Linked by David Adams on Wed 17th Aug 2011 17:53 UTC, submitted by HAL2001
Privacy, Security, Encryption Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by experts. In the last decade, many researchers have tested the security of the AES algorithm, but no flaws were found so far. The new attack applies to all versions of AES even if it used with a single key. The attack shows that finding the key of AES is four times easier than previously believed; in other words, AES-128 is more like AES-126.
Permalink for comment 485767
To read all comments associated with this story, please click here.
theoretical vs practical encryption
by unclefester on Thu 18th Aug 2011 13:56 UTC
Member since:

There is theoretical encryption and practical encryption. In reality good enough is more than adequate.

a) No one will even attempt to crack even basic encryption unless there is a relatively big incentive for doing so eg solve a major crime or obtain important military secrets.

b) Most encrypted data is only useful for a short period. This may be a few days for a terrorist bomb plot or a few years for top secret aircraft design. Virtually no secret is likely to be worth anything in 100 years.

If the effort to crack the encryption exceeds the potential value of the data then it is automatically secure. This is regardless of the actual strength of the algorithm. The CIA isn't going to spend 20 years and billions of dollars to see if there is some porn hidden on John Does's laptop.

Reply Score: 2