This is quite interesting! This article is talking about a brute force attack, however there can be other kind of attacks. more sophisticated and with higher complexity algorithms. Like the next link http://www.computerworld.com/s/article/9219297/AES_proved_vulnerable_by_Microsoft_researchers
belongs to an article in which a pair of scientists doing research in Microsoft facilities discovered a way to crack the AES encryption 3 to 5 times faster. Still this seems to be actually hypothetical since even so, they'd need still billions of years to actually decode the key.
However all this makes us realize that is a thing of time and the progress of technology. Today's supercomputer's power will become tomorrow's laptop's power.
Thanks. To be able to do anything meaningful, encryption has to be way way faster. Microsoft may doing it to support decryption of past smaller key size AES(i.e 64 bits). May be similar to what NSA came up recently setting up huge facility with army of super-computers to reduce decryption time.
Now what is being suspected is NSA may have been recording past encrypted data since long and now it may help recover data that was previously encrypted by 64 bit AES or less.
At the end, i agree it a matter of time...
That may have been true yesterday, however today the fastest computer in the world is capable of 27 quadrillion operations per second, next year it will be a quintillion, a few years later it will be sextillion... in a decade or two it will take minutes to decrypt AES 128. The real question is how long do you need to protect your information?
@ MarkRC - OK, when that happens I will just go to 192, or 256 bit keys. Or, in the same time frame as you so wildly assume, perhaps the AES will also increase its complexity exponentially.
One of the many other barriers you are ignoring is the problem of energy.
To power such supercomputers as you theorize (and more likely that it will be a group of supercomputers like the NSA now uses) it would require about one-half of the world's current electrical energy production. And that is if you run them at normal room ambient temperatures.
How will you meet the needs of the world's population if you feed every other gigawatt to a computer?
As you wildly increase the computational limits you forget that everything has a cost. Be it energy, world resources, money, people, or whatever, there are limits to even a global effort.
The foresight of youth is so shortsighted.
I have written an encryption/decryption system which uses Blowfish to generate the DES keys of which there are 4x blocks also I am using AES 256 as the filling to this DES sandwich algorithm which also uses cipher block chaining so would this be a better solution and resistant to hacking.
Sorry to have forgotten to add this the way the system would work is to start with DES being used 4 times on the four input blocks then those four input blocks are fed into AES256 and finally into 4 OUTPUT blocks via the DES to complete one cycle of encryption also the system can be used in reverse.
Thanks for the great article on data security based on brute force attacks. I am looking at quantum algorithms and the use of quantum computers (D-Wave from Canada). My sense is that quantum is the biggest threat to data security in the medium term. In the short term attacks based on side channel leakage and active attacks are the main problem.
People who talk about this stuff often ignore 3 factors that make any code more secure. I was reminded of this by the speed comment.
- Symmetric encryption is usually used to securely open a conversation. The initial part of the conversation trades information that is then used to encrypt the rest of the conversation with a much simpler asymmetric encryption.
- Because it is primarily a conversation opener, you can say that you have to have 100 msec between attempts. At this point the power of your computer doesn't matter. You can only try 10 times per second no matter how fast your computer is.
- The response to the last one is that they don't have to retry. They can try repeatedly to decrypt the same recorded message. However, that only works if they have a way to assess that they have successfully decrypted it. Information exchanges as given above can be in the form of a chain of completely random numbers with no encrypted checksum. That makes it impossible to know if you have cracked it without cracking the whole bloody conversation. What I am saying is that the messages can be designed in such a way that the code breaker has no way of knowing when he got it right. It does him no good to guess the correct key if he doesn't know he got it.
According to current research on cryptoanalisys strenght of AES-256 is comparable with bruteforce key size about 220-bits. So there is no sense to use pure bruteforce. Of course 2^220 is still very big number, but future technics may still lower number. Beside of that, there are additional tricks that could be used against particular AES implementation (in hardware or software), that may lead to recovering the value of the key. This is the most current problem.