Embedded Systems Conference
Breaking News
Comments
Newest First | Oldest First | Threaded View
Page 1 / 2   >   >>
bdoud
User Rank
Author
re: How secure is AES against brute force attacks?
bdoud   3/20/2015 1:09:15 PM
NO RATINGS
@Sparky:  You have the Symmetric and Asymmetric (Public Key) parts switched.  The Public Key algorithms are used to perform the authentication and key handshake, and then the symmetric algorithms such as AES or 3DES are used to encrypt the conversation.  The author was only disussing the cracking of AES here, and with a brute force approach there would be no need to attack the Public Key handshake (although of course that's another attack vector that could be used!)  Regardless, your concluding point at the end is valid regarding the cracker's need to know something about what properly decoded plaintext "should" look like.  But in almost all cases, that is quite reasonable since the wrong decryption key yields statistically random jibberish and the correct key yields something that stands out as being non-random (regardless of what the payload actually is).  Sure, the paranoid can obscure their plaintext in a really good way by performing another encryption layer, but then of course your workload has doubled to protect the traffic!

Navelpluis
User Rank
Author
re: How secure is AES against brute force attacks?
Navelpluis   3/20/2015 1:03:59 PM
NO RATINGS
You are right. Allow me to add a couple of things: Please try to learn from history. Enigma had about 2^76 possibilities. Much more than single DES (!). In a way as users we are always behind: All we use can be broken, exept for 1 method...

Now you might think: "Yes, but Enigma had vulnerabilities", that's right. But each crypto system is designed by humans, so each crypto system is weak in a certain way. While trying to crack systems you have to think equally: Think as a software design engineer. So, let me suggest that by choosing large keys, they are often formed by primes. Well, with a -for example- 128 bit key, let us first test THE LARGEST PRIMES and I will ensure you that you will find the key faster than you think. This is what the 'capable bodies' would do (and probably will do). My thoughts are that this is the way you have to think while working with crypto. So -at least- use a 1024 bit key or even larger. The rest smaller than this already has been lost, it is not safe anymore.

Another annoying thing that most people forget is the following: Key exchange is one thing, but data exchange is another. Most people fuzz about key exchange and how safe this must be. Most fantastic procedures are designed for that. But then... , to be followed by a laughable data exchange format to be cracked by seconds (with some statistics only). Then you don't even *need* the key. Please consider this as well.

The best way to encipher data is with the Vernam principle. Only problem is that your key has to be as large as your message, and you have to distribute your key in a safe way. During the cold war the Washington-Moscow hotline worked with this principle. It contained the Siemens M190 mixer machine with a couple of TELEX machines. Look at the cryptomuseum dot com webpages and search for M190. This website will be an eye-opener for you and it is also good to learn about the history. Vernam is the way to go, anywaym have fun !

sansik
User Rank
Author
security
sansik   7/14/2014 8:32:55 AM
NO RATINGS
The cryptographic algorithms used in Advanced Encryption Standards are more secure due to 128-bit symmetric keys, if someone sets a password containing both letters and symbols it is very hard for any hacker to find out the code. I use a 128 bit key size password on our workflow management systems and I am sure no one will break it, for a better security I use a random password generator that maximizes the security of the password.

lister1
User Rank
Author
AES weakness
lister1   2/3/2014 1:17:01 PM
NO RATINGS
I believe AES weakness is not in the Symmetric algorithm itself.

Rather, IMO, the weakness comes in the randomization of the initialization vector.  We've already heard how NSA underminds the Dual_EC_DRBG.  :)

phpexp1
User Rank
Author
Demo
phpexp1   11/13/2013 6:14:43 AM
NO RATINGS
There is an online demo for AES encryption and decryption

David.L.Fleischer
User Rank
Author
re: How secure is AES against brute force attacks?
David.L.Fleischer   5/22/2013 3:35:13 PM
NO RATINGS
Pentaflops? Good one.

David Brown
User Rank
Author
re: How secure is AES against brute force attacks?
David Brown   5/21/2013 8:39:40 PM
NO RATINGS
It is correct that there are ways to reduce the keyspace you need to search - and that future research may reduce this a little more. And it may turn out that in the future, there will be a breakthrough that reduces the search keyspace significantly - but there is no indication of that at the moment. So even with 128-bit AES, the cheapest and most reliable way to break the key is to use one of the two traditional methods - the three B's technique (bribery, burglary, blackmail) or rubber hose cryptoanalysis. And it looks likely to remain that way for a long time yet.

