Preliminary Cryptanalysis of Reduced-Round Serpent

14 years 3 months ago

Download www.comms.scitech.susx.ac.uk

Serpent is a 32-round AES block cipher ﬁnalist. In this paper we present several attacks on reduced-round variants of Serpent that require less work than exhaustive search. We attack six-round 256-bit Serpent using the meet-in-the-middle technique, 512 known plaintexts, 2246 bytes of memory, and approximately 2247 trial encryptions. For all key sizes, we attack six-round Serpent using standard diﬀerential cryptanalysis, 283 chosen plaintexts, 240 bytes of memory, and 290 trial encryptions. We present boomerang and ampliﬁed boomerang attacks on seven- and eight-round Serpent, and show how to break nine-round 256-bit Serpent using the ampliﬁed boomerang technique, 2110 chosen plaintexts, 2212 bytes of memory, and approximately 2252 trial encryptions.

Tadayoshi Kohno, John Kelsey, Bruce Schneier

Real-time Traffic

256-bit Serpent | AES 2000 | Cryptology | Six-round 256-bit Serpent | Trial Encryptions |

claim paper

Post Info
More Details (n/a)

Added	01 Aug 2010
Updated	01 Aug 2010
Type	Conference
Year	2000
Where	AES
Authors	Tadayoshi Kohno, John Kelsey, Bruce Schneier

Comments (0)

Sciweavers

Preliminary Cryptanalysis of Reduced-Round Serpent

256-bit Serpent | AES 2000 | Cryptology | Six-round 256-bit Serpent | Trial Encryptions |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers