AES break? Not really

jpgoldbergjpgoldberg Agile Customer Care

Team Member
AES (Advanced Encryption Standard) is of almost all cryptographic systems around today, including banks, governments, military, and of course, protecting your data with 1Password.

Microsoft Research has just published a paper by three cryptographers visiting there. This paper find a really clever way to avoid some duplication of effort when trying to figure out the AES key used to encrypt some data. In this, they've reduced the effective strength of a 128 bit key to a 126 bit key in certain limited circumstances.

I'll write more about those limited circumstances later as I work through the paper. But even if this were entirely unrestricted, a 2-bit reduction is of no practical importance. Indeed, the last sentence of the abstract of the paper says it best

As our attacks are of high computational complexity, they do not threaten the practical use of AES in any way.


I'll post more as I work through the math.

At this point is two threats:
  1. Unjustified panic leading people to move away from AES to systems that haven't been as well examined.
  2. Sometimes one "break" even if completely impractical, can show the way for other more meaningful attacks in years to follow. We will continue to follow and study the recommendations of the professional cryptographic community.

But what I'm worried about at this point is (1).
This discussion has been closed.