Differences

This shows you the differences between two versions of the page.

--- paes [21/03/2014 08:02:33]
mmeh [Cryptanalysis]
+++ paes [29/04/2014 12:19:29]
stek [The Algorithm]
@@ Line 4: / Line 4: @@
   * Author(s): Dingfeng Ye, Peng Wang, Lei Hu, Liping Wang, Yonghong Xie, Siwei Sun, Ping Wang
   * CAESAR submission: [[http://competitions.cr.yp.to/round1/paesv1.pdf|PAES]]
+  * [[https://maps.google.com/maps?q=39.910255,116.341158&num=1&t=m&z=17|Location]]
 ===== Cryptanalysis =====
-Jérémy Jean and Ivica Nikolić describe a distinguisher for PAES in [[http://www1.spms.ntu.edu.sg/~syllab/m/images/6/6e/Using_AES_Round_Symmetries_to_Distinguish_PAES.pdf|this note]]. Independently, Markku-Juhani O. Saarinen reports issues with rotational invariants in PAES in [[https://groups.google.com/forum/#!topic/crypto-competitions/vRmJdRQBzOo|this thread]] that lead to distinguishing and key-recovery shortcuts.
+^ Type ^ Queries ^ Computations ^ Success probability ^ Reference ^
+| Forgery  | $2^{11}$ | $2^{11}$ | | Sasaki and Wang[(ref:caesar:cryptoeprint2014218)] |
+| Distinguisher | 1 | | | Saarinen [[https://groups.google.com/forum/#!topic/crypto-competitions/vRmJdRQBzOo|on newsgroup]] |
+| Distinguisher | 1 | | $2^{-64}$ | Jean and Nikolić [(:ref:caesar:paesJeanNicolic)] |
+~~REFNOTES~~

Authenticated Encryption Zoo