Nathan Keller

An overview on the security of the Advanced Encryption Standard


The Advanced Encryption Standard (AES) is the most widely used
block cipher today, after winning a competition held by the National
Institute of Standards in 2001 as the new US standard for block
cipher encryption. Since then, its security had been analyzed by
numerous cryptanalysts, but despite the hard effort, none of the attacks 
endanger the security of the AES in the standard attack models, 
and even "academic" weaknesses of the full AES in such models weren't found. 
However, some weaknesses were found in less standard models, e.g., 
the related-key model which is a threat if the AES is used as a basis 
for a hash function, or in the realm of side-channel attacks.

In this talk, I will survey the security status of AES and present the best
known cryptanalytic results on it in various models.
The tak will be self-contained and will require only minimal knowledge of
modern cryptanalytic techniques.