You can find their paper here, a news story here, and Bruce Schneier’s blog on it here.
The summary is that they can break AES-192 and AES-256 with related-key attacks.
As they say, themselves, it isn’t a practical attack. They need far more data and memory than is practical — 2119 data for one of the attacks, which isn’t going to happen before we retire AES. One terabyte, for example, is 240, so this is needing half of a tera-tera-terabyte to start with.
Should you be worried? No. If anything, this is reassuring. It’s been almost a decade since AES was approved, and this is the first time a genuine-but-impractical attack has been found. You want to see impractical attacks on crypto-primitives, because that means that smart people are spending time attacking it.
You can leave a response here.
Pinging is currently not allowed.
Previous Article: An Encryption Tool for Really Big Secrets
Next Article: Towards an Interoperable Future (and a good game of baseball) – Part I of III
This blog represents the personal opinions of certain employees of PGP Corporation and do not necessarily reflect the positions or opinions of PGP Corporation. As such, these personal opinions are not endorsed by PGP Corporation and you should conduct independent assessments before basing any decision upon the statements made in this blog.
MANAGERS, HOSTS, PARTICIPANTS, MODERATORS AND OTHER THIRD PARTIES ARE NOT AUTHORIZED PGP CORPORATION SPOKESPERSONS, AND THEIR VIEWS DO NOT NECESSARILY REFLECT THOSE OF PGP CORPORATION, AND ARE NOT ENDORSED BY PGP CORPORATION. TO THE MAXIMUM EXTENT PERMITTED BY APPLICABLE LAW, PGP CORPORATION WILL HAVE NO LIABILITY RELATED TO USER CONTENT ARISING UNDER INTELLECTUAL PROPERTY RIGHTS, LIBEL, PRIVACY, PUBLICITY, OBSCENITY OR OTHER LAWS. PGP CORPORATION WILL ALSO NOT BE LIABLE FOR MISUSE, LOSS, MODIFICATION OR UNAVAILABILITY OF ANY USER CONTENT. PGP CORPORATION DISCLAIMS ALL REPRESENTATIONS, WARRANTIES, AND CONDITIONS, WHETHER EXPRESS OR IMPLIED WITH RESPECT TO THE BLOG OR BLOG CONTENT. YOUR USE OF THIS SITE AFFIRMS AGREEMENT TO THE FOREGOING.
