Slashdot Mirror


AES Announced as Federal Standard

chekhov writes: "Today NIST has finally announced AES (Advanced Encryption Standard) as a Federal Standard after 4 years of development. See the press release. AES is the replacement of DES and is expected to be used in financial systems and secure networks for up to 20 years. More information on the AES homepage."

5 of 267 comments (clear)

  1. Goverment Sponsored Attacks by ukryule · · Score: 5, Interesting
    From the press release:
    After the field was narrowed down to five in April 1999, NIST asked for intensified attacks and scrutiny on the finalists.

    Interesting that the US government was busy asking people to try to crack an encryption standard, while at the same time upholding a law to make breaking encryption illegal.

    So, now that this encryption method is officially accepted, will it be illegal to try to crack it?
  2. Re:Completely unbreakable...? by nyjx · · Score: 4, Interesting
    Er, The solve time is expondential in the length of the key so moores law won't help you very much. You can happily double your computational power every 18 months but still run out of time before the end of the universe.

    Your better bet is to work out how to solve NP hard problems (or any one) and map it back to the crypto algorithm. But of course you'll be able to do that easily once IBM releases it's first quantum computer....

    --
    .sig
  3. Re:European Technology by dimitri_k · · Score: 5, Interesting


    The security of AES is currently being hailed as the fact it has a key field 10 to the 21 times larger than 56bit DES. Great. Only an idiot would try to brute force it though, so the number of keys is somewhat arbitrary.

    Key length is, of course, vitally important. Understand the Rijndael spec. before you continue your speculation. Also, many "idiots" try to brute force it. Effort required to force a key is proportional to the cipher's weakness.

    Less generally, by employing lack of symmetry and a non-linear layer in the cipher, AES pretty much gurantees that you'll simply be searching the key-space at random. If you can come up with a way to do better than a brute force, you should quit your current job.

    The 2^255 Rijandel iterations required to force a 32 byte key is certainly sufficiently secure by todays standards, but historically consistent increases in computing power coupled with increased distributed processing ability due to networked computer proliferation means that keys will have to keep growing to stay resonably secure.

    --
    sig is
  4. Re:Insightful/Informative/Interesting MOD THIS UP by Hobbex · · Score: 4, Interesting


    Now, if I happen to successfully develop an AES "decryptor", may I publish its source code without infringing the DMCA [tompox.com] ?

    The inventors of Rijndael, who seem to be exceptionally intelligent and sane people, would probably be more than happy to be challenged with a real attack on the algorithm. Unless you have a PHD in Mathematics specializing cryptoanalysis you probably needn't waste your breath though.

    Of course, if the media industry has had time to implement AES in one of their ridiculous UHT (User Hostile Tech) schemes, you may well end up under legal attack, as could, very possibly, the authors of the algorithm themselves should they find a flaw. It has been noted that the media industries will probably not go after "academics" in the short term considering how the Felten affair blew up on them (Russian's apparently don't count).

    Just because the enemy has usurped the term "secure" for their UHT does not mean that you should confuse all encryption with DMCA etc. These algorithms really are secure, based on real math that most people agree not even the NSA can break, and do not rely on stupid "gun in mouth" schemes to keep people from breaking them as UHT invariably does.

  5. Super K by oni · · Score: 4, Interesting

    In 1976 Donald Knuth published a paper titled Coping with Finiteness in which he names a number Super K. It is defined as 10^^^^3 where 10^^10 = 10^10^10^10^10^10^10^10^10^10^10 or 10^10 10 times.

    I couldn't find the paper (damnit) but Knuth says in Things a Computer Scientist Rarely Talks About
    "If you don't agree that Super K is so large as to be beyond human comprehension, I can at least prove conclusively that if you consider all the numbers less than or equal to Super K, almost all of them are impossible to describe in any way in the univerise"

    I dunno, is that bigger than a googleplex? I wouldn't be surprised if the Guinness people spent less than 30 seconds researching this - in fact I suspect this was just some piece of useless trivia someone who happened to be in the office that day happened to know