Impossible differential cryptanalysis of 7-round Advanced Encryption Standard (AES)

In 2000, Biham and Keller [Cryptanalysis of reduced variants of Rijndael, 3rd AES Conference, in press] presented an impossible differential cryptanalysis of the Advanced Encryption Standard (AES) up to 5 rounds. This was later improved in 2001 by Cheon et al. [Improved impossible differential cryptanalysis of Rijndael and Crypton, in: Lecture Notes in Comput. Sci., vol. 2288, Springer-Verlag, Berlin, 2001, pp. 39-49] to apply to 6 rounds of the AES. In this paper, we extend on previous results to present an attack on the AES up to 7 rounds. This is the best-known impossible differential attack on the AES, and works by exploiting weaknesses in the AES key schedule. (C) 2004 Elsevier B.V. All rights reserved.