Science & Enterprise subscription

Follow us on Twitter

  • A company developing messenger RNA therapeutics on demand from single-use biochips is raising $60 million in its se…
    about 10 hours ago
  • New post on Science and Enterprise: Chip-Based RNA Biotech Raises $60M in Venture Funds #Science #Business
    about 10 hours ago
  • An easy-to-use device for measuring intraocular pressure responsible for glaucoma is in development by University o…
    about 13 hours ago
  • New post on Science and Enterprise: Home Eye Pressure Gauge in the Works #Science #Business
    about 13 hours ago
  • A biotechnology company is sponsoring university research on light waves reacting in characteristic patterns for de…
    about 1 day ago

Please share Science & Enterprise

First Flaw Reportedly Found in Advanced Encryption Standard

Supercomputer (kosheahan/Flickr)Computer scientists from European universities and Microsoft Research have found a weakness in the Advanced Encryption Standard (AES) algorithm. Andrey Bogdanov from Katholieke Universiteit Leuven in Belgium, Christian Rechberger from L’École Normale Supérieure in Paris, and Dmitry Khovratovich from Microsoft Research say that the discovered flaw makes the recovery of the secret AES encryption key somewhat easier than anticipated by AES’s developers.

The researchers designed an attack on the AES as part of a long-term cryptanalysis project while Bogdanov and Rechberger were visiting scholars at Microsoft Research. Their attack applies to all versions of AES even if it used with a single encryption key, and shows that finding the AES key is four times easier than previously believed.

The AES is a widely used tool for heavy-duty computer security. It is used in more than 1,700 products validated by the U.S. National Institute of Standards and Technology (NIST), and thousands of others. AES has also been standardized by NIST, ISO, and IEEE and approved by the U.S. National Security Agency for protecting secret and top secret information.

Even at one-fourth of the anticipated effort, breaking the AES key would still be a monumental, if not insurmountable, job. The researchers calculate that it would require a trillion machines that each could test a billion keys per second, running for more more than two billion years, to recover a 128-bit AES key. Current large-scale corporate computers could test at most 10 million keys per second.

Read more:

Photo: kosheahan/Flickr

*     *     *

2 comments to First Flaw Reportedly Found in Advanced Encryption Standard