CryptoDB
The Boomerang Chain Distinguishers: New Record for 6-Round AES
| Authors: |
|
|---|---|
| Download: | |
| Conference: | ASIACRYPT 2024 |
| Abstract: | AES is the most used block cipher, and its round-reduced variants are popular underlying components to design cryptographic schemes. How to effectively distinguish round-reduced AES from random permutations has always been a hot research topic. Currently, the longest rounds of AES can be distinguished is 6 rounds, where the best result is the 6-round exchange distinguisher with the data complexity 2^{84}. In this paper, we extend the classical boomerang distinguisher which uses only one boomerang property to use two or more related boomerangs and the technique of `friend pairs' to enhance the distinguishing effect. We propose the frameworks of the re-boomerang and boomerang chain distinguishers and apply to 6-round AES. The re-boomerang distinguisher uses two related boomerangs sequentially, which have the same upper truncated differential trail in the forward direction. A plaintext pair is called a right pair if it follows this truncated differential trail. By the first boomerang, a target set of plaintext pairs containing one right pair can be obtained. Then for each pair in the target set, construct its `friend pairs' as the input of the second boomerang to distinguish the cipher. Due to the dependence of the two boomerangs, all `friend pairs' of the right pair are right pairs, so the probability of the second boomerang is increased. To further improve the complexity, we insert a new boomerang in the middle of the re-boomerang and repeat it to reduce the target set. Combining the strategies of using more data in each boomerang and repeating the distinguishing process several times, we give a boomerang chain distinguisher on 6-round AES with success probability 60% and complexity 2^{76.57}, reduced by a factor of 172 compared with the previous best result. This is a new record for the secret-key distinguisher on 6-round AES. |
BibTeX
@inproceedings{asiacrypt-2024-34584,
title={The Boomerang Chain Distinguishers: New Record for 6-Round AES},
publisher={Springer-Verlag},
author={Xueping Yan and Lin Tan and Hong Xu and Wenfeng Qi},
year=2024
}