• RSS
  • Twitter
  • FaceBook

Security Forums

Log in

FAQ | Search | Usergroups | Profile | Register | RSS | Posting Guidelines | Recent Posts

New AES crypto standard broken already? Maybe..

Users browsing this topic:0 Security Fans, 0 Stealth Security Fans
Registered Security Fans: None
Post new topic   This topic is locked: you cannot edit posts or make replies.   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security

View previous topic :: View next topic  
Author Message
ComSec
Trusted SF Member
Trusted SF Member


Joined: 26 Jul 2002
Posts: 16777215


Offline

PostPosted: Mon Sep 16, 2002 8:53 pm    Post subject: New AES crypto standard broken already? Maybe.. Reply with quote

Theoretical attacks against AES (Advanced Encryption Standard) winner Rijndael and runner-up Serpent have been published. They might work in the practical world; they might not. That's about all we can say from the latest edition of Bruce Schneier's CryptoGram newsletter, which seeks to simplify the issues discovered by researchers Nicolas Courtois and Josef Pieprzyk, and elaborated in a paper entitled "Cryptanalysis of Block Ciphers with Overdefined Systems of Equations". Now while this represents an interesting bit of research, it does not mean that AES has been or even can be cracked in the real world. The work is theoretical and needs to be reviewed by others; and even if it's confirmed in theory and partially confirmed empirically, it may never be possible to exploit it.

"You can try the attack on simplified versions of the cipher -- fewer rounds, smaller block size -- but you can never be sure the attack scales as predicted," Schneier points out. That said, it's ironic that Serpent, which touts itself as more secure than Rijndael (though slower), appears at least for now to be more vulnerable in this case. And while there's no immediate problem for either cipher, we may find that AES' functional life-expectancy is considerably shorter than originally hoped (something like a century). "If the attack really works, it can only get better. My fear is that we could see optimizations of the XSL attack breaking AES with a 2^80-ish complexity, in which case things starts to get dicey about ten years from now," Schneier reckons....continued....

http://www.theregister.co.uk/content/55/27139.html
Back to top
View user's profile Send private message Visit poster's website
Display posts from previous:   

Post new topic   This topic is locked: you cannot edit posts or make replies.   Printer-friendly version    Networking/Security Forums Index -> Cryptographic Theory and Cryptanalysis - Internal and Transmission Security All times are GMT + 2 Hours
Page 1 of 1


 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Community Area

Log in | Register