Breaking News
Comments
Newest First | Oldest First | Threaded View
Page 1 / 2   >   >>
lister1
User Rank
Rookie
AES weakness
lister1   2/3/2014 1:17:01 PM
NO RATINGS
I believe AES weakness is not in the Symmetric algorithm itself.

Rather, IMO, the weakness comes in the randomization of the initialization vector.  We've already heard how NSA underminds the Dual_EC_DRBG.  :)

phpexp1
User Rank
Rookie
Demo
phpexp1   11/13/2013 6:14:43 AM
NO RATINGS
There is an online demo for AES encryption and decryption

David.L.Fleischer
User Rank
Rookie
re: How secure is AES against brute force attacks?
David.L.Fleischer   5/22/2013 3:35:13 PM
NO RATINGS
Pentaflops? Good one.

David Brown
User Rank
Rookie
re: How secure is AES against brute force attacks?
David Brown   5/21/2013 8:39:40 PM
NO RATINGS
It is correct that there are ways to reduce the keyspace you need to search - and that future research may reduce this a little more. And it may turn out that in the future, there will be a breakthrough that reduces the search keyspace significantly - but there is no indication of that at the moment. So even with 128-bit AES, the cheapest and most reliable way to break the key is to use one of the two traditional methods - the three B's technique (bribery, burglary, blackmail) or rubber hose cryptoanalysis. And it looks likely to remain that way for a long time yet.

David Brown
User Rank
Rookie
re: How secure is AES against brute force attacks?
David Brown   5/21/2013 7:14:34 PM
NO RATINGS
I made a mistake in my calculations - the theoretical minimum switching energy is kT.ln(2). So it would only take 200000 years to power the calculations!

David Brown
User Rank
Rookie
re: How secure is AES against brute force attacks?
David Brown   5/21/2013 7:12:50 PM
NO RATINGS
The energy argument is a good point. There are theoretical limits to information storage density, and to the minimum amount of energy for calculations. As far as I know, the theoretical minimum energy for switching one line is kT, where k is the Boltzmann constant and T is the temperature (in K). That's 4e-21 J at room temperature. If we assume that testing an n-bit key takes 1000n switches (an absurdly low estimate), then it takes 5e-16 J per test, and thus 1.75e23 J total to do a brute-force crack of a 128-bit key. The earth's current energy consumption is about 150 PWh per year, or 5.4e17 J per year. That means it would take 300000 years to power the calculation to break the 128-bit key, assuming the same power generation of the earth, assuming absolute theoretical minimal switching energies, and assuming ridiculously small numbers of switches per test. Call me naive, but I don't think the NSA has a secret AES-128 cracking lab...

elektryk321
User Rank
Rookie
re: How secure is AES against brute force attacks?
elektryk321   5/21/2013 3:41:54 PM
NO RATINGS
According to current research on cryptoanalisys strenght of AES-256 is comparable with bruteforce key size about 220-bits. So there is no sense to use pure bruteforce. Of course 2^220 is still very big number, but future technics may still lower number. Beside of that, there are additional tricks that could be used against particular AES implementation (in hardware or software), that may lead to recovering the value of the key. This is the most current problem.

Sparky_Watt
User Rank
Rookie
re: How secure is AES against brute force attacks?
Sparky_Watt   5/20/2013 10:11:36 PM
NO RATINGS
People who talk about this stuff often ignore 3 factors that make any code more secure. I was reminded of this by the speed comment. - Symmetric encryption is usually used to securely open a conversation. The initial part of the conversation trades information that is then used to encrypt the rest of the conversation with a much simpler asymmetric encryption. - Because it is primarily a conversation opener, you can say that you have to have 100 msec between attempts. At this point the power of your computer doesn't matter. You can only try 10 times per second no matter how fast your computer is. - The response to the last one is that they don't have to retry. They can try repeatedly to decrypt the same recorded message. However, that only works if they have a way to assess that they have successfully decrypted it. Information exchanges as given above can be in the form of a chain of completely random numbers with no encrypted checksum. That makes it impossible to know if you have cracked it without cracking the whole bloody conversation. What I am saying is that the messages can be designed in such a way that the code breaker has no way of knowing when he got it right. It does him no good to guess the correct key if he doesn't know he got it.

USInnovate
User Rank
Rookie
re: How secure is AES against brute force attacks?
USInnovate   5/20/2013 3:53:26 PM
NO RATINGS
Thanks for the great article on data security based on brute force attacks. I am looking at quantum algorithms and the use of quantum computers (D-Wave from Canada). My sense is that quantum is the biggest threat to data security in the medium term. In the short term attacks based on side channel leakage and active attacks are the main problem.

David1965
User Rank
Rookie
re: How secure is AES against brute force attacks?
David1965   5/5/2013 1:37:06 PM
NO RATINGS
Sorry to have forgotten to add this the way the system would work is to start with DES being used 4 times on the four input blocks then those four input blocks are fed into AES256 and finally into 4 OUTPUT blocks via the DES to complete one cycle of encryption also the system can be used in reverse.

Page 1 / 2   >   >>


Flash Poll
EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
The Engineering Life - Around the Web
Dwight Bues, Systems Engineer

The Case of the Nonexistent Component
Dwight Bues, Systems Engineer
Post a comment
Every engineer has likely had the unfortunate experience of verifying a part's availability with a vendor, only to have the part ultimately wind up either not getting produced or ...

Engineer's Bookshelf
Caleb Kraft

The Martian: A Delightful Exploration of Math, Mars & Feces
Caleb Kraft
6 comments
To say that Andy Weir's The Martian is an exploration of math, Mars, and feces is a slight simplification. I doubt that the author would have any complaints, though.

Design Contests & Competitions
Caleb Kraft

Join The Balancing Act With April's Caption Contest
Caleb Kraft
58 comments
Sometimes it can feel like you're really performing in the big tent when presenting your hardware. This month's caption contest exemplifies this wonderfully.

Engineering Investigations
Caleb Kraft

Frankenstein's Fix: The Winners Announced!
Caleb Kraft
8 comments
The Frankenstein's Fix contest for the Tektronix Scope has finally officially come to an end. We had an incredibly amusing live chat earlier today to announce the winners. However, we ...

Top Comments of the Week
Like Us on Facebook
EE Times on Twitter
EE Times Twitter Feed

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)