'Groundbreaking' attack breaks AES crypto

[InfoSec News <alerts () infosecnews org>]

http://www.theregister.co.uk/2011/08/19/aes_crypto_attack/

By Dan Goodin in San Francisco
The Register
19th August 2011

Cryptographers have discovered a way to break the Advanced Encryption 
Standard used to protect everything from top-secret government documents 
to online banking transactions.

The technique, which was published in a paper (PDF) presented Wednesday 
as part of the Crypto 2011 cryptology conference in Santa Barbara, 
California, allows attackers to recover AES secret keys up to five times 
faster than previously possible. It introduces a technique known as 
biclique cryptanalysis to remove about two bits from 128-, 192-, and 
256-bit keys.

“This research is groundbreaking because it is the first method of 
breaking single-key AES that is (slightly) faster than brute force,” 
Nate Lawson, a cryptographer and the principal of security consultancy 
Root Labs, wrote in an email. “However, it doesn't compromise AES in any 
practical way.”

He said it would still take trillions of years to recover strong AES 
keys using the biclique technique, which is a variant of what's known as 
a meet-in-the-middle cryptographic attack. This method works both from 
the inputs and outputs of AES towards the middle, reusing partial 
computation results to speed up the brute-force key search. The 
technique is designed to reduce the time it takes an attacker to recover 
the key.

[...]

___________________________________________________________
Tegatai Managed Colocation: Four Provider Blended
Tier-1 Bandwidth, Fortinet Universal Threat Management,
Natural Disaster Avoidance, Always-On Power Delivery
Network, Cisco Switches, SAS 70 Type II Datacenter.
Find peace of mind, Defend your Critical Infrastructure.
http://www.tegataiphoenix.com/