The Rectangle Attack — Rectangling the Serpent

  • Eli Biham
  • Orr Dunkelman
  • Nathan Keller
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 2045)


Serpent is one of the 5 AES finalists. The best attack published so far analyzes up to 9 rounds. In this paper we present attacks on 7-round, 8-round, and 10-round variants of Serpent. We attack a 7-round variant with all key lengths, and 8- and 10-round variants with 256-bit keys. The 10-round attack on the 256-bit keys variants is the best published attack on the cipher. The attack enhances the amplified boomerang attack and uses better differentials. We also present the best 3-round, 4-round, 5-round and 6-round differential characteristics of Serpent.


  1. 1.
    R. Anderson, E. Biham, L.R. Knudsen, Serpent: A Proposal for the Advanced Encryption Standard, NIST AES Proposal, 1998.Google Scholar
  2. 2.
    E. Biham, A Note on Comparing the AES Candidates, Second AES Candidate Conference, 1999.Google Scholar
  3. 3.
    E. Biham, A. Shamir, Differential Cryptanalysis of the Data Encryption Standard, Springer-Verlag, 1993.Google Scholar
  4. 4.
    O. Dunkelman, An Analysis of Serpent-p and Serpent-p-ns, presented at the rump session of the Second AES Candidate Conference, 1999. Available on-line at
  5. 5.
    T. Kohno, J. Kelsey, B. Schneier, Preliminary Cryptanalysis of Reduced-Round Serpent, Third AES Candidate Conference, 2000.Google Scholar
  6. 6.
    J. Kelsey, T. Kohno, B. Schneier, Amplified Boomerang Attacks Against Reduced-Round MARS and Serpent, proceedings of Fast Software Encryption 2000, to appear.Google Scholar
  7. 7.
    L.R. Knudsen, Truncated and Higher Order Differentials, proceedings of Fast Software Encryption 2, Springer-Verlag, LNCS 1008, pp. 196–211, 1995.Google Scholar
  8. 8.
    NIST, A Request for Candidate Algorithm Nominations for the AES, available on-line at
  9. 9.
    D. Wagner, The Boomerang Attack, proceedings of Fast Software Encryption 1999, Springer Verlag, LNCS 1636, pp. 156–170, 1999.Google Scholar
  10. 10.
    X.Y. Wang, L.C.K. Hui, C.F. Chong, W.W. Tsang, H.W. Chan, The Differential Cryptanalysis of an AES Finalist-Serpent, Technical Report TR-2000-04. Available on-line at:

Copyright information

© Springer-Verlag Berlin Heidelberg 2001

Authors and Affiliations

  • Eli Biham
    • 1
  • Orr Dunkelman
    • 1
  • Nathan Keller
    • 2
  1. 1.Computer Science departmentTechnion - Israel Institute of TechnologyHaifa32000Israel
  2. 2.Mathematics departmentTechnion - Israel Institute of TechnologyHaifaIsrael

Personalised recommendations