Widespread encryption system could be broken faster than brute-force.
The Advanced Encryption Scheme (AES) is used to protect everything from e-commerce to government data. AES is the encryption standard of choice for the United States government since 2001, when the it took over from the Digital Encryption Standard (DES).
A paper presented at the Crypto 2011 conference on Wednesday detailed a new technique for attacking the encryption standard. It would allow an attacker to recover AES secret keys up to five times faster than was previously possible, using a technique called biclique cryptanalysis.
"This research is groundbreaking because it is the first method of breaking single-key AES that is (slightly) faster than brute force," said Nate Lawson, a cryptographer and the principal of security consultancy Root Labs. "However, it doesn't compromise AES in any practical way."
By practical way, he means that the method will only do a slightly better job than brute force, and so would still take an unfathomable amount of time - in the trillions of years - to break it.
"This technique is a divide-and-conquer attack. To find an unknown key, they partition all the possible keys into a set of groups. This is possible because AES subkeys only have small differences between rounds," Lawson said. "They can then perform a smaller search for the full key because they can reuse partial bits of the key in later phases of the computation. It's impressive work but there's no better cipher to use than AES for now."
A paper presented at the Crypto 2011 conference on Wednesday detailed a new technique for attacking the encryption standard. It would allow an attacker to recover AES secret keys up to five times faster than was previously possible, using a technique called biclique cryptanalysis.
"This research is groundbreaking because it is the first method of breaking single-key AES that is (slightly) faster than brute force," said Nate Lawson, a cryptographer and the principal of security consultancy Root Labs. "However, it doesn't compromise AES in any practical way."
By practical way, he means that the method will only do a slightly better job than brute force, and so would still take an unfathomable amount of time - in the trillions of years - to break it.
"This technique is a divide-and-conquer attack. To find an unknown key, they partition all the possible keys into a set of groups. This is possible because AES subkeys only have small differences between rounds," Lawson said. "They can then perform a smaller search for the full key because they can reuse partial bits of the key in later phases of the computation. It's impressive work but there's no better cipher to use than AES for now."
