Attacking AES
Encryption is probably one of the most misunderstood security technologies. Some of this is due to the technology itself; another part is due to other reasons. The security of encryption relies on mathematics that’s far too complicated for most people to understand. That’s the part that’s due to the technology itself. This property is unfortunate, but there seems to be no way around it. On the other hand, the fact that the details of the technology aren’t well understood by most people makes it hard to make sense of some of the arcane arguments about encryption that we see, and this can be the source of more misunderstandings.
If an encryption algorithm is "broken," for example, it just means that someone found an attack against it that can be done significantly faster that a brute-force attack. This doesn't mean that the new attack is practical for a hacker to actually do. Reducing the time for an attack from 10 billion years on the world's fastest supercomputer to only 10,000 years on it is a very significant result, but it's not one that a hacker can actually take advantage of.
Whether it takes a hacker 10,000 years or 10 billion years to beat a cryptographic algorithm, the result is essentially the same from the point of view of users – such attacks are impractical to carry out and hackers won't do them. This means that any attacks that they will do will almost certainly take advantage of a weakness in the way in which the encryption is used instead of the encryption itself. It's almost certainly easier to find a weakness in key management processes than in the encryption, so hackers are much more likely to focus their efforts there. Almost any alternative is better that attacking the cryptography directly.
Back in the dot-com boom, I had a conversation with a potential client that went roughly like this:
Client: "We want you to try to beat the DES encryption algorithm. We believe that it’s too weak for us to use."
Me: "I can do that for you, but it will take lots of expensive computing time. On the other hand, I can probably get any DES key that you use by a less computationally-intensive and cheaper way. Give me $2 million. I’ll keep $1 million of it and bribe one of your employees to give me the key that I want with what’s left."
It's actually fairly easy to build a special-purpose computer that can actually recover a DES key in no more than a few days, and you can do it for less than $2 million. But if you had to recover a 128-bit AES key, that approach won't work. In that case, the bribery is probably a better approach. It's cheaper than trying to build a special-purpose AES cracker, and it's also much more likely to succeed.
Comments