Linked by David Adams on Wed 17th Aug 2011 17:53 UTC, submitted by HAL2001
Privacy, Security, Encryption Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by experts. In the last decade, many researchers have tested the security of the AES algorithm, but no flaws were found so far. The new attack applies to all versions of AES even if it used with a single key. The attack shows that finding the key of AES is four times easier than previously believed; in other words, AES-128 is more like AES-126.
Permalink for comment 486143
To read all comments associated with this story, please click here.
Member since:


Late reply, sorry but I've been away.

A lot of posts seem to assume that a brute force approach can only attack a single key at a time. But as far as we know there may be ways of combining the effort to simultaneously brute force many AES keys with no/little extra cost.

As a simple example: finding prime numbers individually is (relatively) slow, but there are practical sieve algorithms which can test many thousands of candidates in one swoop.

Therefor the underlying assumption in the following quote (for example) may be false.

"If the effort to crack the encryption exceeds the potential value of the data then it is automatically secure. This is regardless of the actual strength of the algorithm. The CIA isn't going to spend 20 years and billions of dollars to see if there is some porn hidden on John Does's laptop."

Continuing with the fictitious numbers above, and assuming that all AES keys can be broken in parallel, then the CIA may very well find it worthwhile to spend billions of dollars (just a dent in military spending anyways) to reverse all keys of interest.

I'm not trying to make any assertions here that AES cracking is feasible, but we shouldn't assume that cracking K keys takes K times more resources than cracking a single key.

Reply Parent Score: 2