Slashdot Mirror

← Back to Stories (view on slashdot.org)

New AES Attack Documented

Posted by timothy on Wednesday July 1, 2009 @09:50AM from the ponder-don't-panic dept.

avxo writes "Bruce Schneier covers a new cryptanalytic related-key attack on AES that is better than brute force with a complexity of 2^119. According to an e-mail by the authors: 'We also expect that a careful analysis may reduce the complexities. As a preliminary result, we think that the complexity of the attack on AES-256 can be lowered from 2^119 to about 2^110.5 data and time. We believe that these results may shed a new light on the design of the key-schedules of block ciphers, but they pose no immediate threat for the real world applications that use AES.'"

3 of 236 comments (clear)

Min score:

Reason:

Sort:

Re:Complexity by Anonymous Coward · 2009-07-01 10:03 · Score: 3, Insightful

I believe the complexity is a rough measure of how long it should take to break the code. So in this case, a reduction from 2^119 to 2^110.5 is approximately 360 times faster (that is, a 2^119 complexity attack takes 360 times as long as a 2^110.5 complexity attack).
Re:Complexity. by cpu_fusion · 2009-07-01 10:11 · Score: 5, Insightful

Pardon me, but isn't the article about AES-256? So this is a much more significant drop in the number of bits.
Of course, I've only read the summary. This is slashdot, natch.
Re:Furthers my stand on crypto, which is: DON'T by droopycom · 2009-07-01 10:51 · Score: 4, Insightful

Refutation: Crypto is indeed all about WHEN. WHEN is not pointless, it is the point.