ARIA is very similar to Rijndael. Rijndael is the algorithm that has been selected by the U.S. National Institute of Standards and Technology (NIST) as the candidate for the Advanced Encryption Standard. Rijndael was based on cipher named Square[3]. In the same paper as the cipher itself, a ‘dedicated’ chosen plaintext attack which exploits the rather unique structure of Square, was soon found by Knudsen. This four-round attack, known as the Square Attack, can be extended naturally to the ARIA. And this attack can recover the master key with high probability only having $2^8$ plaintext-four round ciphertext pairs. The Square attack can be increased to 6 rounds and is referred to as the Square-6 attack in this report. This kind of attack is known as a Multiset Attack. Other proposed names include ‘Saturation attack’, ‘Structural attack’, and ‘Integral cryptanalysis’.
A multiset differs from the normal notion of a set by the fact that it allows the same value to appear multiple times. An element of a multiset is therefore a pair (value, multiplicity). In a multiset attack, the adversary carefully chooses multisets of plaintexts and studies their propagation through the cipher. While the element values obviously change, other properties such as multiplicity or ”integral” (i.e., sum of all components) can remain unchanged, allowing cryptanalysis.
블록암호 ARIA는 한국의 암호 전문가들에 의해 만들어졌으며, 2004년 국가 표준 암호로 제정되었다. ARIA는 가장 널리 사용되고 있는 암호 AES(Rijndael)와 유사한 면이 많다. Square 공격은 AES에 적용가능한 공격 중에 가장 성공적인 공격으로 알려져 있다. 본 학위 논문에서는 ARIA 역시 Square 공격을 적용하는 것이 가능하다는 것을 밝혀 내었으며, 4라운드 공격은 상당히 빨리할 수 있고, 6라운드에 대한 이론적인 공격도 가능하다.