The Square attack, first discovered on the block cipher Square, is a structural attack. It targets strange structural properties that persist across rounds of encryption in block ciphers.
There are no known "efficient" attacks on full AES. This means that if you want to break the 10 rounds of AES-128, you will probably have to do a brute-force attack (or something close to that). The observation behind the Square attack only persists for 3 rounds in AES-128. By extension, we will see how we can break 4, 5 and even 6 rounds of AES. Breaking 4 rounds will be "easy" while we will only explain the science behind breaking 5 and 6 rounds of AES as they require too much computing power to present a simple coding challenge.
Imagine a set of 256 plaintexts. All filled with 0s.
Remember what happened to our Λ-set after we've reached the end of 3 rounds
Now that we have obtained the last round key of our 3-round AES instance, we need to finish the job and reverse the key schedule to obtain the main key.
Now that we've broken 4-round AES, let's try and see what we can do if we add an extra round at the end to make it a 5-round AES.
We can also gain a round in the very beginning, we need to guess 4 key byte of the first subkey to create a delta set AFTER the first round.