中文摘要：

利用AES-192子密钥间的内在关系，完全确定了在特定相关密钥差分下的前8轮子密钥的所有确切的差分值，结合Asiacrypt’2010中的密钥桥技术可以确定部分初始密钥，从而发现AES-192的密钥编排方案存在一定缺陷．利用该缺陷，给出了一个相关密钥Square攻击7轮和8轮AES-192的新方法。新方法攻击8轮AES-1924仅需2^44.5选择明文，2^44.5存储，以及2^183．5的8轮AES-192加密。结合部分和技术进一步降低了攻击的计算复杂度。

英文摘要：

This paper investigates weaknesses in key schedule by exploiting appropriate related-key differences of AES-192. The exact subkey differences in the fast 8 round can be confirmed, moreover, a part of secrete key can be deduced by the key bridging technique in Asiacrypt＇2010. This paper presents a new method for related-key Square attack on 7-round and 8-round AES-192 with weaknesses in key schedule. This attack on the 8-round AES-192 by the balance of Square attack requires about 244＇s chosen plaintexts, 244.5 memory, and 2^183.5 8-round AES-192 encryptions. Furthermore, this new attack combined with partial sum technique requires about 2442 chosen plaintexts, 244.2 memory, and 2^169.2 8-round AES-192 encryptions.