Linked by David Adams on Wed 17th Aug 2011 17:53 UTC, submitted by HAL2001
Privacy, Security, Encryption Researchers have found a weakness in the AES algorithm. They managed to come up with a clever new attack that can recover the secret key four times easier than anticipated by experts. In the last decade, many researchers have tested the security of the AES algorithm, but no flaws were found so far. The new attack applies to all versions of AES even if it used with a single key. The attack shows that finding the key of AES is four times easier than previously believed; in other words, AES-128 is more like AES-126.
Thread beginning with comment 485623
To view parent comment, click here.
To read all comments associated with this story, please click here.
RE[2]: AES-254
by galvanash on Wed 17th Aug 2011 22:14 UTC in reply to "RE: AES-254"
galvanash
Member since:
2006-01-25

Actually some experts believe that AES-256 is easier to crack than AES-128:
http://www.schneier.com/blog/archives/2009/07/another_new_aes.html


That is simply a related key attack. It does identify a weakness in the key scheduling of AES, but it in no way makes it "easier" to crack AES-256. It does, however, make AES-128 "better" in some respects, since no one has managed this type of attack on it.

Besides, it is really all academic anyway. AES-128 is so hard to brute-force that doubling the key size is practically pointless. Unless a weakness is found, AES-128 is good enough - more than good enough. With today's computer speeds it is simply impossible to brute force it - you could throw every computer on earth at the problem 24/7 and you'd still have the problem of the oceans drying up first...

Reply Parent Score: 4

RE[3]: AES-254
by Laurence on Wed 17th Aug 2011 22:35 in reply to "RE[2]: AES-254"
Laurence Member since:
2007-03-26


That is simply a related key attack. It does identify a weakness in the key scheduling of AES, but it in no way makes it "easier" to crack AES-256. It does, however, make AES-128 "better" in some respects, since no one has managed this type of attack on it.

I know what the attack is relating to and all you're doing is arguing the semantics of "easier".

Perhaps that term does over simplify the situation, however the point of my post was to be a brief explanation of the included link as Schneier explains the attack far better than I could.

Besides, it is really all academic anyway. AES-128 is so hard to brute-force that doubling the key size is practically pointless. Unless a weakness is found, AES-128 is good enough - more than good enough. With today's computer speeds it is simply impossible to brute force it - you could throw every computer on earth at the problem 24/7 and you'd still have the problem of the oceans drying up first...

Indeed, but the point of hacks like these is to find weaknesses in the encryption that negates the need for numerous heavy-duty brute-force attacks.

Edited 2011-08-17 22:35 UTC

Reply Parent Score: 2

RE[4]: AES-254
by galvanash on Wed 17th Aug 2011 22:53 in reply to "RE[3]: AES-254"
galvanash Member since:
2006-01-25

Perhaps that term does over simplify the situation, however the point of my post was to be a brief explanation of the included link as Schneier explains the attack far better than I could.


Sorry about that, my reply sounded a bit negative towards your post - it wasn't intended to be. Your post was appreciated as I had heard about the related key attack but did not read the paper and the link you gave was very good.

Reply Parent Score: 2

RE[3]: AES-254
by Drumhellar on Wed 17th Aug 2011 22:51 in reply to "RE[2]: AES-254"
Drumhellar Member since:
2005-07-12

With today's computer speeds it is simply impossible to brute force it


I'm a stickler for details, especially on anything relating to numbers. A brute force attack is not impossible, however, it is exceedingly unlikely.

Reply Parent Score: 2

RE[4]: AES-254
by galvanash on Wed 17th Aug 2011 22:58 in reply to "RE[3]: AES-254"
galvanash Member since:
2006-01-25

Ok, impossible might not be the right word. But "exceedingly unlikely" doesn't do it justice either...

This is a little tidbit from a paper I read a while back (its a pdf - don't know where I got it from so I can't link to it)...


If you assume:

Every person on the planet owns 10 computers.

There are 7 billion people on the planet.

Each of these computers can test 1 billion key
combinations per second.

On average, you can crack the key after testing
50 percent of the possibilities.

THEN

The earth’s population can crack one
encryption key in 77,000,000,
000,000,000,000,000,000 years.


That is a bit more than "exceedingly unlikely" ;)

Reply Parent Score: 3