David Brown
User Rank
Author
re: How secure is AES against brute force attacks?
David Brown   5/21/2013 7:14:34 PM
NO RATINGS
I made a mistake in my calculations - the theoretical minimum switching energy is kT.ln(2). So it would only take 200000 years to power the calculations!

David Brown
User Rank
Author
re: How secure is AES against brute force attacks?
David Brown   5/21/2013 7:12:50 PM
NO RATINGS
The energy argument is a good point. There are theoretical limits to information storage density, and to the minimum amount of energy for calculations. As far as I know, the theoretical minimum energy for switching one line is kT, where k is the Boltzmann constant and T is the temperature (in K). That's 4e-21 J at room temperature. If we assume that testing an n-bit key takes 1000n switches (an absurdly low estimate), then it takes 5e-16 J per test, and thus 1.75e23 J total to do a brute-force crack of a 128-bit key. The earth's current energy consumption is about 150 PWh per year, or 5.4e17 J per year. That means it would take 300000 years to power the calculation to break the 128-bit key, assuming the same power generation of the earth, assuming absolute theoretical minimal switching energies, and assuming ridiculously small numbers of switches per test. Call me naive, but I don't think the NSA has a secret AES-128 cracking lab...

elektryk321
User Rank
Author
re: How secure is AES against brute force attacks?
elektryk321   5/21/2013 3:41:54 PM
NO RATINGS
According to current research on cryptoanalisys strenght of AES-256 is comparable with bruteforce key size about 220-bits. So there is no sense to use pure bruteforce. Of course 2^220 is still very big number, but future technics may still lower number. Beside of that, there are additional tricks that could be used against particular AES implementation (in hardware or software), that may lead to recovering the value of the key. This is the most current problem.

Page 1 / 2   >   >>


Top Comments of the Week
Like Us on Facebook

Datasheets.com Parts Search

185 million searchable parts
(please enter a part number or hit search to begin)
EE Life
Frankenstein's Fix, Teardowns, Sideshows, Design Contests, Reader Content & More
Max Maxfield

Teensy-Weensy GPAK4 Mixed Signal FPGAs
Max Maxfield
Post a comment
The vast majority of the embedded designers I know typically create MCU-based systems -- they rarely even consider using a Field-Programmable Gate Array (FPGA).

Bernard Cole

A Book For All Reasons
Bernard Cole
1 Comment
Robert Oshana's recent book "Software Engineering for Embedded Systems (Newnes/Elsevier)," written and edited with Mark Kraeling, is a 'book for all reasons.' At almost 1,200 pages, it ...

Martin Rowe

Leonard Nimoy, We'll Miss you
Martin Rowe
5 comments
Like many of you, I was saddened to hear the news of Leonard Nimoy's death. His Star Trek character Mr. Spock was an inspiration to many of us who entered technical fields.

Rich Quinnell

Making the Grade in Industrial Design
Rich Quinnell
16 comments
As every developer knows, there are the paper specifications for a product design, and then there are the real requirements. The paper specs are dry, bland, and rigidly numeric, making ...

Special Video Section
After a four-year absence, Infineon returns to Mobile World ...
A laptop’s 65-watt adapter can be made 6 times smaller and ...
An industry network should have device and data security at ...
The LTC2975 is a four-channel PMBus Power System Manager ...
In this video, a new high speed CMOS output comparator ...
The LT8640 is a 42V, 5A synchronous step-down regulator ...
The LTC2000 high-speed DAC has low noise and excellent ...
How do you protect the load and ensure output continues to ...
General-purpose DACs have applications in instrumentation, ...
Linear Technology demonstrates its latest measurement ...
10:29
Demos from Maxim Integrated at Electronica 2014 show ...
Bosch CEO Stefan Finkbeiner shows off latest combo and ...
STMicroelectronics demoed this simple gesture control ...
Keysight shows you what signals lurk in real-time at 510MHz ...
TE Connectivity's clear-plastic, full-size model car shows ...
Why culture makes Linear Tech a winner.
Recently formed Architects of Modern Power consortium ...
Specially modified Corvette C7 Stingray responds to ex Indy ...
Avago’s ACPL-K30T is the first solid-state driver qualified ...
NXP launches its line of multi-gate, multifunction, ...
Radio
LATEST ARCHIVED BROADCAST
EE Times Senior Technical Editor Martin Rowe will interview EMC engineer Kenneth Wyatt.
Flash Poll