Sciweavers

AES
2000
Springer

Preliminary Cryptanalysis of Reduced-Round Serpent

14 years 3 months ago
Preliminary Cryptanalysis of Reduced-Round Serpent
Serpent is a 32-round AES block cipher finalist. In this paper we present several attacks on reduced-round variants of Serpent that require less work than exhaustive search. We attack six-round 256-bit Serpent using the meet-in-the-middle technique, 512 known plaintexts, 2246 bytes of memory, and approximately 2247 trial encryptions. For all key sizes, we attack six-round Serpent using standard differential cryptanalysis, 283 chosen plaintexts, 240 bytes of memory, and 290 trial encryptions. We present boomerang and amplified boomerang attacks on seven- and eight-round Serpent, and show how to break nine-round 256-bit Serpent using the amplified boomerang technique, 2110 chosen plaintexts, 2212 bytes of memory, and approximately 2252 trial encryptions.
Tadayoshi Kohno, John Kelsey, Bruce Schneier
Added 01 Aug 2010
Updated 01 Aug 2010
Type Conference
Year 2000
Where AES
Authors Tadayoshi Kohno, John Kelsey, Bruce Schneier
Comments (0)