Researchers of the K. U. Leuven and Microsoft Research have a weakness in the widely applied Advanced Encryption Standard discovered. Through a new attack can be an AES key is four times faster cracked.
The three researchers, Andrey Bogdanov, from K. U. of Leuven), Dmitry Khovratovich of Microsoft Research, and Christian Rechberger of various French institutions, educational institutions, say an ‘intelligent’ attack to have been found to have the AES keys to crack. The method would work in all AES versions regardless of the key length. Using the new method, the AES key is four times faster, so use AES-128 in fact, if AES-126 would have to be determined. How to the researchers, the cracking of the keys have accelerated, is unknown.
Despite the discovery of the researchers remains the AES is an extremely difficult to crack encryption via a brute force approach: the number of required computations is 8 with 38 zeros. Even a trillion computers, each with a billion keys per second can check the whole lot would be around two billion years to the correct AES-128 key. The researchers suggest that AES are not directly in danger, but that the first weak point in the encryptiestandaard is found.
AES is a broad applied encryptiestandaard and is used for encrypting internet traffic, the data traffic on wireless networks and data on hard drives. The basis of AES is the Rijndael algorithm, which was developed by the Belgian cryptografen Joan Daemen ST Microelectronics, and professor Vincent Rhymes of the K. U. Leuven.
The Rijndael algorithm was adopted in 2000 by the NIST elected as the successor to the DES standard, and given the name Advanced Encryption Standard. AES was adopted by various organizations up to standard. Among other things, the NSA is used to encrypt government secrets.
Researchers have for years tried vulnerabilities in AES to expose and there are no serious holes in the encryption algorithm shot. Only in 2009 was there an issue discovered when using AES data encoded using four different keys. This had to be the attacker a connection between these keys establish, causing the ” known-key distinguishing attack method only for mathematicians interesting pale and had no impact on the practice.