Square impossible differential attack and security of AES in known plaintext scenario

Abstract

In this work, we examine the security of the 8-round AES, under the known plaintext attack scenario, a type of cryptographic attack in which an attacker has access to the plaintext and corresponding ciphertext pairs. We present an innovative impossible differential (ID) attack technique, which utilizes a specific ID characteristic, to perform the first known plaintext attack on the 8-round AES with a 256-bit key. Additionally, we propose a new attack methodology, known as the Square Impossible Differential (SID) attack, to enhance the effectiveness of the ID attacks on AES in chosen ciphertext or plaintext scenarios. The SID attack is a combination of a square attack and an ID attack. Our methodology introduces various new approaches, including the key indicator vectors, eliminating the key candidate through the Meet-in-The-Middle technique and mounting the guess and determine attack through the hash tables for the two-round decryption of one column of AES while determining the subkeys constituting the impossible differential characteristic for a given plaintext/ciphertext difference pair. Our approach demonstrates lower computational complexity compared to previous methods, and our analysis shows that the complexities of our known plaintext attack and SID attack are estimated to be 2220 and 2209, respectively.