RSSIs AES encryption crackable?
By Jack M. Germain, TechNewsWorld | Published November 5, 2009, 11:06 AM
In the field of computer technology, some topics are so frequently and fiercely disputed that they almost resemble religious feuds -- Mac vs. PC, for instance, or open source vs. proprietary software.
Other topics, though, don't see nearly the same level of high-profile debate. Take the invulnerability of the Advanced Encryption Standard (AES) encryption, for example. Governments and businesses place a great deal of faith in the belief that AES is so secure that its security key can never be broken. However, a team of researchers from Germany, France and Israel has recently demonstrated what may be an inherent flaw in AES -- theoretically, at least.
So how secure is AES really? Is AES now vulnerable to a new attack, as the researchers claim?
Maybe yes, and maybe no. The research is mainly theoretical. Still, as technology evolves, successful attacks against AES may turn up, and they may be difficult to ignore.
"Can somebody repurpose and weaken the strength of the AES algorithm? Yes. That's what cryptographers do. But we don't have to worry about AES being weakened anytime soon. Still, AES in theory has flaws. The bottom line is that AES isn't broken," Ozzie Diaz, president and CEO of wireless security firm AirPatrol, told TeckNewsWorld.
What is it?
The AES protocol is a set of three block ciphers selected by the National Institute of Standards and Technology (NIST) in 2000 after a three-year competition. NIST is a federal technology agency that develops and promotes measurement standards. Its selection ousted Data Encryption Standard (DES) as the national and international security encryption standard. DES was the most widely deployed block cipher in both software and hardware applications.
Why should you care? AES encryption is the vault that secures online information and financial transactions by financial institutions, banks and e-commerce sites. So a tear in the AES fabric means an opening for hackers to get at valuable personal and business information.
AES is used in three versions: AES-128, AES-192 and AES-256. These numbers represent the encryption key sizes (128 bits, 192 bits and 256 bits) and in their number of rounds (10, 12, and 14, respectively) required to open the vault that is wrapped around the data.
The detractors
In their published report, entitled "Key Recovery Attacks of Practical Complexity on AES Variants With Up to 10 Rounds" (PDF available here), three researchers challenged the structural integrity of the AES protocol.
Although the research suggests AES might no longer be considered theoretically secure, the crucial question facing all of us now is how far it is from becoming practically insecure, concluded Alex Biryukov and Dmitry Khovratovich (University of Luxembourg, Luxembourg), Orr Dunkelman (of Paris, France), Nathan Keller (Einstein Institute of Mathematics, Hebrew University) and Adi Shamir (Computer Science department of the the Weizmann Institute at Rehovot, Israel).
"The findings discussed in 'Key Recovery Attacks of Practical Complexity on AES Variants With Up to 10 Rounds' are academic in nature and do not threaten the security of systems today. But because most people depend on the encryption standard to keep sensitive information secure, the findings are nonetheless significant," Fred Touchette, AppRiver senior security analyst, told TechNewsWorld.
A new worry?
If AES is now theoretically compromised, the real-world impact could be considerable, according to Diaz.
"My speculation is that the greatest vulnerabilities will be for wireless systems for two reasons. Most investments in network media are in wireless systems, and there is no physical barrier to entry for accessing the network," he said.
However, some good may come from even an academic demonstration of a flaw in AES, he conceded. Inflection points always occur in an industry in the form of disruptions. A disruption to the viability of a system today will lead to innovation in filling those gaps or completely changing the rules of the game, he said.
"AES is the standard in wireless and IT encryption. It keeps the mouse trap evolving faster than the mouse can move," said Diaz.
Cracked or broken?
The AES crypto is not broken, asserted Touchette. As in previous techniques, the latest attack techniques on AES-192 and AES-256 algorithms are impractical outside of a theoretical setting.
"But they do nonetheless provide theoretical proof that versions of AES could be susceptible to attack," he warned.
When these cryptos became a new standard, they were declared completely unbreakable. Many other algorithms out there still remain unbreakable, but as long as our systems get stronger and faster, the need for longer and tougher encryption will also grow. Just because the puzzles get harder doesn't mean that people will stop trying to solve them, he added.
An early warning
"AES is not compromised. It is safe to use. There are no problems with it," Paul Kocher, president and chief scientist at Cryptography Research, told TechNewsWorld.
Still, researchers are finding that it would not take as much to crack AES as previously thought, suggested Kocher, and that makes the report a significant finding.
Users are already paranoid over attacks that they don't understand, he noted, nd while attackers do improve over time, nobody actually breaks anything, he said.
"There is plenty of software bugs for attackers to use to bypass breaking the keys. That's what keeps me awake at night, not the algorithms," said Kocher.
Originally published on TechNewsWorld
© 2009 ECT News Network. All rights reserved.
