Sommaire

  • Cet exposé a été présenté le 09 avril 2010.

Description

  • Orateur

    Vincent Rijmen - University of Graz

In a recent series of papers, Alex Biryukov, Dmitry Khovratovich (et al.) presented a number of related-key attacks on AES and reduced-round versions of AES. The most impressive of these were presented at Asiacrypt 2009: related-key attacks against the full AES-256 and AES-192. The publication of these attacks has led some people to question the security of AES.<br/> While we agree that the related-key attacks are valid attacks and they could have been avoided in the design, we give arguments why their practical relevance is limited.<br/> In this presentation we discuss the applicability of these attacks, and of related-key attacks in general. We model the access of the attacker to the key in the form of key access schemes and remind the listeners of the following two facts. First, as shown by Mihir Bellare and Tadayoshi Kohno, there are key access schemes that are inherently insecure. We call those key access schemes unsound and propose related-key attacks should only be considered with respect to sound key access schemes. Second, as shown by a.o. Eli Biham and Serge Vaudenay, even the presence of a sound key access scheme inevitably leads to erosion of security.

Prochains exposés

  • Polytopes in the Fiat-Shamir with Aborts Paradigm

    • 29 novembre 2024 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Hugo Beguinet - ENS Paris / Thales

    The Fiat-Shamir with Aborts paradigm (FSwA) uses rejection sampling to remove a secret’s dependency on a given source distribution.&nbsp; Recent results revealed that unlike the uniform distribution in the hypercube, both the continuous Gaussian and the uniform distribution within the hypersphere minimise the rejection rate and the size of the proof of knowledge. However, in practice both these[…]
    • Cryptographie

    • Primitive asymétrique

    • Mode et protocole

  • Post-quantum Group-based Cryptography

    • 20 décembre 2024 (13:45 - 14:45)

    • IRMAR - Université de Rennes - Campus Beaulieu Bat. 22, RDC, Rennes - Amphi Lebesgue

    Orateur : Delaram Kahrobaei - The City University of New York

Voir les exposés passés