$this->articleCE->primaryUrlById(1464351) = /infra/article.php/1464351/Has+AES+Been+Cracked.htm
Has AES Been Cracked? - InternetNews.
RealTime IT News

Has AES Been Cracked?

An Internet security firm is warning that the AES data encryption technique adopted by the U.S government may be vulnerable to an attack; however, there is no evidence the weakness is great enough cause panic yet.

In the Crypto-Gram newsletter, Counterpane Internet Security founder Bruce Schneier said it was possible that two researchers may have figured out an efficient way to crack the so-called Rijndael encryption standard but he cautioned that "there's no cause for alarm yet."

Referring to a paper presented by researchers Nicolas Courtois and Josef Pieprzyk, Crypto-Gram said potential attacks could work by breaking simplified variants of AES using very impractical attack models (e.g., requiring immense amounts of chosen plaintext). "This paper claimed to break the entire algorithm, and with only one or two known plaintexts," Schneier wrote.

However, Schneier softened the impact of his note by insisting potential attacks against the encryption techniques can be no more implemented in the field than they can be tested in a lab.

"No AES ... traffic can be decrypted using these techniques. No communications are at risk. No products need to be recalled. There's so much security margin in these ciphers that the attacks are irrelevant," Schneier added.

AES, developed by Belgian cryptographers Joan Daemen and Vincent Rijmen, is a symmetric 128-bit block data encryption algorithm adopted by the U.S government in October 2000 to replacing the DES encryption technique. The National Institute of Standards and Technology (NIST) of the U.S. Department of Commerce selected the "Rijndael" algorithm out of a group of five under consideration, including one called MARS from a large research team at IBM.

The attack depends much more critically on the complexity of the nonlinear components than on the number of rounds. Ciphers with small S-boxes and simple structures are particularly vulnerable. Serpent has small S-boxes and a simple structure. AES has larger S-boxes, but a very simple algebraic description," Schneier wrote.

He described the claims as "amazing results" and noted that the best attacks previously worked by breaking simplified variants of AES using very impractical attack models (e.g., requiring immense amounts of chosen plaintext). "This paper claimed to break the entire algorithm, and with only one or two known plaintexts. Moreover, the first cipher broken was Serpent: the cipher universally considered to be the safest, most conservative choice," he added.

Because the claims are still in abstract form, Schneier said it's unclear if there are errors in the analysis.

"We might have an amazing new cryptanalytic technique, but we don't know if there's an error in the analysis, and there's no way to test the technique empirically. We have to wait until others go over the same work. And to be sure, we have to wait until someone improves the attack to a practical point before we know if the algorithm was broken to begin with," he added.