Researchers Find Weakness in World's Toughest Encryption Standard
- By Laura Williams
- Aug 29, 2011
A group of Microsoft researchers announced recently that they had cracked a version of the Advanced Encryption Standard (AES), the world’s toughest encryption mechanism. Though you might not be aware of it, AES is all around you. Not only is it used in disk encryption systems, but it also secures online transactions, wireless networks and even top-secret government documents. Hundreds of millions of people worldwide come into contact with the encryption, so finding a vulnerability is a bit troubling for almost every sector.
“[This] is the first theoretical break of the Advanced Encryption Standard – the de facto worldwide encryption standard,” said Andrey Bogdanov, one of the researchers who worked out the method of breaking the code. His research partners were Dmitry Khovratovich and Christian Rechberger.
The mechanism came to the forefront as a response to a late-20th-century call by the National Institute of Standards and Technology for an encryption that could protect top-secret documents. After a lengthy review process, NIST accepted declared this version, nicknamed Rijndael, as that standard, certifying it for use in the federal government in 2002.
The key – that is, the information an authorized person can use to decrypt the protected information – can vary in length, with 128, 192 and 256 being typical key lengths. Longer keys provide greater security because each extra digit adds another variable.
After working for years, the researchers found they were able to break the code four times easier than was previously thought possible. But even still, the statistical probability of being able to ascertain the correct key is extremely thin: According to Bogdanov, a trillion computers each testing a billion keys per second would take more than two billion years to discover an AES-128 key.
For this reason, Bogdanov said, we shouldn’t worry about the standard’s robustness. “I do not expect our particular attack to impose any practical threat in applications using AES,” he said. “It is more of scientific value.”
Security blogger Bruce Schneier agrees. “What we're learning is that the safety margin of AES is much less than previously believed,” he wrote on his blog. “And while there is no reason to scrap AES in favor of another algorithm, [NIST] should increase the number of rounds of all three AES variants.”
So don’t worry, your Wi-Fi is still safe. But attacks are always increasing in precision, so sometime in the future, the AES may have to undergo a makeover.
About the Author
Laura Williams is content development editor for Security Products magazine.