

























Patrick Derbez, Univ Rennes, Inria, CNRS, IRISA
André Schrottenloher, Univ Rennes, Inria, CNRS, IRISA
The meet-in-the-middle (MITM) attack is a powerful cryptanalytic technique leveraging time-memory tradeoffs to break cryptographic primitives. Initially introduced for block cipher cryptanalysis, it has since been extended to hash functions, particularly preimage attacks on AES-based compression functions. Over the years, various enhancements such as superposition MITM (Bao et al., CRYPTO 2022) and bidirectional propagations have significantly improved MITM attacks, but at the cost of increasing complexity of automated search models. In this work, we propose a unified mixed integer linear programming (MILP) model designed to improve the search for optimal pre-image MITM attacks against AES-based compression functions. Our model generalizes previous approaches by simplifying both the modeling and the corresponding attack algorithm. In particular, it ensures that all identified attacks are valid. The results demonstrate that our framework not only recovers known attacks on AES and Whirlpool but also discovers new attacks with lower memory complexities, and new quantum attacks.
BibTeX
@misc{cryptoeprint:2025/2213,
author = {Mathieu Degré and Patrick Derbez and André Schrottenloher},
title = {Simplified Meet-in-the-middle Preimage Attacks on {AES}-based Hashing},
howpublished = {Cryptology {ePrint} Archive, Paper 2025/2213},
year = {2025},
url = {https://eprint.iacr.org/2025/2213}
}
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。