This has probably been asked before but for a given ciphertext and plaintext pair, is it possible to have two different keys producing said pair? Or there are no collisions in AES, unlike hashing algorithms such as SHA1, SHA256, etc?
Asked
Active
Viewed 32 times
0
-
Related question here: https://crypto.stackexchange.com/questions/30373/for-a-given-plaintext-ciphertext-pair-how-many-valid-aes-keys-are-there – Peter Altmann Mar 01 '24 at 20:25
-
There are no collisions in the output of keyed-AES as that is a permutation but of course it only allows for single input / output block. It shouldn't be possible for a secure hash function such as SHA-256 to find a collision even though there are a lot, SHA-1 has been broken for collision resistance. – Maarten Bodewes Mar 01 '24 at 20:48