustive search, this attack can be performed with the birthday attack complexity.
2008
EPRINT
In this paper, we present new distinguishers of the MAC construction \textsc{Alred} and its specific instance \textsc{Alpha}-MAC based on AES, which is proposed by Daemen and Rijmen in 2005. For the \textsc{Alred} construction, we describe a general distinguishing attack which leads to a forgery attack directly. The complexity is $2^{64.5}$ chosen messages and $2^{64.5}$ queries with success probability 0.63. We also use a two-round collision differential path for \textsc{Alpha}-MAC, to construct a new distinguisher with about $2^{65.5}$ queries. The most important is that the new distinguisher can be used to recover the internal state, which is an equivalent secret subkey, and leads to a second preimage attack. Moreover, the distinguisher on \textsc{Alred} construction is also applicable to the MACs based on CBC and CFB encryption mode.

#### Coauthors

Xiao Feng (1)
Keting Jia (3)
Jintao Liu (1)
Xiaoqiu Ren (1)
Wei Wang (2)
Mingsheng Wang (1)
Xiaoyun Wang (3)
Mei Wang (1)
Shengbao Wu (1)
Guangwu Xu (2)