Related-key attack

A related-key attack is a cryptanalytic technique in which an adversary exploits mathematical relationships between two or more secret keys to break a block cipher more efficiently than brute force. Unlike standard attacks that assume the attacker knows only ciphertext or plaintext-ciphertext pairs, a related-key attack assumes the attacker can observe or manipulate the cipher under keys that differ from the target key in a known, controlled way. The attack targets the key schedule — the algorithm that derives round subkeys from the master key — because a weak key schedule may produce subkeys that are correlated across related master keys. The attack demonstrates that the security of a block cipher is not merely a property of its round function but of the entire key-derivation pipeline. Ciphers like AES have been analyzed extensively for related-key resistance, and while no practical related-key break of full AES exists, the attack vector remains a design constraint that shapes how key schedules are constructed.