From looking at the AES spec it seems like it's not a huge improvement because the second round key differs (and with that each other round key?), but I still wanna know :p
Prikaži ovu nit
Question to the crypto ppl: is there a known attack on AES, that deals with the fact that the same key is used for an AES128/192 and AES256 encryption (talking about CPA attacks and one half of the 256 bit key == 128 bit key). Just wonderd what the complexity of such an attack is
-
-
-
I just realized that CPA is also short for correlation power analysis, I meant chosen plaintext attack. Sry if that causes confusion :|
Prikaži ovu nit
Kraj razgovora
Novi razgovor -
-
-
Don’t know of any attacks using that scenario.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
-
*non-expert thoughts* I don't think this would aid CPA at all, since it usually just targets the first round, which would be the same regardless of key length. Although, if dealing with noisy data, it would certainly be advantageous to recover the keys in increasing size order
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
-
Tweet je nedostupan.
-
-
No, it doesn't help you in any realistic way. Academically, it reduces the complexity of the AES-256 to 129bits of work, which is still a lot.
Hvala. Twitter će to iskoristiti za poboljšanje vaše vremenske crte. PoništiPoništi
-
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.