© 2009 BetaNews.com. All rights reserved.
just in case anyone was wondering if there is a very powerful encrypter,
unfortunately i couldn't find one that was entirely free,
hopefully someone else could perhaps offer a free solution,
anyway this is one that is very cheap, and offers some very advance features,
https://www.cryptit.org/index.php?controller=home
Score: 0
|the one thing that's fascinating is how the U.S. government chose a less secured algorithm
"Serpent is a symmetric key block cipher which was a finalist in the Advanced Encryption Standard (AES) contest, where it came second to "Rijndael. Serpent was designed by Ross Anderson, Eli Biham, and Lars Knudsen."
"Serpent was widely viewed as taking a more conservative approach to security than the other AES finalists, opting for a larger security margin: the designers deemed 16 rounds to be sufficient against known types of attack, but specified 32 rounds as insurance against future discoveries in cryptanalysis."
"Serpent" was designed for maximum possible security,
"Rijndael" was designed for a compromise between speed and security,
on average day computers "Serpent" should be the better choice (CPU resources is in abundant)
but on independent hardware, like small silicon microprocessor's that go in small electronic devices like security doors, and electronic key card readers would Opt for "Rijndael" because it requires a lot less CPU resources whilst still providing a high level of encryption, (small microprocessors are limited on RAW speed)
of course the government has to way in all the options when choosing the winner,
but everyone should remember that even though "Rijndael" was chosen by the U.S.,
the U.S. does not speak for other countries, many other countries would choose security over performance somewhat, and likewise others would choose performance over security.
so remember, when people tell you that "Rijndael" is the strongest AES method, there WRONG!,
"Serpent" is in fact the strongest with 32 Rounds as opposed to only 14 that "Rijndael" offers,
"Rijndael" is the best method when also taken in to account performance,
"Rijndael" is fast because it's only 14 Rounds MAX,
but when you consider that 9 rounds has been cracked, the 10th round is on the verge of being cracked, 14 rounds doesn't seem that far away......
perhaps choosing "Rijndael" may of been an unwise choice by the U.S.
unless of course...... this was there plan all along ........ conspiracy theory ..... lets stop there shall we.
if you really want to protect something that is top top secret, then "Rijndael" is fine, and holds up quite well, but to make full use of the 256bit Key, you MUST use a password that is about 30 Characters long, the biggest flaw in any encryption method is in fact the user, passwords that are too short brings out the fundamental flaws in all advance encryption systems, not sure why, something to-do with the mathematics i recall correctly.
Score: 1
|As some cryptographer said to me once. It's not a problem in crypto algorithm itself, it's the implementation that's usually the main problem. You can have a perfect unbreakable 4096bit AES2 key, but if it's implementation is bad, you can easily break it. So AES by itself IS safe, it's implimentation usually isn't.
Score: 1
|Not a big deal. I'm pretty sure that intelligence agencies, armies, big banks, int'l businesses, and unfortunately probably terrorists too, have figured out by now that anything worth securing heavily will be secured in a "matryoshka doll" fashion. You encrypt your stuff with SecretKey1 using BestOfBreedAlgorithm1, and then re-encrypt it with SecretKey2 using BestOfBreedAlgorithm2, etc. (You don't do this manually of course...one very long secret key is broken into chunks of keys to be used with the diff algorithms). You can probably use multi-cores/processes to encrypt the stuff using multiple algorithms without heavy encryption time penalty...
For us the common people without anything "big" to hide, this isn't something to worry about...
Score: 1
|Your AES key has been compromised and you don't know what to do?
http://youtube.com/watch?v=ixy5FBLnh7o
Score: 1
|Cue up AES2 please, and lets move on with our lives.
Score: 0
|The answer to the question of "Is AES encryption crackable?" is yes.
What we are seeing over the past 10/20 years is a gradual increase in the time it takes to crack such encryption.
WEP = near instantaneous
WPA = Bit longer
WPA2 = Longer still
Much the same with hashing algorithms too.
MD5 is broken.
SHA1 is flawed but not proved yet.
SHA2 isn't broken yet.
Score: 1
|oh my word, this whole document is based on what if this and what if that,
can't stand theorists, all talk, no actual facts,
AES is crackable, i don't ever recall any government agency saying it wasn't?
if human made it, then human can break it, we have all heard this saying, question is, how long will it last up against technology that is now moving so fast forward
Hardware and software is becoming very powerful, it's difficult for an open source encryption method to be strong enough to be around for a couple of decades,
i can see some day, military encryption methods passing down to the public sector (military and top secret agencies have there own in-house developed encryption systems)
open source just doesn't attract the very best minds the world has in this particular field, the very best minds will want to commercialize it, and no government or people for that matter would go for it, part of the reason why JPEG2000 never really kicked off (to many license issue's)
AES has become so much in the lime light, it's got to the stage where the general public maybe safer using a different encryption method, one that isn't getting so much attention by would be attackers,
AES on it's own is becoming a concern, Multiple encryption is the way, 3 different algorithms running one after each other, now that would be strong, few technical issues, but definitely strong.
Score: -1
|