时 间: 2011年10月25日（周二）上午10:00

地 点: 清华大学高等研究院 科学馆322报告厅

题 目: Biclique Cryptanalysis, with an Application to the AES

报 告 人: Christian Rechberger

ENS 巴黎高等师范学院

报告摘要: Since Rijndael was chosen as the Advanced Encryption Standard (AES), and became the global encryption standard, improving upon 7-round attacks on the 128-bit key variant or upon 8-round attacks on the 256-bit key variant is considered to be one of the most difficult challenges in the cryptanalysis of block ciphers for more than a decade.

We present a novel approach to key-recovery using so-called bicliques.This allows us to obtain for the first time results on a higher number of rounds, yet the advantage over brute-force search may become small.In contrast to most shortcut attack settings on AES versions, we do not need any related-keys. Our approach is practically verified to a large extent, yet its full implementation needs prohibitively large computational resources.